summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-06-04net: purge the monitor object from all init functionsLuiz Capitulino15-43/+27
The only backend that really uses it is the socket one, which calls monitor_get_fd(). But it can use 'cur_mon' instead. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-config: introduce qemu_find_opts_err()Luiz Capitulino2-0/+8
This is like qemu_find_opts(), except that it takes an Error argument. This new function allows for a incremental conversion of code using qemu_find_opts(). Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-config: find_list(): use error_set()Luiz Capitulino1-7/+25
Note that qemu_find_opts() and qemu_config_parse() need to call error_report() to maintain their semantics on error. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qerror: introduce QERR_INVALID_OPTION_GROUPLuiz Capitulino2-0/+7
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: qemu_opts_from_qdict(): use error_set()Luiz Capitulino4-11/+35
do_device_add() and do_netdev_add() call qerror_report_err() to maintain their QError semantics. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: introduce qemu_opt_set_err()Luiz Capitulino2-0/+8
This is like qemu_opt_set(), except that it takes an Error argument. This new function allows for a incremental conversion of code using qemu_opt_set(). Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: opt_set(): use error_set()Luiz Capitulino1-11/+20
The functions qemu_opt_set() and opts_do_parse() both call opt_set(), but their callers expect QError semantics. Thus, both functions call qerro_report_err() to keep the expected semantics. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: qemu_opts_validate(): use error_set()Luiz Capitulino3-10/+11
net_client_init() propagates the error up by calling qerror_report_err(), because its users expect QError semantics. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: qemu_opt_parse(): use error_set()Luiz Capitulino1-19/+17
The functions opt_set() and qemu_opts_validate() both call qemu_opt_parse(), but their callers expect QError semantics. Thus, both functions call qerro_report_err() to keep the expected semantics. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: parse_option_size(): use error_set()Luiz Capitulino1-9/+8
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: parse_option_bool(): use error_set()Luiz Capitulino1-8/+16
Note that set_option_parameter() callers still expect automatic error reporting with QError, so set_option_parameter() calls qerror_report_err() to keep the same semantics. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: parse_option_number(): use error_set()Luiz Capitulino1-7/+19
Note that qemu_opt_parse() callers still expect automatic error reporting with QError, so qemu_opts_parse() calls qerror_report_err() to keep the same semantics. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04qemu-option: qemu_opts_create(): use error_set()Luiz Capitulino9-32/+59
This commit converts qemu_opts_create() from qerror_report() to error_set(). Currently, most calls to qemu_opts_create() can't fail, so most callers don't need any changes. The two cases where code checks for qemu_opts_create() erros are: 1. Initialization code in vl.c. All of them print their own error messages directly to stderr, no need to pass the Error object 2. The functions opts_parse(), qemu_opts_from_qdict() and qemu_chr_parse_compat() make use of the error information and they can be called from HMP or QMP. In this case, to allow for incremental conversion, we propagate the error up using qerror_report_err(), which keeps the QError semantics Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-06-04introduce a new monitor command 'dump-guest-memory' to dump guest's memoryWen Congyang10-0/+1050
The command's usage: dump-guest-memory [-p] protocol [begin] [length] The supported protocol can be file or fd: 1. file: the protocol starts with "file:", and the following string is the file's path. 2. fd: the protocol starts with "fd:", and the following string is the fd's name. Note: 1. If you want to use gdb to process the core, please specify -p option. The reason why the -p option is not default is: a. guest machine in a catastrophic state can have corrupted memory, which we cannot trust. b. The guest machine can be in read-mode even if paging is enabled. For example: the guest machine uses ACPI to sleep, and ACPI sleep state goes in real-mode. 2. If you don't want to dump all guest's memory, please specify the start physical address and the length. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04make gdb_id() generally avialable and rename it to cpu_index()Wen Congyang2-14/+14
The following patch also needs this API, so make it generally avialable. The function gdb_id() will not be used in gdbstub.c now, so its name is not suitable, and rename it to cpu_index() Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04target-i386: Add API to get note's sizeWen Congyang2-0/+39
We should know where the note and memory is stored before writing them to vmcore. If we know this, we can avoid using lseek() when creating vmcore. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04target-i386: add API to get dump infoWen Congyang3-0/+64
Dump info contains: endian, class and architecture. The next patch will use these information to create vmcore. Note: on x86 box, the class is ELFCLASS64 if the memory is larger than 4G. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04target-i386: Add API to write cpu status to core fileWen Congyang2-0/+167
The core file has register's value. But it does not include all registers value. Store the cpu status into QEMU note, and the user can get more information from vmcore. If you change QEMUCPUState, please count up QEMUCPUSTATE_VERSION. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04target-i386: Add API to write elf notes to core fileWen Congyang4-0/+260
The core file contains register's value. These APIs write registers to core file, and them will be called in the following patch. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04Add API to get memory mapping without do pagingWen Congyang2-0/+12
crash does not need the virtual address and physical address mapping, and the mapping does not include the memory that is not referenced by the page table. crash does not use the virtual address, so we can create the mapping for all physical memory(virtual address is always 0). This patch provides a API to do this thing, and it will be used in the following patch. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04Add API to get memory mappingWen Congyang2-0/+62
Add API to get all virtual address and physical address mapping. If the guest doesn't use paging, the virtual address is equal to the phyical address. The virtual address and physical address mapping is for gdb's user, and it does not include the memory that is not referenced by the page table. So if you want to use crash to anaylze the vmcore, please do not specify -p option. the reason why the -p option is not default explicitly: guest machine in a catastrophic state can have corrupted memory, which we cannot trust. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04Add API to check whether paging mode is enabledWen Congyang2-1/+12
This API will be used in the following patch. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04implement cpu_get_memory_mapping()Wen Congyang5-0/+288
Walk cpu's page table and collect all virtual address and physical address mapping. Then, add these mapping into memory mapping list. If the guest does not use paging, it will do nothing. Note: the I/O memory will be skipped. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04Add API to check whether a physical address is I/O addressWen Congyang2-0/+16
This API will be used in the following patch. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04Add API to create memory mapping listWen Congyang3-0/+214
The memory mapping list stores virtual address and physical address mapping. The virtual address and physical address are contiguous in the mapping. The folloing patch will use this information to create PT_LOAD in the vmcore. Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04target-microblaze: lwx/swx: first implementationPeter A. G. Crosthwaite4-5/+64
Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-06-04Revert "rtl8139: do the network/host communication only in normal operating ↵Jason Wang1-9/+0
mode" This reverts commit ff71f2e8cacefae99179993204172bc65e4303df. This is because the linux 8139cp driver would leave the card in "Config Register Write Enable" mode after the eeprom were read or write ( which is unexpected in the spec ). Also a physical 8139 card can still DMA into host memory in modes other than Normal mode, so we need revert this commit to align with the behavior of physical card. The issue of 8139cp driver should be fixed in linux seperately. Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-03Merge remote-tracking branch 'qemu-kvm/uq/master' into stagingAnthony Liguori18-52/+624
* qemu-kvm/uq/master: virtio/vhost: Add support for KVM in-kernel MSI injection msix: Add msix_nr_vectors_allocated kvm: Enable use of kvm_irqchip_in_kernel in hwlib code kvm: Introduce kvm_irqchip_add/remove_irqfd kvm: Make kvm_irqchip_commit_routes an internal service kvm: Publicize kvm_irqchip_release_virq kvm: Introduce kvm_irqchip_add_msi_route kvm: Rename kvm_irqchip_add_route to kvm_irqchip_add_irq_route msix: Introduce vector notifiers msix: Invoke msix_handle_mask_update on msix_mask_all msix: Factor out msix_get_message kvm: update vmxcap for EPT A/D, INVPCID, RDRAND, VMFUNC kvm: Enable in-kernel irqchip support by default kvm: Add support for direct MSI injections kvm: Update kernel headers kvm: x86: Wire up MSI support for in-kernel irqchip pc: Enable MSI support at APIC level kvm: Introduce basic MSI support for in-kernel irqchips Introduce MSIMessage structure kvm: Refactor KVMState::max_gsi to gsi_count
2012-06-03Merge remote-tracking branch 'kwolf/for-anthony' into stagingAnthony Liguori3-9/+26
* kwolf/for-anthony: ahci: SATA FIS is 20 bytes, not 0x20 virtio-blk: Fix geometry sector calculation block: prevent snapshot mode $TMPDIR symlink attack sheepdog: fix return value of do_load_save_vm_state virtio: Fix compiler warning for non Linux hosts
2012-06-01Update version to open the 1.2 development branchAnthony Liguori1-1/+1
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-01Update version for 1.1.0 releaseAnthony Liguori1-1/+1
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-31Update version for 1.1.0-rc4 releaseAnthony Liguori1-1/+1
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-31Merge remote-tracking branch 'origin/master' into stagingAnthony Liguori5-1/+1
* origin/master: pc-bios: Update OpenBIOS images
2012-05-30pc-bios: Update OpenBIOS imagesBlue Swirl5-1/+1
Update OpenBIOS images to r1060 built from submodule. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-05-30ahci: SATA FIS is 20 bytes, not 0x20Daniel Verkamp1-2/+2
As in the SATA and AHCI specifications, a FIS is 5 Dwords of 4 bytes each, which comes to 20 bytes (decimal), not 0x20. Signed-off-by: Daniel Verkamp <daniel@drv.nu> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-30virtio-blk: Fix geometry sector calculationChristian Borntraeger1-1/+16
Currently the sector value for the geometry is masked, even if the user usesa command line parameter that explicitely gives a number. This breaks dasd devices on s390. A dasd device can have a physical block size of 4096 (== same for logical block size) and a typcial geometry of 15 heads and 12 sectors per cyl. The ibm partition detection relies on a correct geometry reported by the device. Unfortunately the current code changes 12 to 8. This would be necessary if the total size is not a multiple of logical sector size, but for dasd this is not the case. This patch checks the device size and only applies sector mask if necessary. Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> CC: Christoph Hellwig <hch@lst.de> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-30block: prevent snapshot mode $TMPDIR symlink attackJim Meyering3-15/+31
In snapshot mode, bdrv_open creates an empty temporary file without checking for mkstemp or close failure, and ignoring the possibility of a buffer overrun given a surprisingly long $TMPDIR. Change the get_tmp_filename function to return int (not void), so that it can inform its two callers of those failures. Also avoid the risk of buffer overrun and do not ignore mkstemp or close failure. Update both callers (in block.c and vvfat.c) to propagate temp-file-creation failure to their callers. get_tmp_filename creates and closes an empty file, while its callers later open that presumed-existing file with O_CREAT. The problem was that a malicious user could provoke mkstemp failure and race to create a symlink with the selected temporary file name, thus causing the qemu process (usually root owned) to open through the symlink, overwriting an attacker-chosen file. This addresses CVE-2012-2652. http://bugzilla.redhat.com/CVE-2012-2652 Signed-off-by: Jim Meyering <meyering@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-30sheepdog: fix return value of do_load_save_vm_stateMORITA Kazutaka1-5/+5
bdrv_save_vmstate and bdrv_load_vmstate should return the vmstate size on success, and -errno on error. Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-30virtio: Fix compiler warning for non Linux hostsStefan Weil1-1/+3
The local variables ret, i are only used if __linux__ is defined. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-30Merge remote-tracking branch 'mdroth/qga-pull-5-29-12-v2' into stagingAnthony Liguori1-1/+6
* mdroth/qga-pull-5-29-12-v2: qemu-ga: avoid blocking on atime update when reading /etc/mtab qemu-ga: Fix use of environ on Darwin
2012-05-30block: prevent snapshot mode $TMPDIR symlink attackJim Meyering3-15/+31
In snapshot mode, bdrv_open creates an empty temporary file without checking for mkstemp or close failure, and ignoring the possibility of a buffer overrun given a surprisingly long $TMPDIR. Change the get_tmp_filename function to return int (not void), so that it can inform its two callers of those failures. Also avoid the risk of buffer overrun and do not ignore mkstemp or close failure. Update both callers (in block.c and vvfat.c) to propagate temp-file-creation failure to their callers. get_tmp_filename creates and closes an empty file, while its callers later open that presumed-existing file with O_CREAT. The problem was that a malicious user could provoke mkstemp failure and race to create a symlink with the selected temporary file name, thus causing the qemu process (usually root owned) to open through the symlink, overwriting an attacker-chosen file. This addresses CVE-2012-2652. http://bugzilla.redhat.com/CVE-2012-2652 Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-30xhci: add usage info to docsGerd Hoffmann1-0/+15
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-30vnc: fix segfault in vnc_display_pw_expire()Gerd Hoffmann1-0/+4
NULL pointer dereference in case no vnc server is configured. Catch this and return -EINVAL like vnc_display_password() does. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-30Expose CPUID leaf 7 only for -cpu hostEduardo Habkost2-7/+17
Changes v2 -> v3; - Check for kvm_enabled() before setting cpuid_7_0_ebx_features Changes v1 -> v2: - Use kvm_arch_get_supported_cpuid() instead of host_cpuid() on cpu_x86_fill_host(). We should use GET_SUPPORTED_CPUID for all bits on "-cpu host" eventually, but I am not changing all the other CPUID leaves because we may not be able to test such an intrusive change in time for 1.1. Description of the bug: Since QEMU 0.15, the CPUID information on CPUID[EAX=7,ECX=0] is being returned unfiltered to the guest, directly from the GET_SUPPORTED_CPUID return value. The problem is that this makes the resulting CPU feature flags unpredictable and dependent on the host CPU and kernel version. This breaks live-migration badly if migrating from a host CPU that supports some features on that CPUID leaf (running a recent kernel) to a kernel or host CPU that doesn't support it. Migration also is incorrect (the virtual CPU changes under the guest's feet) if you migrate in the opposite direction (from an old CPU/kernel to a new CPU/kernel), but with less serious consequences (guests normally query CPUID information only once on boot). Fortunately, the bug affects only users using cpudefs with level >= 7. The right behavior should be to explicitly enable those features on [cpudef] config sections or on the "-cpu" command-line arguments. Right now there is no predefined CPU model on QEMU that has those features: the latest Intel model we have is Sandy Bridge. I would like to get this fixed on 1.1, so I am submitting this patch, that enables those features only if "-cpu host" is being used (as we don't have any pre-defined CPU model that actually have those features). After 1.1 is released, we can make those features properly configurable on [cpudef] and -cpu configuration. One problem is: with this patch, users with the following setup: - Running QEMU 1.0; - Using a cpudef having level >= 7; - Running a kernel that supports the features on CPUID leaf 7; and - Running on a CPU that supports some features on CPUID leaf 7 won't be able to live-migrate to QEMU 1.1. But for these users live-migration is already broken (they can't live-migrate to hosts with older CPUs or older kernels, already), I don't see how to avoid this problem. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-29qemu-ga: avoid blocking on atime update when reading /etc/mtabMichael Roth1-1/+1
Currently we re-read/re-process /etc/mtab to get an updated list of mounts when guest-fsfreeze-thaw is called. This can cause an atime update on /etc/mtab, which will block if we're in a frozen state. Instead, use /proc's version of mtab, which may not be up-to-date with options passed via -o remount, but is compatible for our use cases since we only care about the filesystem type. Reported-by: Matsuda, Daiki <matsudadik@intellilink.co.jp> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2012-05-29qemu-ga: Fix use of environ on DarwinAndreas Färber1-0/+5
Use _NSGetEnviron() helper to access the environment. Signed-off-by: Andreas Färber <andreas.faerber@web.de> Cc: Charlie Somerville <charlie@charliesomerville.com> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2012-05-29pci: call object_unparent() before free_qdev()Amos Kong2-1/+1
Start VM with 8 multiple-function block devs, hot-removing those block devs by 'device_del ...' would cause qemu abort. | (qemu) device_del virti0-0-0 | (qemu) ** |ERROR:qom/object.c:389:object_delete: assertion failed: (obj->ref == 0) It's a regression introduced by commit 57c9fafe The whole PCI slot should be removed once. Currently only one func is cleaned in pci_unplug_device(), if you try to remove a single func by monitor cmd. free_qdev() are called for all functions in slot, but unparent_delete() is only called for one function. Signed-off-by: XXXX Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-29fix multiboot loading if load_end_addr == 0Scott Moser1-3/+9
The previous multiboot load code did not treat the case where load_end_addr was 0 specially. The multiboot specification says the following: * load_end_addr Contains the physical address of the end of the data segment. (load_end_addr - load_addr) specifies how much data to load. This implies that the text and data segments must be consecutive in the OS image; this is true for existing a.out executable formats. If this field is zero, the boot loader assumes that the text and data segments occupy the whole OS image file. Signed-off-by: Scott Moser <smoser@ubuntu.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-29vga: fix vram double-mapping with -vga std and -M pc-0.12Avi Kivity2-1/+7
With pc-0.12, we map the video RAM both through the PCI BAR (the guest does this) and through a fixed mapping at 0xe0000000. The memory API doesn't allow this double map, and aborts. Fix by using an alias. Reported-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Avi Kivity <avi@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-29Merge remote-tracking branch 'afaerber-or/cocoa-for-upstream' into stagingAnthony Liguori2-1/+6
* afaerber-or/cocoa-for-upstream: cocoa: Suppress Cocoa frontend for -qtest arch_init: Fix AltiVec build on Darwin/ppc