- 11 12月, 2014 6 次提交
-
-
由 Greg Bellows 提交于
Adds a dedicated function and a lookup table for determining the target exception level of IRQ and FIQ exceptions. The lookup table is taken from the ARMv7 and ARMv8 specification exception routing tables. Signed-off-by: NGreg Bellows <greg.bellows@linaro.org> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Message-id: 1416242878-876-3-git-send-email-greg.bellows@linaro.org Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Greg Bellows 提交于
This patch extends arm_excp_unmasked() to use lookup tables for determining whether IRQ and FIQ exceptions are masked. The lookup tables are based on the ARMv8 and ARMv7 specification physical interrupt masking tables. If EL3 is using AArch64 IRQ/FIQ masking is ignored in all exception levels other than EL3 if SCR.{FIQ|IRQ} is set to 1 (routed to EL3). Signed-off-by: NGreg Bellows <greg.bellows@linaro.org> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Message-id: 1416242878-876-2-git-send-email-greg.bellows@linaro.org Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Liviu Ionescu 提交于
The usual semihosting behaviour is to process the system calls locally and return; unfortuantelly the initial implementation dinamically changed the target to GDB during debug sessions, which, for the usual arm-none-eabi-gdb, is not implemented. The result was that during debug sessions the semihosting calls were discarded. This patch adds a configuration variable and an option to set it on the command line: -semihosting-config [enable=on|off,]target=native|gdb|auto This option enables semihosting and defines where the semihosting calls will be addressed, to QEMU ('native') or to GDB ('gdb'). The default is auto, which means 'gdb' during debug sessions and 'native' otherwise. Signed-off-by: NLiviu Ionescu <ilg@livius.net> Message-id: 1416341957-9796-1-git-send-email-ilg@livius.net [PMM: moved declaration and definition of semihosting_target to gdbstub.h and gdbstub.c to fix build failure on linux-user] Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Liviu Ionescu 提交于
In order to run unit tests under semihosting, it is necessary to pass the application exit code back to the system. ARM defines only the code to be used for non-error application exit (ADP_Stopped_ApplicationExit), all other codes should return non-zero exit codes. This patch checks if the application code passed via TARGET_SYS_EXIT is ADP_Stopped_ApplicationExit, and return 0, otherwise return 1. Signed-off-by: NLiviu Ionescu <ilg@livius.net> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
TriCore BOL, BRC, BRN, BRR, RC, RCPW, RCRR, RCR, RLC and RCR insn added # gpg: Signature made Wed 10 Dec 2014 11:21:58 GMT using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@mail.uni-paderborn.de>" * remotes/bkoppelmann/tags/pull-tricore-20141210: target-tricore: Add instructions of RCR opcode format target-tricore: Add instructions of RLC opcode format target-tricore: Add instructions of RCPW, RCRR and RCRW opcode format target-tricore: Make TRICORE_FEATURES implying others. target-tricore: Add instructions of RC opcode format target-tricore: Add instructions of BRR opcode format target-tricore: Add instructions of BRN opcode format target-tricore: Add instructions of BRC opcode format target-tricore: Add instructions of BOL opcode format Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
vnc-enc-tight fix, keymaps code style. # gpg: Signature made Wed 10 Dec 2014 09:24:33 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-vnc-20141210-1: keymaps: correct keymaps.c following Qemu coding style vnc-enc-tight: fix Arguments in wrong order Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 10 12月, 2014 12 次提交
-
-
由 Bastian Koppelmann 提交于
Add instructions of RCR opcode format. Add helper for madd32/64_ssov and madd32/64_suov. Add helper for msub32/64_ssov and msub32/64_suov. Add microcode generator function madd/msub for 32bit and 64bit, which calculate a mul and a add/sub. OPC2_32_RCR_MSUB_U_32 -> OPC2_32_RCR_MSUB_U_32. Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Bastian Koppelmann 提交于
Add instructions of RLC opcode format. Add helper psw_write/read. Add microcode generator gen_mtcr/mfcr, which loads/stores a value to a core special function register, which are defined in csfr.def Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Bastian Koppelmann 提交于
Add instructions of RCPW, RCRR and RCRW opcode format. Add microcode generator function gen_insert. Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Bastian Koppelmann 提交于
Since all the TriCore instructionsets are subsets of each other (1.3 C 1.3.1 C 1.6), make the features implying each other, e.g 1.6 also has 1.3.1 and 1.3. This way we only need to check our features for the instructionset, where a instruction was first introduced. Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Bastian Koppelmann 提交于
Add instructions of RC opcode format. Add helper for mul, sha, absdif with signed saturation on overflow. Add helper for add, sub, mul with unsigned saturation on overflow. Add microcode generator functions: * gen_add_CC, which calculates the carry bit. * gen_addc_CC, which adds the carry bit to the add and calculates the carry bit. * gen_absdif, which calculates the absolute difference. * gen_mul_i64s/u, which mul two 32 bits val into one 64bit reg. * gen_sh_hi, which shifts two 16bit words in one reg. * gen_sha_hi, which does a arithmetic shift on two 16bit words. * gen_sh_cond, which shifts left a reg by one and writes the result of cond into the lsb. * gen_accumulating_cond, which ands/ors/xors the result of cond of the lsbs with the lsb of the result. * gen_eqany_bi/hi, which checks ever byte/hword on equality. Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Bastian Koppelmann 提交于
Add instructions of BRR opcode format. Add MASK_OP_BRR_DISP15_SEXT. Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Bastian Koppelmann 提交于
Add instructions of BRN opcode format. Add MASK_OP_BRN_DISP15_SEXT. Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Bastian Koppelmann 提交于
Add instructions of BRC opcode format. Fixed OP2_BRC_JGE -> OP2_32_BRC_JGE Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Bastian Koppelmann 提交于
Add instructions of BOL opcode format. Signed-off-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: NRichard Henderson <rth@twiddle.net>
-
由 Gonglei 提交于
It's hard to read because of the confused coding style in this file. Let's correct it following Qemu coding style. Signed-off-by: NGonglei <arei.gonglei@huawei.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Gonglei 提交于
Arguments in wrong order (SWAPPED_ARGUMENTS) The positions of arguments in the call to tight_fill_palette do not match the ordering of the parameters: &fg is passed to bg &bg is passed to fg Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: NGonglei <arei.gonglei@huawei.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Peter Maydell 提交于
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 09 12月, 2014 1 次提交
-
-
由 Peter Maydell 提交于
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 04 12月, 2014 2 次提交
-
-
由 Peter Maydell 提交于
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
cirrus: fix blit region check # gpg: Signature made Thu 04 Dec 2014 11:54:57 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-cve-2014-8106-20141204-1: cirrus: don't overflow CirrusVGAState->cirrus_bltbuf cirrus: fix blit region check Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 01 12月, 2014 4 次提交
-
-
由 Peter Maydell 提交于
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Gonglei 提交于
Signed-off-by: NGonglei <arei.gonglei@huawei.com> Reviewed-by: NJason Wang <jasowang@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Message-id: 1417166789-1960-1-git-send-email-arei.gonglei@huawei.com Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Gerd Hoffmann 提交于
This is CVE-2014-8106. Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Gerd Hoffmann 提交于
Issues: * Doesn't check pitches correctly in case it is negative. * Doesn't check width at all. Turn macro into functions while being at it, also factor out the check for one region which we then can simply call twice for src + dst. This is CVE-2014-8106. Reported-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 28 11月, 2014 2 次提交
-
-
由 David Gibson 提交于
VirtIO devices now remember which endianness they're operating in in order to support targets which may have guests of either endianness, such as powerpc. This endianness state is transferred in a subsection of the virtio device's information. With virtio-rng this can lead to an abort after a loadvm hitting the assert() in virtio_is_big_endian(). This can be reproduced by doing a migrate and load from file on a bi-endian target with a virtio-rng device. The actual guest state isn't particularly important to triggering this. The cause is that virtio_rng_load_device() calls virtio_rng_process() which accesses the ring and thus needs the endianness. However, virtio_rng_process() is called via virtio_load() before it loads the subsections. Essentially the ->load callback in VirtioDeviceClass should only be used for actually reading the device state from the stream, not for post-load re-initialization. This patch fixes the bug by moving the virtio_rng_process() after the call to virtio_load(). Better yet would be to convert virtio to use vmsd and have the virtio_rng_process() as a post_load callback, but that's a bigger project for another day. This is bugfix, and should be considered for the 2.2 branch. Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au> Reviewed-by: NGreg Kurz <gkurz@linux.vnet.ibm.com> Message-id: 1417067290-20715-1-git-send-email-david@gibson.dropbear.id.au Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Jason Wang 提交于
virtio_net_handle_ctrl() and other functions that process control vq request call iov_discard_front() which will shorten the iov. This will lead unmapping in virtqueue_push() leaks mapping. Fixes this by keeping the original iov untouched and using a temp variable in those functions. Cc: Wen Congyang <wency@cn.fujitsu.com> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: qemu-stable@nongnu.org Signed-off-by: NJason Wang <jasowang@redhat.com> Reviewed-by: NStefano Stabellini <stefano.stabellini@eu.citrix.com> Reviewed-by: NFam Zheng <famz@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Message-id: 1417082643-23907-1-git-send-email-jasowang@redhat.com Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 27 11月, 2014 2 次提交
-
-
由 Marcel Apfelbaum 提交于
The commits: - 6a1fa9f5 (monitor: add del completion for peripheral device) - 66e56b13 (qdev: add qdev_build_hotpluggable_device_list helper) cause a QEMU crash when trying to use HMP device_del auto-completion. It can be easily reproduced by: <qemu-bin> -enable-kvm ~/images/fedora.qcow2 -monitor stdio -device virtio-net-pci,id=vnet (qemu) device_del /home/mapfelba/git/upstream/qemu/hw/core/qdev.c:941:qdev_build_hotpluggable_device_list: Object 0x7f6ce04e4fe0 is not an instance of type device Aborted (core dumped) The root cause is qdev_build_hotpluggable_device_list going recursively over all peripherals and their children assuming all are devices. It doesn't work since PCI devices have at least on child which is a memory region (bus master). Solved by observing that all devices appear as direct children of /machine/peripheral container. No need of going recursively over all the children. Signed-off-by: NMarcel Apfelbaum <marcel.a@redhat.com> Reported-by: NGal Hammer <ghammer@redhat.com> Reviewed-by: NIgor Mammedov <imammedo@redhat.com> Message-id: 1417002601-20799-1-git-send-email-marcel.a@redhat.com Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
In qemu_poll_ns(), when we convert an int64_t nanosecond timeout into a struct timespec, we may accidentally run into overflow problems if the timeout is very long. This happens because the tv_sec field is a time_t, which is signed, so we might end up setting it to a negative value by mistake. This will result in what was intended to be a near-infinite timeout turning into an instantaneous timeout, and we'll busy loop. Cap the maximum timeout at INT32_MAX seconds (about 68 years) to avoid this problem. This specifically manifested on ARM hosts as an extreme slowdown on guest shutdown (when the guest reprogrammed the PL031 RTC to not generate alarms using a very long timeout) but could happen on other hosts and guests too. Reported-by: NChristoffer Dall <christoffer.dall@linaro.org> Cc: qemu-stable@nongnu.org Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NFam Zheng <famz@redhat.com> Message-id: 1416939705-1272-1-git-send-email-peter.maydell@linaro.org
-
- 26 11月, 2014 6 次提交
-
-
由 Peter Maydell 提交于
The final 2.2 patches from me. # gpg: Signature made Wed 26 Nov 2014 11:12:25 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: s390x/kvm: Fix compile error fw_cfg: fix boot order bug when dynamically modified via QOM -machine vmport=auto: Fix handling of VMWare ioport emulation for xen Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Christian Borntraeger 提交于
commit a2b257d6 "memory: expose alignment used for allocating RAM as MemoryRegion API" triggered a compile error on KVM/s390x. Fix the prototype and the implementation of legacy_s390_alloc. Cc: Igor Mammedov <imammedo@redhat.com> Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: NChristian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Gonglei 提交于
When we dynamically modify boot order, the length of boot order will be changed, but we don't update s->files->f[i].size with new length. This casuse seabios read a wrong vale of qemu cfg file about bootorder. Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: NGonglei <arei.gonglei@huawei.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Don Slutz 提交于
c/s 9b23cfb7 or c/s b154537a moved the testing of xen_enabled() from pc_init1() to pc_machine_initfn(). xen_enabled() does not return the correct value in pc_machine_initfn(). Changed vmport from a bool to an enum. Added the value "auto" to do the old way. Move check of xen_enabled() back to pc_init1(). Acked-by: NEric Blake <eblake@redhat.com> Reviewed-by: NEduardo Habkost <ehabkost@redhat.com> Signed-off-by: NDon Slutz <dslutz@verizon.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Peter Maydell 提交于
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Gerd Hoffmann 提交于
Ongoing discussions on how we are going to specify the console, so tag the command as experiental so we can refine things in the 2.3 development cycle. Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Message-id: 1416923657-10614-1-git-send-email-armbru@redhat.com [Spell out "not a stable API", and x- the QAPI schema, too] Signed-off-by: NMarkus Armbruster <armbru@redhat.com> Reviewed-by: NAmos Kong <akong@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 25 11月, 2014 5 次提交
-
-
由 Peter Maydell 提交于
pc, pci, misc bugfixes A bunch of bugfixes for 2.2. Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> # gpg: Signature made Mon 24 Nov 2014 18:59:47 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" * remotes/mst/tags/for_upstream: pc: acpi: mark all possible CPUs as enabled in SRAT pcie: fix improper use of negative value pcie: fix typo in pcie_cap_deverr_init() target-i386: move generic memory hotplug methods to DSDTs acpi-build: mark RAM dirty on table update hw/pci: fix crash on shpc error flow pc: count in 1Gb hugepage alignment when sizing hotplug-memory container pc: explicitly check maxmem limit when adding DIMM pc: pc-dimm: use backend alignment during address auto allocation pc: align DIMM's address/size by backend's alignment value memory: expose alignment used for allocating RAM as MemoryRegion API pc: limit DIMM address and size to page aligned values pc: make pc_dimm_plug() more readble pc: kvm: check if KVM has free memory slots to avoid abort() qemu-char: fix tcp_get_fds Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Igor Mammedov 提交于
If QEMU is started with -numa ... Windows only notices that CPU has been hot-added but it will not online such CPUs. It's caused by the fact that possible CPUs are flagged as not enabled in SRAT and Windows honoring that information doesn't use corresponding CPU. ACPI 5.0 Spec regarding to flag says: " Table 5-47 Local APIC Flags ... Enabled: if zero, this processor is unusable, and the operating system support will not attempt to use it. " Fix QEMU to adhere to spec and mark possible CPUs as enabled in SRAT. With that Windows onlines hot-added CPUs as expected. Signed-off-by: NIgor Mammedov <imammedo@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Gonglei 提交于
Signed-off-by: NGonglei <arei.gonglei@huawei.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Gonglei 提交于
Reported-by: https://bugs.launchpad.net/qemu/+bug/1393440Signed-off-by: NGonglei <arei.gonglei@huawei.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Paolo Bonzini 提交于
This makes it simpler to keep the SSDT byte-for-byte identical for a given machine type, which is a goal we want to have for 2.2 and newer types. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-