Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Alon Levy <alevy@redhat.com>
|
|
Add documentation for the usb-ccid device and accompanying two card
devices, ccid-card-emulated and ccid-card-passthru.
Signed-off-by: Alon Levy <alevy@redhat.com>
|
|
This devices uses libcacard (internal) to emulate a smartcard conforming
to the CAC standard. It attaches to the usb-ccid bus. Usage instructions
(example command lines) are in the following patch in docs/ccid.txt. It
uses libcacard which uses nss, so it can work with both hw cards and
certificates (files).
Signed-off-by: Alon Levy <alevy@redhat.com>
|
|
|
|
client to talk to ccid-card-passthru and use smartcard on client to
perform actual operations.
v23->v24 changes: (Jes Sorensen review 2)
* use qemu_socket instead of socket
* use fprintf(stderr,..) for errors
* remove unneccessary includes since using qemu_common.h
|
|
libcacard emulates a Common Access Card (CAC) which is a standard
for smartcards. It is used by the emulated ccid card introduced in
a following patch. Docs are available in docs/libcacard.txt
Signed-off-by: Alon Levy <alevy@redhat.com>
|
|
The passthru ccid card is a device sitting on the usb-ccid bus and
using a chardevice to communicate with a remote device using the
VSCard protocol defined in libcacard/vscard_common.h
Usage docs available in following patch in docs/ccid.txt
Signed-off-by: Alon Levy <alevy@redhat.com>
|
|
|
|
A CCID device is a smart card reader. It is a USB device, defined at [1].
This patch introduces the usb-ccid device that is a ccid bus. Next patches will
introduce two card types to use it, a passthru card and an emulated card.
[1] http://www.usb.org/developers/devclass_docs/DWG_Smart-Card_CCID_Rev110.
Signed-off-by: Alon Levy <alevy@redhat.com>
|
|
qemu-thread.h relies on uint64_t being defined, but doesn't include
inttypes.h explicitly. This makes it easier to use it from vscclient (part
of libcacard).
|
|
|
|
Some people want to be able disable spice's guest <-> client copy paste support
because of security considerations.
|
|
In the old spice-vmc device we used to have:
last_out = virtio_serial_write(&svc->port, p, MIN(len, VMC_MAX_HOST_WRITE));
if (last_out > 0)
...
Now in the chardev backend we have:
last_out = MIN(len, VMC_MAX_HOST_WRITE);
qemu_chr_read(scd->chr, p, last_out);
if (last_out > 0) {
...
Which causes us to no longer detect if the virtio port is not ready
to receive data from us. chardev actually has a mechanism to detect this,
but it requires a separate call to qemu_chr_can_read, before calling
qemu_chr_read (which return void).
This patch uses qemu_chr_can_read to fix the flow control from client to
guest.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
|
Note the vmc_register_interface() in spice_chr_write is left in place
in case someone uses spice-chardev with a frontend which does not have
guest open / close notification.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
|
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
|
Some frontends know when the guest has opened the "channel" and is actively
listening to it, for example virtio-serial. This patch adds 2 new qemu-chardev
functions which can be used by frontends to signal guest open / close, and
allows interested backends to listen to this.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
|
BZ: 672191
upstream: not submitted (explained below)
virtio-serial's buffer is valid when it calls us, and we don't
access it otherwise: vmc_read is only called in response to wakeup,
or else we set datalen=0 and throttle. Then vmc_read is called back,
we return 0 (not accessing the buffer) and set the timer to unthrottle.
Also make datalen int and not ssize_t (to fit spice_chr_write signature).
This relied on the previous patch that introduces throttling, which
can't go upstream right now as explained in that patch.
|
|
BZ: 672191
upstream: not submitted (explained below)
Adds throttling support to spicevmc chardev. Uses a timer to avoid recursing:
1. spice-server: reds.c: read_from_vdi_port
2. qemu: spice-qemu-char.c: vmc_read
3. chr_write_unblocked
(calls virtio_serial_throttle_port(port, false))
4. qemu: virtio ...
5. qemu: spice-qemu-char.c: spice_chr_write
6. qemu: spice-qemu-char.c: wakeup (calls into spice-server)
7. spice-server: ...
8. qemu: spice-qemu-char.c: vmc_read
Instead, in vmc_read if we were throttled and we are just about to return
all the bytes we will set a timer to be triggered immediately to call
chr_write_unblocked. Then we return after 2 above, and 3 is called from the
timer callback. This also means we can later remove some ugly recursion protection
from spice-server.
The other tricky point in this patch is not returning the leftover chunk twice.
When we throttle, by definition we have data that spice server didn't consume.
It is being kept by virtio-serial, and by us. The next vmc_read callback needs
to not return it, but just do unthrottling. Then virtio will give us the remaining
chunk as usual in spice_chr_write, and we will pass it to spice server in the
next vmc_read.
This patch relies on Amit's series to expose throttling to chardev's, which
was not accepted upstream, and will not be accepted upstream until the mainloop
is reworked to use glib.
|
|
When a chardev indicates it can't accept more data, we tell the
virtio-serial code to stop sending us any more data till we tell
otherwise. This helps in guests continuing to run normally while the vq
keeps getting full and eventually the guest stops queueing more data.
As soon as the chardev indicates it can accept more data, start pushing!
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
When the host-side connection goes down, throttle the virtio-serial bus
and later unthrottle when a connection gets established. This helps
prevent any lost IO (guest->host) while the host connection was down.
Bugzilla: 621484
This commit actually helps the bug mentioned above as no writes will now
get lost because of the throttling done here. With just the patches
sent earlier for that bug, one write will end up getting lost in the
worst case (host d/c, guest write, host connect).
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
Now that the infrastructure is in place to return -EAGAIN to callers,
individual char drivers can set their update_fd_handlers() function to
set or remove an fd's write handler. This handler checks if the driver
became writable.
A generic callback routine is used for unblocking writes and letting
users of chardevs know that a driver became writable again.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
The send_all function is modified to return to the caller in case the
driver cannot handle any more data. It returns -EAGAIN or
WSAEWOULDBLOCK on non-Windows and Windows platforms respectively. This
is only done when the caller sets a callback function handler indicating
it's not interested in blocking till the driver has written out all the
data.
Currently there's no driver or caller that supports this. Future
commits will add such capability.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
The char layer can let users know that the driver will block on further
input. For users interested in not blocking, they can assign a function
pointer that will be called back when the driver becomes writable. This
patch just adds the function pointers to the CharDriverState structure,
future patches will enable the nonblocking and callback functionality.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
These will be used to provide a cleaner API for the nonblocking case.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
Instead of passing each handler in the qemu_add_handlers() function,
create a struct of handlers that can be passed to the function instead.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
Switching locking protection of ds->cursor_set/cursor_move to moving
every call to these functions into the iothread and using the ssd->pipe
to transfer that, adding QXL_SERVER_CURSOR_SET, QXL_SERVER_CURSOR_MOVE.
This is tested with both -vnc :0 -spice and -sdl -spice.
|
|
with the previous patch making sure get_command no longer needs to lock,
there is no reason to drop the qemu iothread mutex in qxl.c and in
ui/spice-display.c
The only location where the lock remains are the cursor related callbacks,
that path is currently broken. It is only triggered if running spice and sdl,
which is broken already before that.
|
|
This patch and the next drop the requirement to lose the global qemu
mutex during dispatcher calls. This patch enables it, the next drops
the unlock/lock pairs around dispatcher calls.
The current solution of dropping the locks is buggy:
* it allows multiple dispatcher calls from two vcpu threads, the
dispatcher doesn't handle that by design (single fd, not locked, can't
handle writes from two threads)
* it requires us to keep track of cpu_single_env, which is magic.
The solution implemented in this patch and the next (the next just
drops the locks, this patch allows that to work):
* the only operation that needed locking was qemu_create_simple_update,
* it required locking because it was called from the spice-server thread.
* do it in the iothread by reusing the existing pipe used for set_irq.
The current flow implemented is now:
spice-server thread:
qxl.c:interface_get_command (called either by polling or from wakeup)
if update!=NULL:
waiting_for_update=0
update=NULL
return update
else:
if not waiting_for_update:
waiting_for_update=1
write to pipe, which is read by iothread (main thread)
iothread:
wakeup from select,
qxl.c:pipe_read
update=qemu_create_simple_update()
wakeup spice-server thread by calling d.worker->wakeup(d.worker)
|
|
This moves the int pipe[2] and pthread_t main data from the
PCIQXLDevice struct to the SimpleSpiceDisplay. This will let us
reuse it in the next patch for both -spice with no -qxl usage and
for vga mode from qxl.
Also move the pipe creation function (which is effectively completely rewritten
by this patch anyways) from hw/qxl.c to ui/spice-display.c, since
spice-display will depend on it after the next patch and qemu can be build
with ui/spice-display.c in combination with no hw/qxl.c.
|
|
* upstream/stable-0.14:
qemu-char: Check for missing backend name
Update version for 0.14.0
Update version for 0.14.0-rc2
Fix build from previous commit
PATCH] slirp: fix buffer overrun
correctly check ppr priority during interrupt injection]
qcow2: Fix order in L2 table COW
qemu-img: Improve error messages for failed bdrv_open
qed: Report error for unsupported features
qcow2: Report error for version > 2
qerror: Add QERR_UNKNOWN_BLOCK_FORMAT_FEATURE
qcow2: Fix error handling for reading compressed clusters
qcow2: Fix error handling for immediate backing file read failure
QCOW2: bug fix - read base image beyond its size
Change snapshot_blkdev hmp to use correct argument type for device
linux-user: Fix possible realloc memory leak
linux-user: Fix possible realloc memory leak
linux-user: fix for loopmount ioctl
blockdev: Plug memory leak in drive_init() error paths
blockdev: Plug memory leak in drive_uninit()
Signed-off-by: Avi Kivity <avi@redhat.com>
|
|
Check if the backend option is missing before searching the backend
table. This fixes a NULL pointer dereference when QEMU is invoked with
the following invalid command-line:
$ qemu -chardev id=foo,path=/tmp/socket
Previously QEMU would segfault, now it produces this error message:
chardev: "foo" missing backend
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
|
|
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
I unfortunately got on an unnamed branch and pushed the wrong bits
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Since the addition of the slirp member to struct mbuf, the value of
SLIRP_MSIZE and the initialization of m_size have not been correct,
resulting in overrunning the end of the malloc'd buffer in some cases.
Signed-off-by: Bruce Rogers <brogers@novell.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
TPR blocks all interrupts in a priority class, so simple "less or
equal" check is not enough.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
|
|
When copying L2 tables (this happens only with internal snapshots), the order
wasn't completely safe, so that after a crash you could end up with a L2 table
that has too low refcount, possibly leading to corruption in the long run.
This patch puts the operations in the right order: First allocate the new
L2 table and replace the reference, and only then decrease the refcount of the
old table.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 16fde5f2c2788232b16c06d34d0459a5c1ec1f6c)
|
|
Output the error message string of the bdrv_open return code. Also set a
non-empty device name for the images because the unknown feature error message
includes it.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
(cherry picked from commit b9eaf9ecb15a9c69a592f386159163d5efc3b919)
|
|
Instead of just returning -ENOTSUP, generate a more detailed error.
Unfortunately we don't have a helpful text for features that we don't know yet,
so just print the feature mask. It might be useful at least if someone asks for
help.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Acked-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
(cherry picked from commit 10b758e85c9b38b4b370cff81435f6ed26024a26)
|
|
The qcow2 driver is now declared responsible for any QCOW image that has
version 2 or greater (before this, version 3 would be detected as raw).
For everything newer than version 2, an error is reported.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
(cherry picked from commit e8cdcec123facf0ed273d941caeeeb9b08f14955)
|
|
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
(cherry picked from commit f54e3641122e51c6343d587805422642f307462e)
|
|
When reading a compressed cluster failed, qcow2 falsely returned success.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
(cherry picked from commit 8af364884355b3f0c5d60a2d2f427927739658ea)
|
|
Requests could return success even though they failed when bdrv_aio_readv
returned NULL for a backing file read.
Reported-by: Chunqiang Tang <ctang@us.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 3ab4c7e92d39d40e6dc0bdb1c2320889543691cb)
|
|
This patch fixes the following bug in QCOW2. For a QCOW2 image that is larger
than its base image, when handling a read request straddling over the end of the
base image, the QCOW2 driver attempts to read beyond the end of the base image
and the request would fail.
This bug was found by Fast Virtual Disk (FVD)'s fully automated testing tool.
The following test triggered the bug.
dd if=/dev/zero of=/var/ramdisk/truth.raw count=0 bs=1 seek=1098561536
dd if=/dev/zero of=/var/ramdisk/zero-500M.raw count=0 bs=1 seek=593099264
./qemu-img create -f qcow2 -ocluster_size=65536,backing_fmt=blksim -b /var/ramdisk/zero-500M.raw /var/ramdisk/test.qcow2 1098561536
./qemu-io --auto --seed=30477694 --truth=/var/ramdisk/truth.raw --format=qcow2 --test=blksim:/var/ramdisk/test.qcow2 --verify_write=true --compare_before=false --compare_after=true --round=100000 --parallel=100 --io_size=10485760 --fail_prob=0 --cancel_prob=0 --instant_qemubh=true
Signed-off-by: Chunqiang Tang <ctang@us.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit e0d9c6f93729c9bfc98fcafcd73098bb8e131aeb)
|
|
Pointed out by Markus
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 982aa95532a3a7b549695d5b3e18442975eecfb5)
|
|
Extract from "man realloc":
"If realloc() fails the original block is left untouched;
it is not freed or moved."
Fix a possible memory leak (reported by cppcheck).
Cc: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Riku Voipio <riku.voipio@nokia.com>
(cherry picked from commit 8d79de6e42947a4a11ad7c7bb87e8f745a4f8321)
|
|
* upstream-merge: (34 commits)
x86: Fix MCA broadcast parameters for TCG case
qemu-timer: Fix compilation of new timer code for w32, w64
Update version for 0.14.0-rc1
block: enable in_use flag
Add flag to indicate external users to block device
block-migration: add reference to target DriveInfo
blockdev: add refcount to DriveInfo
block-migration: actually disable dirty tracking on cleanup
ahci: make number of ports runtime determined
ahci: Implement HBA reset
ahci: send init d2h fis on fis enable
ahci: split ICH and AHCI even more
ahci: add license header in ahci.h
ahci: split ICH9 from core
block/vdi: Fix wrong size in conditionally used memset, memcmp
Documentation: add Sheepdog disk images
qcow2: Really use cache=unsafe for image creation
do not pass NULL to strdup.
Set the right overflow bit for neon 32 and 64 bit saturating add/sub.
target-arm: Fix Neon vsra instructions.
...
Signed-off-by: Avi Kivity <avi@redhat.com>
|
|
* 'stable-0.14' of git://git.qemu.org/qemu: (21 commits)
x86: Fix MCA broadcast parameters for TCG case
qemu-timer: Fix compilation of new timer code for w32, w64
Update version for 0.14.0-rc1
block: enable in_use flag
Add flag to indicate external users to block device
block-migration: add reference to target DriveInfo
blockdev: add refcount to DriveInfo
block-migration: actually disable dirty tracking on cleanup
ahci: make number of ports runtime determined
ahci: Implement HBA reset
ahci: send init d2h fis on fis enable
ahci: split ICH and AHCI even more
ahci: add license header in ahci.h
ahci: split ICH9 from core
block/vdi: Fix wrong size in conditionally used memset, memcmp
Documentation: add Sheepdog disk images
qcow2: Really use cache=unsafe for image creation
do not pass NULL to strdup.
Set the right overflow bit for neon 32 and 64 bit saturating add/sub.
target-arm: Fix Neon vsra instructions.
...
Signed-off-by: Avi Kivity <avi@redhat.com>
|