1. 22 7月, 2010 10 次提交
  2. 21 7月, 2010 1 次提交
  3. 19 7月, 2010 1 次提交
  4. 17 7月, 2010 1 次提交
  5. 16 7月, 2010 1 次提交
  6. 15 7月, 2010 4 次提交
    • E
      microblaze: Correct signal frame setup. · 187b4e08
      Edgar E. Iglesias 提交于
      Pass the context in r7.
      Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>
      187b4e08
    • A
      Merge remote branch 'origin/master' into staging · c84995c5
      Anthony Liguori 提交于
      c84995c5
    • A
      c7ba56c4
    • A
      Make default invocation of block drivers safer (v3) · 79368c81
      Anthony Liguori 提交于
      CVE-2008-2004 described a vulnerability in QEMU whereas a malicious user could
      trick the block probing code into accessing arbitrary files in a guest.  To
      mitigate this, we added an explicit format parameter to -drive which disabling
      block probing.
      
      Fast forward to today, and the vast majority of users do not use this parameter.
      libvirt does not use this by default nor does virt-manager.
      
      Most users want block probing so we should try to make it safer.
      
      This patch adds some logic to the raw device which attempts to detect a write
      operation to the beginning of a raw device.  If the first 4 bytes happen to
      match an image file that has a backing file that we support, it scrubs the
      signature to all zeros.  If a user specifies an explicit format parameter, this
      behavior is disabled.
      
      I contend that while a legitimate guest could write such a signature to the
      header, we would behave incorrectly anyway upon the next invocation of QEMU.
      This simply changes the incorrect behavior to not involve a security
      vulnerability.
      
      I've tested this pretty extensively both in the positive and negative case.  I'm
      not 100% confident in the block layer's ability to deal with zero sized writes
      particularly with respect to the aio functions so some additional eyes would be
      appreciated.
      
      Even in the case of a single sector write, we have to make sure to invoked the
      completion from a bottom half so just removing the zero sized write is not an
      option.
      Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
      79368c81
  7. 14 7月, 2010 5 次提交
  8. 13 7月, 2010 12 次提交
    • M
      ide scsi virtio-blk: Reject empty drives unless media is removable · 98f28ad7
      Markus Armbruster 提交于
      Disks without media make no sense.  For SCSI, a Linux guest kernel
      complains during boot.  I didn't try other combinations.
      
      scsi-generic doesn't need the additional check, because it already
      requires bdrv_is_sg(), which fails without media.
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      98f28ad7
    • M
      virtio-blk: Fix virtio-blk-s390 to require drive · d75d25e3
      Markus Armbruster 提交于
      Move the check from virtio_blk_init_pci(), where it protects only
      virtio-blk-pci, to virtio_blk_init().  Without that, virtio-blk-s390
      initializes without a drive.  I figure that can lead to null pointer
      dereferences.
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      d75d25e3
    • M
      virtio-pci: Check for virtio_blk_init() failure · ac0c14d7
      Markus Armbruster 提交于
      It can't actually fail now, but the next commit will change that.
      
      s390_virtio_blk_init() already checks for failure, but
      virtio_blk_init_pci() doesn't.  Fix that.
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      ac0c14d7
    • S
      Block migration fail, ignore error from bdrv_getlength · 31f54f24
      Shahar Havivi 提交于
      When there is no block driver associate with BlockDriverState bdrv_getlength
      returns -ENOMEDIUM that cause block migration to fail
      Signed-off-by: NShahar Havivi <shaharh@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      31f54f24
    • S
      qemu-img: Fix copy+paste bug in documentation · 5fb58b06
      Stefan Weil 提交于
      Replace rebase by resize in documentation of resize command.
      
      Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
      Cc: Kevin Wolf <kwolf@redhat.com>
      Signed-off-by: NStefan Weil <weil@mail.berlios.de>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      5fb58b06
    • A
      virtio-serial: Assert for virtio queue ready before virtqueue operations · fd11a78b
      Amit Shah 提交于
      In addition to the previous fix for calling do_flush_queued_data() only
      when the virtqueue is ready, ensure do_flush_queued_data() gets a vq
      that's suitably initialised.
      Signed-off-by: NAmit Shah <amit.shah@redhat.com>
      Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
      fd11a78b
    • A
      virtio-serial: Check if virtio queue is ready before consuming data · 6b611d3a
      Amit Shah 提交于
      If a virtio-serial port is removed before the guest comes up and
      initialises the virtqueues, qemu exits with the message
      
      Guest moved used index from 0 to 61440
      
      This happens because we try to clear any pending buffers from the
      virtqueue.
      
      Ensure the virtqueue is initialised before calling any virtqueue
      operations.
      Signed-off-by: NAmit Shah <amit.shah@redhat.com>
      Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
      6b611d3a
    • S
      virtio-9p: Avoid SEGV when log file couldn't be opened · a03c54f1
      Sripathi Kodi 提交于
      While running in debug mode if 9P server is unable to open the log file
      it results in a SEGV deep down in glibc:
      
      Program received signal SIGSEGV, Segmentation fault.
      0x008fca8c in fwrite () from /lib/libc.so.6
      (gdb) bt
      #0  0x008fca8c in fwrite () from /lib/libc.so.6
      #1  0x081eb87e in pprint_pdu (pdu=0x89a52e1c)
          at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-9p-debug.c:380
      #2  0x0806dad8 in submit_pdu (s=0x897dc008, pdu=0x89a52e1c)
          at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-9p.c:3092
      #3  0x0806dc63 in handle_9p_output (vdev=0x897dc008, vq=0x86d8218)
          at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-9p.c:3122
      #4  0x081ac728 in virtio_queue_notify (vdev=0x897dc008, n=0)
          at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio.c:563
      #5  0x08063876 in virtio_ioport_write (opaque=0x86d7b98, addr=16, val=0)
          at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-pci.c:222
      #6  0x08063e26 in virtio_pci_config_writew (opaque=0x86d7b98, addr=16, val=0)
          at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-pci.c:357
      #7  0x080c881a in ioport_write (index=1, address=49296, data=0) at ioport.c:80
      #8  0x080c8d4c in cpu_outw (addr=49296, val=0) at ioport.c:204
      #9  0x08073010 in kvm_handle_io (port=49296, data=0xab393000, direction=1, size=2, count=1)
          at /data/sripathi/code/qemu/new/qemu-next-upstream/kvm-all.c:735
      ...
      ...
      
      This is ugly and misleading. The following patch adds a BUG_ON to catch this
      error. With this patch we get an abort message like the following, which makes
      it easier to analyze:
      
      f12-kvm login: qemu: /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-9p-debug.c:353: pprint_pdu: Assertion `!(!llogfile)' failed.
      Signed-off-by: NSripathi Kodi <sripathik@in.ibm.com>
      Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
      a03c54f1
    • A
      pc: Avoid registering zero sized memory · bbe80adf
      Alex Williamson 提交于
      No need to call cpu_register_physical_memory() for a zero sized area.
      Signed-off-by: NAlex Williamson <alex.williamson@redhat.com>
      Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
      bbe80adf
    • A
      f077caa9
    • A
      Update SeaBIOS · 8c929e1e
      Anthony Liguori 提交于
       - 17d3e46 smbios: Allow all fields to be set via qemu_cfg_smbios_load_field()
       - 0d6b8d5 seabios: pciinit: use pci device initializer helper function.
       - 968d3a8 seabios: pci: introduce helper function to initialize a given device.
       - 4e0daae virtio: Clear interrupt status register in virtio-blk
       - af0963d seabios: pciinit: initialize pci bridge filtering registers.
       - f441666 seabios: pciinit: pci bridge bus initialization.
       - 5d0de15 seabios: pciinit: make bar offset calculation pci bridge aware.
       - a65821d seabios: pciinit: factor out bar offset calculation.
       - 0a8eada seabios: pciinit: make pci bar assigner preferchable memory aware.
       - dfd94fa seabios: pciinit: make pci memory space assignment 64bit aware.
       - b9e4721 seabios: pciinit: factor out pci bar region allocation logic.
       - edd9911 seabios: pci: introduce foreachpci_in_bus() helper macro.
       - f79a462 Add romfile_size() wrapper for accessing cbfs/qemu_cfg files.
       - afbed1b Initial bootsplash support.
       - 83d6ed6 Update TODO
       - 1d7d893 Fix bvprintf() to respect padding for hex printing.
       - e230426 Unify optionrom cbfs/qemu_cfg rom pulling code.
       - 8cb8ba5 SeaBIOS VGA hooks
       - 203f6f3 SeaBIOS CD/DVD abbreviations
       - 12cbb43 seabios: remove iasl output file when error.
       - d5d02b6 Allocate cdemu buffer in low mem instead of ebda.
       - 8f59aa3 Introduce memcpy_fl - a memcpy on "flat" pointers.
       - 42a1d4c Rework malloc to use a "first fit" algorithm.
       - 34e9cc5 Minor mptable changes.
       - 0f3783b virtio: clean up memory barrier usage
       - bfe4d60 virtio: remove NO_NOTIFY optimization
       - bb68591 Don't use RTC to time boot menu delay.
       - b5cc2ca Generalize timer based delay code.
       - 144817b Rename check_time() to check_tsc().
       - 9c447c3 Allow wait_irq to be called in 32bit code.
       - 49cc72b Improve optionrom debugging statements.
       - c65a4a6 Minor - compile out usb-msc code if CONFIG_USB_MSC not set.
       - 456479e Minor ata cleanups.
       - 2515a72 Make sure virtio-blk is fully compiled out if not wanted.
       - c4fe135 Minor - split up virtio_blk_setup().
       - 4030db0 fix two issues with virtio-blk
       - ea8ac63 Minor improvements to virtio (allow irqs, allocate page aligned).
      Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
      8c929e1e
    • I
      pci/multi function bit: fix vt82c686.c. · aa5fb7b3
      Isaku Yamahata 提交于
      The file, vt82c686.c, was added after the change set of
      b80d4a98 and
      fecb93c4
      are created, but before the patch series was commit.
      So similar fix is needed to vt82c686.c.
      
      Cc: Huacai Chen <zltjiangshi@gmail.com>
      Cc: Aurelien Jarno <aurelien@aurel32.net>
      Cc: Michael S. Tsirkin <mst@redhat.com>
      Cc: Blue Swirl <blauwirbel@gmail.com>
      Signed-off-by: NIsaku Yamahata <yamahata@valinux.co.jp>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      aa5fb7b3
  9. 12 7月, 2010 5 次提交