Commit Graph

38214 Commits

Author SHA1 Message Date
zhanghailiang 198675491f error: Replace error_report() & error_free() with error_report_err()
This is a continuation of the work started in commit 565f65d27:
"error: Use error_report_err() where appropriate"

Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Gonglei 6e05a12f8f arm: fix memory leak
Cc: Michael Tokarev <mjt@tls.msk.ru>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Markus Armbruster 293811f6c1 qmp: Drop unused .user_print from command definitions
.user_print isn't used with QMP commands, only with HMP commands.
Copied over when QMP got its own command table in commit 82a56f0.
Most of them have been dropped since, but a few stragglers remain.
Drop them.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Markus Armbruster 46db7b862a hmp: Fix definition of command quit
The command handler is a union of two function types.  If
cmd->user_print is set, handle_user_command() calls
cmd->mhandler.cmd_new(), else cmd->mhandler.cmd().

Command definitions must therefore either set both user_print() and
mhandler.cmd_new(), or only mhandler.cmd().

quit's sets user_print and mhandler.cmd().  handle_user_command()
calls hmp_quit() through mhandler.cmd_new() rather than
mhandler.cmd(), i.e. through a function pointer with a different type.
Broken in commit 7a7f325, v1.0.

Works in practice because hmp_quit() doesn't use its arguments, and
handle_user_command() ignores its function value.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil 6093d01194 target-moxie: Fix warnings from Sparse (one-bit signed bitfield)
Report from Sparse:

target-moxie/mmu.h:9:12: error: dubious one-bit signed bitfield
target-moxie/mmu.h:10:12: error: dubious one-bit signed bitfield
target-moxie/mmu.h:11:12: error: dubious one-bit signed bitfield
target-moxie/mmu.h:12:12: error: dubious one-bit signed bitfield
target-moxie/mmu.h:13:12: error: dubious one-bit signed bitfield

Cc: Anthony Green <green@moxielogic.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil 2c20fa2cc2 block/qapi: Fix Sparse warning
Sparse reports this warning:

block/qapi.c:417:47: warning:
 too long initializer-string for array of char(no space for nul char)

Replacing the string by an array of characters fixes this warning.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil e7ae771f6d Fix remaining warnings from Sparse (void return)
Sparse report:

hw/display/vga.c:2000:5: warning: returning void-valued expression
hw/intc/arm_gic.c:707:9: warning: returning void-valued expression
hw/intc/etraxfs_pic.c:138:9: warning: returning void-valued expression
hw/nvram/fw_cfg.c:475:5: warning: returning void-valued expression
hw/timer/a9gtimer.c:124:5: warning: returning void-valued expression
hw/tpm/tpm_tis.c:794:5: warning: returning void-valued expression
hw/usb/hcd-musb.c:558:9: warning: returning void-valued expression
hw/usb/hcd-musb.c:776:13: warning: returning void-valued expression
hw/usb/hcd-musb.c:867:5: warning: returning void-valued expression
hw/usb/hcd-musb.c:932:5: warning: returning void-valued expression
include/qom/cpu.h:584:5: warning: returning void-valued expression
monitor.c:4686:13: warning: returning void-valued expression
monitor.c:4690:13: warning: returning void-valued expression

Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Andreas Färber <afaerber@suse.de>
Cc: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil fbe95bfb65 qom: Fix warning from Sparse
Sparse report:

qom/cpu.c:99:5: warning: returning void-valued expression

Cc: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil 327e9759f1 target-mips: Fix warning from Sparse
Sparse report:

target-mips/dsp_helper.c:3681:5: warning: returning void-valued expression

Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil 30d76f13be arm/nseries: Fix warnings from Sparse
Sparse report:

arm/nseries.c:1406:5: warning: returning void-valued expression
arm/nseries.c:1411:5: warning: returning void-valued expression

Cc: Andrzej Zaborowski <balrogg@gmail.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil 77a8257ed7 omap: Fix warnings from Sparse
Sparse report:

arm/omap1.c:1015:9: warning: returning void-valued expression
arm/omap1.c:1084:9: warning: returning void-valued expression
arm/omap1.c:1178:9: warning: returning void-valued expression
arm/omap1.c:1287:9: warning: returning void-valued expression
arm/omap1.c:1382:9: warning: returning void-valued expression
arm/omap1.c:1650:9: warning: returning void-valued expression
arm/omap1.c:1778:9: warning: returning void-valued expression
arm/omap1.c:1985:9: warning: returning void-valued expression
arm/omap1.c:210:9: warning: returning void-valued expression
arm/omap1.c:2213:9: warning: returning void-valued expression
arm/omap1.c:2352:9: warning: returning void-valued expression
arm/omap1.c:2447:9: warning: returning void-valued expression
arm/omap1.c:2640:9: warning: returning void-valued expression
arm/omap1.c:317:9: warning: returning void-valued expression
arm/omap1.c:3413:13: warning: returning void-valued expression
arm/omap1.c:3414:13: warning: returning void-valued expression
arm/omap1.c:3415:14: warning: returning void-valued expression
arm/omap1.c:3589:9: warning: returning void-valued expression
arm/omap1.c:443:9: warning: returning void-valued expression
arm/omap1.c:588:9: warning: returning void-valued expression
arm/omap1.c:860:9: warning: returning void-valued expression
arm/omap2.c:1362:9: warning: returning void-valued expression
arm/omap2.c:450:9: warning: returning void-valued expression
arm/omap2.c:695:9: warning: returning void-valued expression
arm/omap2.c:760:9: warning: returning void-valued expression
hw/char/omap_uart.c:115:9: warning: returning void-valued expression
hw/display/omap_dss.c:1019:9: warning: returning void-valued expression
hw/display/omap_dss.c:215:9: warning: returning void-valued expression
hw/display/omap_dss.c:380:9: warning: returning void-valued expression
hw/display/omap_dss.c:739:9: warning: returning void-valued expression
hw/display/omap_dss.c:931:9: warning: returning void-valued expression
hw/dma/omap_dma.c:139:5: warning: returning void-valued expression
hw/dma/omap_dma.c:1505:9: warning: returning void-valued expression
hw/dma/omap_dma.c:1860:9: warning: returning void-valued expression
hw/gpio/omap_gpio.c:116:9: warning: returning void-valued expression
hw/misc/omap_gpmc.c:627:9: warning: returning void-valued expression
hw/misc/omap_l4.c:85:9: warning: returning void-valued expression
hw/misc/omap_sdrc.c:95:9: warning: returning void-valued expression
hw/misc/omap_tap.c:98:9: warning: returning void-valued expression
hw/sd/omap_mmc.c:409:9: warning: returning void-valued expression
hw/ssi/omap_spi.c:229:9: warning: returning void-valued expression
hw/timer/omap_gptimer.c:447:9: warning: returning void-valued expression

Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil 0289a412e8 9pfs: Fix warnings from Sparse
Sparse report:

9pfs/virtio-9p.c:1953:9: warning: returning void-valued expression
9pfs/virtio-9p-handle.c:143:5: warning: returning void-valued expression
9pfs/virtio-9p-handle.c:160:5: warning: returning void-valued expression
9pfs/virtio-9p-local.c:384:5: warning: returning void-valued expression
9pfs/virtio-9p-local.c:415:5: warning: returning void-valued expression
9pfs/virtio-9p-proxy.c:672:5: warning: returning void-valued expression
9pfs/virtio-9p-proxy.c:689:5: warning: returning void-valued expression

Cc: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Stefan Weil 9c80d953b2 backends: Fix warning from Sparse
Sparse report:

backends/tpm.c:39:5: warning: returning void-valued expression

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Michael Tokarev 302cb24add cris: remove unused cris_cond15 declarations
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
2015-03-19 11:11:55 +03:00
Michael S. Tsirkin ce394947a7 pcie_aer: fix comment to match pcie spec
Code comment says "table 6-2" but in fact it's is not a table, it is
"Figure 6-2" on page 479.

Cc: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Reported-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-03-18 12:48:21 +01:00
Chen Fan 98a2f30a1b pci: fix several trivial typos in comment
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-03-18 12:19:16 +01:00
Chen Fan 310e91f7d0 aer: fix a wrong init PCI_ERR_COR_STATUS w1cmask type register
Error Status Register, so this patch fix a wrong definition
for PCI_ERR_COR_STATUS register with w1cmask type.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-03-18 12:19:16 +01:00
Chen Fan b01738c23d pcie_aer: fix typos in pcie_aer_inject_error comment
Refer to "PCI Express Base Spec3.0", this comments can't
fit the description in spec, so we should fix them.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-03-18 12:19:16 +01:00
Chen Fan 77a3c1d730 aer: fix wrong check on expose aer tlp prefix log
when specify TLP Prefix log as using pcie_aer_inject_error,
the TLP prefix log is always discarded. because the check
is incorrect, the End-End TLP Prefix Supported bit
(PCI_EXP_DEVCAP2_EETLPP) should be in Device Capabilities 2 Register.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-03-18 12:14:45 +01:00
Chen Fan 30b04f8711 pcie: correct mistaken register bit for End-End TLP Prefix Blocking
from pcie spec 7.8.17, the End-End TLP Prefix Blocking bit local
is 15(e.g. 0x8000) in device control 2 register.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-03-18 12:14:45 +01:00
Peter Crosthwaite c3c1bb99d1 exec: Respect as_tranlsate_internal length clamp
address_space_translate_internal will clamp the *plen length argument
based on the size of the memory region being queried. The iommu walker
logic in addresss_space_translate was ignoring this by discarding the
post fn call value of *plen. Fix by just always using *plen as the
length argument throughout the fn, removing the len local variable.

This fixes a bootloader bug when a single elf section spans multiple
QEMU memory regions.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-Id: <1426570554-15940-1-git-send-email-peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:09:42 +01:00
Bo Su 196d4fc56d virtio-scsi-dataplane: fix memory leak in virtio_scsi_vring_init
if k->set_host_notifier failed, VirtIOSCSIVring *r will leak

Signed-off-by: Bo Su <subo7@huawei.com>
Message-Id: <1426671732-80213-1-git-send-email-subo7@huawei.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:08:52 +01:00
Alexey Kardashevskiy 89d5cbddee profiler: Reenable built-in profiler
2ed1ebcf6 "timer: replace time() with QEMU_CLOCK_HOST" broke compile
when configured with --enable-profiler. Turned out the profiler has been
broken for a while.

This does s/qemu_time/tcg_time/ as the profiler only works in a TCG mode.
This also fixes the compile error.

This changes profile_getclock() to return nanoseconds rather than
CPU ticks as the "profile" HMP command prints seconds and there is no
platform-independent way to get ticks-per-second rate.
Since TCG is quite slow and get_clock() returns nanoseconds (fine
enough), this should not affect precision much.

This removes unused qemu_time_start and tlb_flush_time.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Message-Id: <1426478258-29961-1-git-send-email-aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:34 +01:00
Greg Kurz b680c5ba54 kvm: fix ioeventfd endianness on bi-endian architectures
KVM expects host endian values. Hosts that don't use the default endianness
need to negate the swap performed in adjust_endianness().

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Message-Id: <20150313212337.31142.3991.stgit@bahia.local>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:30 +01:00
Fam Zheng 2034e324da virtio-scsi: Fix assert in virtio_scsi_push_event
Hotplugging a scsi-disk may trigger the assertion in qemu_sgl_concat.

    qemu-system-x86_64: qemu/hw/scsi/virtio-scsi.c:115: qemu_sgl_concat:
    Assertion `skip == 0' failed.

This is introduced by commit 55783a55 (virtio-scsi: work around bug in
old BIOSes) which didn't check out_num when accessing out_sg[0].iov_len
(the same to in sg). For virtio_scsi_push_event, looking into out_sg
doesn't make sense because 0 req_size is intended.

Cc: qemu-stable@nongnu.org
[Cc'ing qemu-stable because 55783a55 did it too]
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1426233354-525-1-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:27 +01:00
Paolo Bonzini 15564d85af build: pass .d file name to scripts/make_device_config.sh, fix makefile target
The .d file name must match exactly what is used in the SUBDIR_DEVICES_MAK_DEP
variable.  Instead of making assumptions in the make_device_config.sh script,
just pass it in.

Similarly, the makefile target may not match the output file name, because
Makefile uses a temporary file.  Instead of making assumptions on what the
Makefile does, emit the config-devices.mak file to stdout, and use the
passed-in destination as the makefile target

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:25 +01:00
Max Reitz 4adf4180f2 coroutine-io: Return -errno in case of error
In case qemu_co_sendv_recvv() fails without any data read, there is no
reason not to return the perfectly fine error number retrieved from
socket_error().

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-16-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:21 +01:00
Max Reitz 0379f474dd nbd: Drop unexpected data for NBD_OPT_LIST
When requesting the list of exports, no data should be sent. If data is
sent, the NBD server should not just inform the client of the invalid
request, but also drop the data.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-22-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:16 +01:00
Max Reitz 48c7d80de8 nbd: Fix interpretation of the export flags
The export flags are a 16 bit value, so be16_to_cpu() has to be used to
interpret them correctly. This makes discard and flush actually work
for named NBD exports (they did not work before, because the client
always assumed them to be unsupported because of the bug fixed by this
patch).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-20-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:11 +01:00
Max Reitz 9c122adadb nbd: Fix nbd_receive_options()
The client flags are sent exactly once overall, not once per option.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-19-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:06 +01:00
Max Reitz 3f4726596d nbd: Set block size to BDRV_SECTOR_SIZE
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-13-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:07:01 +01:00
Max Reitz ac97393dc7 nbd: Fix potential signed overflow issues
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-11-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:06:56 +01:00
Max Reitz 70d4739ef2 qemu-nbd: fork() can fail
It is very unlikely, but it is possible.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-10-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:06:54 +01:00
Max Reitz 98f44bbe70 nbd: Handle blk_getlength() failure
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-9-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:06:50 +01:00
Max Reitz 892f5a5270 nbd: Pass return value from nbd_handle_list()
While it does not make a difference in practice, nbd_receive_options()
generally returns -errno, so it should do that here as well; and the
easiest way to achieve this is by passing on the value returned by
nbd_handle_list().

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-7-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:05:42 +01:00
Max Reitz 2b1f13b996 nbd: Fix nbd_establish_connection()'s return value
unix_connect_opts() and inet_connect_opts() do not necessarily set errno
(if at all); therefore, nbd_establish_connection() should not literally
return -errno on error.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-4-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:05:38 +01:00
Max Reitz 453b07b134 qemu-nbd: Detect unused partitions by system == 0
Unused partitions do not necessarily have a total sector count of 0
(although they should have), but they always do have the system field
set to 0, so use that for testing whether a partition is in use rather
than the sector count field alone.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-3-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:05:36 +01:00
Max Reitz 2b21233061 util/uri: Add overflow check to rfc3986_parse_port
And while at it, replace tabs by eight spaces in this function.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-2-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:05:31 +01:00
Yik Fang 8b2f0abfd6 nbd: Fix overflow return value
The value of reply.error should be the type unsigned int.

Signed-off-by: Yik Fang <eric.fangyi@huawei.com>
Message-Id: <1423722111-12902-1-git-send-email-eric.fangyi@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-18 12:02:37 +01:00
Thomas Huth 8ffd9f4dd4 hw/usb: Include USB files only if necessary
Boards that do not include an USB controller should not provide
USB devices. However, when running "qemu-system-s390x -device help"
for example, there's still a usb-hub, usb-kbd, usb-mouse and
usb-tablet in the list of "supported" devices. Let's fix that
by compiling and linking the USB files only if it is really
necessary.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 11:50:47 +01:00
Leon Alrae 0af7a37054 target-mips: save cpu state before calling MSA load and store helpers
PC needs to be saved if an exception can be generated by an helper.
This fixes a problem related to resuming the execution at unexpected address
after an exception (caused by MSA load/store instruction) has been serviced.

Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-03-18 09:58:15 +00:00
Leon Alrae a5f533909e target-mips: fix hflags modified in delay / forbidden slot
All instructions which may change hflags terminate tb. However, this doesn't
work if such an instruction is placed in delay or forbidden slot.
gen_branch() clears MIPS_HFLAG_BMASK in ctx->hflags and then generates code
to overwrite hflags with ctx->hflags, consequently we loose any execution-time
hflags modifications. For example, in the following scenario hflag related to
Status.CU1 will not be updated:
    /* Set Status.CU1 in delay slot */
    mfc0  $24, $12, 0
    lui   $25, 0x2000
    or    $25, $25, $24
    b     check_Status_CU1
    mtc0  $25, $12, 0

With this change we clear MIPS_HFLAG_BMASK in execution-time hflags if
instruction in delay or forbidden slot wants to terminate tb for some reason
(i.e. ctx->bstate != BS_NONE).

Also, die early and loudly if "unknown branch" is encountered as this should
never happen.

Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-03-18 09:58:15 +00:00
Leon Alrae 62c688693b target-mips: fix CP0.BadVAddr by stopping translation on Address Error
CP0.BadVAddr is supposed to capture the most recent virtual address that caused
the exception. Currently this does not work correctly for unaligned instruction
fetch as translation is not stopped and CP0.BadVAddr is updated with subsequent
addresses.

Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-03-18 09:58:15 +00:00
Daniel P. Berrange 4a48aaa9f5 ui: ensure VNC websockets server checks the ACL if requested
If the x509verify option is requested, the VNC websockets server
was failing to validate that the websockets client provided an
x509 certificate matching the ACL rules.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:14 +01:00
Daniel P. Berrange 7b45a00d05 ui: remove separate gnutls_session for websockets server
The previous change to the auth scheme handling guarantees we
can never have nested TLS sessions in the VNC websockets server.
Thus we can remove the separate gnutls_session instance.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:14 +01:00
Daniel P. Berrange 51941e4695 ui: enforce TLS when using websockets server
When TLS is required, the primary VNC server considers it to be
mandatory. ie the server admin decides whether or not TLS is used,
and the client has to comply with this decision. The websockets
server, however, treated it as optional, allowing non-TLS clients
to connect to a server which had setup TLS. Thus enabling websockets
lowers the security of the VNC server leaving the admin no way to
enforce use of TLS.

This removes the code that allows non-TLS fallback in the websockets
server, so that if TLS is requested for VNC it is now mandatory for
both the primary VNC server and the websockets VNC server.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange f9148c8ae7 ui: fix setup of VNC websockets auth scheme with TLS
The way the websockets TLS code was integrated into the VNC server
made it essentially useless. The only time that the websockets TLS
support could be used is if the primary VNC server had its existing
TLS support disabled. ie QEMU had to be launched with:

  # qemu -vnc localhost:1,websockets=5902,x509=/path/to/certs

Note the absence of the 'tls' flag. This is already a bug, because
the docs indicate that 'x509' is ignored unless 'tls' is given.

If the primary VNC server had TLS turned on via the 'tls' flag,
then this prevented the websockets TLS support from being used,
because it activates the VeNCrypt auth which would have resulted
in TLS being run over a TLS session. Of course no websockets VNC
client supported VeNCrypt so in practice, since the browser clients
cannot setup a nested TLS session over the main HTTPS connection,
so it would not even get past auth.

This patch causes us to decide our auth scheme separately for the
main VNC server vs the websockets VNC server. We take account of
the fact that if TLS is enabled, then the websockets client will
use https, so setting up VeNCrypt is thus redundant as it would
lead to nested TLS sessions.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange 0dd72e1531 ui: split setup of VNC auth scheme into separate method
The vnc_display_open method is quite long and complex, so
move the VNC auth scheme decision logic into a separate
method for clarity.

Also update the comment to better describe what we are
trying to achieve.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange d169f04b8b ui: report error if user requests VNC option that is unsupported
If the VNC server is built without tls, sasl or websocket support
and the user requests one of these features, they are just silently
ignored. This is bad because it means the VNC server ends up running
in a configuration that is less secure than the user asked for.
It also leads to an tangled mass of preprocessor conditionals when
configuring the VNC server.

This ensures that the tls, sasl & websocket options are always
processed and an error is reported back to the user if any of
them were disabled at build time.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange 153130cd4f ui: replace printf() calls with VNC_DEBUG
Handling of VNC audio messages results in printfs to the console.
This is of no use to anyone in production, so should be using the
normal VNC_DEBUG macro instead.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00