qemu.git
8 years agoMerge remote-tracking branch 'otubo/seccomp' into staging
Anthony Liguori [Thu, 10 Oct 2013 20:15:46 +0000 (13:15 -0700)] 
Merge remote-tracking branch 'otubo/seccomp' into staging

# By Eduardo Otubo
# Via Eduardo Otubo
* otubo/seccomp:
  seccomp: fine tuning whitelist by adding times()

Message-id: 1380047458-21673-1-git-send-email-otubo@linux.vnet.ibm.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
8 years agoMerge remote-tracking branch 'mcayland/qemu-openbios' into staging
Anthony Liguori [Thu, 10 Oct 2013 20:00:03 +0000 (13:00 -0700)] 
Merge remote-tracking branch 'mcayland/qemu-openbios' into staging

* mcayland/qemu-openbios:
  Update OpenBIOS images

Signed-off-by: Anthony Liguori <aliguori@amazon.com>
8 years agoMerge remote-tracking branch 'sstabellini/xen-2013-10-10' into staging
Anthony Liguori [Thu, 10 Oct 2013 17:03:38 +0000 (10:03 -0700)] 
Merge remote-tracking branch 'sstabellini/xen-2013-10-10' into staging

# By Matthew Daley (1) and Roger Pau Monné (1)
# Via Stefano Stabellini
* sstabellini/xen-2013-10-10:
  qemu/xen: make use of xenstore relative paths
  xen_disk: mark ioreq as mapped before unmapping in error case

8 years agoMerge remote-tracking branch 'bonzini/scsi-next' into staging
Anthony Liguori [Thu, 10 Oct 2013 17:03:00 +0000 (10:03 -0700)] 
Merge remote-tracking branch 'bonzini/scsi-next' into staging

# By Asias He (1) and Peter Lieven (1)
# Via Paolo Bonzini
* bonzini/scsi-next:
  scsi: Allocate SCSITargetReq r->buf dynamically [CVE-2013-4344]
  block/iscsi: reenable iscsi_co_get_block_status

Message-id: 1381332391-8781-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
8 years agoUpdate email address
Anthony Liguori [Thu, 10 Oct 2013 16:56:25 +0000 (09:56 -0700)] 
Update email address

Amazon is now funding my work as QEMU maintainer so update addresses
accordingly.

Signed-off-by: Anthony Liguori <aliguori@amazon.com>
8 years agoqemu/xen: make use of xenstore relative paths
Roger Pau Monné [Thu, 10 Oct 2013 14:25:52 +0000 (14:25 +0000)] 
qemu/xen: make use of xenstore relative paths

Qemu has several hardcoded xenstore paths that are only valid on Dom0.
Attempts to launch a Qemu instance (to act as a userspace backend for
PV disks) will fail because Qemu is not able to access those paths
when running on a domain different than Dom0.

Instead make the xenstore paths relative to the domain where Qemu is
actually running.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Cc: xen-devel@lists.xenproject.org
Cc: Anthony PERARD <anthony.perard@citrix.com>
8 years agoxen_disk: mark ioreq as mapped before unmapping in error case
Matthew Daley [Thu, 10 Oct 2013 14:10:48 +0000 (14:10 +0000)] 
xen_disk: mark ioreq as mapped before unmapping in error case

Commit 4472beae modified the semantics of ioreq_{un,}map so that they are
idempotent if called when they're not needed (ie., twice in a row). However,
it neglected to handle the case where batch mapping is not being used (the
default), and one of the grants fails to map. In this case, ioreq_unmap will
be called to unwind and unmap any mappings already performed, but ioreq_unmap
simply returns due to the aforementioned change (the ioreq has not already
been marked as mapped).

The frontend user can therefore force xen_disk to leak grant mappings, a
per-domain limited resource.

Fix by marking the ioreq as mapped before calling ioreq_unmap in this
situation.

Signed-off-by: Matthew Daley <mattjd@gmail.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
8 years agoscsi: Allocate SCSITargetReq r->buf dynamically [CVE-2013-4344]
Asias He [Wed, 9 Oct 2013 07:41:03 +0000 (15:41 +0800)] 
scsi: Allocate SCSITargetReq r->buf dynamically [CVE-2013-4344]

r->buf is hardcoded to 2056 which is (256 + 1) * 8, allowing 256 luns at
most. If more than 256 luns are specified by user, we have buffer
overflow in scsi_target_emulate_report_luns.

To fix, we allocate the buffer dynamically.

Signed-off-by: Asias He <asias@redhat.com>
Tested-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoMerge remote-tracking branch 'stefanha/block' into staging
Anthony Liguori [Wed, 9 Oct 2013 14:54:42 +0000 (07:54 -0700)] 
Merge remote-tracking branch 'stefanha/block' into staging

# By Max Reitz (5) and others
# Via Stefan Hajnoczi
* stefanha/block:
  block: use correct filename
  qemu-iotests: Correct 026 output
  qcow2: Free allocated L2 cluster on error
  qcow2: Switch L1 table in a single sequence
  block: vhdx - add migration blocker
  block: use correct filename for error report
  qcow2: CHECK_OFLAG_COPIED is obsolete
  qcow2: Correct endianness in overlap check

Message-id: 1381145289-6591-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
8 years agoMerge remote-tracking branch 'mjt/trivial-patches' into staging
Anthony Liguori [Wed, 9 Oct 2013 14:54:20 +0000 (07:54 -0700)] 
Merge remote-tracking branch 'mjt/trivial-patches' into staging

# By Stefan Weil (5) and others
# Via Michael Tokarev
* mjt/trivial-patches:
  migration: Fix compiler warning ('caps' may be used uninitialized)
  util/path: Fix type which is longer than 8 bit for MinGW
  hw/9pfs: Fix errno value for xattr functions
  vl: Clean up unnecessary boot_order complications
  qemu-char: Fix potential out of bounds access to local arrays
  pci-ohci: Add missing 'break' in ohci_service_td
  sh4: Fix serial line access for Linux kernels later than 3.2
  hw/alpha: Fix compiler warning (integer constant is too large)
  target-i386: Fix compiler warning (integer constant is too large)
  block: Remove unused assignment (fixes warning from clang)
  exec: cleanup DEBUG_SUBPAGE
  tests: Fix schema parser test for in-tree build
  tests: Update .gitignore for test-int128 and test-bitops
  .gitignore: ignore tests/qemu-iotests/socket_scm_helper

Message-id: 1381051979-25742-1-git-send-email-mjt@msgid.tls.msk.ru
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
8 years agoMerge remote-tracking branch 'rth/tcg-arm-pull' into staging
Anthony Liguori [Wed, 9 Oct 2013 14:52:57 +0000 (07:52 -0700)] 
Merge remote-tracking branch 'rth/tcg-arm-pull' into staging

# By Richard Henderson
# Via Richard Henderson
* rth/tcg-arm-pull:
  tcg-arm: Move the tlb addend load earlier
  tcg-arm: Remove restriction on qemu_ld output register
  tcg-arm: Return register containing tlb addend
  tcg-arm: Move load of tlb addend into tcg_out_tlb_read
  tcg-arm: Use QEMU_BUILD_BUG_ON to verify constraints on tlb
  tcg-arm: Use strd for tcg_out_arg_reg64
  tcg-arm: Rearrange slow-path qemu_ld/st
  tcg-arm: Use ldrd/strd for appropriate qemu_ld/st64

Message-id: 1380663109-14434-1-git-send-email-rth@twiddle.net
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
8 years agoMerge remote-tracking branch 'sweil/mingw' into staging
Anthony Liguori [Wed, 9 Oct 2013 14:52:21 +0000 (07:52 -0700)] 
Merge remote-tracking branch 'sweil/mingw' into staging

# By Sebastian Ottlik
# Via Stefan Weil
* sweil/mingw:
  util: call socket_set_fast_reuse instead of setting SO_REUSEADDR
  slirp: call socket_set_fast_reuse instead of setting SO_REUSEADDR
  net: call socket_set_fast_reuse instead of setting SO_REUSEADDR
  gdbstub: call socket_set_fast_reuse instead of setting SO_REUSEADDR
  util: add socket_set_fast_reuse function which will replace setting SO_REUSEADDR

Message-id: 1380735690-24009-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
8 years agoMerge remote-tracking branch 'kraxel/chardev.8' into staging
Anthony Liguori [Wed, 9 Oct 2013 14:52:11 +0000 (07:52 -0700)] 
Merge remote-tracking branch 'kraxel/chardev.8' into staging

# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/chardev.8:
  chardev: handle qmp_chardev_add(KIND_MUX) failure

Message-id: 1380708925-6721-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
8 years agoMerge remote-tracking branch 'sweil/tci' into staging
Anthony Liguori [Wed, 9 Oct 2013 14:50:37 +0000 (07:50 -0700)] 
Merge remote-tracking branch 'sweil/tci' into staging

# By Stefan Weil
# Via Stefan Weil
* sweil/tci:
  misc: Use new rotate functions
  bitops: Add rotate functions (rol8, ror8, ...)
  tci: Add implementation of rotl_i64, rotr_i64

Message-id: 1380137693-3729-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
8 years agoblock/iscsi: reenable iscsi_co_get_block_status
Peter Lieven [Wed, 2 Oct 2013 11:52:08 +0000 (13:52 +0200)] 
block/iscsi: reenable iscsi_co_get_block_status

Commit f35c934a accidently disabled iscsi_co_get_block_status for all
libiscsi versions. Its not possible to check for enumeration constants
in the C preprocessor. This patch changes the check to the preprocessor
constant LIBISCSI_FEATURE_IOVECTOR which was introduced shortly after
get_lba_status support was added to libiscsi.

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoblock: use correct filename
Dunrong Huang [Wed, 2 Oct 2013 17:31:27 +0000 (01:31 +0800)] 
block: use correct filename

The content filename point to may be erased by qemu_opts_absorb_qdict()
in raw_open_common() in drv->bdrv_file_open()

So it's better to use bs->filename.

Signed-off-by: Dunrong Huang <riegamaths@gmail.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agoqemu-iotests: Correct 026 output
Max Reitz [Wed, 2 Oct 2013 14:45:31 +0000 (16:45 +0200)] 
qemu-iotests: Correct 026 output

Because l2_allocate now frees the unused L2 cluster on error, the
according test cases in 026 don't result in one leaked cluster anymore.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agoqcow2: Free allocated L2 cluster on error
Max Reitz [Wed, 25 Sep 2013 14:37:19 +0000 (16:37 +0200)] 
qcow2: Free allocated L2 cluster on error

If an error occurs in l2_allocate, the allocated (but unused) L2 cluster
should be freed.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agomigration: Fix compiler warning ('caps' may be used uninitialized)
Michael Tokarev [Sat, 5 Oct 2013 09:18:28 +0000 (13:18 +0400)] 
migration: Fix compiler warning ('caps' may be used uninitialized)

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
8 years agoutil/path: Fix type which is longer than 8 bit for MinGW
Stefan Weil [Wed, 2 Oct 2013 20:40:29 +0000 (22:40 +0200)] 
util/path: Fix type which is longer than 8 bit for MinGW

While dirent->d_type is 8 bit for most systems, it is 32 bit for MinGW.
Reducing it to 8 bit results in a compiler warning because the macro
is_dir_maybe compares that 8 bit value with 32 bit constants.

Using 'unsigned' instead of 'unsigned char' matches the declaration for
MinGW and does not harm the other systems.

MinGW-w64 is not affected: it does not declare d_type.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agohw/9pfs: Fix errno value for xattr functions
Daniel P. Berrange [Tue, 1 Oct 2013 11:28:17 +0000 (12:28 +0100)] 
hw/9pfs: Fix errno value for xattr functions

If there is no operation driver for the xattr type the
functions return '-1' and set errno to '-EOPNOTSUPP'.
When the calling code sets 'ret = -errno' this turns
into a large positive number.

In Linux 3.11, the kernel has switched to using 9p
version 9p2000.L, instead of 9p2000.u, which enables
support for xattr operations. This on its own is harmless,
but for another change which makes it request the xattr
with a name 'security.capability'.

The result is that the guest sees a succesful return
of 95 bytes of data, instead of a failure with errno
set to 95. Since the kernel expects a maximum of 20
bytes for an xattr return this gets translated to the
unexpected errno ERANGE.

This all means that when running a binary off a 9p fs
in 3.11 kernels you get a fun result of:

  # ./date
  sh: ./date: Numerical result out of range

The only workaround is to pass 'version=9p2000.u' when
mounting the 9p fs in the guest, to disable all use of
xattrs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agovl: Clean up unnecessary boot_order complications
Markus Armbruster [Tue, 1 Oct 2013 11:47:22 +0000 (13:47 +0200)] 
vl: Clean up unnecessary boot_order complications

Messed up in commit 8281abd.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoqemu-char: Fix potential out of bounds access to local arrays
Stefan Weil [Mon, 30 Sep 2013 21:04:49 +0000 (23:04 +0200)] 
qemu-char: Fix potential out of bounds access to local arrays

Latest gcc-4.8 supports a new option -fsanitize=address which activates
an AddressSanitizer. This AddressSanitizer stops the QEMU system emulation
very early because two character arrays of size 8 are potentially written
with 9 bytes.

Commit 6ea314d91439741e95772dfbab98b4135e04bebb added the code.

There is no obvious reason why width or height could need 8 characters,
so reduce it to 7 characters which together with the terminating '\0'
fit into the arrays.

Cc: qemu-stable <qemu-stable@nongnu.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Alex Bennée <alex@bennee.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoUpdate OpenBIOS images
Mark Cave-Ayland [Wed, 2 Oct 2013 23:04:20 +0000 (00:04 +0100)] 
Update OpenBIOS images

Update OpenBIOS images to SVN r1229 built from submodule.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
8 years agopci-ohci: Add missing 'break' in ohci_service_td
Ján Veselý [Sat, 21 Sep 2013 20:26:41 +0000 (16:26 -0400)] 
pci-ohci: Add missing 'break' in ohci_service_td

Device communication errors need to be reported to driver.
Add a debug message while at it.

Signed-off-by: Jan Vesely <jano.vesely@gmail.com>
Acked-by: Gerd Hoffmann <kraxel@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agosh4: Fix serial line access for Linux kernels later than 3.2
Guenter Roeck [Sun, 8 Sep 2013 07:39:05 +0000 (00:39 -0700)] 
sh4: Fix serial line access for Linux kernels later than 3.2

With Linux kernel version 3.3 or later, qemu fails with the following message:

sh_serial: unsupported read from 0x18
  Aborted

Reported-and-analyzed-by: Rob Landley <rob@landley.net>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agohw/alpha: Fix compiler warning (integer constant is too large)
Stefan Weil [Sun, 29 Sep 2013 15:51:20 +0000 (17:51 +0200)] 
hw/alpha: Fix compiler warning (integer constant is too large)

From buildbot default_i386_rhel61:

  CC    alpha-softmmu/hw/alpha/typhoon.o
hw/alpha/typhoon.c: In function 'typhoon_translate_iommu':
hw/alpha/typhoon.c:703: warning: integer constant is too large for 'long' type
hw/alpha/typhoon.c:703: warning: integer constant is too large for 'long' type

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agotarget-i386: Fix compiler warning (integer constant is too large)
Stefan Weil [Sun, 29 Sep 2013 15:55:56 +0000 (17:55 +0200)] 
target-i386: Fix compiler warning (integer constant is too large)

From buildbot default_i386_rhel61:

  CC    i386-softmmu/target-i386/arch_memory_mapping.o
target-i386/arch_memory_mapping.c: In function 'walk_pde':
target-i386/arch_memory_mapping.c:110: warning:
 integer constant is too large for 'long' type

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoblock: Remove unused assignment (fixes warning from clang)
Stefan Weil [Sat, 28 Sep 2013 09:55:14 +0000 (11:55 +0200)] 
block: Remove unused assignment (fixes warning from clang)

blockdev.c:1929:13: warning: Value stored to 'ret' is never read
            ret = 0;
            ^     ~

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoexec: cleanup DEBUG_SUBPAGE
Amos Kong [Fri, 27 Sep 2013 01:25:38 +0000 (09:25 +0800)] 
exec: cleanup DEBUG_SUBPAGE

Touched some error after enabling DEBUG_SUBPAGE.

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agotests: Fix schema parser test for in-tree build
Markus Armbruster [Tue, 24 Sep 2013 07:43:39 +0000 (09:43 +0200)] 
tests: Fix schema parser test for in-tree build

Commit 4f193e3 added the test, but screwed up in-tree builds
(SRCDIR=.): the tests's output overwrites the expected output, and is
thus compared to itself.

Cc: qemu-stable@nongnu.org
Reported-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoutil: call socket_set_fast_reuse instead of setting SO_REUSEADDR
Sebastian Ottlik [Wed, 2 Oct 2013 10:23:16 +0000 (12:23 +0200)] 
util: call socket_set_fast_reuse instead of setting SO_REUSEADDR

SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.

Signed-off-by: Sebastian Ottlik <ottlik@fzi.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
8 years agoslirp: call socket_set_fast_reuse instead of setting SO_REUSEADDR
Sebastian Ottlik [Wed, 2 Oct 2013 10:23:15 +0000 (12:23 +0200)] 
slirp: call socket_set_fast_reuse instead of setting SO_REUSEADDR

SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.

Signed-off-by: Sebastian Ottlik <ottlik@fzi.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
8 years agonet: call socket_set_fast_reuse instead of setting SO_REUSEADDR
Sebastian Ottlik [Wed, 2 Oct 2013 10:23:14 +0000 (12:23 +0200)] 
net: call socket_set_fast_reuse instead of setting SO_REUSEADDR

SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.

An exception to this rule are multicast sockets where it is sensible to have
multiple sockets listen on the same ip and port and we should set SO_REUSEADDR
on windows.

Signed-off-by: Sebastian Ottlik <ottlik@fzi.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
8 years agogdbstub: call socket_set_fast_reuse instead of setting SO_REUSEADDR
Sebastian Ottlik [Wed, 2 Oct 2013 10:23:13 +0000 (12:23 +0200)] 
gdbstub: call socket_set_fast_reuse instead of setting SO_REUSEADDR

SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.

Signed-off-by: Sebastian Ottlik <ottlik@fzi.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
8 years agoutil: add socket_set_fast_reuse function which will replace setting SO_REUSEADDR
Sebastian Ottlik [Wed, 2 Oct 2013 10:23:12 +0000 (12:23 +0200)] 
util: add socket_set_fast_reuse function which will replace setting SO_REUSEADDR

If a socket is closed it remains in TIME_WAIT state for some time. On operating
systems using BSD sockets the endpoint of the socket may not be reused while in
this state unless SO_REUSEADDR was set on the socket. On windows on the other
hand the default behaviour is to allow reuse (i.e. identical to SO_REUSEADDR on
other operating systems) and setting SO_REUSEADDR on a socket allows it to be
bound to a endpoint even if the endpoint is already used by another socket
independently of the other sockets state. This can even result in undefined
behaviour.

Many sockets used by QEMU should not block the use of their endpoint after being
closed while they are still in TIME_WAIT state. Currently QEMU sets SO_REUSEADDR
for such sockets, which can lead to problems on Windows. This patch introduces
the function socket_set_fast_reuse that should be used instead of setting
SO_REUSEADDR when fast socket reuse is desired and behaves correctly on all
operating systems.

As a failure of this function can only be caused by bad QEMU internal errors, an
assertion handles these situations. The return value is still passed on, to
minimize changes in client code and prevent unused variable warnings if NDEBUG
is defined.

Signed-off-by: Sebastian Ottlik <ottlik@fzi.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
8 years agoUpdate MAINTAINERS
Anthony Liguori [Wed, 2 Oct 2013 17:09:12 +0000 (12:09 -0500)] 
Update MAINTAINERS

All of Paul's emails are bouncing and he hasn't been active for
some time.

Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
8 years agoqcow2: Switch L1 table in a single sequence
Max Reitz [Mon, 30 Sep 2013 15:57:21 +0000 (17:57 +0200)] 
qcow2: Switch L1 table in a single sequence

Switching the L1 table in memory should be an atomic operation, as far
as possible. Calling qcow2_free_clusters on the old L1 table on disk is
not a good idea when the old L1 table is no longer valid and the address
to the new one hasn't yet been written into the corresponding
BDRVQcowState field. To be more specific, this can lead to segfaults due
to qcow2_check_metadata_overlap trying to access the L1 table during the
free operation.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agoblock: vhdx - add migration blocker
Jeff Cody [Tue, 1 Oct 2013 15:59:20 +0000 (11:59 -0400)] 
block: vhdx - add migration blocker

This blocks migration for VHDX image files, until the
functionality can be supported.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agoblock: use correct filename for error report
Dunrong Huang [Tue, 24 Sep 2013 10:14:01 +0000 (18:14 +0800)] 
block: use correct filename for error report

The content filename point to will be erased by qemu_opts_absorb_qdict()
in raw_open_common() in drv->bdrv_file_open()

So it's better to use bs->filename.

Signed-off-by: Dunrong Huang <riegamaths@gmail.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agoqcow2: CHECK_OFLAG_COPIED is obsolete
Max Reitz [Mon, 30 Sep 2013 07:21:07 +0000 (09:21 +0200)] 
qcow2: CHECK_OFLAG_COPIED is obsolete

CHECK_OFLAG_COPIED as a parameter to check_refcounts_l1 and
check_refcounts_l2 is obselete now, since the OFLAG_COPIED consistency
check is actually no longer performed by these functions (but by
check_oflag_copied).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agoqcow2: Correct endianness in overlap check
Max Reitz [Mon, 30 Sep 2013 06:59:28 +0000 (08:59 +0200)] 
qcow2: Correct endianness in overlap check

If an inactive L1 table is loaded from disk, its entries are in big
endian and have to be converted to host byte order before using them.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotcg-arm: Move the tlb addend load earlier
Richard Henderson [Fri, 30 Aug 2013 16:48:56 +0000 (09:48 -0700)] 
tcg-arm: Move the tlb addend load earlier

There are free scheduling slots between the sequence of
comparison instructions.  This requires changing the
register in use to avoid conflict with those compares.

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg-arm: Remove restriction on qemu_ld output register
Richard Henderson [Fri, 30 Aug 2013 16:12:32 +0000 (09:12 -0700)] 
tcg-arm: Remove restriction on qemu_ld output register

The main intent of the patch is to allow the tlb addend register
to be changed, without tying that change to the constraint.  But
the most common side-effect seems to be to enable usage of ldrd
with the r0,r1 pair.

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg-arm: Return register containing tlb addend
Richard Henderson [Fri, 30 Aug 2013 15:45:53 +0000 (08:45 -0700)] 
tcg-arm: Return register containing tlb addend

Preparatory to rescheduling the tlb load, and changing said register.
Continues to use R1 for now.

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg-arm: Move load of tlb addend into tcg_out_tlb_read
Richard Henderson [Fri, 30 Aug 2013 15:16:00 +0000 (08:16 -0700)] 
tcg-arm: Move load of tlb addend into tcg_out_tlb_read

This allows us to make more intelligent decisions about the relative
offsets of the tlb comparator and the addend, avoiding any need of
writeback addressing.

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg-arm: Use QEMU_BUILD_BUG_ON to verify constraints on tlb
Richard Henderson [Wed, 28 Aug 2013 21:40:52 +0000 (14:40 -0700)] 
tcg-arm: Use QEMU_BUILD_BUG_ON to verify constraints on tlb

One of the two constraints we already checked via #if, but
the tlb offset distance was only checked at runtime.

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg-arm: Use strd for tcg_out_arg_reg64
Richard Henderson [Wed, 28 Aug 2013 18:16:16 +0000 (11:16 -0700)] 
tcg-arm: Use strd for tcg_out_arg_reg64

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg-arm: Rearrange slow-path qemu_ld/st
Richard Henderson [Sun, 28 Jul 2013 00:09:47 +0000 (14:09 -1000)] 
tcg-arm: Rearrange slow-path qemu_ld/st

Use the new helper_ret_*_mmu routines.  Use a conditional call
to arrange for a tail-call from the store path, and to load the
return address for the helper for the load path.

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg-arm: Use ldrd/strd for appropriate qemu_ld/st64
Richard Henderson [Sat, 27 Jul 2013 18:42:51 +0000 (08:42 -1000)] 
tcg-arm: Use ldrd/strd for appropriate qemu_ld/st64

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotests: Update .gitignore for test-int128 and test-bitops
Markus Armbruster [Tue, 24 Sep 2013 07:43:40 +0000 (09:43 +0200)] 
tests: Update .gitignore for test-int128 and test-bitops

Forgotten in commit 6046c62 and 3464700.

Cc: qemu-stable@nongnu.org
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years ago.gitignore: ignore tests/qemu-iotests/socket_scm_helper
Fam Zheng [Sun, 22 Sep 2013 12:49:19 +0000 (20:49 +0800)] 
.gitignore: ignore tests/qemu-iotests/socket_scm_helper

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Wenchao Xia<xiawenc@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agochardev: handle qmp_chardev_add(KIND_MUX) failure
Gerd Hoffmann [Fri, 13 Sep 2013 10:48:47 +0000 (12:48 +0200)] 
chardev: handle qmp_chardev_add(KIND_MUX) failure

Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoMerge remote-tracking branch 'kraxel/seabios-1.7.3.2' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:15:27 +0000 (17:15 -0500)] 
Merge remote-tracking branch 'kraxel/seabios-1.7.3.2' into staging

# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/seabios-1.7.3.2:
  update seabios from 1.7.2.2 to 1.7.3.2

Message-id: 1380533055-24960-1-git-send-email-kraxel@redhat.com

8 years agoMerge remote-tracking branch 'kraxel/roms.1' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:15:18 +0000 (17:15 -0500)] 
Merge remote-tracking branch 'kraxel/roms.1' into staging

# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/roms.1:
  roms: add support for building sgabios
  roms: enable parallel seabios / seavgabios builds
  roms: enable ipxe cross builds
  roms: add rules to build slof
  roms: rewrite scripts/refresh-pxe-roms.sh
  roms: parallel ipxe builds
  roms: build lgplvgabios isavga variant
  roms: enable parallel builds for 'make lgplvgabios'
  roms: add 'make clean'

Message-id: 1380532378-22138-1-git-send-email-kraxel@redhat.com

8 years agoMerge remote-tracking branch 'mst/tags/for_anthony' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:15:01 +0000 (17:15 -0500)] 
Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pc,pci,virtio fixes and cleanups

This includes pc and pci cleanups and enhancements,
and a virtio-net bugfix related to softmac programming.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Sun 29 Sep 2013 01:51:16 AM CDT using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By Michael S. Tsirkin (8) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  smbios: Factor out smbios_maybe_add_str()
  smbios: Make multiple -smbios type= accumulate sanely
  smbios: Improve diagnostics for conflicting entries
  smbios: Convert to QemuOpts
  smbios: Normalize smbios_entry_add()'s error handling to exit(1)
  virtio-net: fix up HMP NIC info string on reset
  pci: remove explicit check to 64K ioport size
  piix4: disable io on reset
  piix: use 64 bit window programmed by guest
  q35: use 64 bit window programmed by guest
  pci: add helper to retrieve the 64-bit range
  range: add min/max operations on ranges
  range: add Range to typedefs
  q35: make pci window address/size match guest cfg

Message-id: 1380437951-21788-1-git-send-email-mst@redhat.com

8 years agoMerge remote-tracking branch 'kwolf/for-anthony' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:14:49 +0000 (17:14 -0500)] 
Merge remote-tracking branch 'kwolf/for-anthony' into staging

# By Max Reitz (10) and others
# Via Kevin Wolf
* kwolf/for-anthony: (30 commits)
  qcow2: Remove useless count_contiguous_clusters() parameter
  qcow2: COMPRESSED on count_contiguous_clusters
  qcow2: count_contiguous_clusters and compression
  qcow2: Free only newly allocated clusters on error
  qcow2: Always use error path in l2_allocate
  qcow2: Don't put invalid L2 table into cache
  qemu-iotests: Preallocated zero clusters in 061
  qcow2: Correct bitmap size in zero expansion
  qemu-iotests: Quote $TEST_IMG* and $TEST_DIR usage
  qemu-iotests: Add basic ability to use binary sample images
  qemu-iotests: fix qmp.py search path
  block: use DIV_ROUND_UP in bdrv_co_do_readv
  qcow2: Assert against currently impossible overflow
  block: qed - use QEMU_PACKED for on-disk structures
  block: qcow2 - used QEMU_PACKED for on-disk structures
  block: vpc - use QEMU_PACKED for on-disk structures
  block: vdi - use QEMU_PACKED for on-disk structures
  rbd: avoid qemu_rbd_snap_list() memory leaks
  qdict: Extract qdict_extract_subqdict
  block: Fix compiler warning (-Werror=uninitialized)
  ...

Message-id: 1380296370-14523-1-git-send-email-kwolf@redhat.com

8 years agoMerge remote-tracking branch 'sstabellini/xen-2013-09-25' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:14:10 +0000 (17:14 -0500)] 
Merge remote-tracking branch 'sstabellini/xen-2013-09-25' into staging

# By Anthony PERARD (2) and Liu, Jinsong (2)
# Via Stefano Stabellini
* sstabellini/xen-2013-09-25:
  xen: Enable cpu-hotplug on xenfv machine.
  xen: Fix vcpu initialization.
  qemu: Add qemu xen logic for Xen HVM S3 resume
  qemu: Adjust qemu wakeup

Message-id: alpine.DEB.2.02.1309251749180.5498@kaball.uk.xensource.com

8 years agoMerge remote-tracking branch 'rth/tcg-ppc-pull' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:14:01 +0000 (17:14 -0500)] 
Merge remote-tracking branch 'rth/tcg-ppc-pull' into staging

# By Richard Henderson (19) and Paolo Bonzini (2)
# Via Richard Henderson
* rth/tcg-ppc-pull: (21 commits)
  tcg-ppc64: Implement CONFIG_QEMU_LDST_OPTIMIZATION
  tcg-ppc64: Add _noaddr functions for emitting forward branches
  tcg-ppc64: Streamline tcg_out_tlb_read
  tcg-ppc64: Implement tcg_register_jit
  tcg-ppc64: Handle long offsets better
  tcg-ppc64: Tidy register allocation order
  tcg-ppc64: Look through a constant function descriptor
  tcg-ppc64: Fold constant call address into descriptor load
  tcg-ppc64: Don't load the static chain from TCG
  tcg-ppc64: Avoid code for nop move
  tcg-ppc64: Use tcg_out64
  tcg-ppc64: Use TCG_REG_Rn constants
  tcg-ppc64: More use of TAI and SAI helper macros
  tcg-ppc64: Reformat tcg-target.c
  tcg-ppc: Fix and cleanup tcg_out_tlb_check
  tcg-ppc: Use conditional branch and link to slow path
  tcg-ppc: Cleanup tcg_out_qemu_ld/st_slow_path
  tcg-ppc: Avoid code for nop move
  tcg-ppc: use new return-argument ld/st helpers
  tcg-ppc: fix qemu_ld/qemu_st for AIX ABI
  ...

Message-id: 1380126458-3247-1-git-send-email-rth@twiddle.net

8 years agoMerge remote-tracking branch 'quintela/migration.next' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:13:43 +0000 (17:13 -0500)] 
Merge remote-tracking branch 'quintela/migration.next' into staging

# By Isaku Yamahata (4) and others
# Via Juan Quintela
* quintela/migration.next:
  migration: ram_handle_compressed
  arch_init: make is_zero_page accept size
  migration: Fix debug print type
  migration: add version supporting macros for struct pointer
  rdma: constify ram_chunk_{index, start, end}
  rdma: clean up of qemu_rdma_cleanup()
  arch_init: right return for ram_save_iterate
  savevm: fix wrong initialization by ram_control_load_hook
  savevm: add comments for qemu_file_get_error()

Message-id: 1380024203-25897-1-git-send-email-quintela@redhat.com

8 years agoMerge remote-tracking branch 'kraxel/audio.1' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:13:32 +0000 (17:13 -0500)] 
Merge remote-tracking branch 'kraxel/audio.1' into staging

# By Bandan Das (3) and Gerd Hoffmann (1)
# Via Gerd Hoffmann
* kraxel/audio.1:
  audio: remove CONFIG_MIXEMU configure option
  hda-codec: make mixemu selectable at runtime
  hda-codec: refactor common definitions into a header file
  audio maintainers update

Message-id: 1380011943-15083-1-git-send-email-kraxel@redhat.com

8 years agoMerge remote-tracking branch 'borntraeger/tags/s390-next-20130924' into staging
Anthony Liguori [Mon, 30 Sep 2013 22:13:18 +0000 (17:13 -0500)] 
Merge remote-tracking branch 'borntraeger/tags/s390-next-20130924' into staging

This is a bunch of fixes/changes for the s390 architecture. It also
contains the fixes from the previous pull request, which did not make
it yet.
Overall it contains
- a fix for kexec without kdump (which uses diag308 subcode 0 instead of 1)
- several sclp related fixes
- some initial sclp migration code
- the sclp line mode console
- A fix for a boot problem with the virtio ccw ipl bios
- zeroed out padding bytes for the notes section of dump-guest-memory
- some cleanups

# gpg: Signature made Tue 24 Sep 2013 02:18:44 AM CDT using RSA key ID B5A61C7C
# gpg: Can't check signature: public key not found

# By Christian Borntraeger (6) and others
# Via Christian Borntraeger
* borntraeger/tags/s390-next-20130924:
  s390/sclplmconsole: Add support for SCLP line-mode console
  s390/ebcdic: Move conversion tables to header file
  s390/eventfacility: allow childs to handle more than 1 event type
  s390/eventfacility: remove unused event_type variable
  s390/eventfacility: Fix receive/send masks
  s390/eventfacility: fix multiple Read Event Data sources
  s390/sclp: add reset() functions
  s390/sclpquiesce: Add code to support live migration
  s390/sclpconsole: Add code to support live migration for sclpconsole
  s390/sclpconsole: modify definition of input buffer
  s390/kexec: Implement diag308 subcode 0
  s390/ioinst: Moved the CC setting to the IO instruction handlers
  s390/cpu: Make setcc() function available to other files
  s390/ipl: Update the s390-ccw.img rom
  s390/ipl: Fix waiting for virtio processing
  s390/dump: zero out padding bytes in notes sections
  s390/kvm: Add check for priviledged SCLP handler

Message-id: 1380007671-18976-1-git-send-email-borntraeger@de.ibm.com

8 years agoupdate seabios from 1.7.2.2 to 1.7.3.2
Gerd Hoffmann [Mon, 30 Sep 2013 09:17:57 +0000 (11:17 +0200)] 
update seabios from 1.7.2.2 to 1.7.3.2

'git shortlog d4f7d90f..ece025f5' says:

Alex Williamson (4):
      seabios q35: Enable all PIRQn IRQs at startup
      seabios q35: Add new PCI slot to irq routing function
      seabios: Add a dummy PCI slot to irq mapping function
      pciinit: Enable default VGA device

Asias He (2):
      virtio-scsi: Set _DRIVER_OK flag before scsi target scanning
      virtio-scsi: Pack struct virtio_scsi_{req_cmd,resp_cmd}

Avik Sil (1):
      USB-EHCI: Fix null pointer assignment

Christian Gmeiner (5):
      geodevga: fix errors in geode_fp_* functions
      geodevga: move framebuffer setup
      geodevga: move output setup to own function
      geodevga: add debug to msr functions
      geodevga: fix wrong define name

David Woodhouse (26):
      Add macros for pushing and popping struct bregs
      Clean up #if in pirtable.c. CONFIG_PIRTABLE can't be set if CONFIG_COREBOOT is
      post: Export functions which will be used individually by CSM
      Export callrom() for CSM to use
      Export copy_smbios() from biostables.c
      Import LegacyBios.h from OVMF
      Complete and checksum EFI_COMPATIBILITY16_TABLE at build time
      Add pic_save_mask() and pic_restore_mask() functions
      Add CSM support
      Add README.CSM
      Add find_pmtimer() function
      Enable PMTIMER for CSM build
      Fix rom_reserve()/rom_confirm() for CSM oprom dispatch
      Don't calibrate TSC if PMTIMER is already set up
      Move find_pmtimer() to ACPI table setup where it logically belongs
      Use find_pmtimer() after copying Xen ACPI tables
      Use find_pmtimer() after copying coreboot ACPI tables
      Unify return path for CSM to go via csm_return()
      Make CONFIG_OPTIONROMS_DEPLOYED depend on CONFIG_QEMU
      Implement !CONFIG_OPTIONROMS support for CSM
      Implement !CONFIG_BOOT for CSM
      Enable VGA output when settings bochs-specific mode
      Disable CONFIG_THREAD_OPTIONROMS for CSM build
      Fix return type of le64_to_cpu() and be64_to_cpu()
      Rename find_pmtimer() to find_acpi_features()
      Add acpi_reboot() reset method using RESET_REG

Gerd Hoffmann (6):
      config: allow DEBUG_IO for !QEMU
      coreboot: add qemu detection
      tweak coreboot qemu detection
      apm: fix shutdown
      ahci: add missing check for allocation failure
      fix buildversion.sh

Hu Tao (1):
      Add pvpanic device driver

Kevin O'Connor (101):
      pmm: Use 'struct segoff_s' in pmm header.
      Minor: Update README - variable changes are now reset on soft-reboots.
      Normalize POST initialization function name suffixes.
      POST: Reorganize post init functions for better grouping and reusability.
      Fix rebase error in commit 8a0a972f that broke LOWMEM variables.
      Support calling a function other than maininit() from reloc_preinit().
      Ensure exported symbols are visible in the final link
      POST: Move QEMU specific ramsize and BIOS table setup to paravirt.c.
      POST: Reorganize post entry and "preinit" functions.
      POST: Move cpu caching and dma setup to platform_hardware_setup().
      Undo incorrect assumptions about Xen in commit 6ca0460f.
      Determine century during init and store in VARLOW mem during runtime.
      No need to check both CONFIG_THREADS and CONFIG_THREAD_OPTIONROMS.
      Add runningOnQEMU() and runningOnXen() for runtime platform detection.
      Consistently use CONFIG_COREBOOT, CONFIG_QEMU, and runningOnXen().
      Convert kvm_para_available() to runningOnKVM().
      Minor - move definitions to paravirt.c from paravirt.h.
      Only perform SMP setup on QEMU.
      Start device_hardware_setup in mainint even with CONFIG_THREAD_OPTIONROMS.
      The mathcp setup touches the PIC and thus move to the "setup" phase.
      Update tools/acpi_extract.py to handle iasl 20130117 release.
      Support skipping content when reading from QEMU fw_cfg romfile entries.
      Convert fw_cfg ACPI entries into romfile entries.
      Convert fw_cfg SMBIOS entries into romfile entries.
      Convert basic integer fw_cfg entries into romfile entries.
      Convert fw_cfg NUMA entries into a romfile entry.
      Process fw_cfg e820 entries during the fw_cfg setup stage.
      Integrate qemu_cfg_preinit() into qemu_romfile_init().
      Group QEMU platform setup together and move to paravirt.c.
      vgabios: Bochs/QEMU vgabios support should depend on CONFIG_QEMU.
      Warn on unaligned PCI ROM structure in option roms.
      Fix Makefile - don't reference "out/" directly, instead use "$(OUT)".
      build: Don't require $(OUT) to be a sub-directory of the main directory.
      Rename rom_get_top() to rom_get_max().
      Report on f-segment UMB ram also.
      Clarify build generated "zone low" values.
      Verify CC is valid during build tests.
      Disable handle_post() on CSM builds.
      Remove unnecessary "export" declarations from assembler functions.
      Minor assembler enhancements to __csm_return.
      Introduce VARFSEG for variables that will reside in the f-segment.
      Convert VAR16VISIBLE, VAR16EXPORT, and VAR32VISIBLE to VARFSEG.
      Don't relocate "varlow" variable references at runtime.
      Move malloc's ZoneFSeg and ZoneLow setup to malloc_init.
      Calculate "RamSize" needed by 16bit interface dynamically.
      Eliminate separate BiosTableSpace[] space for f-segment allocations.
      Use CONFIG_ prefix for Kconfig variables; use BUILD_ for others.
      Try to detect an unsuccessful hard-reboot to prevent soft-reboot loops.
      Minor - fix confusing final_sec32low_start name in layoutrom.py.
      Minor - introduce numeric defines for the IVT offset of hw irqs.
      Separate out 16bit PCI-BIOS entry point from regular int 0x1a entry point.
      Support using the "extra stack" for all 16bit irq entry points.
      Minor - improve comments and grouping of handle_08().
      floppy: Introduce 'struct floppy_pio_s' for floppy PIO ops.
      floppy: Cleanup floppy irq wait handling.
      floppy: Clean up Check Interrupt Status code.
      floppy: Move recalibration and results parsing to floppy_cmd().
      floppy: Improve floppy_pio() error checking.
      floppy: Implement media format sensing.
      floppy: Actually do controller reset in floppy_reset().
      Minor - note that passing QEMU config via cmos is deprecated.
      Cache boot-fail-wait to avoid romfile access after POST.
      Rename src/ssdt-susp.dsl to src/ssdt-misc.dsl.
      acpi: Eliminate BDAT parameter passing to DSDT code.
      Add additional dependency checks to Makefile.
      Don't use __FILE__ in virtio-ring.c.
      shadow: Don't use PCIDevices list in make_bios_readonly().
      smm: Don't use PCIDevices list in smm_setup().
      Add VARVERIFY32INIT attribute for variables only available during "init".
      Use VARVERIFY32INIT on global variables that point to "tmp" memory.
      vgabios: Fix stdvga_perform_gray_scale_summing().
      vgabios: Fix cirrus memory clear on mode switch.
      Minor - add missing newline to floppy debug statement.
      Fix bug in NUMA node setup - don't create SRAT if NUMA not present.
      Update README - copy *.aml files for QEMU.
      Add dependencies to vgafixup.py and buildversion.sh scripts.
      Set ZF prior to keyboard read call in check_for_keystroke().
      mptable: Don't describe pci-to-pci bridges.
      mptable: Use same PCI irqs as ACPI code.
      Cleanup QEMU_CFG_NUMA fw_cfg processing - split into two romfile entries.
      Use container_of on romfile entries.
      acpi: Move ACPI table definitions from acpi.c to acpi.h.
      acpi: Remove dead code with descriptions of bit flags.
      acpi: Use cpu_to_leXX() consistently.
      Minor - explicitly close files in buildrom.py.
      Minor - move "tracked memory alloc" code in pmm.c.
      Introduce and convert pmm code to use standard list helpers.
      Minor - relocate code in stacks.c to keep low-level thread code together.
      Introduce helper function have_threads() in stacks.c.
      Convert stacks.c to use standard list manipulation code.
      Convert boot.c to use standard list manipulation code.
      Convert pciinit.c to use standard list manipulation code.
      Convert PCIDevices list to use standard list manipultion code.
      Revert "Convert pciinit.c to use standard list manipulation code."
      Fix error in hlist_for_each_entry_safe macro.
      Convert pciinit.c to use standard list manipulation code.
      make qemu_cfg_init depend on QEMU_HARDWARE instead of QEMU
      Another fix for hlist_for_each_entry_safe.
      Minor - remove debugging dprintf added to pciinit.c.
      Fix USB EHCI detection that was broken in hlist conversion of PCIDevices.
      Fix bug in CBFS file walking with compressed files.

Laszlo Ersek (1):
      Enable VGA output when setting Cirrus-specific mode

Michael S. Tsirkin (2):
      acpi: make default DSDT optional
      acpi: sync FADT flags from PIIX4 to Q35

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoroms: add support for building sgabios
Gerd Hoffmann [Tue, 24 Sep 2013 13:46:52 +0000 (15:46 +0200)] 
roms: add support for building sgabios

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoroms: enable parallel seabios / seavgabios builds
Gerd Hoffmann [Tue, 24 Sep 2013 13:38:28 +0000 (15:38 +0200)] 
roms: enable parallel seabios / seavgabios builds

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoroms: enable ipxe cross builds
Gerd Hoffmann [Mon, 23 Sep 2013 09:05:48 +0000 (11:05 +0200)] 
roms: enable ipxe cross builds

8 years agoroms: add rules to build slof
Gerd Hoffmann [Fri, 20 Sep 2013 12:51:10 +0000 (14:51 +0200)] 
roms: add rules to build slof

Add some logic to detect cross compilers.  Add support for "make slof",
which should JustWork[tm] if you are on a ppx64 machine or have a ppc64
cross compiler installed somewhere in your path.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoroms: rewrite scripts/refresh-pxe-roms.sh
Gerd Hoffmann [Mon, 23 Sep 2013 08:24:10 +0000 (10:24 +0200)] 
roms: rewrite scripts/refresh-pxe-roms.sh

Just use the Makefile in roms/

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoroms: parallel ipxe builds
Gerd Hoffmann [Fri, 20 Sep 2013 13:26:26 +0000 (15:26 +0200)] 
roms: parallel ipxe builds

Enable parallel ipxe builds.  Reduce the recursive make calls.  Call
recursive make properly using $(MAKE) $(MAKEFLAGS).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoroms: build lgplvgabios isavga variant
Gerd Hoffmann [Fri, 20 Sep 2013 12:35:31 +0000 (14:35 +0200)] 
roms: build lgplvgabios isavga variant

Add logic to also build+install the isavga vgabios variant.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoroms: enable parallel builds for 'make lgplvgabios'
Gerd Hoffmann [Fri, 20 Sep 2013 12:29:29 +0000 (14:29 +0200)] 
roms: enable parallel builds for 'make lgplvgabios'

Recurse into vgabios once, adjust dependencies, call make using
$(MAKE) $(MAKEFLAGS) so jobserver mode works.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoroms: add 'make clean'
Gerd Hoffmann [Fri, 20 Sep 2013 13:34:27 +0000 (15:34 +0200)] 
roms: add 'make clean'

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agosmbios: Factor out smbios_maybe_add_str()
Markus Armbruster [Fri, 16 Aug 2013 13:18:32 +0000 (15:18 +0200)] 
smbios: Factor out smbios_maybe_add_str()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
8 years agosmbios: Make multiple -smbios type= accumulate sanely
Markus Armbruster [Fri, 16 Aug 2013 13:18:31 +0000 (15:18 +0200)] 
smbios: Make multiple -smbios type= accumulate sanely

Currently, -smbios type=T,NAME=VAL,... adds one field (T,NAME) with
value VAL to fw_cfg for each unique NAME.  If NAME occurs multiple
times, the last one's VAL is used (before the QemuOpts conversion, the
first one was used).

Multiple -smbios can add multiple fields with the same (T, NAME).
SeaBIOS reads all of them from fw_cfg, but uses only the first field
(T, NAME).  The others are ignored.

"First one wins, subsequent ones get ignored silently" isn't nice.  We
commonly let the last option win.  Useful, because it lets you
-readconfig first, then selectively override with command line
options.

Clean up -smbios to work the common way.  Accumulate the settings,
with later ones overwriting earlier ones.  Put the result into fw_cfg
(no more useless duplicates).

Bonus cleanup: qemu_uuid_parse() no longer sets SMBIOS system uuid by
side effect.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
8 years agosmbios: Improve diagnostics for conflicting entries
Markus Armbruster [Fri, 16 Aug 2013 13:18:30 +0000 (15:18 +0200)] 
smbios: Improve diagnostics for conflicting entries

We allow either tables or fields for the same type.  Makes sense,
because SeaBIOS uses fields only when no tables are present.

We do this by searching the SMBIOS blob for a previously added table
or field.  Error messages look like this:

    qemu-system-x86_64: -smbios type=1,serial=42: SMBIOS type 1 table already defined, cannot add field

User needs to know that "table" is defined by -smbios file=..., and
"field" by -smbios type=...

Instead of searching the blob, record additions of interest, and check
that.  Simpler, and makes better error messages possible:

    qemu-system-x86_64: -smbios file=smbios_type_1.bin: Can't mix file= and type= for same type
    qemu-system-x86_64: -smbios type=1,serial=42,serial=99: This is the conflicting setting

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
8 years agosmbios: Convert to QemuOpts
Markus Armbruster [Fri, 16 Aug 2013 13:18:29 +0000 (15:18 +0200)] 
smbios: Convert to QemuOpts

So that it can be set in config file for -readconfig.

This tightens parsing of -smbios, and makes it more consistent with
other options: unknown parameters are rejected, numbers with trailing
junk are rejected, when a parameter is given multiple times, last
rather than first wins, ...

MST: drop one chunk to fix build errors

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
8 years agosmbios: Normalize smbios_entry_add()'s error handling to exit(1)
Markus Armbruster [Fri, 16 Aug 2013 13:18:28 +0000 (15:18 +0200)] 
smbios: Normalize smbios_entry_add()'s error handling to exit(1)

It exits on all error conditions but one, where it returns -1.
Normalize, and return void.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
8 years agoqcow2: Remove useless count_contiguous_clusters() parameter
Kevin Wolf [Fri, 27 Sep 2013 11:36:11 +0000 (13:36 +0200)] 
qcow2: Remove useless count_contiguous_clusters() parameter

All callers pass start = 0, and it's doubtful if any other value would
actually do what you expect. Remove the parameter.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
8 years agoqcow2: COMPRESSED on count_contiguous_clusters
Max Reitz [Fri, 27 Sep 2013 10:14:16 +0000 (12:14 +0200)] 
qcow2: COMPRESSED on count_contiguous_clusters

Compressed clusters can never be contiguous, therefore the corresponding
flag does not need to be given explicitly to count_contiguous_clusters.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqcow2: count_contiguous_clusters and compression
Max Reitz [Fri, 27 Sep 2013 10:14:15 +0000 (12:14 +0200)] 
qcow2: count_contiguous_clusters and compression

The function is not intended to be used on compressed clusters and will
not work correctly, if used anyway, since L2E_OFFSET_MASK is not the
right mask for determining the offset of compressed clusters. Therefore,
assert that the first cluster is not compressed and always include the
compression flag in the mask of significant flags, i.e., stop the search
as soon as a compressed cluster occurs.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqcow2: Free only newly allocated clusters on error
Max Reitz [Fri, 27 Sep 2013 08:21:48 +0000 (10:21 +0200)] 
qcow2: Free only newly allocated clusters on error

In expand_zero_clusters_in_l1, a new cluster is only allocated if it was
not already preallocated. On error, such preallocated clusters should
not be freed, but only the newly allocated ones.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqcow2: Always use error path in l2_allocate
Max Reitz [Wed, 25 Sep 2013 14:37:20 +0000 (16:37 +0200)] 
qcow2: Always use error path in l2_allocate

Just returning -errno in some cases prevents
trace_qcow2_l2_allocate_done from being executed (and, in one case, also
the unused allocated L2 table from being freed). Always going down the
error path fixes this.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqcow2: Don't put invalid L2 table into cache
Max Reitz [Wed, 25 Sep 2013 14:37:18 +0000 (16:37 +0200)] 
qcow2: Don't put invalid L2 table into cache

In l2_allocate, the fail path is executed if qcow2_cache_flush fails.
However, the L2 table has not yet been fetched from the L2 table cache.
The qcow2_cache_put in the fail path therefore basically gives an
undefined argument as the L2 table address (in this case).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqemu-iotests: Preallocated zero clusters in 061
Max Reitz [Wed, 25 Sep 2013 10:07:23 +0000 (12:07 +0200)] 
qemu-iotests: Preallocated zero clusters in 061

Add a test case for zero cluster expansion on an image completely filled
with preallocated zero clusters to test 061.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqcow2: Correct bitmap size in zero expansion
Max Reitz [Wed, 25 Sep 2013 10:07:22 +0000 (12:07 +0200)] 
qcow2: Correct bitmap size in zero expansion

Since the expanded_clusters bitmap is addressed using host offsets in
the underlying image file, the correct size to use for allocating the
bitmap is not determined by the guest disk image but by the underlying
host image file.

Furthermore, this size may change during the expansion due to cluster
allocations on growable image files. In this case, the bitmap needs to
be resized as well to reflect the growth.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqemu-iotests: Quote $TEST_IMG* and $TEST_DIR usage
Jeff Cody [Wed, 25 Sep 2013 12:12:22 +0000 (08:12 -0400)] 
qemu-iotests: Quote $TEST_IMG* and $TEST_DIR usage

A lot of image filename and paths are used unquoted.  Quote these to
make sure that directories / filenames with spaces are not problematic.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqemu-iotests: Add basic ability to use binary sample images
Jeff Cody [Wed, 25 Sep 2013 12:12:20 +0000 (08:12 -0400)] 
qemu-iotests: Add basic ability to use binary sample images

For image formats that are not "QEMU native", but supported for
compatibility, it is useful to verify that an image created with
the 'gold standard' native tool can be read / written to successfully
by QEMU.

In addition to testing non-native images, this could also be useful to
test against image files created by older versions of QEMU.

This provides a directory to store small sample images, for use by
scripts in tests/qemu-iotests.

Image files should be compressed with bzip2.

To use a sample image from a bash script, the _use_sample_img function
will copy and decompress the image into $TEST_DIR, and set $TEST_IMG to
be the decompressed sample image copy.  To cleanup, call
_cleanup_test_img as normal.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqemu-iotests: fix qmp.py search path
Fam Zheng [Thu, 26 Sep 2013 11:57:34 +0000 (19:57 +0800)] 
qemu-iotests: fix qmp.py search path

QMP/qmp.py is renamed to scripts/qmp/qmp.py, fix the search path in iotests.py.

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock: use DIV_ROUND_UP in bdrv_co_do_readv
Fam Zheng [Thu, 26 Sep 2013 11:55:33 +0000 (19:55 +0800)] 
block: use DIV_ROUND_UP in bdrv_co_do_readv

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqcow2: Assert against currently impossible overflow
Max Reitz [Wed, 25 Sep 2013 15:48:55 +0000 (17:48 +0200)] 
qcow2: Assert against currently impossible overflow

If qcow2_alloc_cluster_link_l2 is called with a QCowL2Meta describing a
request crossing L2 boundaries, a buffer overflow will occur. This is
impossible right now since such requests are never generated (every
request is shortened to L2 boundaries before) and probably also
completely unintended (considering the name "QCowL2Meta"), however, it
is still worth an assertion.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agomisc: Use new rotate functions
Stefan Weil [Thu, 12 Sep 2013 19:13:13 +0000 (21:13 +0200)] 
misc: Use new rotate functions

Signed-off-by: Stefan Weil <sw@weilnetz.de>
8 years agobitops: Add rotate functions (rol8, ror8, ...)
Stefan Weil [Thu, 12 Sep 2013 19:13:12 +0000 (21:13 +0200)] 
bitops: Add rotate functions (rol8, ror8, ...)

These functions were copies from include/linux/bitopts.h.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
8 years agotci: Add implementation of rotl_i64, rotr_i64
Stefan Weil [Thu, 12 Sep 2013 19:13:11 +0000 (21:13 +0200)] 
tci: Add implementation of rotl_i64, rotr_i64

It is used by qemu-ppc64 when running Debian's busybox-static.

Cc: qemu-stable <qemu-stable@nongnu.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
8 years agoblock: qed - use QEMU_PACKED for on-disk structures
Jeff Cody [Wed, 25 Sep 2013 16:08:51 +0000 (12:08 -0400)] 
block: qed - use QEMU_PACKED for on-disk structures

QEDHeader is read, and written, directly from on-disk images
via bdrv_pread()/write().  To avoid any unintentional padding,
these structs should be packed.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock: qcow2 - used QEMU_PACKED for on-disk structures
Jeff Cody [Wed, 25 Sep 2013 16:08:50 +0000 (12:08 -0400)] 
block: qcow2 - used QEMU_PACKED for on-disk structures

QCowHeader and QCowExtension are structs that reside in the on-disk
image format, and are read and written directly via bdrv_pread()/write(),
and as such should be packed to avoid any unintentional struct padding.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock: vpc - use QEMU_PACKED for on-disk structures
Jeff Cody [Wed, 25 Sep 2013 16:08:49 +0000 (12:08 -0400)] 
block: vpc - use QEMU_PACKED for on-disk structures

The VHD footer and header structs (vhd_footer and vhd_dyndisk_header)
are on-disk structures for the image format, and as such should be
packed.

Go ahead and make these typedefs as well, with the preferred QEMU
naming convention, so that the packed attribute is used consistently
with the struct.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock: vdi - use QEMU_PACKED for on-disk structures
Jeff Cody [Wed, 25 Sep 2013 16:08:48 +0000 (12:08 -0400)] 
block: vdi - use QEMU_PACKED for on-disk structures

The header struct VdiHeader is an on-disk structure for the image
format, and as such should be packed.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoxen: Enable cpu-hotplug on xenfv machine.
Anthony PERARD [Wed, 25 Sep 2013 16:43:12 +0000 (16:43 +0000)] 
xen: Enable cpu-hotplug on xenfv machine.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
8 years agoxen: Fix vcpu initialization.
Anthony PERARD [Wed, 25 Sep 2013 16:41:48 +0000 (16:41 +0000)] 
xen: Fix vcpu initialization.

Each vcpu need a evtchn binded in qemu, even those that are
offline at QEMU initialisation.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
8 years agoqemu: Add qemu xen logic for Xen HVM S3 resume
Liu, Jinsong [Wed, 25 Sep 2013 16:40:23 +0000 (16:40 +0000)] 
qemu: Add qemu xen logic for Xen HVM S3 resume

This patch is qemu patch 2 to fix Xen HVM S3 bug, adding qemu
xen logic. When qemu wakeup, qemu xen logic is notified and
hypercall to xen hypervisor to unpause domain.

Signed-off-by: Liu Jinsong <jinsong.liu@intel.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>