summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-09-17Revert "Add ability to disable build of all targets"Anthony Liguori1-4/+9
This reverts commit 66d5499b3754b83c09487259c08fe2ce73188a59. This commit broke --target-list="x86_64-softmmu" and the fix isn't immediatley obvious. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-17cpu_physical_memory_write_rom() needs to do TB invalidatesDavid Gibson1-0/+7
cpu_physical_memory_write_rom(), despite the name, can also be used to write images into RAM - and will often be used that way if the machine uses load_image_targphys() into RAM addresses. However, cpu_physical_memory_write_rom(), unlike cpu_physical_memory_rw() doesn't invalidate any cached TBs which might be affected by the region written. This was breaking reset (under full emu) on the pseries machine - we loaded our firmware image into RAM, and while executing it rewrite the code at the entry point (correctly causing a TB invalidate/refresh). When we reset the firmware image was reloaded, but the TB from the rewrite was still active and caused us to get an illegal instruction trap. This patch fixes the bug by duplicating the tb invalidate code from cpu_physical_memory_rw() in cpu_physical_memory_write_rom(). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-17qemu-char: BUGFIX, don't call FD_ISSET with negative fdDavid Gibson2-2/+6
tcp_chr_connect(), unlike for example udp_chr_update_read_handler() does not check if the fd it is using is valid (>= 0) before passing it to qemu_set_fd_handler2(). If using e.g. a TCP serial port, which is not initially connected, this can result in -1 being passed to FD_ISSET, which has undefined behaviour. On x86 it seems to harmlessly return 0, but on PowerPC, it causes a fortify buffer overflow error to be thrown. This patch fixes this by putting an extra test in tcp_chr_connect(), and also adds an assert qemu_set_fd_handler2() to catch other such errors on all platforms, rather than just some. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-17Revert 455aa1e08 and c3767ed0ebAnthony Liguori1-6/+1
commit c3767ed0eb5d0bb25fe409ae5dec06e3411ff1b6 qemu-char: (Re-)connect for tcp_chr_write() unconnected writing Has no hope of working because tcp_chr_connect() does not actually connect. 455aa1e08 just fixes the SEGV with server() but the attempt to connect a client socket is still completely broken. This patch reverts both. Reported-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-17pc: Drop practically unused BOCHS BIOS debug portsJan Kiszka1-27/+0
We have debugcon these days to listen on those ports that receive debug messages. Also drop the others that have no effect anymore. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-17add -machine mem-merge=on|off optionLuiz Capitulino3-4/+26
It allows to disable memory merge support (KSM on Linux), which is enabled by default otherwise. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-15Remove unused CONFIG_TCG_PASS_AREG0 and dead codeBlue Swirl31-525/+53
Now that CONFIG_TCG_PASS_AREG0 is enabled for all targets, remove dead code and support for !CONFIG_TCG_PASS_AREG0 case. Remove dyngen-exec.h and all references to it. Although included by hw/spapr_hcall.c, it does not seem to use it. Remove unused HELPER_CFLAGS. Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
2012-09-15target-mips: switch to AREG0 free modeBlue Swirl6-1086/+1163
Add an explicit CPUState parameter instead of relying on AREG0 and switch to AREG0 free mode. Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Acked-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-15target-sh4: switch to AREG0 free modeBlue Swirl5-189/+195
Add an explicit CPUState parameter instead of relying on AREG0 and switch to AREG0 free mode. Acked-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15target-cris: Switch to AREG0 free modeAurelien Jarno6-187/+181
Add an explicit CPUCRISState parameter instead of relying on AREG0, and use cpu_ld* in translation and interrupt handling. Remove AREG0 swapping in tlb_fill(). Switch to AREG0 free mode Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-15target-cris: Avoid AREG0 for helpersAurelien Jarno4-77/+88
Add an explicit CPUCRISState parameter instead of relying on AREG0. Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-15target-microblaze: switch to AREG0 free modeBlue Swirl5-118/+110
Add an explicit CPUState parameter instead of relying on AREG0 and switch to AREG0 free mode. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15target-arm: final conversion to AREG0 free modeBlue Swirl6-21/+16
Convert code load functions and switch to AREG0 free mode. Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2012-09-15target-arm: convert remaining helpersBlue Swirl3-125/+125
Convert remaining helpers to AREG0 free mode: add an explicit CPUState parameter instead of relying on AREG0. Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2012-09-15target-arm: convert void helpersBlue Swirl3-18/+18
Add an explicit CPUState parameter instead of relying on AREG0. For easier review, convert only op helpers which don't return any value. Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2012-09-15target-unicore32: switch to AREG0 free modeBlue Swirl5-75/+58
Add an explicit CPUState parameter instead of relying on AREG0 and switch to AREG0 free mode. Tested-by: Guan Xuetao <gxt@mprc.pku.edu.cn> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15target-m68k: avoid using cpu_single_envBlue Swirl1-130/+140
Pass around CPUState instead of using global cpu_single_env. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15target-m68k: switch to AREG0 free modeBlue Swirl5-82/+68
Add an explicit CPUState parameter instead of relying on AREG0 and switch to AREG0 free mode. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15target-lm32: switch to AREG0 free modeBlue Swirl5-46/+35
Add an explicit CPUState parameter instead of relying on AREG0 and switch to AREG0 free mode. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15target-s390x: avoid cpu_single_envBlue Swirl1-173/+183
Pass around CPUState instead of using global cpu_single_env. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15configure: properly check if -lrt and -lm is neededNatanael Copa1-2/+29
Fixes build against uClibc. uClibc provides 2 versions of clock_gettime(), one with realtime support and one without (this is so you can avoid linking in -lrt unless actually needed). This means that the clock_gettime() don't need -lrt. We still need it for timer_create() so we check for this function in addition. We also need check if -lm is needed for isnan(). Both -lm and -lrt are needed for libs_qga. Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15tcg: Fix MAX_OPC_PARAM_IARGSStefan Weil2-1/+3
DEF_HELPER_FLAGS_5 was added some time ago without adjusting MAX_OPC_PARAM_IARGS. Fixing the definition becomes more important as QEMU is using an increasing number of helper functions called with 5 arguments. Add also a comment to avoid future problems when DEF_HELPER_FLAGS_6 will be added. Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-14configure: fix seccomp checkYann E. MORIN1-1/+1
Currently, if libseccomp is missing but the user explicitly requested seccomp support using --enable-seccomp, configure silently ignores the situation and disables seccomp support. This is unlike all other tests that explicitly fail in such situation. Fix that. Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-09-14net: EAGAIN handling for net/socket.c TCPStefan Hajnoczi1-5/+31
Replace spinning send_all() with a proper non-blocking send. When the socket write buffer limit is reached, we should stop trying to send and wait for the socket to become writable again. Non-blocking TCP sockets can return in two different ways when the write buffer limit is reached: 1. ret = -1 and errno = EAGAIN/EWOULDBLOCK. No data has been written. 2. ret < total_size. Short write, only part of the message was transmitted. Handle both cases and keep track of how many bytes have been written in s->send_index. (This includes the 'length' header before the actual payload buffer.) Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: EAGAIN handling for net/socket.c UDPStefan Hajnoczi1-2/+12
Implement asynchronous send for UDP (or other SOCK_DGRAM) sockets. If send fails with EAGAIN we wait for the socket to become writable again. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: asynchronous send/receive infrastructure for net/socket.cStefan Hajnoczi1-6/+52
The net/socket.c net client is not truly asynchronous. This patch borrows the qemu_set_fd_handler2() code from net/tap.c as the basis for proper asynchronous send/receive. Only read packets from the socket when the peer is able to receive. This avoids needless queuing. Later patches implement asynchronous send. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: broadcast hub packets if at least one port can receiveStefan Hajnoczi1-3/+3
In commit 60c07d933c66c4b30a83b7ccbc8a0cb3df1b2d0e ("net: fix qemu_can_send_packet logic") the "VLAN" broadcast behavior was changed to queue packets if any net client cannot receive. It turns out that this was not actually the right fix and just hides the real bug that hw/usb/dev-network.c:usbnet_receive() clobbers its receive buffer when called multiple times in a row. The commit also introduced a new bug that "VLAN" packets would not be sent if one of multiple net clients was down. The hw/usb/dev-network.c bug has since been fixed, so this patch reverts broadcast behavior to send packets as long as one net client can receive. Packets simply get queued for the net clients that are temporarily unable to receive. Reported-by: Roy.Li <rongqing.li@windriver.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: fix usbnet_receive() packet dropsStefan Hajnoczi1-3/+16
The USB network interface has a single buffer which the guest reads from. This patch prevents multiple calls to usbnet_receive() from clobbering the input buffer. Instead we queue packets until buffer space becomes available again. This is inspired by virtio-net and e1000 rxbuf handling. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: clean up usbnet_receive()Stefan Hajnoczi1-13/+17
The USB network interface has two code paths depending on whether or not RNDIS mode is enabled. Refactor usbnet_receive() so that there is a common path throughout the function instead of duplicating everything across if (is_rndis(s)) ... else ... code paths. Clean up coding style and 80 character line wrap along the way. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: add -netdev options to man pageStefan Hajnoczi1-0/+7
Document the -netdev syntax which supercedes the older -net syntax. This patch is a first step to making -netdev prominent in the QEMU manual. Reported-by: Anatoly Techtonik <techtonik@gmail.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: do not report queued packets as sentStefan Hajnoczi1-19/+16
Net send functions have a return value where 0 means the packet has not been sent and will be queued. A non-zero value means the packet was sent or an error caused the packet to be dropped. This patch fixes two instances where packets are queued but we return their size. This causes callers to believe the packets were sent. When the caller uses the async send interface this creates a real problem because the callback will be invoked for a packet that the caller believed to be already sent. This bug can cause double-frees in the caller. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: add receive_disabled logic to iov delivery pathStefan Hajnoczi1-2/+13
This patch adds the missing NetClient->receive_disabled logic in the sendv delivery code path. It seems that commit 893379efd0e1b84ceb0c42a713293f3dbd27b1bd ("net: disable receiving if client returns zero") only added the logic to qemu_deliver_packet() and not qemu_deliver_packet_iov(). The receive_disabled flag should be automatically set when .receive(), .receive_raw(), or .receive_iov() return 0. No further packets will be delivered to the NetClient until the receive_disabled flag is cleared again by calling qemu_flush_queued_packets(). Typically the NetClient will wait until its file descriptor becomes writable and then invoke qemu_flush_queued_packets() to resume transmission. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14eepro100: Fix network hang when rx buffers run outBo Yang1-1/+3
This is reported by QA. When installing os with pxe, after the initial kernel and initrd are loaded, the procedure tries to copy files from install server to local harddisk, the network becomes stall because of running out of receive descriptor. [Whitespace fixes and removed qemu_notify_event() because Paolo's earlier net patches have moved it into qemu_flush_queued_packets(). Additional info: I can reproduce the network hang with a tap device doing a iPXE HTTP boot as follows: $ qemu -enable-kvm -m 1024 \ -netdev tap,id=netdev0,script=no,downscript=no \ -device i82559er,netdev=netdev0,romfile=80861209.rom \ -drive if=virtio,cache=none,file=test.img iPXE> ifopen net0 iPXE> config # set static network configuration iPXE> kernel http://mirror.bytemark.co.uk/fedora/linux/releases/17/Fedora/x86_64/os/images/pxeboot/vmlinuz I needed a vanilla iPXE ROM to get to the iPXE prompt. I think the boot prompt has been disabled in the ROMs that ship with QEMU to reduce boot time. During the vmlinuz HTTP download there is a network hang. hw/eepro100.c has reached the end of the rx descriptor list. When the iPXE driver replenishes the rx descriptor list we don't kick the QEMU net subsystem and event loop, thereby leaving the tap netdev without its file descriptor in select(2). Stefan Hajnoczi <stefanha@gmail.com>] Signed-off-by: Bo Yang <boyang@suse.com> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-09-14xen: flush queue when getting an eventPaolo Bonzini1-0/+1
xen does not have a register that, when written, will cause can_receive to go from false to true. However, flushing the queue can be attempted whenever the front-end raises its side of the Xen event channel. There is a single event channel for tx and rx. Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Amos Kong <akong@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14e1000: flush queue whenever can_receive can go from false to truePaolo Bonzini1-0/+4
When the guests replenish the receive ring buffer, the network device should flush its queue of pending packets. This is done with qemu_flush_queued_packets. e1000's can_receive can go from false to true when RCTL or RDT are modified. Reported-by: Luigi Rizzo <rizzo@iet.unipi.it> Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Cc: Jan Kiszka <jan.kiszka@siemens.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Amos Kong <akong@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14net: notify iothread after flushing queuePaolo Bonzini4-8/+10
virtio-net has code to flush the queue and notify the iothread whenever new receive buffers are added by the guest. That is fine, and indeed we need to do the same in all other drivers. However, notifying the iothread should be work for the network subsystem. And since we are at it we can add a little smartness: if some of the queued packets already could not be delivered, there is no need to notify the iothread. Reported-by: Luigi Rizzo <rizzo@iet.unipi.it> Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Cc: Jan Kiszka <jan.kiszka@siemens.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Amos Kong <akong@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14arch_init.c: add missing '%' symbols before PRIu64 in debug printfsIgor Mitsyanko1-4/+4
'%' symbols were missing in front of PRIu64 macros in DPRINTF() messages in arch_init.c, this caused compilation warnings when compiled with DEBUG_ARCH_INIT defined. Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-09-14kvm: Fix warning from static code analysisStefan Weil1-7/+5
Report from smatch: kvm-all.c:1373 kvm_init(135) warn: variable dereferenced before check 's' (see line 1360) 's' cannot by NULL (it was alloced using g_malloc0), so there is no need to check it here. Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-09-14qapi: Fix enumeration typo errorLei Li2-3/+3
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com> Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-09-14console: Clean up bytes per pixel calculationBALATON Zoltan1-3/+2
Division with round up is the correct way to compute this even if the only case where division with round down gives incorrect result is probably 15 bpp. This case was explicitely patched up in one of these functions but was unhandled in the other. (I'm not sure about setting 16 bpp for the 15bpp case either but I left that there for now.) Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14Fix copy&paste typos in documentation commentsBALATON Zoltan1-5/+6
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14linux-user: Remove #if 0'd cpu_get_real_ticks() definitionPeter Maydell1-13/+0
Remove the cpu_get_real_ticks() definition from linux-user/main.c. This has been disabled via #if 0 and unused since commit 1dce7c3c22 in 2006; the definitions we actually use are in qemu-timer.h. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14ui: Fix spelling in comment (ressource -> resource)Stefan Weil1-1/+1
The function is called interface_release_resource. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14Spelling fixes in comments and macro names (ressource -> resource)Stefan Weil1-3/+3
Macro XEN_HOST_PCI_RESOURCE_BUFFER_SIZE is only used locally, so the change should be safe. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14Fix spelling (licenced -> licensed) in GPLStefan Weil3-5/+5
The patch also fixes the case of "written". Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14Spelling fixes in comments and documentationStefan Weil6-14/+14
These wrong spellings were detected by codespell: * successully -> successfully * alot -> a lot * wanna -> want to * infomation -> information * occured -> occurred ["also is" -> "is also" and "ressources" -> "resources" suggested by Peter Maydell <peter.maydell@linaro.org>] Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14srp: Don't use QEMU_PACKED for single elements of a structured typeStefan Weil1-4/+4
QEMU_PACKED results in a MinGW compiler warning when it is used for single structure elements: warning: 'gcc_struct' attribute ignored Using QEMU_PACKED for the whole structure avoids the compiler warning without changing the memory layout. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14slirp: Implement TFTP Blocksize optionHervé Poussineau1-9/+33
This option is described in RFC 1783. As this is only an optional field, we may ignore it in some situations and handle it in some others. However, MS Windows 2003 PXE boot client requests a block size of the MTU (most of the times 1472 bytes), and doesn't work if the option is not acknowledged (with whatever value). According to the RFC 1783, we cannot acknowledge the option with a bigger value than the requested one. As current implementation is using 512 bytes by block, accept the option with a value of 512 if the option was specified, and don't acknowledge it if it is not present or less than 512 bytes. Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-09-13slirp: Remove unused return value of tftp_send_next_blockJan Kiszka1-9/+5
No caller actually makes use of this value, so let's simplify the code. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-09-13slirp: Handle more than 65535 blocks in TFTP transfersHervé Poussineau2-14/+11
RFC 1350 does not mention block count roll-over. However, a lot of TFTP servers implement it to be able to transmit big files, so do it also. Current block size is 512 bytes, so TFTP files were limited to 32 MB. Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>