- 03 11月, 2014 12 次提交
-
-
由 Denis V. Lunev 提交于
This is simple test image for the following commit made by me. commit d25d5980 Author: Denis V. Lunev <den@openvz.org> Date: Mon Jul 28 20:23:55 2014 +0400 parallels: 2TB+ parallels images support Signed-off-by: NDenis V. Lunev <den@openvz.org> Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com> Message-id: 1412759610-2257-3-git-send-email-den@openvz.org CC: Jeff Cody <jcody@redhat.com> CC: Kevin Wolf <kwolf@redhat.com> CC: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Denis V. Lunev 提交于
The image was generated using http://openvz.org/Ploop utility and properly filled with the same content as original one. Signed-off-by: NDenis V. Lunev <den@openvz.org> Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com> Message-id: 1412759610-2257-2-git-send-email-den@openvz.org CC: Jeff Cody <jcody@redhat.com> CC: Kevin Wolf <kwolf@redhat.com> CC: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Chris Spiegel 提交于
If an error occurs in bdrv_snapshot_delete_by_id_or_name(), "err" is freed. If "err" is not set to NULL before calling bdrv_snapshot_delete_by_id_or_name() again, it will not be updated on error, and will be freed again. This can be triggered by starting a VM with at least two drives and then attempting to delete a non-existent snapshot. Broken in commit a89d89d3. Signed-off-by: NChris Spiegel <chris.spiegel@cypherpath.com> Reviewed-by: NMarkus Armbruster <armbru@redhat.com> Message-id: 1412613225-32676-1-git-send-email-chris.spiegel@cypherpath.com Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 John Snow 提交于
The SDB FIS creation was mangled; We were writing the error byte to byte 0, and omitting the SDB FIS magic byte. Though the SDB packet layout states that: byte 0: Must be 0xA1 to indicate SDB FIS. byte 1: Port multiplier select & other flags byte 2: status byte. byte 3: error byte. This patch adds an SDB FIS structure with human-readable names, and ensures that we are filling the structure appropriately. Signed-off-by: NJohn Snow <jsnow@redhat.com> Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com> Tested-by: NMichael S. Tsirkin <mst@redhat.com> Message-id: 1412204151-18117-7-git-send-email-jsnow@redhat.com Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 John Snow 提交于
Currently, DMA read/write operations neglect to update the byte count after a successful transfer like ATAPI DMA read or PIO read/write operations do. We correct this oversight by adding another callback into the IDEDMAOps structure. The commit callback is called whenever we are cleaning up a scatter-gather list. AHCI can register this callback in order to update post- transfer information such as byte count updates. We use this callback in AHCI to consolidate where we delete the SGlist as generated from the PRDT, as well as update the byte count after the transfer is complete. The QEMUSGList structure has an init flag added to it in order to make qemu_sglist_destroy a nop if it is called when there is no sglist, which simplifies cleanup and error paths. This patch fixes several AHCI problems, notably Non-NCQ modes of operation for Windows 7 as well as Hibernate support for Windows 7. Signed-off-by: NJohn Snow <jsnow@redhat.com> Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com> Tested-by: NMichael S. Tsirkin <mst@redhat.com> Message-id: 1412204151-18117-3-git-send-email-jsnow@redhat.com Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 John Snow 提交于
Currently, the D2H FIS packets AHCI generates simply parrot back the LBA that the guest sent to us in the cmd_fis. However, some commands (like READ NATIVE MAX) modify the LBA registers as a return value, through which the AHCI D2H FIS is the only response mechanism. Thus, the D2H response should use the current register values, not the initial ones. This patch adjusts the LBA and drive select register responses for PIO Setup and D2H FIS response packets. Additionally, the PIO and D2H FIS responses copy too many bytes from the command FIS that it is being generated from. Specifically, byte 11 which is the Features(15:8) field for Register Host to Device FIS packets, is instead reserved for the PIO Setup FIS and should always be 0. Signed-off-by: NJohn Snow <jsnow@redhat.com> Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com> Tested-by: NMichael S. Tsirkin <mst@redhat.com> Message-id: 1412204151-18117-2-git-send-email-jsnow@redhat.com Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Peter Lieven 提交于
Cancel oversized requests early. They would generate an iSCSI protocol error anyway; after having transferred possibly a lot of data over the wire. Suggested-By: NMax Reitz <mreitz@redhat.com> Signed-off-by: NPeter Lieven <pl@kamp.de> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Peter Lieven 提交于
As Max pointed out there is a hidden cast from int64_t to int for all limits. So use the newly introduced sector_limits_lun2qemu for all limits received from the target. Signed-off-by: NPeter Lieven <pl@kamp.de> Reviewed-by: NMax Reitz <mreitz@redhat.com> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Peter Lieven 提交于
Signed-off-by: NPeter Lieven <pl@kamp.de> Reviewed-by: NRonnie Sahlberg <ronniesahlberg@gmail.com> Reviewed-by: NMax Reitz <mreitz@redhat.com> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Peter Lieven 提交于
Copy the max_xfer_len from the BlockLimits VPD or use the maximum value fitting in the CDB. The helper function sector_limits_lun2qemu is introduced to convert and cap the limits from the VPD to the maximum power of two fitting in an integer; integer is the range for nb_sectors throughout the block layer. Signed-off-by: NPeter Lieven <pl@kamp.de> Reviewed-by: NMax Reitz <mreitz@redhat.com> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Peter Lieven 提交于
Signed-off-by: NPeter Lieven <pl@kamp.de> Reviewed-by: NMax Reitz <mreitz@redhat.com> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Peter Lieven 提交于
at least in block layer we have the case of limits being defined for a BlockDriverState. However, in this context often zero (0) has the special meanining of undefined which means no limit. If two of those limits are combined and the minimum is needed the minimum function should only return zero if both parameters are zero. Signed-off-by: NPeter Lieven <pl@kamp.de> Reviewed-by: NMax Reitz <mreitz@redhat.com> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
- 02 11月, 2014 1 次提交
-
-
由 Aurelien Jarno 提交于
Commit 9d8bf2d1 moved the softmmu slow path out of line and introduce a regression at the same time by always calling tcg_out_tlb_load with is_load=1. This makes impossible to run any significant code under qemu-system-mips*. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: qemu-stable@nongnu.org Reviewed-by: NRichard Henderson <rth@twiddle.net> Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
-
- 31 10月, 2014 4 次提交
-
-
由 Peter Maydell 提交于
* remotes/sstabellini/xen-2014-10-30: fix off-by-one error in pci_piix3_xen_ide_unplug xen-hvm.c: Add support for Xen access to vmport Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
vmware-vga: add rectangle verification (CVE-2014-3689) # gpg: Signature made Wed 29 Oct 2014 11:45:29 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-cve-2014-3689-20141029-1: vmware-vga: use vmsvga_verify_rect in vmsvga_fill_rect vmware-vga: use vmsvga_verify_rect in vmsvga_copy_rect vmware-vga: use vmsvga_verify_rect in vmsvga_update_rect vmware-vga: add vmsvga_verify_rect vmware-vga: CVE-2014-3689: turn off hw accel Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
vnc: return directly if no vnc client connected vnc: sanitize bits_per_pixel from the client (CVE-2014-7815) # gpg: Signature made Tue 28 Oct 2014 10:52:31 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-vnc-20141028-1: vnc: return directly if no vnc client connected vnc: sanitize bits_per_pixel from the client Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
Fixes for libcacard (usb smartcard emulation), xhci and uhci. # gpg: Signature made Tue 28 Oct 2014 10:39:52 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-usb-20141028-1: uhci: remove useless DEBUG xhci: add property to turn on/off streams support libcacard: don't free sign buffer while sign op is pending libcacard: Lock NSS cert db when selecting an applet on an emulated card libcacard: introduce new vcard_emul_logout Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 30 10月, 2014 5 次提交
-
-
由 Peter Maydell 提交于
gtk: fix two warnings with gtk 3.14+ # gpg: Signature made Tue 28 Oct 2014 10:25:52 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-gtk-20141028-1: gtk: avoid gd_widget_reparent with gtk 3.14+ gtk: drop gtk_widget_set_double_buffered call Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 James Harper 提交于
Fix off-by-one error when unplugging disks, which would otherwise leave the last ATA disk plugged, with obvious consequences. Also rewrite loop to be more readable. Signed-off-by: NJames Harper <james.harper@ejbdigital.com.au> Signed-off-by: NStefano Stabellini <stefano.stabellini@eu.citrix.com>
-
由 Don Slutz 提交于
This adds synchronisation of the 6 vcpu registers (only 32bits of them) that vmport.c needs between Xen and QEMU. This is to avoid a 2nd and 3rd exchange between QEMU and Xen to fetch and put these 6 vcpu registers used by the code in vmport.c and vmmouse.c The registers are passed in the new shared page provided by HVM_PARAM_VMPORT_REGS_PFN. Add new array to XenIOState that allows selection of current_cpu by vcpu id. Now pass XenIOState to handle_ioreq(). Add new routines regs_to_cpu(), regs_from_cpu(), and handle_vmport_ioreq(). Signed-off-by: NDon Slutz <dslutz@verizon.com> Reviewed-by: NPaul Durrant <paul.durrant@citrix.com> Signed-off-by: NStefano Stabellini <stefano.stabellini@eu.citrix.com>
-
由 Peter Maydell 提交于
virtio-scsi fixes, the first part of dynamic sysbus devices, MAINTAINERS updates, and AVX512 support. # gpg: Signature made Mon 27 Oct 2014 15:12:13 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (28 commits) aio / timers: De-document -clock hw/scsi/virtio-scsi.c: fix the "type" use error in virtio_scsi_handle_ctrl virtio-scsi: sense in virtio_scsi_command_complete target-i386: add Intel AVX-512 support get_maintainer.pl: restrict cases where it falls back to --git get_maintainer.pl: move git loop under "if ($email) {" qtest: fix qtest log fd should be initialized before qtest chardev MAINTAINERS: avoid M entries that point to mailing lists MAINTAINERS: add some tests directories MAINTAINERS: Add more TCG files MAINTAINERS: add myself for X86 MAINTAINERS: add Samuel Thibault as usb-serial.c and baum.c maintainer MAINTAINERS: grab more files from Anthony's pile target-i386: warns users when CPU threads>1 for non-Intel CPUs sysbus: Use TYPE_DEVICE GPIO functionality qdev: gpio: Define qdev_pass_gpios() qdev: gpio: Remove qdev_init_gpio_out x1 restriction qdev: gpio: delete NamedGPIOList::out irq: Remove qemu_irq_intercept_out qtest/irq: Rework IRQ interception ... Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Paolo Bonzini 提交于
The virtio-rng backend is currently linked twice, once in the proxy device (e.g. virtio-rng-pci) and once in virtio-rng-device. This causes a double unref of the backend when the parent device is unplugged. To fix this, make the proxy device use an alias, similar to what is already being done for the iothread link. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Reviewed-by: NGonglei <arei.gonglei@huawei.com> Message-id: 1414577839-18695-1-git-send-email-pbonzini@redhat.com Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 29 10月, 2014 2 次提交
-
-
由 Gerd Hoffmann 提交于
Add verification to vmsvga_fill_rect, re-enable HW_FILL_ACCEL. Cc: qemu-stable@nongnu.org Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Reviewed-by: NDon Koch <dkoch@verizon.com>
-
由 Gerd Hoffmann 提交于
Add verification to vmsvga_copy_rect, re-enable HW_RECT_ACCEL. Cc: qemu-stable@nongnu.org Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Reviewed-by: NDon Koch <dkoch@verizon.com>
-
- 28 10月, 2014 12 次提交
-
-
由 ChenLiang 提交于
graphic_hw_update and vnc_refresh_server_surface aren't need to do when no vnc client connected. It can reduce lock contention, because vnc_refresh will hold global big lock two millisecond every three seconds. Signed-off-by: NChenLiang <chenliang88@huawei.com> Signed-off-by: NGonglei <arei.gonglei@huawei.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Petr Matousek 提交于
bits_per_pixel that are less than 8 could result in accessing non-initialized buffers later in the code due to the expectation that bytes_per_pixel value that is used to initialize these buffers is never zero. To fix this check that bits_per_pixel from the client is one of the values that the rfb protocol specification allows. This is CVE-2014-7815. Signed-off-by: NPetr Matousek <pmatouse@redhat.com> [ kraxel: apply codestyle fix ] Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Gonglei 提交于
commit 50dcc0f8 (uhci: tracing support) had removed DPRINTF, the DEBUG marco is useless now, remove it. Signed-off-by: NGonglei <arei.gonglei@huawei.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Gerd Hoffmann 提交于
streams support in usb-redir and usb-host works only with recent enough versions of the support libraries (libusbredir and libusbx). Failure mode is rather unelegant: Any stream usb transfers will throw stall errors. Turning off support for streams in the xhci host controller will work better as the guest can figure beforehand that streams are not going to work. Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Reviewed-by: NHans de Goede <hdegoede@redhat.com>
-
由 Ray Strode 提交于
commit 57f97834 cleaned up the cac_applet_pki_process_apdu function to have a single exit point. Unfortunately, that commit introduced a bug where the sign buffer can get free'd and nullified while it's still being used. This commit corrects the bug by introducing a boolean to track whether or not the sign buffer should be freed in the function exit path. Signed-off-by: NRay Strode <rstrode@redhat.com> Reviewed-by: NAlon Levy <alon@pobox.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Ray Strode 提交于
When a process in a guest uses an emulated smartcard, libcacard running on the host passes the PIN from the guest to the PK11_Authenticate NSS function. The first time PK11_Authenticate is called the passed in PIN is used to unlock the certificate database. Subsequent calls to PK11_Authenticate will transparently succeed, regardless of the passed in PIN. This is a convenience for applications provided by NSS. Of course, the guest may have many applications using the one emulated smart card all driven from the same host QEMU process. That means if a user enters the right PIN in one program in the guest, and then enters the wrong PIN in another program in the guest, the wrong PIN will still successfully unlock the virtual smartcard. This commit forces the NSS certificate database to be locked anytime an applet is selected on an emulated smartcard by calling vcard_emul_logout. Signed-off-by: NRay Strode <rstrode@redhat.com> Reviewed-By: NRobert Relyea <rrelyea@redhat.com> Reviewed-By: NAlon Levy <alevy@redhat.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Ray Strode 提交于
vcard_emul_reset currently only logs NSS out, but there is a TODO for potentially sending insertion/removal events when powering down or powering up. For clarity, this commit moves the current guts of vcard_emul_reset to a new vcard_emul_logout function which will never send insertion/removal events. The vcard_emul_reset function now just calls vcard_emul_logout, but also retains its TODO for watching power state transitions and sending insertion/removal events. Signed-off-by: NRay Strode <rstrode@redhat.com> Reviewed-By: NRobert Relyea <rrelyea@redhat.com> Reviewed-By: NAlon Levy <alevy@redhat.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Gerd Hoffmann 提交于
gtk_widget_reparent is depricated in gtk 3.14, stop using it. Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Gerd Hoffmann 提交于
Dunno why it is here. Removing it seems to have no ill side effects. It is depricated in 3.14+. In some cases it has no effect since 3.10 according to the docs: https://developer.gnome.org/gtk3/stable/GtkWidget.html#gtk-widget-set-double-bufferedSigned-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Gerd Hoffmann 提交于
Switch vmsvga_update_rect over to use vmsvga_verify_rect. Slight change in behavior: We don't try to automatically fixup rectangles any more. In case we find invalid update requests we'll do a full-screen update instead. Cc: qemu-stable@nongnu.org Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Reviewed-by: NDon Koch <dkoch@verizon.com>
-
由 Gerd Hoffmann 提交于
Add verification function for rectangles, returning true if verification passes and false otherwise. Cc: qemu-stable@nongnu.org Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Reviewed-by: NDon Koch <dkoch@verizon.com>
-
由 Gerd Hoffmann 提交于
Quick & easy stopgap for CVE-2014-3689: We just compile out the hardware acceleration functions which lack sanity checks. Thankfully we have capability bits for them (SVGA_CAP_RECT_COPY and SVGA_CAP_RECT_FILL), so guests should deal just fine, in theory. Subsequent patches will add the missing checks and re-enable the hardware acceleration emulation. Cc: qemu-stable@nongnu.org Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Reviewed-by: NDon Koch <dkoch@verizon.com>
-
- 27 10月, 2014 4 次提交
-
-
由 Markus Armbruster 提交于
Commit 6d327171 "aio / timers: Remove alarm timers" has issues: 1. It silently ignores -clock for backward compatibility. Incompatible change: -clock help no longer terminates the program. Tolerable. 2. Failed to update option documentation. In particular, -help still advises users to try -clock help for available timers. Drop all documentation on -clock. 3. The 'query-alarm-clock' example in docs/writing-commands.txt no longer works, and needs to be redone. Can't do that right now, so I just stick in a FIXME. Signed-off-by: NMarkus Armbruster <armbru@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Bin Wu 提交于
The local variable "type" in virtio_scsi_handle_ctl represents the tmf command type from the guest and it has the same meaning as the req->req.tmf.type. However, before the invoking of virtio_scsi_parse_req the req->req.tmf.type doesn't has the correct value(just initialized to zero). Therefore, we need to use the "type" variable to judge the case. Cc: qemu-stable@nongnu.org Signed-off-by: NBin Wu <wu.wubin@huawei.com> [Actually make it compile, "type" must be uint32_t in order to pass it to virtio_tswap32s. - Paolo] Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Ting Wang 提交于
If req->resp.cmd.status is not GOOD, the address of sense for qemu_iovec_from_buf should be modified from &req->resp to sense. Cc: qemu-stable@nongnu.org Signed-off-by: NTing Wang <kathy.wangting@huawei.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Jan Kiszka 提交于
This reverts commit 15124e14. It breaks debuggability of qemu and is no longer needed as the problem has now been addressed in a different way. Instead we provide a comment about why these signals must be handled asynchronously. Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com> Reviewed-by: NGonglei <arei.gonglei@huawei.com> [PMM: added comment] Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-