Commit Graph

54 Commits

Author SHA1 Message Date
Michael S. Tsirkin 71f7fe48e1 virtio-net: fix buffer overflow on invalid state load
CVE-2013-4148 QEMU 1.0 integer conversion in
virtio_net_load()@hw/net/virtio-net.c

Deals with loading a corrupted savevm image.

>         n->mac_table.in_use = qemu_get_be32(f);

in_use is int so it can get negative when assigned 32bit unsigned value.

>         /* MAC_TABLE_ENTRIES may be different from the saved image */
>         if (n->mac_table.in_use <= MAC_TABLE_ENTRIES) {

passing this check ^^^

>             qemu_get_buffer(f, n->mac_table.macs,
>                             n->mac_table.in_use * ETH_ALEN);

with good in_use value, "n->mac_table.in_use * ETH_ALEN" can get
positive and bigger than mac_table.macs. For example 0x81000000
satisfies this condition when ETH_ALEN is 6.

Fix it by making the value unsigned.
For consistency, change first_multi as well.

Note: all call sites were audited to confirm that
making them unsigned didn't cause any issues:
it turns out we actually never do math on them,
so it's easy to validate because both values are
always <= MAC_TABLE_ENTRIES.

Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2014-05-05 14:15:10 +02:00
Peter Maydell 57fac92c2d Block pull request
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJTIbe5AAoJEJykq7OBq3PI0/AH/jglW+rsN+0/kAr5wIY4BQUn
 qvzYHBP9xvPtd0cGubTt2N3bZPlb/zTVFe/OOpJmaENrVJY/rPZNF3nKqdrr5uOP
 WrBbQZi2hkOG82uuiN2BiGh324zOMBNSh3d2WaHmJpxjabZcjN28UOkx5WGlBImu
 VAHY/HaImOLMkS120GxbMsFziXRLM66o9XWEbA/l0EBOISM6KloX6mtZd7y6MGzA
 a35JbUueyRo+hvndFEHY2P2XvUc5ZycOYF2yOz59X5QrqhmP6I+Ym4ohtyO2Olga
 jpoAO7jDpV/7PJwo1xC8j+1jhl3VGdX2L7iWgDUTJ0jY8mV3hQWhy58fOEwYY+k=
 =0llk
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Block pull request

# gpg: Signature made Thu 13 Mar 2014 13:50:49 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request: (24 commits)
  block/raw-win32: bdrv_parse_filename() for hdev
  block/raw-posix: Strip protocol prefix on creation
  block/raw-posix: bdrv_parse_filename() for cdrom
  block/raw-posix: bdrv_parse_filename() for floppy
  block/raw-posix: bdrv_parse_filename() for hdev
  qemu-io: Fix warnings from static code analysis
  block: Unlink temporary file
  qcow2: Don't write with BDRV_O_INCOMING
  qcow2: Keep option in qcow2_invalidate_cache()
  qmp: add query-iothreads command
  iothread: stash thread ID away
  dataplane: replace internal thread with IOThread
  iothread: add "iothread" qdev property type
  qdev: make get_pointer() handle temporary strings
  iothread: add I/O thread object
  aio: add aio_context_acquire() and aio_context_release()
  rfifolock: add recursive FIFO lock
  object: add object_get_canonical_path_component()
  block: Rewrite the snapshot authorization mechanism for block filters.
  iotests: Test corruption during COW request
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-03-13 15:33:04 +00:00
Stefan Hajnoczi 48ff269272 dataplane: replace internal thread with IOThread
Today virtio-blk dataplane uses a 1:1 device-per-thread model.  Now that
IOThreads have been introduced we can generalize this to N:M devices per
threads.

This patch drops thread code from dataplane in favor of running inside
an IOThread AioContext.

As a bonus we solve the case where a guest keeps submitting I/O requests
while dataplane is trying to stop.  Previously the dataplane thread
would continue to process requests until the request gave it a break.
Now we can shut down in bounded time thanks to
aio_context_acquire/release.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-03-13 14:42:24 +01:00
Andreas Färber 2ef66625f3 virtio-serial-port: Convert to QOM realize/unrealize
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13 01:21:57 +01:00
Paolo Bonzini 87b7f2f8c8 dataplane: replace hostmem with memory_region_find
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-12-20 09:11:57 +01:00
Paolo Bonzini 8c1b566fd1 dataplane: change vring API to use VirtQueueElement
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-12-20 09:11:57 +01:00
Andreas Färber 306ec6c3ce virtio: Convert exit to unrealize
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-12-09 21:46:49 +01:00
Andreas Färber 0ba94b6f94 virtio: Complete converting VirtioDevice to QOM realize
Drop VirtioDeviceClass::init.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-12-09 21:46:49 +01:00
Andreas Färber 71a6520b83 virtio-scsi: Convert to QOM realize
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-12-09 21:46:49 +01:00
Andreas Färber a8d57dfb28 virtio-rng: Convert to QOM realize
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-12-09 21:46:49 +01:00
Andreas Färber 1d244b42d2 virtio: Start converting VirtioDevice to QOM realize
Temporarily allow either VirtioDeviceClass::init or
VirtioDeviceClass::realize.

Introduce VirtioDeviceClass::unrealize for symmetry.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-12-09 21:46:49 +01:00
Paolo Bonzini e3c9d76acc virtio-scsi: switch exit callback to VirtioDeviceClass
This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.

Cc: qemu-stable@nongnu.org
Acked-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-12-09 21:46:48 +01:00
Paolo Bonzini 5e96f5d2f8 virtio-bus: cleanup plug/unplug interface
Right now we have these pairs:

- virtio_bus_plug_device/virtio_bus_destroy_device.  The first
  takes a VirtIODevice, the second takes a VirtioBusState

- device_plugged/device_unplug callbacks in the VirtioBusClass
  (here it's just the naming that is inconsistent)

- virtio_bus_destroy_device is not called by anyone (and since
  it calls qdev_free, it would be called by the proxies---but
  then the callback is useless since the proxies can do whatever
  they want before calling virtio_bus_destroy_device)

And there is a k->init but no k->exit, hence virtio_device_exit is
overwritten by subclasses (except virtio-9p).  This cleans it up by:

- renaming the device_unplug callback to device_unplugged

- renaming virtio_bus_plug_device to virtio_bus_device_plugged,
  matching the callback name

- renaming virtio_bus_destroy_device to virtio_bus_device_unplugged,
  removing the qdev_free, making it take a VirtIODevice and calling it
  from virtio_device_exit

- adding a k->exit callback

virtio_device_exit is still overwritten, the next patches will fix that.

Cc: qemu-stable@nongnu.org
Acked-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-12-09 21:46:48 +01:00
Paolo Bonzini 06d3dff072 virtio-bus: remove vdev field
The vdev field is complicated to synchronize.  Just access the
BusState's list of children.

Cc: qemu-stable@nongnu.org
Acked-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-12-09 21:46:48 +01:00
Paolo Bonzini ef5bc96268 virtio-blk: do not relay a previous driver's WCE configuration to the current
The following sequence happens:
- the SeaBIOS virtio-blk driver does not support the WCE feature, which
causes QEMU to disable writeback caching

- the Linux virtio-blk driver resets the device, finds WCE is available
but writeback caching is disabled; tells block layer to not send cache
flush commands

- the Linux virtio-blk driver sets the DRIVER_OK bit, which causes
writeback caching to be re-enabled, but the Linux virtio-blk driver does
not know of this side effect and cache flushes remain disabled

The bug is at the third step.  If the guest does know about CONFIG_WCE,
QEMU should ignore the WCE feature's state.  The guest will control the
cache mode solely using configuration space.  This change makes Linux
do flushes correctly, but Linux will keep SeaBIOS's writethrough mode.

Hence, whenever the guest is reset, the cache mode of the disk should
be reset to whatever was specified in the "-drive" option.  With this
change, the Linux virtio-blk driver finds that writeback caching is
enabled, and tells the block layer to send cache flush commands
appropriately.

Reported-by: Rusty Russell <rusty@au1.ibm.com
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-20 19:27:48 +02:00
Stefan Hajnoczi 6793dfd1b6 virtio: clear signalled_used_valid when switching from dataplane
When the dataplane thread stops, its vring.c implementation synchronizes
vring state back to virtio.c so we can continue emulating the virtio
device.

This patch ensures that virtio.c's signalled_used_valid flag is reset so
that we do not suppress guest notifications due to stale signalled_used
values.

Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-12 12:19:04 +03:00
Stefan Hajnoczi 84db52d059 dataplane: enable virtio-blk x-data-plane=on live migration
Although the dataplane thread does not cooperate with dirty memory
logging yet it's fairly easy to temporarily disable dataplane during
live migration.  This way virtio-blk can live migrate when
x-data-plane=on.

The dataplane thread will restart after migration is cancelled or if the
guest resuming virtio-blk operation after migration completes.

Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-07-29 17:19:07 +02:00
Anthony Liguori 549c272b3c arm-devs queue
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABCAAGBQJR7RnMAAoJEDwlJe0UNgze9BQP/iuj/QKrw71vrMMCHlrzqjRc
 WXNaGkGHGaRw1r1X/XSiEqI3Ti2frHhsJ+annso4Q3forfGCbnB1Qaqvs/KzQW09
 KQBK3b2AZ9m4b35ZpZYpmbNaIS60XVV1VVB9tshXKJgyYObGlHRWj8MpepSrl3Rr
 texchdyNgZnqCS7Ep6oxzaR2bLqcr1Mi8+NG4dLJfw/z8BREPasQfxOYQoKxDVKV
 Cg2gd31ZAVzqJXtUuwdtkuM7JddfOnGk/MfDkZEBFhQ/fnRE5GSGYTuOHQp9hYdt
 bKnJbT0tqorP5+xg4dzVTqOJ+TsWm+ZfQrzQzkWSM34msYSoohCsF3/BA3xkF3/9
 6iE4ZfHrM6R/XO3A61NbtE9CvhFq9YsLPq7TcAAEzapBFXZlQAGCbZNJlGqn72p1
 XSTFwB02c2+gOXhhUtCwh0OKVbX79J99TQkBR1bEXr3C0yokxa0bIy7kJy+X2+vF
 NOMzoWhEteylZn18tvDfjPCXXzO4kJ8+3sYtvyYAWRadG1QcCq+8xMwUgcVQgmnM
 3TO2r+i4Cs+Ut9m6krW3P3ctL4cCoZj4bDqOu/8Fd7OVBK6u6LtXwej6LoiIDSPD
 3D2Bns65EhEZVucoObgNxG2h+JFLcLm3qRKY51VxD0lJh4Nn90jo317I43FHWONe
 HZZqqO8yPPf7LG/QGTzA
 =AvPS
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'pmaydell/tags/pull-arm-devs-20130722' into staging

arm-devs queue

# gpg: Signature made Mon 22 Jul 2013 06:38:52 AM CDT using RSA key ID 14360CDE
# gpg: Can't check signature: public key not found

# By Peter Maydell (8) and Soren Brinkmann (2)
# Via Peter Maydell
* pmaydell/tags/pull-arm-devs-20130722:
  hw/arm: Use 'load_ramdisk()' for loading ramdisks w/ U-Boot header
  hw/loader: Support ramdisk with u-boot header
  vexpress: Add virtio-mmio transports
  vexpress: Make VEDBoardInfo extend arm_boot_info
  arm/boot: Allow boards to modify the FDT blob
  virtio: Implement MMIO based virtio transport
  virtio: Support transports which can specify the vring alignment
  virtio: Add support for guest setting of queue size
  arm/boot: Use qemu_devtree_setprop_sized_cells()
  device_tree: Add qemu_devtree_setprop_sized_cells() utility functions

Message-id: 1374493427-3254-1-git-send-email-peter.maydell@linaro.org
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-22 10:14:24 -05:00
Peter Maydell 6ce69d1c77 virtio: Support transports which can specify the vring alignment
Support virtio transports which can specify the vring alignment
(ie where the guest communicates this to the host) by providing
a new virtio_queue_set_align() function. (The default alignment
remains as before.)

Transports which wish to make use of this must set the
has_variable_vring_alignment field in their VirtioBusClass
struct to true; they can then change the alignment via
virtio_queue_set_align().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1373977512-28932-5-git-send-email-peter.maydell@linaro.org
2013-07-19 12:58:46 +01:00
Peter Maydell e63c0ba1bc virtio: Add support for guest setting of queue size
The MMIO virtio transport spec allows the guest to tell the host how
large the queue size is. Add virtio_queue_set_num() function which
implements this in the QEMU common virtio support code.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1373977512-28932-4-git-send-email-peter.maydell@linaro.org
2013-07-19 12:58:46 +01:00
Stefan Hajnoczi 9154b02c53 dataplane: sync virtio.c and vring.c virtqueue state
Load the virtio.c state into vring.c when we start dataplane mode and
vice versa when stopping dataplane mode.  This patch makes it possible
to start and stop dataplane any time while the guest is running.

This will eventually allow us to go back to QEMU main loop for
bdrv_drain_all() and live migration.  In the meantime, this patch makes
the dataplane lifecycle more robust but should make no visible
difference.  It may be useful in the virtio-net dataplane effort.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-07-19 12:29:21 +08:00
Anthony Liguori e9acb8cea9 pci,net,pc enhancements
This includes some fixes and enhancements that accumulated in my tree:
 pci fixes by dkoch, virtio-net enhancements by akong and mst,
 and a fix for xen pc by mst.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.13 (GNU/Linux)
 
 iQEcBAABAgAGBQJR5meNAAoJECgfDbjSjVRp24IIAMOkxbb85FJ323G/x5cQBzA/
 gjFDmvB6geIMBorX1YZRnIM+RFhx+mkXtBTu2raWVTNTt5G2u3vAQQWW2zSiOTBL
 gH4BhzJnUoqLHOydWql2MsGS7DMQo4Fq8OnzRBkZ119AEEqNMad1w2LykwFWs4ra
 k3bsPNCZM+ZNiLMWtQLOcD3FYvoiISinqFd81KOnxvDiT90rczk4dLWqjv8smNif
 WqZ7aCD1hGJ5yD7JI2YjCbhVvu4F7tBK+fWkT/O3oYslh/o241lyxUriOXMKdKML
 04sNXa5eWue9cOKlbo1G+yfFwFg1JDsAMe/Usg0KXz1MMK91wiWE763ESPbFBK0=
 =P+pr
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pci,net,pc enhancements

This includes some fixes and enhancements that accumulated in my tree:
pci fixes by dkoch, virtio-net enhancements by akong and mst,
and a fix for xen pc by mst.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed 17 Jul 2013 04:44:45 AM CDT using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By Don Koch (2) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  pc: don't access fw cfg if NULL
  virtio-net: add feature bit for any header s/g
  net: add support of mac-programming over macvtap in QEMU side
  pci: fix BRDIGE typo
  pci-bridge: update mappings for migration/restore

Message-id: 1374054430-21966-1-git-send-email-mst@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-18 08:12:47 -05:00
Michael S. Tsirkin 488f069bd1 virtio-net: add feature bit for any header s/g
Old qemu versions required that 1st s/g entry is the header.

Since QEMU 1.5, patchset titled "virtio-net: iovec handling cleanup"
removed this limitation but a feature bit is needed so guests know it's
safe to lay out header differently.

This patch applies on top and adds such a feature bit to QEMU.
It is set by default for virtio-net.
virtio net header inline with the data is beneficial
for latency and small packet bandwidth - guest driver
code utilizing this feature has been acked but missed 3.11
by a narrow margin, it's pending for 3.12.

This feature bit is cleared by default when compatibility with old
machine types is requested.

Other performance-sensitive devices (blk and scsi)
don't yet support arbitrary s/g layouts, so
we only set this bit for virtio-net for now.
There are plans to allow arbitrary layouts there, but
no code has been posted yet.

Cc: Rusty Russell <rusty@rustcorp.com.au>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-07-15 21:26:26 +03:00
Paolo Bonzini dfde4e6e1a memory: add ref/unref calls
Add ref/unref calls at the following places:

- places where memory regions are stashed by a listener and
  used outside the BQL (including in Xen or KVM).

- memory_region_find callsites

- creation of aliases and containers (only the aliased/contained
  region gets a reference to avoid loops)

- around calls to del_subregion/add_subregion, where the region
  could disappear after the first call

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04 17:42:45 +02:00
Dmitry Fleytman 644c98587d virtio-net: dynamic network offloads configuration
Virtio-net driver currently negotiates network offloads
on startup via features mechanism and have no ability to
disable and re-enable offloads later.
This patch introduced a new control command that allows
to configure device network offloads state dynamically.
The patch also introduces a new feature flag
VIRTIO_NET_F_CTRL_GUEST_OFFLOADS.

Signed-off-by: Dmitry Fleytman <dfleytma@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20130520081814.GA8162@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-05-22 07:40:10 -05:00
KONRAD Frederic 8a253ec26e virtio-net: add virtio_net_set_netclient_name.
This adds virtio_net_set_netclient_name, which is used to set the
name and type shown in "info network" command.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-id: 1368619970-23892-2-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-05-15 08:48:25 -05:00
KONRAD Frederic 6f32a6b47e virtio-scsi: fix the command line compatibility.
The bus name is wrong since the refactoring.

This keeps the behaviour of the command line.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Message-id: 1367330931-12994-6-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-05-03 12:05:15 -05:00
KONRAD Frederic 1034e9cf4d virtio: add virtio_device_set_child_bus_name.
Add virtio_device_set_child_bus_name function.

It will be used with virtio-serial-x and virtio-scsi-x to set the
child bus name before calling virtio-x-device's init.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Message-id: 1367330931-12994-3-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-05-03 12:05:15 -05:00
KONRAD Frederic fca0a70cdb virtio: drop unused function prototypes.
This removes the unused prototypes in virtio.h.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-id: 1366791683-5350-8-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:21 -05:00
KONRAD Frederic 6a1a8cc7af virtio: cleanup: init and exit function.
This clean the init and the exit functions and rename virtio_common_cleanup
to virtio_cleanup.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-id: 1366791683-5350-7-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:21 -05:00
KONRAD Frederic 1c81944983 virtio: remove virtiobindings.
This remove virtio-bindings, and use class instead.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-id: 1366791683-5350-6-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:20 -05:00
KONRAD Frederic 181103cd52 virtio: remove the function pointer.
This remove the function pointer in VirtIODevice, and use only
VirtioDeviceClass function pointer.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-id: 1366791683-5350-5-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:20 -05:00
KONRAD Frederic 5d448f9dac virtio-bus: add new functions.
This add two functions:
   * virtio_bus_set_vdev_config.
   * virtio_bus_set_vdev_feature.

Needed by virtio-ccw.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-id: 1366791683-5350-2-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:20 -05:00
KONRAD Frederic 611aa333b4 virtio-rng: cleanup: use QOM casts.
As the virtio-rng-pci, virtio-rng-s390 and virtio-rng-ccw are
switched to the new API, we can use QOM casts.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Amit Shah <amit.shah@redhat.com>
Message-id: 1366790881-3026-9-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:20 -05:00
KONRAD Frederic 65f3b678f5 virtio-rng: cleanup: remove qdev field.
The qdev field is no longer needed, just drop it.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Amit Shah <amit.shah@redhat.com>
Message-id: 1366790881-3026-8-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:19 -05:00
KONRAD Frederic 46a5a89d65 virtio-rng: cleanup: init and exit functions.
This remove old init and exit function as they are no longer needed.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Amit Shah <amit.shah@redhat.com>
Message-id: 1366790881-3026-7-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:19 -05:00
KONRAD Frederic 6eac8aec02 virtio-rng: add virtio-rng device.
Create virtio-rng-device which extends virtio-device, so it can be connected on
virtio-bus.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Amit Shah <amit.shah@redhat.com>
Message-id: 1366790881-3026-3-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:19 -05:00
KONRAD Frederic af1a8ad646 virtio-rng: don't use pointer for configuration.
The configuration field must not be a pointer as it will be used for
virtio-rng properties. So *conf is replaced by conf.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Amit Shah <amit.shah@redhat.com>
Message-id: 1366790881-3026-2-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-24 11:50:19 -05:00
Anthony Liguori 6165daa4c8 Merge remote-tracking branch 'bonzini/scsi-next' into staging
# By Paolo Bonzini (5) and others
# Via Paolo Bonzini
* bonzini/scsi-next:
  vhost-scsi-s390: new device supporting the tcm_vhost Linux kernel module
  vhost-scsi-ccw: new device supporting the tcm_vhost Linux kernel module
  vhost-scsi-pci: new device supporting the tcm_vhost Linux kernel module
  vhost-scsi: new device supporting the tcm_vhost Linux kernel module
  virtio: simplify Makefile conditionals
  virtio-scsi: create VirtIOSCSICommon
  vhost: Add vhost_commit callback for SeaBIOS ROM region re-mapping
  scsi: VMWare PVSCSI paravirtual device implementation
  scsi: avoid assertion failure on VERIFY command

Message-id: 1366381460-6041-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-22 08:05:05 -05:00
Nicholas Bellinger 5e9be92d77 vhost-scsi: new device supporting the tcm_vhost Linux kernel module
The WWPN specified in configfs is passed to "-device vhost-scsi-pci".
The tgpt field of the SET_ENDPOINT ioctl is obsolete now, so it is not
available from the QEMU command-line.  Instead, I hardcode it to zero.

Changes in Patch-v2:
   - Add vhost_scsi_get_features() in order to determine feature bits
     supports by host kernel (mst + nab)
   - Re-enable usage of DEFINE_VIRTIO_COMMON_FEATURES, and allow
     EVENT_IDX to be disabled by host in vhost_scsi_get_features()
   - Drop unused hotplug bit in DEFINE_VHOST_SCSI_PROPERTIES

Changes in Patch-v1:
   - Set event_idx=off by default (nab, thanks asias)
   - Disable hotplug feature bit for v3.9 tcm_vhost kernel code, need to
     re-enable in v3.10 (nab)
   - Update to latest qemu.git/master HEAD

Changes in WIP-V3:
   - Drop ioeventfd vhost_scsi_properties (asias, thanks stefanha)
   - Add CONFIG_VHOST_SCSI (asias, thanks stefanha)
   - Add hotplug feature bit

Changes in WIP-V2:
   - Add backend guest masking support (nab)
   - Bump ABI_VERSION to 1 (nab)
   - Set up set_guest_notifiers (asias)
   - Set up vs->dev.vq_index (asias)
   - Drop vs->vs.vdev.{set,clear}_vhost_endpoint (asias)
   - Drop VIRTIO_CONFIG_S_DRIVER check in vhost_scsi_set_status (asias)

Howto:
   Use the latest seabios, at least commit b44a7be17b
   git clone git://git.seabios.org/seabios.git
   make
   cp out/bios.bin /usr/share/qemu/bios.bin
   qemu -device vhost-scsi-pci,wwpn=naa.6001405bd4e8476d,event_idx=off
...

Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Signed-off-by: Asias He <asias@redhat.com>
[ Rebase on top of VirtIOSCSICommon patch, fix bugs in feature
  negotiation and irqfd masking - Paolo ]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-19 16:18:11 +02:00
Paolo Bonzini 292c8e50d5 virtio-scsi: create VirtIOSCSICommon
This patch refactors existing virtio-scsi code into VirtIOSCSICommon
in order to allow virtio_scsi_init_common() to be used by both internal
virtio_scsi_init() and external vhost-scsi-pci code.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Asias He <asias@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-19 16:17:56 +02:00
Luiz Capitulino fd1ca7e0d5 virtio.h: drop unused function prototypes
They are unused since commit 5c7d0962f6.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-04-19 11:30:07 +02:00
Nicholas Bellinger af60314291 vhost: Add vhost_commit callback for SeaBIOS ROM region re-mapping
This patch follows MST's recommendation to move checks for
vhost_verify_ring_mappings() -> cpu_physical_memory_map() operations
from MemoryListener->region_[add,del]() -> vhost_set_memory() into
final MemoryListener->commit() -> vhost_commit() callback.

It addresses the case where virtio-scsi vq ioport RAM re-mapping
to read-only SeaBIOS ROM triggers a cpu_physical_memory_map()
NIL MemoryRegionSection pointer failure.

Also save vhost_dev->mem_changed_[start,end]_addr values in
vhost_set_memory() for final ranges_overlap checks.  (Thanks Paolo!)

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Asias He <asias@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-19 10:44:17 +02:00
KONRAD Frederic 17a0ca5565 virtio-net: cleanup: use QOM cast.
As the virtio-net-pci and virtio-net-s390 are switched to the new API,
we can use QOM casts.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Message-id: 1365690602-22729-7-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-17 10:28:59 -05:00
KONRAD Frederic 17ec5a8686 virtio-net: add the virtio-net device.
Create virtio-net-device which extends virtio-device, so it can be connected on
virtio-bus.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Message-id: 1365690602-22729-3-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-17 10:28:21 -05:00
KONRAD Frederic 6a87acf7df virtio: add two functions to VirtioDeviceClass.
Recent changes need two functions to VirtioDevice. This just add them
into VirtioDeviceClass.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Message-id: 1365690602-22729-2-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-17 10:28:21 -05:00
Hans de Goede f9fb0532fb virtio-console: Also throttle when less was written then requested
This is necessary so that we get properly woken up to write the rest.

This patch also changes the len argument to the have_data callback, to
avoid doing an unsigned signed comparison.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Acked-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-04-16 11:52:09 +02:00
Anthony Liguori 4ceb193d30 Merge remote-tracking branch 'bonzini/hw-dirs' into staging
* bonzini/hw-dirs:
  exec: remove useless declarations from memory-internal.h
  memory: move core typedefs to qemu/typedefs.h
  include: avoid useless includes of exec/ headers
  sysemu: avoid proliferation of include/ subdirectories
  tpm: reorganize headers and split hardware part
  configure: fix TPM logic
  acpi.h: make it self contained
  acpi: move declarations from pc.h to acpi.h
  hw: Add lost ARM core again
  Fix failure to create q35 machine
  Add linux-headers to QEMU_INCLUDES
  arm: fix location of some include files

Conflicts:
	configure

aliguori: trivial conflict in configure output

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-15 17:06:04 -05:00
Paolo Bonzini dccfcd0e5f sysemu: avoid proliferation of include/ subdirectories
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-15 18:19:25 +02:00
KONRAD Frederic d5990ff467 virtio-serial: cleanup: remove qdev field.
The qdev field is no longer needed, just drop it.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Amit Shah <amit.shah@redhat.com>
Message-id: 1365512016-21944-8-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-15 10:22:05 -05:00