Commit Graph

49975 Commits

Author SHA1 Message Date
Stefan Hajnoczi 82ecffa8c0 Open 2.9 development tree
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-20 16:20:16 +00:00
Stefan Hajnoczi 0737f32daf Update version for v2.8.0 release
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-20 16:16:42 +00:00
Stefan Hajnoczi 6a928d25b6 Update version for v2.8.0-rc4 release
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-15 07:36:03 +00:00
Maxime Coquelin 66d1c4c19f virtio-pci: Fix cross-version migration with older machines
This patch fixes a cross-version migration regression introduced
by commit d1b4259f ("virtio-bus: Plug devices after features are
negotiated").

The problem is encountered when host's vhost backend does not support
VIRTIO_F_VERSION_1, and migration is initiated from a v2.7 or prior
machine with virtio-pci modern capabilities enabled to a v2.8 machine.

In this case, modern capabilities get exposed to the guest by the source,
whereas the target will detect version 1 is not supported so will only
expose legacy capabilities.

The problem is fixed by introducing a new "x-ignore-backend-features"
property, which is set in v2.7 and prior compatibility modes. Doing this,
v2.7 machine keeps its broken behaviour (enabling modern while version
is not supported), and newer machines will behave correctly.

Reported-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Message-id: 20161214163035.3297-1-maxime.coquelin@redhat.com
Suggested-by: Stefan Hajnoczi <stefanha@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Tested-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-15 07:35:19 +00:00
Stefan Hajnoczi d70678a538 po: add missing translations in de, fr, it, zh
There are missing translations for the new "Copy" menu item.

The following people provided them to me on IRC just in time for the
QEMU 2.8 release:

 * de_DE - Stefan Hajnoczi <stefanha@redhat.com>
 * fr_FR - Laurent Vivier <laurent@vivier.eu>
 * it    - Pino Toscano <ptoscano@redhat.com>
 * zh_CN - Fam Zheng <famz@redhat.com>

[Removed spurious space in zh_CN "Copy" translation that Fam Zheng
pointed out.
--Stefan]

Reported-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20161214144713.11009-1-stefanha@redhat.com
Cc: Fam Zheng <famz@redhat.com>
Cc: Pino Toscano <ptoscano@redhat.com>
Cc: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-14 18:47:19 +00:00
Stefan Hajnoczi a08156321a ui/gtk: fix "Copy" menu item segfault
The "Copy" menu item copies VTE terminal text to the clipboard.  This
only works with VTE terminals, not with graphics consoles.

Disable the menu item when the current notebook page isn't a VTE
terminal.

This patch fixes a segfault.  Reproducer: Start QEMU and click the Copy
menu item when the guest display is visible.

Reported-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20161214142518.10504-1-stefanha@redhat.com
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-14 18:46:21 +00:00
Stefan Hajnoczi 3753c75db8 Update language files for QEMU 2.8.0
Update translation files (change created via 'make -C po update').

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Message-id: 20161213214917.6436-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-14 12:32:06 +00:00
Stefan Hajnoczi a92f7fe5a8 Update version for v2.8.0-rc3 release
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 23:26:04 +00:00
Eric Blake 4230e5d128 qapi: Document introduction of gluster's 'debug' option
We intentionally renamed 'debug-level' to 'debug' in the QMP
schema for 'blockdev-add' related to gluster, in order to
match the command line (commit 1a417e46).  However, since
'debug-level' was visible in 2.7, that means that we should
document that 'debug' was not available until 2.8.

The change was intentional because 'blockdev-add' itself
underwent incompatible changes (such as commit 0153d2f) for
the same release; our intent is that after 2.8, these
interfaces will now be stable.  [In hindsight, we should have
used the name x-blockdev-add when we first introduced it]

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 20161206182020.25736-1-eblake@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 20:22:03 +00:00
Peter Maydell a9353fe897 exec.c: Fix breakpoint invalidation race
A bug (1647683) was reported showing a crash when removing
breakpoints.  The reproducer was bisected to 3359baad when tb_flush
was finally made thread safe.  While in MTTCG the locking in
breakpoint_invalidate would have prevented any problems, but
currently tb_lock() is a NOP for system emulation.

The race is between a tb_flush from the gdbstub and the
tb_invalidate_phys_addr() in breakpoint_invalidate().

Ideally we'd have actual locking here; for the moment the
simple fix is to do a full tb_flush() for a bp invalidate,
since that is thread-safe even if no lock is taken.

Reported-by: Julian Brown <julian@codesourcery.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1481047629-7763-1-git-send-email-peter.maydell@linaro.org
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 20:21:46 +00:00
Eric Blake d750c3a966 qapi: Document DEVICE_TRAY_MOVED addition
Commit 2d76e72 failed to add a versioning tag to 'id'.

I audited all qapi*.json files from v2.7.0 to the current
state of the tree, and didn't find any other additions where
we failed to use a version tag.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20161206160345.22425-1-eblake@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 20:18:38 +00:00
Changlong Xie b5b7b5deb4 tests/.gitignore: Ignore test-char
[Lin Ma <lma@suse.com> notes that commit ea3af47d added test for chardev
unit tests, but didn't add the name of generated binary in .gitignore.
--Stefan]

Signed-off-by: Changlong Xie <xiecl.fnst@cn.fujitsu.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 1478494765-13233-1-git-send-email-xiecl.fnst@cn.fujitsu.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 20:05:49 +00:00
Stefan Hajnoczi 68701de136 Block layer patches for 2.8.0-rc3
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJYRs7XAAoJEH8JsnLIjy/W5ScP/0ukNPAUUYGnU5dIj6q20kRk
 kIhEDZXNRMqT9qhSypi5ivOc/HDIXBUM5jsuAPHTK/JxMWeAFCwOwKXzKLPEZ9iG
 nA5UGMST4uwwB0bANUAyweGIHdTIfhgN2dgLKvKIsbeTNmCyMaJieZ29fkVbNKyS
 msOFmaVn+nm4rgE/q7HXtg/hUdjuoaEOsWsJ7YY3Bj8kgQR/H8iPCvNCl3YWGwIW
 9vXQL25QUaQbBWinA+rHhHiGPAK2GzitVry3fQGch5j4OqpXYt3IQTSqXZMQLHcT
 zUwcx99C16hG9R7sjhNuto+lMuw6qtK75s/7PGpjw8aQFwYR5ITAyB369dxmrGqc
 1bBPsRCXfhWku/4wMzrj4fO7iszMadBIzChwk+IsCRNAWHFGoc9VHvk3mdT4puBB
 2W4JlOzGY/FD/rQRetGGmGN09HheRZ5sW7o9DoUoGBLCk1llIrVs/fKtHLDtx1T9
 sNe5e7EYdNufBTpy7p/75nRMyYlVlENJW/A+nw2pvsEZjU9LAdWqEEfmU1OU1rdl
 TEZxBZQtPq0ZkfQIV6mPUFBhE3e8EbB573jJaD2P8StpR6jCFRZlU2hkW4c7FnZ1
 pUfc8PJFP4Bo6CaNy7PMUCUHD7z8eZP/BFndODAgBFm2WAxN2tsRrfPDWh23huZV
 k9+VZFjeT2jz+mHtRCbA
 =9y67
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'kwolf/tags/for-upstream' into staging

Block layer patches for 2.8.0-rc3

# gpg: Signature made Tue 06 Dec 2016 02:44:39 PM GMT
# gpg:                using RSA key 0x7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* kwolf/tags/for-upstream:
  qcow2: Don't strand clusters near 2G intervals during commit

Message-id: 1481037418-10239-1-git-send-email-kwolf@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 17:35:29 +00:00
Eric Blake a3e1505dae qcow2: Don't strand clusters near 2G intervals during commit
The qcow2_make_empty() function is reached during 'qemu-img commit',
in order to clear out ALL clusters of an image.  However, if the
image cannot use the fast code path (true if the image is format
0.10, or if the image contains a snapshot), the cluster size is
larger than 512, and the image is larger than 2G in size, then our
choice of sector_step causes problems.  Since it is not cluster
aligned, but qcow2_discard_clusters() silently ignores an unaligned
head or tail, we are leaving clusters allocated.

Enhance the testsuite to expose the flaw, and patch the problem by
ensuring our step size is aligned.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-12-06 15:37:02 +01:00
Stefan Hajnoczi ce1f3e88f8 -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJYRiFXAAoJEO8Ells5jWIRRMwH/3KGW5OpVexmS4sYD/jM+k+0
 61UqThlKEdxcvgfJAFqnO+xmmq41ScAwGyweWwehrIJjcMXXsX1AGpEydxAchfIq
 4nmV7+Xmvkdr0fOBxcbDFoLWnPevdQgCyL3a1QJn6WQsXa5NTP/H14KtuMtdA68e
 eda19TnXiHx+rJwtg4+jbXKcmwYGSs1mA7PE+StB83KY6cNrqd8tESzmQmbAdkTj
 r2zqg7zhQvj6iaE4PPZK4/tlM817zaLnqRVOfHbwlHqUW4K3N4osUvWQMfRe5gg5
 /TpeE4JgLp6wbRh5Gxv2dKicFyD7KHLXkJrlEx9o9JQ/pIP/COiDhFW5zDAmh3M=
 =izsw
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'jasowang/tags/net-pull-request' into staging

# gpg: Signature made Tue 06 Dec 2016 02:24:23 AM GMT
# gpg:                using RSA key 0xEF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* jasowang/tags/net-pull-request:
  fsl_etsec: Fix various small problems in hexdump code
  fsl_etsec: Pad short payloads with zeros
  net: mcf: check receive buffer size register value

Message-id: 1480991552-14360-1-git-send-email-jasowang@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 10:24:24 +00:00
Stefan Hajnoczi 8a04c80f9f -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJYRdyFAAoJEL2+eyfA3jBXmeMP/3YEOj1SJV/k435gP8kKsb9S
 fVQtgqLbbYVy5dDbLh3Puuug67W2zVNer8qbwWTfODv4ZAhrTQHRBrnsQshoQRUI
 8v+GirupIIVbKScC7ziChxrvh0FsyE6EgOGY9MsA5kyGMcjhRPDkEvW0KzQ3tfNL
 MXmQJayxg2hG/wMRSA4LN87BftFWH5s6MXiEnc4VwlCoZj5ar5fCIow5698as8Mu
 +mE/APknbDFmxzsUnc5H/vAd76YyVdtMAKrgHvs7iow7YKLTAxbpRrHLM/66UdFF
 4lGqYAGxEMOtb2Ypx1P9TJdigADqE9sBFZJcHoxmjWs0fr3r57SLHuKA+5l4QwQE
 j8JCCNYQKvgnnVgNsvy8fNLZg0glq/ySlfMowrBmtEGegb7uG+/ctb2GUOHOPVKa
 CJMRqsBpDWimnPAQPG+SdHYTAh23VlwJUUK7dZW+X+Xb4JneZEdSxHre1qum/TQf
 dMzlHAmwljif5eJefiX+zX+bRkfwJYfT1wbtBjd8i0kjKhxmduqE8uNmPju2R1cK
 cTiFroI5wrw15GTxHaG4K/aiDhnlQGFV6hfAixQuZQVHDv7XMVfKpDEqmTnxyydf
 PrDGUToLHgM626OZ4jOJuskAhkEWEPDR07VzhnazNZtFxuL7Y82JoqeA3s4wz72r
 7AGfWj14YP/cn/T9GmsT
 =KIAo
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'jtc/tags/block-pull-request' into staging

# gpg: Signature made Mon 05 Dec 2016 09:30:45 PM GMT
# gpg:                using RSA key 0xBDBE7B27C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg:                 aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg:                 aka "Jeffrey Cody <codyprime@gmail.com>"
# Primary key fingerprint: 9957 4B4D 3474 90E7 9D98  D624 BDBE 7B27 C0DE 3057

* jtc/tags/block-pull-request:
  qemu-doc: update gluster protocol usage guide
  block/nfs: fix QMP to match debug option
  block/gluster: fix QMP to match debug option

Message-id: 1480973521-28945-1-git-send-email-jcody@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 09:55:57 +00:00
Stefan Hajnoczi 5d3074f0db target-arm queue:
* fix gen_load_exclusive handling of ldaxp
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJYRaqfAAoJEDwlJe0UNgzeoz4P/15CjtKAli9d+8YLDgx0wPSD
 cA/srw5WoYzIx5NmE+CJRRBRjbuVEZ6lh6e5wXHCufjRy7POYNATB9p1WHvPVzB+
 DUJrlXoBFTRkHZd+1IeKp7+20sh1J7CntPWkJXmm30gIQCTVx6sA28bPrRm7ZyEx
 NA1/fc/+iFYLcI3fJdF4V6t8d67rQn1ZKz9WVtoZIdmvnXaNY3Y/NV2iVcaQ0Qlx
 YxW2I2E75awqOT7x3QB3+TW0JtOdL8d+KjDkNm3CdhLjMqMnq41TajWHBVHfqZtH
 76n6UmgQqHnG3zfCkUCutIyHa8YL2MHuj/UPSheLgEAvzONBb6XcqbUURykmH2y1
 qtTR4H6SfjPzeaZ89Rg1dnaX6YJJ9F2dZEQ3npQ6KKAMashYBSVxzsa6wrijE0y0
 MPfDO4zuYEzuo7UCKmMP6OZ59O9l8LxE2aDZcg5ymwfhYnQyewx5pHNjWeM1telp
 Za9G79K/zfA45z1rafYQaq3RCs/JR6wRIc1U9Ycrbi/aQheuuG0RcYwexkIf7DYb
 JCa4S0eMyR/uWOnnSVoJOGiZChpIP+nVP8I+sPIuUSTZhIzfMnMDtSqTUzq0QE8d
 OrU0GJDFraU46l4F3I2tSBEf4A1iVM3PDQiEtdA6LJd4EuveXoEgcjqZQqY0XeQD
 yuMT/OoXcs0umJqnVBt+
 =S7y9
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'pm215/tags/pull-target-arm-20161205' into staging

target-arm queue:
 * fix gen_load_exclusive handling of ldaxp

# gpg: Signature made Mon 05 Dec 2016 05:57:51 PM GMT
# gpg:                using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* pm215/tags/pull-target-arm-20161205:
  target-arm/translate-a64: fix gen_load_exclusive

Message-id: 1480960775-5002-1-git-send-email-peter.maydell@linaro.org
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 09:51:41 +00:00
Stefan Hajnoczi 8a844b2603 QAPI patches for 2016-12-05
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJYRZjRAAoJEDhwtADrkYZTHRUP/0BdbRWckRFXD328qxUq2CwR
 GpZHqlsLme9OZk4DbPE0k4ZFtAzZzOvXZjMM3qGxE1VR28dwwBnGhBzubtFLGiDM
 MPx/r2JurFiOppi5K6D5YcHYyIjOEt6/W7GrS44dVXRal//+4rM89M0xeUpxOuXs
 H9IyeBHqa3ItTS3XmseXvnLh3o8EdiHXnk4ENXWHsywKK3AhZhZFDKEoyG0B6SHE
 LK8tSilKz1Ik87xtjvRVZ/ga7hpG1NCyCWepVfJYDaw5AHUZd3fuhBaP3GuIPCDC
 Q9mUAchBhokbtaw/DBtd+Tovfc7id/ETxoAN9LA5KsGl6RwpC7f1jH/jmCWJgyIg
 HzzEMLCVo4KUlc6iVgle+t6LrMuaH284Ji6roLdWiZ91SFKKezG4ydSdA7IXQavs
 VHrbyvHq4uFYnHVcn+h+qN/x//cJ5E505KwxpAXBBpzj5R8HE2JwsB45jN3yIKUR
 aIeVJJkQRtxg47gX0PTjvbk1B6n4Mi3xunw0MDlcdMLFNlAonoovxXzuEOraZ66n
 0K6L11IHFJeShG5TA38wUSOFDkWvOkc5I9lgQHPPLa0zPXnmYo2GkwG3LNa0DtxI
 qZ7Wr5SmRwIoGrh3jZe1QZwIyDUNdZzbu8ObCvpWxFknWrl/JW4tU4qkv1HSgKQL
 A2isqdRfKYVXqkamGAf+
 =vFAX
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'armbru/tags/pull-qapi-2016-12-05' into staging

QAPI patches for 2016-12-05

# gpg: Signature made Mon 05 Dec 2016 04:41:53 PM GMT
# gpg:                using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* armbru/tags/pull-qapi-2016-12-05:
  qapi: add missing colon-ending for section name
  qapi: use one symbol per line
  qapi: fix various symbols mismatch in documentation
  qapi: fix missing symbol @prefix
  qapi: fix schema symbol sections
  qga/schema: fix double-return in doc
  tests: Avoid qobject_from_jsonf("%"PRId64)
  test-qga: Avoid qobject_from_jsonv("%"PRId64)
  qmp-event: Avoid qobject_from_jsonf("%"PRId64)

Message-id: 1480956313-31322-1-git-send-email-armbru@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 09:49:51 +00:00
Stefan Hajnoczi e24f095e44 qxl: fix flickering.
cirrus: avoid devision by zero.
 virtio-gpu: fix two leaks.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJYRUexAAoJEEy22O7T6HE4qUcQAJVIgTcP1BjPep0nRWo0+/y3
 +4O3x65CeTRNnfKhWyIPtFguc6qONWpp8zzZF6QVjx40on6qfgx2oXI9dUO30E5L
 s3Kzh+6OksWvBbWPxzTJk5IY0hWSwx+8T/4z+XaRwgt42vJwwojPetEMXamB66lA
 ElyH6ch8nBfnemBYOFbcNl4OVle8FA1S9VllBmsTAPIEeVt4C4Vp/8v/Fp+ntO2h
 YfpJgzxbW5ANaYdUEjLeyk++s7uD6y3drPcCeqvAbxS/bGiRzIA30bRAy4Wt0p8P
 /rU7Imk5aYK2/3ER7pxEZZD2/uj7XeIt9d1mNPyt6hoKDvR6PkERVIBb3h4B9MBq
 Yw/jFncYfe5lTeozgdow4iSTAKD7gAp0C9wuuFfB4CGRVXW2PZOjTKcZ5F9vlv9/
 vept0CiLI8gup34HZlxalU04EIOIgqywh3DU/Wo1QSchtlAEvQZwSL1n6pb7RlCE
 SmRvGClPwHg/bCDcR+yCZOUjJv0ULXW5gnf8JTDJiHppaZ/ZhSVlV0P7hEqZLz3n
 eWKWfNmqbhb7Y4ubrpuMbuzi13OTga7+TnXuquh7NpI+uu1buZ53jcGMF1SjKuxq
 b2ZalyMb2TE+86Fwjr5OmdPpfzLZqlTLa6e+Zw4iGSkdylR+XEogmiG5H+JMDDmX
 /F6kvG/LpC6ekfYn+2id
 =CU8H
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'kraxel/tags/pull-vga-20161205-1' into staging

qxl: fix flickering.
cirrus: avoid devision by zero.
virtio-gpu: fix two leaks.

# gpg: Signature made Mon 05 Dec 2016 10:55:45 AM GMT
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* kraxel/tags/pull-vga-20161205-1:
  display: cirrus: check vga bits per pixel(bpp) value
  virtio-gpu: fix memory leak in update_cursor_data_virgl
  virtio-gpu: fix information leak in getting capset info dispatch
  qxl: Only emit QXL_INTERRUPT_CLIENT_MONITORS_CONFIG on config changes

Message-id: 1480935840-3961-1-git-send-email-kraxel@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-06 09:38:39 +00:00
Andrey Smirnov 9f5832d34b fsl_etsec: Fix various small problems in hexdump code
Fix various small problems in hexdump code, such as:
    - Reference to non-existing field etsec->nic->nc.name is replaced
    with nc->name

    - Type mismatch warnings

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-12-06 10:23:50 +08:00
Prasanna Kumar Kalever 76b5550f70 qemu-doc: update gluster protocol usage guide
Document:
1. The new debug and logfile options with their usages
2. New json format and its usage and
3. update "GlusterFS, Device URL Syntax" section in "Invocation"

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-12-05 16:30:29 -05:00
Prasanna Kumar Kalever 7103d9165b block/nfs: fix QMP to match debug option
The QMP definition of BlockdevOptionsNfs:
{ 'struct': 'BlockdevOptionsNfs',
  'data': { 'server': 'NFSServer',
            'path': 'str',
            '*user': 'int',
            '*group': 'int',
            '*tcp-syn-count': 'int',
            '*readahead-size': 'int',
            '*page-cache-size': 'int',
            '*debug-level': 'int' } }

To make this consistent with other block protocols like gluster, lets
change s/debug-level/debug/

Suggested-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-12-05 16:30:21 -05:00
Prasanna Kumar Kalever 1a417e46ae block/gluster: fix QMP to match debug option
The QMP definition of BlockdevOptionsGluster:
{ 'struct': 'BlockdevOptionsGluster',
  'data': { 'volume': 'str',
            'path': 'str',
            'server': ['GlusterServer'],
            '*debug-level': 'int',
            '*logfile': 'str' } }

But instead of 'debug-level we have exported 'debug' as the option for choosing
debug level of gluster protocol driver.

This patch fix QMP definition BlockdevOptionsGluster
s/debug-level/debug/

Suggested-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-12-05 16:30:15 -05:00
Alex Bennée 5460da501a target-arm/translate-a64: fix gen_load_exclusive
While testing rth's latest TCG patches with risu I found ldaxp was
broken. Investigating further I found it was broken by 1dd089d0 when
the cmpxchg atomic work was merged. As part of that change the code
attempted to be clever by doing a single 64 bit load and then shuffle
the data around to set the two 32 bit registers.

As I couldn't quite follow the endian magic I've simply partially
reverted the change to the original code gen_load_exclusive code. This
doesn't affect the cmpxchg functionality as that is all done on in
gen_store_exclusive part which is untouched.

I've also restored the comment that was removed (with a slight tweak
to mention cmpxchg).

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Richard Henderson <rth@twiddle.net>
Message-id: 20161202173454.19179-1-alex.bennee@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-12-05 17:52:01 +00:00
Marc-André Lureau 5072f7b38b qapi: add missing colon-ending for section name
The documentation parser we are going to add expects a section name to
end with ':', otherwise the comment is treated as free-form text body.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20161117155504.21843-9-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:41:38 +01:00
Marc-André Lureau 9f2a70e465 qapi: use one symbol per line
The documentation parser we are going to add only handles a single
symbol per line.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20161117155504.21843-8-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:41:38 +01:00
Marc-André Lureau 4d5c8bc42f qapi: fix various symbols mismatch in documentation
There are various mismatch:
- invalid symbols
- section and member symbols mismatch
- enum or union values vs 'type'

The documentation parser catches all these cases.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20161117155504.21843-7-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:41:37 +01:00
Marc-André Lureau c5927e7abf qapi: fix missing symbol @prefix
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20161117155504.21843-6-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:41:37 +01:00
Marc-André Lureau 49687ace02 qapi: fix schema symbol sections
According to docs/qapi-code-gen.txt, there needs to be '##' to start a
and end a symbol section, that's also what the documentation parser
expects.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20161117155504.21843-5-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:41:37 +01:00
Marc-André Lureau 95cd8fd909 qga/schema: fix double-return in doc
guest-get-memory-block-info documentation should have only one
"Returns:".

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20161117155504.21843-3-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:41:37 +01:00
Eric Blake 29a6731afb tests: Avoid qobject_from_jsonf("%"PRId64)
The qobject_from_jsonf() function implements a pseudo-printf
language for creating a QObject; however, it is hard-coded to
only parse a subset of formats understood by -Wformat, and is
not a straight synonym to bare printf().  In particular, any
use of an int64_t integer works only if the system's
definition of PRId64 matches what the parser expects; which
works on glibc (%lld or %ld depending on 32- vs. 64-bit) and
mingw (%I64d), but not on Mac OS (%qd).  Rather than enhance
the parser, it is just as easy to force the use of int (where
the value is small enough) or long long instead of int64_t,
which we know always works.

This should cover all remaining testsuite uses of
qobject_from_json[fv]() that were trying to rely on PRId64,
although my proof for that was done by adding in asserts and
checking that 'make check' still passed, where such asserts
are inappropriate during hard freeze.  A later series in 2.9
may remove all dynamic JSON parsing, but that's a bigger task.

Reported by: G 3 <programmingkidx@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1479922617-4400-4-git-send-email-eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Rename value64 to value_ll]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:09:34 +01:00
Eric Blake 1792d7d0a2 test-qga: Avoid qobject_from_jsonv("%"PRId64)
The qobject_from_jsonv() function implements a pseudo-printf
language for creating a QObject; however, it is hard-coded to
only parse a subset of formats understood by -Wformat, and is
not a straight synonym to bare printf().  In particular, any
use of an int64_t integer works only if the system's
definition of PRId64 matches what the parser expects; which
works on glibc (%lld or %ld depending on 32- vs. 64-bit) and
mingw (%I64d), but not on Mac OS (%qd).  Rather than enhance
the parser, it is just as easy to use normal printf() for
this particular conversion, matching what is done elsewhere
in this file [1], which is safe in this instance because the
format does not contain any of the problematic differences
(bare '%' or the '%s' format).

The use of PRId64 for a variable named 'pid' is gross, but it
is a sad reality of the 64-bit mingw environment, which
mistakenly defines pid_t as a 64-bit type even though getpid()
returns 'int' on that platform [2].  Our definition of the
QGA GuestExec type defines 'pid' as a 64-bit entity, and we
can't tighten it to 'int32' unless the mingw header is fixed.
Using 'long long' instead of 'int64_t' just so that we can
stick with qobject_from_jsonv("%lld") instead of printf() is
not any prettier, since we may have later type churn anyways.

[1] see 'git grep -A2 strdup_printf tests/test-qga.c'
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1397787

Reported by: G 3 <programmingkidx@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1479922617-4400-3-git-send-email-eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:09:34 +01:00
Eric Blake 043b5a4951 qmp-event: Avoid qobject_from_jsonf("%"PRId64)
The qobject_from_jsonf() function implements a pseudo-printf
language for creating a QObject; however, it is hard-coded to
only parse a subset of formats understood by -Wformat, and is
not a straight synonym to bare printf().  In particular, any
use of an int64_t integer works only if the system's
definition of PRId64 matches what the parser expects; which
works on glibc (%lld or %ld depending on 32- vs. 64-bit) and
mingw (%I64d), but not on Mac OS (%qd).  Rather than enhance
the parser, it is just as easy to use 'long long', which we
know always works.  There are few enough callers of
qobject_from_json[fv]() that it is easy to audit that this is
the only non-testsuite caller that was actually relying on
this particular conversion.

Reported by: G 3 <programmingkidx@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1479922617-4400-2-git-send-email-eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Cast tv.tv_sec, tv.tv_usec to long long for type correctness]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-12-05 17:09:34 +01:00
Stefan Hajnoczi bc66cedb41 MIPS patches 2016-12-04
Changes:
 * Fix Loongson instructions
 * Fix bad shifts in {dextp|dextpdp}
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.5 (GNU/Linux)
 
 iQIVAwUAWENz2iI464bV95fCAQLnXA/+Oaem/96FtluFasdihj8S2IA416JL+eu3
 cuSh/SV7gkJ7Y1eXNJoKzX43F5yVMq72jXkva5EImRvUAWROgx4p8JkGCfn4APWo
 2PKJiUupKpszfxHNCzKJV5mRg+cjjRysnjSemHOG+Rnfrkw+zcjdRDRZHj5JFxRl
 Gfa61n0BnvIx7fbEkgJvpsmnNtj0if2EOd4dHMV3OvJ7m2mlsYA4/ONs7RhJCzAg
 ZcEOPoRjvv1QbYfH4k/qwkiFezbgUJ8/Oij4qFE3yyNgoIU7xwg/YgA3LudC37Pr
 FjkDwIOGrTMNau8l+icZPio00ciDjca+KkU6hvMcTpLkJ5RiopIg55HXji4Y5CEt
 hfdAzOSodIDZNM6sB96BmstA8/nMKk3VibaaOovKervjc3hu/XX/Avp7/AKdqDHI
 qqwjsmi8jF8XWnAEIGjXIQe5MfHd9xUCQoj94kJkdT7G7arB/L3834r0h+P79yUX
 buggEhvc34KMWAmohuV/YB6+6QWJRHmaSagEtnVsdfUJnV+61PbUZDQ6RGH9z7UI
 pHkc0bPt8dOuu8KcBhCkKzcmsxGd3PEfw8KJio7rzZ4jMr3GTQotTWx+0wZvchXg
 F5JL/9WIhGFxzXAQfva6D2lwIUN4Vj1UktruU6I1nxlSMhfl1sMBcbtzWIJU9OmK
 dMP7650HTgw=
 =72lo
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'yongbok/tags/mips-20161204' into staging

MIPS patches 2016-12-04

Changes:
* Fix Loongson instructions
* Fix bad shifts in {dextp|dextpdp}

# gpg: Signature made Sun 04 Dec 2016 01:39:38 AM GMT
# gpg:                using RSA key 0x2238EB86D5F797C2
# gpg: Can't check signature: public key not found

* yongbok/tags/mips-20161204:
  target-mips: fix bad shifts in {dextp|dextpdp}
  target-mips: Fix Loongson multimedia instructions.
  target-mips: Fix Loongson multimedia 'or' instruction.
  target-mips: Fix Loongson pandn instruction.

Message-id: 1480816817-53245-1-git-send-email-yongbok.kim@imgtec.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-05 10:56:45 +00:00
Prasad J Pandit 4299b90e9b display: cirrus: check vga bits per pixel(bpp) value
In Cirrus CLGD 54xx VGA Emulator, if cirrus graphics mode is VGA,
'cirrus_get_bpp' returns zero(0), which could lead to a divide
by zero error in while copying pixel data. The same could occur
via blit pitch values. Add check to avoid it.

Reported-by: Huawei PSIRT <psirt@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 1476776717-24807-1-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-12-05 11:01:55 +01:00
Andrey Smirnov 64f441d2e5 fsl_etsec: Pad short payloads with zeros
Depending on QEMU network setup it is possible for us to receive a
complete Ethernet packet that is less 64 bytes long. One such example is
when QEMU is configured to use a standalone TAP device (not set to be a
part of any bridge) receives and ARP packet. In cases like that we need
to add more than just 4-bytes of CRC padding and ensure that our payload
is at least 60 bytes long, such that, when combined with CRC padding
bytes the resulting size is at least 802.3 minimum MTU bytes
long (64). Failing to do that results in code in etsec_walk_rx_ring()
setting BD_RX_SH which, in turn, makes corresponding Linux driver of
emulated host to reject buffer as a runt packet

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-12-05 17:45:14 +08:00
Prasad J Pandit 77d54985b8 net: mcf: check receive buffer size register value
ColdFire Fast Ethernet Controller uses a receive buffer size
register(EMRBR) to hold maximum size of all receive buffers.
It is set by a user before any operation. If it was set to be
zero, ColdFire emulator would go into an infinite loop while
receiving data in mcf_fec_receive. Add check to avoid it.

Reported-by: Wjjzhang <wjjzhang@tencent.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-12-05 17:45:14 +08:00
Li Qiang 2d1cd6c7a9 virtio-gpu: fix memory leak in update_cursor_data_virgl
In update_cursor_data_virgl function, if the 'width'/ 'height'
is not equal to current cursor's width/height it will return
without free the 'data' allocated previously. This will lead
a memory leak issue. This patch fix this issue.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Message-id: 58187760.41d71c0a.cca75.4cb9@mx.google.com
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-12-05 09:37:52 +01:00
Li Qiang 42a8dadc74 virtio-gpu: fix information leak in getting capset info dispatch
In virgl_cmd_get_capset_info dispatch function, the 'resp' hasn't
been full initialized before writing to the guest. This will leak
the 'resp.padding' and 'resp.hdr.padding' fieds to the guest. This
patch fix this issue.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Message-id: 5818661e.0860240a.77264.7a56@mx.google.com
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-12-05 09:37:52 +01:00
Christophe Fergeau 6c7565028c qxl: Only emit QXL_INTERRUPT_CLIENT_MONITORS_CONFIG on config changes
Currently if the client keeps sending the same monitor config to
QEMU/spice-server, QEMU will always raise
a QXL_INTERRUPT_CLIENT_MONITORS_CONFIG regardless of whether there was a
change or not.
Guest-side (with fedora 25), the kernel QXL KMS driver will also forward the
event to user-space without checking if there were actual changes.
Next in line are gnome-shell/mutter (on a default f25 install), which
will try to reconfigure everything without checking if there is anything
to do.
Where this gets ugly is that when applying the resolution changes,
gnome-shell/mutter will call drmModeRmFB, drmModeAddFB, and
drmModeSetCrtc, which will cause the primary surface to be destroyed and
recreated by the QXL KMS driver. This in turn will cause the client to
resend a client monitors config message, which will cause QEMU to reemit
an interrupt with an unchanged monitors configuration, ...
This causes https://bugzilla.redhat.com/show_bug.cgi?id=1266484

This commit makes sure that we only emit
QXL_INTERRUPT_CLIENT_MONITORS_CONFIG when there are actual configuration
changes the guest should act on.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Message-id: 20161028144840.18326-1-cfergeau@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-12-05 09:37:52 +01:00
Yongbok Kim e6e2784cac target-mips: fix bad shifts in {dextp|dextpdp}
Fixed issues in the MIPSDSP64 instructions dextp and dextpdp.
Shifting can go out of 32 bit range.

https://bugs.launchpad.net/qemu/+bug/1631625

Reported-by: Thomas Huth <thuth@redhat.com>
Reported-by: Jia Liu <proljc@gmail.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2016-12-04 00:57:06 +00:00
Heiher b5a587b613 target-mips: Fix Loongson multimedia instructions.
Needed to emit FPU exception on Loongson multimedia instructions
executing if Status:CU1 is clear. or FPR changes may be missed
on Linux.

Signed-off-by: Heiher <wangr@lemote.com>
Signed-off-by: Fuxin Zhang <zhangfx@lemote.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
2016-12-04 00:56:29 +00:00
Heiher bb7cab5f34 target-mips: Fix Loongson multimedia 'or' instruction.
Signed-off-by: Heiher <wangr@lemote.com>
Signed-off-by: Fuxin Zhang <zhangfx@lemote.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
2016-12-02 16:11:09 +00:00
Heiher 9099a36b4b target-mips: Fix Loongson pandn instruction.
pandn FD, FS, FT
Operation: FD = ((NOT FS) AND FT)

Signed-off-by: Heiher <wangr@lemote.com>
Signed-off-by: Fuxin Zhang <zhangfx@lemote.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
2016-12-02 16:11:08 +00:00
Stefan Hajnoczi bd8ef5060d ppc patch queue 2016-12-01
Just a single migration / hotplug fix in this set.  I believe it's
 important enough to go in this late in the 2.8 release process.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABCAAGBQJYP6qFAAoJEGw4ysog2bOSNKMQANcyLWs27Iim3jW397wDombJ
 X0rC0luweUXkFzT4eyf2o+7c2HgXYzokUOElrlhU5AN93M64WaJb2chw+nn8WuZH
 H7Ef1WR9yIVc3mVB+B8fWo4QIxehTFjKVTgGwAv+F1WAcGeIR9TPVdquxl3giYUb
 Mqx+Kh4jIWzVlmOeaYql3DIQX80zMhDQdUoKEbL93pXx6PfJKez7yypygDdf6BPb
 PbrA4wFBKay83bwrIVWw+OK4i1v1zqF+A1+UyJSCCkbPui2UGzp1j0xqaI70SUwP
 7JxOMhhhbQHKyC2pIdtlmxBBUuCjG4n3LskouKyVZu/ys8gybszoHdjLdavTFLO5
 Slri4iwjyPieW+nUrNVdhXJRDE8/knQtPf6Xqby8uOD0g8qJ7RSV7hN5LROZ30HU
 HONMvu3b4z0Rruls1l8z+gHvzNU1Raoh6XzfPUF7NtxwuTMcZ0JkeanSHiax5GdH
 UgCOwKmXp0ZCuQ8Zzep3nyuZsCNxQKk5BR/nRG9LTu6skwED9BQZzEKxcKj6DpTu
 ipPNrHyfM+s4MX1nURZreX1+HHLxAacxfdGZxuN6s+69acILui4igRiyscl8KJyn
 vSXq6ipjfi0bbsDJJ5FxlVcflkf06n6xhC2ncNydnSoxCjIVEh3sUdEVlhPvKDaV
 UwZSmf8kse3UQn+HgSCn
 =Kar4
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'dgibson/tags/ppc-for-2.8-20161201' into staging

ppc patch queue 2016-12-01

Just a single migration / hotplug fix in this set.  I believe it's
important enough to go in this late in the 2.8 release process.

# gpg: Signature made Thu 01 Dec 2016 04:43:49 AM GMT
# gpg:                using RSA key 0x6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* dgibson/tags/ppc-for-2.8-20161201:
  spapr: fix default DRC state for coldplugged LMBs

Message-id: 20161201044441.14365-1-david@gibson.dropbear.id.au
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-01 13:39:29 +00:00
Stefan Hajnoczi 2cfe5d7bc2 virtio, vhost, pc: fixes
Minor fixes since 2.8.0-rc2.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJYPjiIAAoJECgfDbjSjVRpjccH/iHLhzRLi2+1dag7SG5SGlST
 MCNh2zOK5Snhjb+/NymLIs8f/arVQoQE+qHy+qAXp2gP+lRIhZRB8JRZ5IJ8DhUp
 wpsVpTpVxmPoE3/BCd9RlrSLDabhoTv7DrLC2RMCeE1ScnDJ7U2X7/wcYSSReM/A
 FIAI/AZCKv39afkicXpqlNpFaLspqgPrhXmkMaaw5AbSWBtb6RsixhcqmpX7blFN
 agbdQZFi408dLRpuu5MmNKVA10A/sFl0PtMUBn6yS1b9L98Lkz8qgpDkl5AoKrZV
 WgTsg4S0XMNKTZmsBERJTeUTr2UA4sGqpodNzDsmMIqc1UKQABB+pgSD7B/TMwE=
 =pHnr
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_upstream' into staging

virtio, vhost, pc: fixes

Minor fixes since 2.8.0-rc2.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed 30 Nov 2016 02:25:12 AM GMT
# gpg:                using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* mst/tags/for_upstream:
  virtio-crypto: fix uninitialized variables
  loader: fix undefined behavior in rom_order_compare()
  loader: fix handling of custom address spaces when adding ROM blobs
  intel_iommu: fix incorrect device invalidate
  spec/vhost-user: fix the VHOST_USER prefix

Message-id: 1480564455-23933-1-git-send-email-mst@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-12-01 13:38:36 +00:00
Michael Roth 5c0139a8c2 spapr: fix default DRC state for coldplugged LMBs
Currently we set the initial isolation/allocation state for DRCs
associated with coldplugged LMBs to ISOLATED/UNUSABLE,
respectively, under the assumption that the guest will move this
state to UNISOLATED/USABLE.

In fact, this is only the case for LMBs added via hotplug. For
coldplugged LMBs, the guest actually assumes the initial state to
be UNISOLATED/USABLE.

In practice, this only becomes an issue when we attempt to unplug
one of these LMBs, where the guest kernel will issue an
rtas-get-sensor-state call to check that the corresponding DRC is
in an USABLE state before it will release the LMB back to
QEMU. If the returned state is otherwise, the guest will assume no
further action is needed, which bypasses the QEMU-side cleanup that
occurs during the USABLE->UNUSABLE transition. This results in
LMBs and their corresponding pc-dimm devices to stick around
indefinitely.

This patch fixes the issue by manually setting DRCs associated with
cold-plugged LMBs to UNISOLATED/ALLOCATED, but leaving the hotplug
state untouched. As it turns out, this is analogous to the handling
for cold-plugged CPUs in spapr_core_plug().

Cc: qemu-ppc@nongnu.org
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: Bharata B Rao <bharata@linux.vnet.ibm.com>
Cc: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-12-01 13:41:00 +11:00
Gonglei 9730280d54 virtio-crypto: fix uninitialized variables
Though crypto_cfg.reserve is an unused field, let me
initialize the structure in order to make coverity happy.

*** CID 1365923:  Uninitialized variables  (UNINIT)
/hw/virtio/virtio-crypto.c: 851 in virtio_crypto_get_config()
845         stl_le_p(&crypto_cfg.mac_algo_h, c->conf.mac_algo_h);
846         stl_le_p(&crypto_cfg.aead_algo, c->conf.aead_algo);
847         stl_le_p(&crypto_cfg.max_cipher_key_len, c->conf.max_cipher_key_len);
848         stl_le_p(&crypto_cfg.max_auth_key_len, c->conf.max_auth_key_len);
849         stq_le_p(&crypto_cfg.max_size, c->conf.max_size);
850
>>>     CID 1365923:  Uninitialized variables  (UNINIT)
>>>     Using uninitialized value "crypto_cfg". Field "crypto_cfg.reserve"
       is uninitialized when calling "memcpy".
      [Note: The source code implementation of the function
       has been overridden by a builtin model.]
851         memcpy(config, &crypto_cfg, c->config_size);
852     }
853

Rported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-11-30 04:22:18 +02:00
Laszlo Ersek 1b57bd4f2f loader: fix undefined behavior in rom_order_compare()
According to ISO C99 / N1256 (referenced in HACKING):

> 6.5.8 Relational operators
>
> 4 For the purposes of these operators, a pointer to an object that is
>   not an element of an array behaves the same as a pointer to the first
>   element of an array of length one with the type of the object as its
>   element type.
>
> 5 When two pointers are compared, the result depends on the relative
>   locations in the address space of the objects pointed to. If two
>   pointers to object or incomplete types both point to the same object,
>   or both point one past the last element of the same array object, they
>   compare equal. If the objects pointed to are members of the same
>   aggregate object, pointers to structure members declared later compare
>   greater than pointers to members declared earlier in the structure,
>   and pointers to array elements with larger subscript values compare
>   greater than pointers to elements of the same array with lower
>   subscript values. All pointers to members of the same union object
>   compare equal. If the expression /P/ points to an element of an array
>   object and the expression /Q/ points to the last element of the same
>   array object, the pointer expression /Q+1/ compares greater than /P/.
>   In all other cases, the behavior is undefined.

Our AddressSpace objects are allocated generally individually, and kept in
the "address_spaces" linked list, so we mustn't compare their addresses
with relops.

Convert the pointers subjected to the relop in rom_order_compare() to
"uintptr_t":

> 7.18.1.4 Integer types capable of holding object pointers
>
> 1 [...]
>
>   The following type designates an unsigned integer type with the
>   property that any valid pointer to void can be converted to this type,
>   then converted back to pointer to void, and the result will compare
>   equal to the original pointer:
>
>   /uintptr_t/
>
>   These types are optional.

Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Alistair Francis <alistair.francis@xilinx.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-devel@nongnu.org
Fixes: 3e76099aac
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-11-30 04:22:18 +02:00
Laszlo Ersek aa6c6ae843 loader: fix handling of custom address spaces when adding ROM blobs
* Commit 3e76099aac ("loader: Allow a custom AddressSpace when loading
  ROMs") introduced the "Rom.as" field:

  (1) It modified the utility callers of rom_insert() to take "as" as a
      new parameter from *their* callers, and set "rom->as" from that
      parameter. The functions covered were rom_add_file() and
      rom_add_elf_program().

  (2) It also modified rom_insert() itself, to auto-assign
      "&address_space_memory", in case the external caller passed -- and
      the utility caller forwarded -- as=NULL.

  Except, commit 3e76099aac forgot to update the third utility caller of
  rom_insert(), under point (1), namely rom_add_blob().

* Later, commit 5e774eb3bd ("loader: Add AddressSpace loading support
  to uImages") added the load_uimage_as() function, and the
  rom_add_blob_fixed_as() function-like macro, with the necessary changes
  elsewhere to propagate the new "as" parameter to rom_add_blob():

    load_uimage_as()
      load_uboot_image()
        rom_add_blob_fixed_as()
          rom_add_blob()

  At this point, the signature (and workings) of rom_add_blob() had been
  broken already, and the rom_add_blob_fixed_as() macro passed its "_as"
  parameter to rom_add_blob() as "callback_opaque". Given that the
  "fw_callback" parameter itself was set to NULL (correctly), this did no
  additional damage (the opaque arg would never be used), but ultimately
  it broke the new functionality of load_uimage_as().

* The load_uimage_as() function would be put to use in one of the later
  patches, commit e481a1f63c ("generic-loader: Add a generic loader").

* We can fix this only in a unified patch now. Append "AddressSpace *as"
  to the signature of rom_add_blob(), and handle the new parameter. Pass
  NULL from all current callers, except from rom_add_blob_fixed_as(),
  where "_as" has to be bumped to the proper position.

* Note that rom_add_file() rejects the case when both "mr" and "as" are
  passed in as non-NULL. The action that this is apparently supposed to
  prevent is the

    rom->mr = mr;

  assignment (that's the only place where the "mr" parameter is used in
  rom_add_file()). In rom_add_blob() though, we have no "mr" parameter,
  and the actions done on the fw_cfg branch:

    if (fw_file_name && fw_cfg) {
        if (mc->rom_file_has_mr) {
            data = rom_set_mr(rom, OBJECT(fw_cfg), devpath);
            mr = rom->mr;
        } else {
            data = rom->data;
        }

  reflect those that are performed by rom_add_file() too (with mr==NULL):

    if (rom->fw_file && fw_cfg) {
        if ((!option_rom || mc->option_rom_has_mr) &&
            mc->rom_file_has_mr) {
            data = rom_set_mr(rom, OBJECT(fw_cfg), devpath);
        } else {
            data = rom->data;
        }

  Hence we need no additional restrictions in rom_add_blob().

* Stable is not affected as both problematic commits appeared first in
  v2.8.0-rc0.

Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Alistair Francis <alistair.francis@xilinx.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Shannon Zhao <zhaoshenglong@huawei.com>
Cc: qemu-arm@nongnu.org
Cc: qemu-devel@nongnu.org
Fixes: 3e76099aac
Fixes: 5e774eb3bd
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-11-30 04:20:57 +02:00