Commit Graph

1017 Commits

Author SHA1 Message Date
Stefan Weil
a277c3e094 usb: Support compilation without poll.h
This is a hack to support compilation with Mingw-w64 which provides
a libusb-1.0 package, but no poll.h.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1458630800-10088-1-git-send-email-sw@weilnetz.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-05-11 10:37:39 +02:00
Isaac Lozano
1f66fe5778 usb-mtp: fix usb_mtp_get_device_info so that libmtp on the guest doesn't complain
If an application uses libmtp on the guest system,
it will complain with the warning message:
LIBMTP WARNING: VendorExtensionID: ffffffff
LIBMTP WARNING: VendorExtensionDesc: (null)
LIBMTP WARNING: this typically means the device is PTP (i.e. a camera) but
not a MTP device at all. Trying to continue anyway.

This is because libmtp expects a MTP Vendor Extension ID of 0x00000006 and a
MTP Version of 0x0064. These numbers are taken from Microsoft's MTP Vendor
Extension Identification Message page and are what most physical devices
show.

Signed-off-by: Isaac Lozano <109lozanoi@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1460892593-5908-1-git-send-email-109lozanoi@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-05-11 10:33:49 +02:00
Roman Kagan
491d68d938 usb:xhci: no DMA on HC reset
This patch is a rough fix to a memory corruption we are observing when
running VMs with xhci USB controller and OVMF firmware.

Specifically, on the following call chain

xhci_reset
  xhci_disable_slot
    xhci_disable_ep
      xhci_set_ep_state

QEMU overwrites guest memory using stale guest addresses.

This doesn't happen when the guest (firmware) driver sets up xhci for
the first time as there are no slots configured yet.  However when the
firmware hands over the control to the OS some slots and endpoints are
already set up with their context in the guest RAM.  Now the OS' driver
resets the controller again and xhci_set_ep_state then reads and writes
that memory which is now owned by the OS.

As a quick fix, skip calling xhci_set_ep_state in xhci_disable_ep if the
device context base address array pointer is zero (indicating we're in
the HC reset and no DMA is possible).

Cc: qemu-stable@nongnu.org
Signed-off-by: Roman Kagan <rkagan@virtuozzo.com>
Message-id: 1462384435-1034-1-git-send-email-rkagan@virtuozzo.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-05-11 10:29:28 +02:00
Gerd Hoffmann
f419a626c7 usb/uhci: move pid check
commit "5f77e06 usb: add pid check at the first of uhci_handle_td()"
moved the pid verification to the start of the uhci_handle_td function,
to simplify the error handling (we don't have to free stuff which we
didn't allocate in the first place ...).

Problem is now the check fires too often, it raises error IRQs even for
TDs which we are not going to process because they are not set active.

So, lets move down the check a bit, so it is done only for active TDs,
but still before we are going to allocate stuff to process the requested
transfer.

Reported-by: Joe Clifford <joe@thunderbug.co.uk>
Tested-by: Joe Clifford <joe@thunderbug.co.uk>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1461321893-15811-1-git-send-email-kraxel@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-04-25 12:05:05 +01:00
Fam Zheng
54e18d35e4 event-notifier: Add "is_external" parameter
All callers pass "false" keeping the old semantics. The windows
implementation doesn't distinguish the flag yet. On posix, it is passed
down to the underlying aio context.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-04-22 16:43:56 +02:00
Gerd Hoffmann
a49923d283 Revert "ehci: make idt processing more robust"
This reverts commit 156a2e4dbf.

Breaks FreeBSD.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-04-19 08:20:56 +02:00
Gerd Hoffmann
1ae3f2f178 ehci: apply limit to iTD/sidt descriptors
Commit "156a2e4 ehci: make idt processing more robust" tries to avoid a
DoS by the guest (create a circular iTD queue and let qemu ehci
emulation run in circles forever).  Unfortunately this has two problems:
First it misses the case of siTDs, and second it reportedly breaks
FreeBSD.

So lets go for a different approach: just count the number of iTDs and
siTDs we have seen per frame and apply a limit.  That should really
catch all cases now.

Reported-by: 杜少博 <dushaobo@360.cn>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-04-19 08:18:27 +02:00
Peter Maydell
84a5a80148 * Log filtering from Alex and Peter
* Chardev fix from Marc-André
 * config.status tweak from David
 * Header file tweaks from Markus, myself and Veronia (Outreachy candidate)
 * get_ticks_per_sec() removal from Rutuja (Outreachy candidate)
 * Coverity fix from myself
 * PKE implementation from myself, based on rth's XSAVE support
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJW9ErPAAoJEL/70l94x66DJfEH/A/QkMpAhrgNdyVsahzsGrzE
 wx5gHFIc1nBYxyr62w4apUb5jPB7zaXu0LA7EAWDeAe0pyP8hZzLT9kJyOEDsuJu
 zwKN2QeLSNMtPbnbKN0I/YQ2za2xX1V5ruhSeOJoVslUI214hgnAURaGshhQNzuZ
 2CluDT9KgL5cQifAnKs5kJrwhIYShYNQB+1eDC/7wk28dd/EH+sPALIoF+rqrSmt
 Zu4Mdqd+9Ns+oKOjA6br9ULq/Hzg0aDfY82J+XLVVqfF3PXQe8rTDmuMf/7jTn+M
 Un7ZOcei9oZF2/9vfAfKQpDCcgD9HvOUSbgqV/ubmkPPmN/LNJzeKj0fBhrRN+Y=
 =K12D
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Log filtering from Alex and Peter
* Chardev fix from Marc-André
* config.status tweak from David
* Header file tweaks from Markus, myself and Veronia (Outreachy candidate)
* get_ticks_per_sec() removal from Rutuja (Outreachy candidate)
* Coverity fix from myself
* PKE implementation from myself, based on rth's XSAVE support

# gpg: Signature made Thu 24 Mar 2016 20:15:11 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (28 commits)
  target-i386: implement PKE for TCG
  config.status: Pass extra parameters
  char: translate from QIOChannel error to errno
  exec: fix error handling in file_ram_alloc
  cputlb: modernise the debug support
  qemu-log: support simple pid substitution for logs
  target-arm: dfilter support for in_asm
  qemu-log: dfilter-ise exec, out_asm, op and opt_op
  qemu-log: new option -dfilter to limit output
  qemu-log: Improve the "exec" TB execution logging
  qemu-log: Avoid function call for disabled qemu_log_mask logging
  qemu-log: correct help text for -d cpu
  tcg: pass down TranslationBlock to tcg_code_gen
  util: move declarations out of qemu-common.h
  Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND
  hw: explicitly include qemu-common.h and cpu.h
  include/crypto: Include qapi-types.h or qemu/bswap.h instead of qemu-common.h
  isa: Move DMA_transfer_handler from qemu-common.h to hw/isa/isa.h
  Move ParallelIOArg from qemu-common.h to sysemu/char.h
  Move QEMU_ALIGN_*() from qemu-common.h to qemu/osdep.h
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Conflicts:
	scripts/clean-includes
2016-03-24 21:42:40 +00:00
Veronia Bahaa
f348b6d1a5 util: move declarations out of qemu-common.h
Move declarations out of qemu-common.h for functions declared in
utils/ files: e.g. include/qemu/path.h for utils/path.c.
Move inline functions out of qemu-common.h and into new files (e.g.
include/qemu/bcd.h)

Signed-off-by: Veronia Bahaa <veroniabahaa@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22 22:20:17 +01:00
Rutuja Shah
73bcb24d93 Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND
This patch replaces get_ticks_per_sec() calls with the macro
NANOSECONDS_PER_SECOND. Also, as there are no callers, get_ticks_per_sec()
is then removed.  This replacement improves the readability and
understandability of code.

For example,

    timer_mod(fdctrl->result_timer,
	      qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + (get_ticks_per_sec() / 50));

NANOSECONDS_PER_SECOND makes it obvious that qemu_clock_get_ns
matches the unit of the expression on the right side of the plus.

Signed-off-by: Rutuja Shah <rutu.shah.26@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22 22:20:17 +01:00
Markus Armbruster
da34e65cb4 include/qemu/osdep.h: Don't include qapi/error.h
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the
Error typedef.  Since then, we've moved to include qemu/osdep.h
everywhere.  Its file comment explains: "To avoid getting into
possible circular include dependencies, this file should not include
any other QEMU headers, with the exceptions of config-host.h,
compiler.h, os-posix.h and os-win32.h, all of which are doing a
similar job to this file and are under similar constraints."
qapi/error.h doesn't do a similar job, and it doesn't adhere to
similar constraints: it includes qapi-types.h.  That's in excess of
100KiB of crap most .c files don't actually need.

Add the typedef to qemu/typedefs.h, and include that instead of
qapi/error.h.  Include qapi/error.h in .c files that need it and don't
get it now.  Include qapi-types.h in qom/object.h for uint16List.

Update scripts/clean-includes accordingly.  Update it further to match
reality: replace config.h by config-target.h, add sysemu/os-posix.h,
sysemu/os-win32.h.  Update the list of includes in the qemu/osdep.h
comment quoted above similarly.

This reduces the number of objects depending on qapi/error.h from "all
of them" to less than a third.  Unfortunately, the number depending on
qapi-types.h shrinks only a little.  More work is needed for that one.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
[Fix compilation without the spice devel packages. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22 22:20:15 +01:00
Prasad J Pandit
dff0367cf6 usb: ehci: add capability mmio write function
USB Ehci emulation supports host controller capability registers.
But its mmio '.write' function was missing, which lead to a null
pointer dereference issue. Add a do nothing 'ehci_caps_write'
definition to avoid it; Do nothing because capability registers
are Read Only(RO).

Reported-by: Zuozhi Fzz <zuozhi.fzz@alibaba-inc.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 1454072434-16045-1-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18 14:20:39 +01:00
Matthew Fortune
983bff3530 hw/usb/dev-mtp: Guard inotify usage with CONFIG_INOTIFY1
inotify_init1 usage was guarded by a check for linux but does not
exist on older distributions like CentOS 5 resulting in build
failures.

Signed-off-by: Matthew Fortune <matthew.fortune@imgtec.com>
Message-id: 6D39441BF12EF246A7ABCE6654B023536BB85D4A@hhmail02.hh.imgtec.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18 13:58:15 +01:00
Peter Xu
f34d57d359 usb: fix unbound stack warning for inotify_watchfn
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1457503640-31473-1-git-send-email-peterx@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18 13:56:24 +01:00
Peter Xu
e3d60bc7c6 usb: fix unbound stack usage for usb_mtp_add_str
Use heap instead of stack.

Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18 13:55:16 +01:00
Peter Xu
182b391e79 usb: fix unbounded stack warning for xhci_dma_write_u32s
All the callers for xhci_dma_write_u32s() are using mostly 5 * uint32_t
in len. To avoid unbound stack warning for the function, make it
statically allocated, and assert when it's not big enough in the
future.

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-id: 1457661106-9569-1-git-send-email-peterx@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18 13:42:14 +01:00
Stefan Weil
0ab6d12ffd usb: Fix compilation for Windows
Mingw-w64 does not provide sys/ioctl.h and Linux builds don't need it,
so remove that include statement.

ERROR is defined by wingdi.h (included via windows.h). Undefine it before
it is redefined to avoid a compiler warning / error.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1458159439-32322-1-git-send-email-sw@weilnetz.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18 13:13:30 +01:00
Fam Zheng
e8ce12d9ea usb-redirect: Avoid double free of data
If dropping packets, data is freed, the caller's loop should not continue.

Reported by ccc-analyzer.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1456301288-1592-1-git-send-email-famz@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-29 11:45:26 +01:00
Peter Maydell
30456d5ba3 all: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2016-02-23 12:43:05 +00:00
Gerd Hoffmann
fa1298c2d6 ohci: allocate timer only once.
Allocate timer once, at init time, instead of allocating/freeing
it all the time when starting/stopping the bus.  Simplifies the
code, also fixes bugs (memory leak) due to missing checks whenever
the time is already allocated or not.

Cc: Prasad J Pandit <pjp@fedoraproject.org>
Reported-by: Zuozhi Fzz <zuozhi.fzz@alibaba-inc.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-23 11:13:18 +01:00
Gonglei
5f77e06baa usb: add pid check at the first of uhci_handle_td()
pid can be gotten from uhci device memory in uhci_handle_td(),
so the guest can trigger assert qemu if we get an invalid pid.
And the uhci spec 2.1.2 tells us The Host Controller sets Host
Controller Process Error bit to 1 when it detects a fatal error
and indicates that the Host Controller suffered a consistency
check failure while processing a Transfer Descriptor. An example
of a consistency check failure would be finding an illegal PID
field while processing the packet header portion of the TD.
When this error occurs, the Host Controller clears the Run/Stop
bit in the Command register to prevent further schedule execution.

We'd better to set UHCI_STS_HCPERR and kick an interrupt, check
the pid value at the first of uhci_handle_td function.

https://bugzilla.redhat.com/show_bug.cgi?id=1070027

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Message-id: 1455867238-4720-1-git-send-email-arei.gonglei@huawei.com

[ applied minor codestyle fix ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-23 10:38:01 +01:00
Prasad J Pandit
fe3c546c5f usb: check RNDIS buffer offsets & length
When processing remote NDIS control message packets,
the USB Net device emulator uses a fixed length(4096) data buffer.
The incoming informationBufferOffset & Length combination could
overflow and cross that range. Check control message buffer
offsets and length to avoid it.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 1455648821-17340-3-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-23 10:38:01 +01:00
Prasad J Pandit
64c9bc181f usb: check RNDIS message length
When processing remote NDIS control message packets, the USB Net
device emulator uses a fixed length(4096) data buffer. The incoming
packet length could exceed this limit. Add a check to avoid it.

Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 1455648821-17340-2-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-23 10:38:00 +01:00
Peter Maydell
14ec7b2c5b tusb6010: move from hw/timer to hw/usb
The TUSB6010 is a USB controller (as the name suggests). Move it from
hw/timer (where it was accidentally filed in 2013 when we moved
everything out of hw/) to hw/usb.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1455883404-10976-1-git-send-email-peter.maydell@linaro.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-23 10:38:00 +01:00
Prasad J Pandit
80eecda8e5 usb: check USB configuration descriptor object
When processing remote NDIS control message packets, the USB Net
device emulator checks to see if the USB configuration descriptor
object is of RNDIS type(2). But it does not check if it is null,
which leads to a null dereference error. Add check to avoid it.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 1455188480-14688-1-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-23 10:38:00 +01:00
Cao jin
059db20419 Passthru CCID card: QOMify
Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-02-11 15:15:47 +03:00
Cao jin
35997599aa Emulated CCID card: QOMify
Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-02-11 15:15:46 +03:00
Eric Blake
d7bce9999d qom: Swap 'name' next to visitor in ObjectPropertyAccessor
Similar to the previous patch, it's nice to have all functions
in the tree that involve a visitor and a name for conversion to
or from QAPI to consistently stick the 'name' parameter next
to the Visitor parameter.

Done by manually changing include/qom/object.h and qom/object.c,
then running this Coccinelle script and touching up the fallout
(Coccinelle insisted on adding some trailing whitespace).

    @ rule1 @
    identifier fn;
    typedef Object, Visitor, Error;
    identifier obj, v, opaque, name, errp;
    @@
     void fn
    - (Object *obj, Visitor *v, void *opaque, const char *name,
    + (Object *obj, Visitor *v, const char *name, void *opaque,
       Error **errp) { ... }

    @@
    identifier rule1.fn;
    expression obj, v, opaque, name, errp;
    @@
     fn(obj, v,
    -   opaque, name,
    +   name, opaque,
        errp)

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1454075341-13658-20-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-02-08 17:29:56 +01:00
Eric Blake
51e72bc1dd qapi: Swap visit_* arguments for consistent 'name' placement
JSON uses "name":value, but many of our visitor interfaces were
called with visit_type_FOO(v, &value, name, errp).  This can be
a bit confusing to have to mentally swap the parameter order to
match JSON order.  It's particularly bad for visit_start_struct(),
where the 'name' parameter is smack in the middle of the
otherwise-related group of 'obj, kind, size' parameters! It's
time to do a global swap of the parameter ordering, so that the
'name' parameter is always immediately after the Visitor argument.

Additional reason in favor of the swap: the existing include/qjson.h
prefers listing 'name' first in json_prop_*(), and I have plans to
unify that file with the qapi visitors; listing 'name' first in
qapi will minimize churn to the (admittedly few) qjson.h clients.

Later patches will then fix docs, object.h, visitor-impl.h, and
those clients to match.

Done by first patching scripts/qapi*.py by hand to make generated
files do what I want, then by running the following Coccinelle
script to affect the rest of the code base:
 $ spatch --sp-file script `git grep -l '\bvisit_' -- '**/*.[ch]'`
I then had to apply some touchups (Coccinelle insisted on TAB
indentation in visitor.h, and botched the signature of
visit_type_enum() by rewriting 'const char *const strings[]' to
the syntactically invalid 'const char*const[] strings').  The
movement of parameters is sufficient to provoke compiler errors
if any callers were missed.

    // Part 1: Swap declaration order
    @@
    type TV, TErr, TObj, T1, T2;
    identifier OBJ, ARG1, ARG2;
    @@
     void visit_start_struct
    -(TV v, TObj OBJ, T1 ARG1, const char *name, T2 ARG2, TErr errp)
    +(TV v, const char *name, TObj OBJ, T1 ARG1, T2 ARG2, TErr errp)
     { ... }

    @@
    type bool, TV, T1;
    identifier ARG1;
    @@
     bool visit_optional
    -(TV v, T1 ARG1, const char *name)
    +(TV v, const char *name, T1 ARG1)
     { ... }

    @@
    type TV, TErr, TObj, T1;
    identifier OBJ, ARG1;
    @@
     void visit_get_next_type
    -(TV v, TObj OBJ, T1 ARG1, const char *name, TErr errp)
    +(TV v, const char *name, TObj OBJ, T1 ARG1, TErr errp)
     { ... }

    @@
    type TV, TErr, TObj, T1, T2;
    identifier OBJ, ARG1, ARG2;
    @@
     void visit_type_enum
    -(TV v, TObj OBJ, T1 ARG1, T2 ARG2, const char *name, TErr errp)
    +(TV v, const char *name, TObj OBJ, T1 ARG1, T2 ARG2, TErr errp)
     { ... }

    @@
    type TV, TErr, TObj;
    identifier OBJ;
    identifier VISIT_TYPE =~ "^visit_type_";
    @@
     void VISIT_TYPE
    -(TV v, TObj OBJ, const char *name, TErr errp)
    +(TV v, const char *name, TObj OBJ, TErr errp)
     { ... }

    // Part 2: swap caller order
    @@
    expression V, NAME, OBJ, ARG1, ARG2, ERR;
    identifier VISIT_TYPE =~ "^visit_type_";
    @@
    (
    -visit_start_struct(V, OBJ, ARG1, NAME, ARG2, ERR)
    +visit_start_struct(V, NAME, OBJ, ARG1, ARG2, ERR)
    |
    -visit_optional(V, ARG1, NAME)
    +visit_optional(V, NAME, ARG1)
    |
    -visit_get_next_type(V, OBJ, ARG1, NAME, ERR)
    +visit_get_next_type(V, NAME, OBJ, ARG1, ERR)
    |
    -visit_type_enum(V, OBJ, ARG1, ARG2, NAME, ERR)
    +visit_type_enum(V, NAME, OBJ, ARG1, ARG2, ERR)
    |
    -VISIT_TYPE(V, OBJ, NAME, ERR)
    +VISIT_TYPE(V, NAME, OBJ, ERR)
    )

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1454075341-13658-19-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-02-08 17:29:56 +01:00
Gerd Hoffmann
5a8660741a ehci: update irq on reset
After clearing the status register we also have to update the irq line
status.  Otherwise a irq which happends to be pending at reset time
causes a interrupt storm.  And the guest can't stop as the status
register doesn't indicate any pending interrupt.

Both NetBSD and FreeBSD hang on shutdown because of that.

Cc: qemu-stable@nongnu.org
Reported-by: Andrey Korolyov <andrey@xdel.ru>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1453203884-4125-1-git-send-email-kraxel@redhat.com
2016-02-02 14:11:01 +01:00
Prasad J Pandit
49d925ce50 usb: check page select value while processing iTD
While processing isochronous transfer descriptors(iTD), the page
select(PG) field value could lead to an OOB read access. Add
check to avoid it.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 1453233406-12165-1-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-02 14:11:01 +01:00
Peter Maydell
e532b2e008 usb: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1453832250-766-20-git-send-email-peter.maydell@linaro.org
2016-01-29 15:07:23 +00:00
Markus Armbruster
e43bfd9c87 error: Use error_prepend() where it makes obvious sense
Done with this Coccinelle semantic patch

    @@
    expression FMT, E1, E2;
    expression list ARGS;
    @@
    -    error_setg(E1, FMT, ARGS, error_get_pretty(E2));
    +    error_propagate(E1, E2);/*###*/
    +    error_prepend(E1, FMT/*@@@*/, ARGS);

followed by manual cleanup, first because I can't figure out how to
make Coccinelle transform strings, and second to get rid of now
superfluous error_propagate().

We now use or propagate the original error whole instead of just its
message obtained with error_get_pretty().  This avoids suppressing its
hint (see commit 50b7b00), but I can't see how the errors touched in
this commit could come with hints.  It also improves the message
printed with &error_abort when we screw up (see commit 1e9b65b).

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2016-01-13 15:16:17 +01:00
Markus Armbruster
c29b77f955 error: Use error_reportf_err() where it makes obvious sense
Done with this Coccinelle semantic patch

    @@
    expression FMT, E, S;
    expression list ARGS;
    @@
    -    error_report(FMT, ARGS, error_get_pretty(E));
    +    error_reportf_err(E, FMT/*@@@*/, ARGS);
    (
    -    error_free(E);
    |
	 exit(S);
    |
	 abort();
    )

followed by a replace of '%s"/*@@@*/' by '"' and some line rewrapping,
because I can't figure out how to make Coccinelle transform strings.

We now use the error whole instead of just its message obtained with
error_get_pretty().  This avoids suppressing its hint (see commit
50b7b00), but I can't see how the errors touched in this commit could
come with hints.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1450452927-8346-12-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2016-01-13 15:16:17 +01:00
Laurent Vivier
087462c773 ohci: clear pending SOF on suspend
On overcommitted CPU, kernel can be so slow that an interrupt can
be triggered by the device whereas the driver is not ready to receive
it. This drives us into an infinite loop.

On suspend, if a SOF interrupt is raised between the stop of the
device processing and the change of the device internal state to
OHCI_USB_SUSPEND (QEMU stops SOF timer on this state change), this
interrupt is never acknowledged.

This patch clears pending SOF interrupt on OHCI_USB_SUSPEND setting.

Some details:

- ohci_irq(): the OHCI interrupt handler, acknowledges the SOF IRQ
  only if the state of the driver (rh_state) is OHCI_STATE_RUNNING.
  So if this interrupt happens and the driver is not in this state,
  the function is called again and again, moving the system to a
  CPU starvation.

- ohci_rh_suspend(): the function stop the operation and acknowledge
  pending interrupts (but doesn't disable it). Later in the function,
  the device is moved to OHCI_SUSPEND_STATE, and the driver to
  OHCI_RH_SUSPENDED. If between the moment when the interrupt is
  acknowledged and the moment when the device is suspended a new
  interrupt is raised, it will be never acknowledged because the
  driver is now not in OHCI_RH_RUNNING state.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 1452109525-32150-3-git-send-email-lvivier@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-08 09:29:24 +01:00
Laurent Vivier
fd0a10cd20 ohci: delay first SOF interrupt
On overcommitted CPU, kernel can be so slow that an interrupt can
be triggered by the device whereas the driver is not ready to receive
it. This drives us into an infinite loop.

This does not happen on real hardware because real hardware never send
interrupt immediately after the controller has been moved to OPERATION state.

This patch tries to delay the first SOF interrupt to let driver exits from
the critical section (which is not protected against interrupts...)

Some details:

- ohci_irq(): the OHCI interrupt handler, acknowledges the SOF IRQ
  only if the state of the driver (rh_state) is OHCI_STATE_RUNNING.
  So if this interrupt happens and the driver is not in this state,
  the function is called again and again, moving the system to a
  CPU starvation.

- ohci_rh_resume(): the driver re-enables operation with OHCI_USB_OPER.
  In QEMU this start the SOF timer and QEMU starts to send IRQs. As
  the driver is not in OHCI_STATE_RUNNING and not protected against IRQ,
  the ohci_irq() can be called and the driver never moved to
  OHCI_STATE_RUNNING.

Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 1452109525-32150-2-git-send-email-lvivier@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-08 09:29:24 +01:00
Bandan Das
ec93e158b1 usb-mtp: fix call to trace function
trace_usb_mtp_inotify_event() was being called after the object was
being freed.

Signed-off-by: Bandan Das <bsd@redhat.com>
Message-id: 1450861787-16213-3-git-send-email-bsd@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-08 09:25:50 +01:00
Bandan Das
c22d5dcd7a usb-mtp: use safe variant when cleaning events list
usb_mtp_inotify_cleanup uses QLIST_FOREACH to pick events
from a list and free them which is incorrect. Use QLIST_FOREACH_SAFE
instead.

Signed-off-by: Bandan Das <bsd@redhat.com>
Message-id: 1450861787-16213-2-git-send-email-bsd@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-08 09:25:50 +01:00
Hervé Poussineau
0922c3f606 ohci: fix command HostControllerReset
Specification says that: "This bit is set by HCD to initiate a software reset of HC."

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-id: 1450567431-31795-4-git-send-email-hpoussin@reactos.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-08 09:25:50 +01:00
Hervé Poussineau
7d938fd14b ohci: fix Host Controller USBRESET
Specification says that, when entering this state, "the contents of the registers
(except Root Hub registers) are preserved by the HC. [...] The Root Hub is being reset,
which causes the Root Hub's downstream ports to be reset and possibly powered off."

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-id: 1450567431-31795-3-git-send-email-hpoussin@reactos.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-08 09:25:50 +01:00
Hervé Poussineau
84d04e2162 ohci: split reset method in 3 parts
The three parts are:
- root hub reset (ohci_roothub_reset)
- host controller soft reset (ohci_soft_reset)
- host controller hard reset (ohci_hard_reset)

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-id: 1450567431-31795-2-git-send-email-hpoussin@reactos.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-08 09:25:50 +01:00
Gerd Hoffmann
156a2e4dbf ehci: make idt processing more robust
Make ehci_process_itd return an error in case we didn't do any actual
iso transfer because we've found no active transaction.  That'll avoid
ehci happily run in circles forever if the guest builds a loop out of
idts.

This is CVE-2015-8558.

Cc: qemu-stable@nongnu.org
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Tested-by: P J P <ppandit@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-12-15 09:49:03 +01:00
Bandan Das
93d592e3d1 usb-mtp: add support for basic mtp events
When the host polls for events, we check our
events qlist and send one event at a time. Also, note
that the event packet needs to be sent in one go, so
I increased the max packet size to 64.

Tested with a linux guest.

Signed-off-by: Bandan Das <bsd@redhat.com>
Message-id: 1448314625-3855-5-git-send-email-bsd@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-12-15 09:26:10 +01:00
Bandan Das
8e3e3897ce usb-mtp: Add support for inotify based file monitoring
For now, we use inotify watches to track only a small number of
events, namely, add, delete and modify. Note that for delete, the kernel
already deactivates the watch for us and we just need to
take care of modifying our internal state.

inotify is a linux only mechanism.

Suggested-by: Gerd Hoffman <kraxel@redhat.com>
Signed-off-by: Bandan Das <bsd@redhat.com>
Message-id: 1448314625-3855-4-git-send-email-bsd@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-12-15 09:26:10 +01:00
Bandan Das
b3c4d4250f usb-mtp: free objects on a mtp reset
On a reset, call usb_mtp_object_free on all objects and their children

Signed-off-by: Bandan Das <bsd@redhat.com>
Message-id: 1448314625-3855-3-git-send-email-bsd@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-12-15 09:25:27 +01:00
Bandan Das
4c7a67f5cd usb-mtp: use a list for keeping track of children
To support adding/removal of objects, we will need to update
the object cache hierarchy we have built internally. Convert
to using a Qlist for easier management.

Signed-off-by: Bandan Das <bsd@redhat.com>
Message-id: 1448314625-3855-2-git-send-email-bsd@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-12-15 09:25:27 +01:00
Markus Armbruster
98f343395e usb: Use g_new() & friends where that makes obvious sense
g_new(T, n) is neater than g_malloc(sizeof(T) * n).  It's also safer,
for two reasons.  One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.

This commit only touches allocations with size arguments of the form
sizeof(T).  Same Coccinelle semantic patch as in commit b45c03f.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-11-06 15:42:38 +03:00
Gerd Hoffmann
a9be4e7c48 usb-host: fix usb3ep0quirk test
usb->speed is the usb speed the device is actually running on in the
qemu emulation (i.e. from the guests point of view).  So when plugging
usb3 devices into ehci hostadapter this is HIGH not SUPER.

To figure whenever the host talks to the device with superspeed we
have to check speedmask instead and see whenever the superspeed bit
is set there.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1445603230-11840-1-git-send-email-kraxel@redhat.com
2015-11-03 11:56:23 +01:00
Gerd Hoffmann
cbf82fa01e ehci: clear suspend bit on detach
When a device is detached, clear the suspend bit (PORTSC_SUSPEND)
in the port status register.

The specs are not *that* clear what is supposed to happen in case
a suspended device is unplugged.  But the enable bit (PORTSC_PED)
is cleared, and the specs mention setting suspend with enable being
unset is undefined behavior.  So clearing them both looks reasonable,
and it actually fixes the reported bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1268879

Cc: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Message-id: 1445413462-18004-1-git-send-email-kraxel@redhat.com
2015-11-03 11:55:51 +01:00
Max Reitz
7d3467d903 hw/usb-storage: Check whether BB is inserted
Only call bdrv_add_key() on the BlockDriverState if it is not NULL.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-10-23 18:18:23 +02:00
Gerd Hoffmann
37bc43f7fb usb-audio: increate default buffer size
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 09:15:23 +02:00
Gerd Hoffmann
974826f0ab usb: print device id in "info usb" monitor command
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 09:15:23 +02:00
Gerd Hoffmann
e206ddfb57 usb-host: add wakeup call for iso xfers
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 09:15:23 +02:00
Marc-André Lureau
7b02f5447c libcacard: use the standalone project
libcacard is now a standalone project hosted with the Spice project (see
the 2.5.0 release announcement), remove it from qemu tree.

Use the library if found during configure or if --enable-smartcard.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-23 23:34:17 +02:00
Markus Armbruster
012aef0734 maint: avoid useless "if (foo) free(foo)" pattern
My Coccinelle semantic patch finds a few more, because it also fixes up
the equally pointless conditional

    if (foo) {
        free(foo);
        foo = NULL;
    }

Result (feel free to squash it into your patch):

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:21:38 +03:00
Daniel P. Berrange
ef1e1e0782 maint: avoid useless "if (foo) free(foo)" pattern
The free() and g_free() functions both happily accept
NULL on any platform QEMU builds on. As such putting a
conditional 'if (foo)' check before calls to 'free(foo)'
merely serves to bloat the lines of code.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:21:38 +03:00
Daniel P. Berrange
1618d2ae7f maint: remove unused include for signal.h
A number of files were including signal.h but not using any
of the functions it provides

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:21:38 +03:00
Daniel P. Berrange
d7646f241c maint: remove unused include for dirent.h
A number of files were including dirent.h but not using any
of the functions it provides

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:21:38 +03:00
Daniel P. Berrange
b6af097528 maint: remove / fix many doubled words
Many source files have doubled words (eg "the the", "to to",
and so on). Most of these can simply be removed, but a couple
were actual mis-spellings (eg "to to" instead of "to do").
There was even one triple word score "to to to" :-)

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:21:38 +03:00
Fam Zheng
913440249e usbnet: Drop usbnet_can_receive
usbnet_receive already drops packet if rndis_state is not
RNDIS_DATA_INITIALIZED, and queues packet if in buffer is not available.
The only difference is s->dev.config but that is similar to rndis_state.

Drop usbnet_can_receive and move these checks to usbnet_receive, so that
we don't need to explicitly flush the queue when s->dev.config changes
value.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Message-id: 1436955553-22791-5-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-07-27 14:12:18 +01:00
Stefan Hajnoczi
13566fe3e5 timer: rename NSEC_PER_SEC due to Mac OS X header clash
Commit e0cf11f31c ("timer: Use a single
definition of NSEC_PER_SEC for the whole codebase") renamed
NANOSECONDS_PER_SECOND to NSEC_PER_SEC.

On Mac OS X there is a <dispatch/time.h> system header which also
defines NSEC_PER_SEC.  This causes compiler warnings.

Let's use the old name instead.  It's longer but it doesn't clash.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1436364609-7929-1-git-send-email-stefanha@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-07-20 17:01:00 +01:00
Gerd Hoffmann
92fdfa4bef Revert "xhci: set timer to retry xfers"
This reverts commit 4e8cfbe114.

We should not poll via timer, and with ccid being fixed
to properly notify us about pending transfers we don't have to.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-07-17 13:20:53 +02:00
Gerd Hoffmann
86d7e214c2 usb-ccid: add missing wakeup calls
Properly notify the host adapter that we have
data pending, so it doesn't has to poll us.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-07-17 13:20:53 +02:00
Gerd Hoffmann
cfda2cef3d usb-ccid: fix 61b4887b41
QOMification dropped the parent device lookup, fix it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-07-17 13:19:59 +02:00
Lin Ma
6110ce59af Re-attach usb device to kernel while usb_host_open fails
Signed-off-by: Lin Ma <lma@suse.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-07-16 17:39:13 +02:00
Alberto Garcia
e0cf11f31c timer: Use a single definition of NSEC_PER_SEC for the whole codebase
Signed-off-by: Alberto Garcia <berto@igalia.com>
Message-id: c6e55468856ba0b8f95913c4da111cc0ef266541.1434113783.git.berto@igalia.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-07-02 09:20:18 +01:00
Markus Armbruster
a0b1a66ea3 Include monitor/monitor.h exactly where needed
In particular, don't include it into headers.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:41 +02:00
Markus Armbruster
cc7a8ea740 Include qapi/qmp/qerror.h exactly where needed
In particular, don't include it into headers.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:41 +02:00
Markus Armbruster
d49b683644 qerror: Move #include out of qerror.h
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:40 +02:00
Markus Armbruster
c6bd8c706a qerror: Clean up QERR_ macros to expand into a single string
These macros expand into error class enumeration constant, comma,
string.  Unclean.  Has been that way since commit 13f59ae.

The error class is always ERROR_CLASS_GENERIC_ERROR since the previous
commit.

Clean up as follows:

* Prepend every use of a QERR_ macro by ERROR_CLASS_GENERIC_ERROR, and
  delete it from the QERR_ macro.  No change after preprocessing.

* Rewrite error_set(ERROR_CLASS_GENERIC_ERROR, ...) into
  error_setg(...).  Again, no change after preprocessing.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:40 +02:00
Markus Armbruster
70b9433109 QemuOpts: Wean off qerror_report_err()
qerror_report_err() is a transitional interface to help with
converting existing monitor commands to QMP.  It should not be used
elsewhere.

The only remaining user in qemu-option.c is qemu_opts_parse().  Is it
used in QMP context?  If not, we can simply replace
qerror_report_err() by error_report_err().

The uses in qemu-img.c, qemu-io.c, qemu-nbd.c and under tests/ are
clearly not in QMP context.

The uses in vl.c aren't either, because the only QMP command handlers
there are qmp_query_status() and qmp_query_machines(), and they don't
call it.

Remaining uses:

* drive_def(): Command line -drive and such, HMP drive_add and pci_add

* hmp_chardev_add(): HMP chardev-add

* monitor_parse_command(): HMP core

* tmp_config_parse(): Command line -tpmdev

* net_host_device_add(): HMP host_net_add

* net_client_parse(): Command line -net and -netdev

* qemu_global_option(): Command line -global

* vnc_parse_func(): Command line -display, -vnc, default display, HMP
  change, QMP change.  Bummer.

* qemu_pci_hot_add_nic(): HMP pci_add

* usb_net_init(): Command line -usbdevice, HMP usb_add

Propagate errors through qemu_opts_parse().  Create a convenience
function qemu_opts_parse_noisily() that passes errors to
error_report_err().  Switch all non-QMP users outside tests to it.

That leaves vnc_parse_func().  Propagate errors through it.  Since I'm
touching it anyway, rename it to vnc_parse().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:39 +02:00
Juan Quintela
5cd8cadae8 migration: Use normal VMStateDescriptions for Subsections
We create optional sections with this patch.  But we already have
optional subsections.  Instead of having two mechanism that do the
same, we can just generalize it.

For subsections we just change:

- Add a needed function to VMStateDescription
- Remove VMStateSubsection (after removal of the needed function
  it is just a VMStateDescription)
- Adjust the whole tree, moving the needed function to the corresponding
  VMStateDescription

Signed-off-by: Juan Quintela <quintela@redhat.com>
2015-06-12 06:53:57 +02:00
Peter Maydell
9ad2c8cd41 trivial patches for 2015-05-09
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJVTTGSAAoJEL7lnXSkw9fb6WUH/iWY2zJ+wNY/GCutyJ+bxq/0
 XeYhe+3DyjU7sAjDPnTjgJ26K1sYREhQkSDXbIXKpu+Ez9AAucBauDlYczVcklf0
 xiNVBCVDCvLZr2YwDctbV2WhqUVVJG78xMRlbpGapTPsvwPAG5CL+ZRN6l6Fp8G8
 yCHRvK7I9n2P8uZVqZiLd3jGTeRYqd7lBzHyOoxTQAuQdgOvuwf9zEKVZ+RxA5B0
 7ckuE8aZH0yyDDTG8w3nksWYLnEPizfT9MaNjI6AX4dwLPGv4BvvmGP6YwZRavRI
 +OopR7KliEdSaurj0ggM8rUcBkA37QHuIwRfmd3Syyx4HLOB3ckgGlWL8He9mpM=
 =PXUH
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-05-09' into staging

trivial patches for 2015-05-09

# gpg: Signature made Fri May  8 22:58:42 2015 BST using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"

* remotes/mjt/tags/pull-trivial-patches-2015-05-09:
  docs: update BLOCK_IMAGE_CORRUPTED documentation
  glib-compat.h: change assert to g_assert
  Remove various unused functions
  sheepdog: fix resource leak with sd_snapshot_create
  xhci: remove unused code

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-11 13:54:00 +01:00
Gonglei
e5a88b0cf3 xhci: remove unused code
Value from xfer->packet.ep is assigned to ep here, but that
stored value is not used before it is overwritten. Remove it.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-05-08 14:11:09 +03:00
Gerd Hoffmann
ca5a21c40d uhci: controller is halted after reset
... and the status register should say so.

Fixes "usbus0: controller did not stop" error printed by freebsd.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:08 +02:00
Gonglei
cdf0d7694d usb: usb-serial QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:08 +02:00
Gonglei
d371cbc778 usb: usb-redir QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:08 +02:00
Gonglei
924e567e1e usb: usb-wacom-tablet QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:07 +02:00
Gonglei
0b06d099b0 usb: usb-uas QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:07 +02:00
Gonglei
79e2590cbf usb: usb-storage QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:07 +02:00
Gonglei
61b4887b41 usb: usb-ccid QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:07 +02:00
Gonglei
fe47db7221 usb: usb-net QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:07 +02:00
Gonglei
e60baebd40 usb-mtp: fix segmentation fault
When x-root property not be configured, will cause segfault
because of null pointer accessing. Add a check for s->root
property avoid segfault.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:07 +02:00
Gonglei
7c03a899e6 usb: usb-mtp QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:07 +02:00
Gonglei
e81b13ad94 usb: usb-hub QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:07 +02:00
Gonglei
f56691295e usb: usb-hid QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:06 +02:00
Gonglei
a293e82bbe usb: usb-bt QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:06 +02:00
Gonglei
0389a0b109 usb: usb-audio QOMify
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:06 +02:00
Gonglei
49184b6253 uhci: QOMify
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:06 +02:00
Gerd Hoffmann
df0f1692db xhci: fix events for setup trb.
When we find a IOC bit set on a setup trb and therefore queue an event,
that should not stop events being generated for following data trbs.
So clear the 'reported' flag.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:01:06 +02:00
Gerd Hoffmann
88dbed3f59 Revert "xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set"
This makes xhci generate multiple short packet events in case of
multi-trb transfers.  Which is wrong.  We need to fix this in a
different way.

This reverts commit aa6857891d.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 13:00:56 +02:00
Gerd Hoffmann
4e8cfbe114 xhci: set timer to retry xfers
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 12:39:18 +02:00
Michal Kazior
278412d0e7 usb: fix usb-net segfault
The dev->config pointer isn't set until guest
system initializes usb devices (via
usb_desc_set_config). However qemu networking can
go through some motions prior to that, e.g.:

 #0  is_rndis (s=0x555557261970) at hw/usb/dev-network.c:653
 #1  0x000055555585f723 in usbnet_can_receive (nc=0x55555641e820) at hw/usb/dev-network.c:1315
 #2  0x000055555587635e in qemu_can_send_packet (sender=0x5555572660a0) at net/net.c:470
 #3  0x0000555555878e34 in net_hub_port_can_receive (nc=0x5555562d7800) at net/hub.c:101
 #4  0x000055555587635e in qemu_can_send_packet (sender=0x5555562d7980) at net/net.c:470
 #5  0x000055555587dbca in tap_can_send (opaque=0x5555562d7980) at net/tap.c:172

The command to reproduce most reliably was:

 qemu-system-i386 -usb -device usb-net,vlan=0 -net tap,vlan=0

This wasn't strictly a problem with tap. Other
networking endpoints (vde, user) could trigger
this problem as well.

Fixes: https://bugs.launchpad.net/qemu/+bug/1050823
Cc: qemu-stable@nongnu.org
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-08 12:39:18 +02:00
Thomas Huth
ec29ea1b2b usb: Remove unused functions
Delete set_usb_string(), usb_ep_get_ifnum(), usb_ep_get_max_packet_size()
usb_ep_get_max_streams() and usb_ep_set_pipeline() since they are
not used anymore.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30 16:05:48 +03:00
Peter Maydell
e7e9b49f8e usb: bugfix collection.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJVC9F3AAoJEEy22O7T6HE4kJYQAIb5UZgIso2tKJe2QtUdWk+a
 aliDfUeYjbILgyOuB+wYQ+hGuSQgbArP+RT4G1cpv6wJKKOqNmJI83ahD4GMNvZS
 ZC7Z9lx7RjNW7lCTA0+H8Zd1YtEJKb4aleFYVCfL6u+8Yx/JK+W0nToMpZcw+H3O
 xlGclKNkyd4M5sE9XJXn/SPDDfqQ15Clor1yWBAqyHuzWFkyo/WhxwKidXZE6RjZ
 PSS0sDTwTHLz4wvjUrPt8N4JR1l226g0M32HjyNRRcqQEmCHZb/QM/BNBOOBX7aF
 3sAAxpmUro+bA3mljVV34RedTWpv5FQ/d8Ye0t2eWjQfzksDjcJhYU0pfNSUYdvG
 2SnBL3e05Ykl+nvsvWbgcobMHiTvZqiBMyV4LXJKvRIwMJRfhWgKKLpQLFM2ZYyX
 bcfC6OBthluY7eqJWIkDUsIevjxSYkSz0cvbFXVZk/+jCb5Q2/SgW+3No0NxuwpF
 lx1VYqJ4UCg7om91TOqT30CYIHfFpNPhWyk2j9/kSCnod/pTZQ7Q3J3ePf1Kts+Z
 K1G/9nh86pHhb/jrGVxqotPt1j+xG7Dd7J10BDkAa0ylIkMbsV1JS8D+1v5d5QZA
 I6odLJJunhtxbMzFP2yE/gZLaMQoUA5PgNRBqwGfam4o5MxdmXWojnahWXwbqecl
 nbK4Tmae1cFoWytDZikP
 =T+GC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20150320-1' into staging

usb: bugfix collection.

# gpg: Signature made Fri Mar 20 07:51:19 2015 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-usb-20150320-1:
  ehci: fix segfault when hot-unplugging ehci controller
  ohci: fix resource cleanup leak
  uhci: fix segfault when hot-unplugging uhci controller
  hw/usb: Include USB files only if necessary
  usb/dev-storage: Avoid qerror_report_err() outside QMP handlers
  usb/dev-storage: Fix QMP device_add missing encryption key failure
  monitor usb: Inline monitor_read_bdrv_key_start()'s first part
  monitor: Plug memory leak in monitor_read_bdrv_key_start()
  monitor: Drop dead QMP check from monitor_read_password()
  uhci: Convert to realize
  ohci: Complete conversion to realize
  usb: Improve companion configuration error messages
  usb: Propagate errors through usb_register_companion()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-20 09:50:08 +00:00
Gonglei
4e289b1b62 ehci: fix segfault when hot-unplugging ehci controller
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.

Let's hook up reset via DeviceClass->reset() and drop
the qemu_register_reset() call. Then Qemu will register
and unregister the reset handler automatically.

Cc: qemu-stable <qemu-stable@nongnu.org>
Reported-by: Lidonglin <lidonglin@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-20 08:50:12 +01:00
Gonglei
88dd1b8d00 ohci: fix resource cleanup leak
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.

Let's hook up reset via DeviceClass->reset() and drop
the qemu_register_reset() call. Then Qemu will register
and unregister the reset handler automatically.

Ohci does't support hotplugging/hotunplugging yet, but
existing resource cleanup leak logic likes ehci/uhci.

Cc: qemu-stable <qemu-stable@nongnu.org>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-20 08:50:06 +01:00
Gonglei
537e572a7f uhci: fix segfault when hot-unplugging uhci controller
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.

Let's hook up reset via DeviceClass->reset() and drop
the qemu_register_reset() call. Then Qemu will register
and unregister the reset handler automatically.

Cc: qemu-stable <qemu-stable@nongnu.org>
Reported-by: Lidonglin <lidonglin@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-20 08:50:01 +01:00
Stefan Weil
e7ae771f6d Fix remaining warnings from Sparse (void return)
Sparse report:

hw/display/vga.c:2000:5: warning: returning void-valued expression
hw/intc/arm_gic.c:707:9: warning: returning void-valued expression
hw/intc/etraxfs_pic.c:138:9: warning: returning void-valued expression
hw/nvram/fw_cfg.c:475:5: warning: returning void-valued expression
hw/timer/a9gtimer.c:124:5: warning: returning void-valued expression
hw/tpm/tpm_tis.c:794:5: warning: returning void-valued expression
hw/usb/hcd-musb.c:558:9: warning: returning void-valued expression
hw/usb/hcd-musb.c:776:13: warning: returning void-valued expression
hw/usb/hcd-musb.c:867:5: warning: returning void-valued expression
hw/usb/hcd-musb.c:932:5: warning: returning void-valued expression
include/qom/cpu.h:584:5: warning: returning void-valued expression
monitor.c:4686:13: warning: returning void-valued expression
monitor.c:4690:13: warning: returning void-valued expression

Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Andreas Färber <afaerber@suse.de>
Cc: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:11:55 +03:00
Thomas Huth
8ffd9f4dd4 hw/usb: Include USB files only if necessary
Boards that do not include an USB controller should not provide
USB devices. However, when running "qemu-system-s390x -device help"
for example, there's still a usb-hub, usb-kbd, usb-mouse and
usb-tablet in the list of "supported" devices. Let's fix that
by compiling and linking the USB files only if it is really
necessary.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 11:50:47 +01:00
Markus Armbruster
c326529b74 usb/dev-storage: Avoid qerror_report_err() outside QMP handlers
qerror_report_err() is a transitional interface to help with
converting existing monitor commands to QMP.  It should not be used
elsewhere.

usb_msd_password_cb() is only called from within an HMP command
handler.  Replace by error_report_err().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17 14:23:53 +01:00
Markus Armbruster
7afcc1f9ba usb/dev-storage: Fix QMP device_add missing encryption key failure
When the image is encrypted, QMP device_add creates the device, defers
actually attaching it to when the key becomes available, then returns
an error.  This is wrong.  device_add must either create the device
and succeed, or do nothing and fail.

The bug is in usb_msd_realize_storage().  It posts an error with
qerror_report_err(), and returns success.  Device realization relies
on the return value, and completes.  The QMP monitor, however, relies
on the posted error, and sends it in an error reply.

Reproducer:

    $ qemu-system-x86_64 -nodefaults -display none -usb -qmp stdio -drive if=none,id=foo,file=geheim.qcow2
    {"QMP": {"version": {"qemu": {"micro": 50, "minor": 2, "major": 2}, "package": ""}, "capabilities": []}}
    { "execute": "qmp_capabilities" }
    {"return": {}}
    { "execute": "device_add", "arguments": { "driver": "usb-storage", "id": "bar", "drive": "foo" } }
    {"error": {"class": "DeviceEncrypted", "desc": "'foo' (geheim.qcow2) is encrypted"}}

Even though we got an error back, the device got created just fine.
To demonstrate, let's unplug it again:

    {"execute":"device_del","arguments": { "id": "bar" } }
    {"timestamp": {"seconds": 1426003440, "microseconds": 237181}, "event": "DEVICE_DELETED", "data": {"path": "/machine/peripheral/bar/bar.0/legacy[0]"}}
    {"timestamp": {"seconds": 1426003440, "microseconds": 238231}, "event": "DEVICE_DELETED", "data": {"device": "bar", "path": "/machine/peripheral/bar"}}
    {"return": {}}

Fix by making usb_msd_realize_storage() fail properly.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17 14:23:52 +01:00
Markus Armbruster
9b14e0efcc monitor usb: Inline monitor_read_bdrv_key_start()'s first part
monitor_read_bdrv_key_start() does several things:

1. If no key is needed, call completion_cb() and succeed

2. If we're in QMP context, call qerror_report_err() and fail

3. Start reading the key in the monitor.

This is two things too many.  Inline 1. and 2. into its callers
monitor_read_block_device_key() and usb_msd_realize_storage().

Since monitor_read_block_device_key() only ever runs in HMP context,
drop 2. there.

The next commit will clean up the result in usb_msd_realize_storage().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17 14:23:52 +01:00
Markus Armbruster
63216dc78d uhci: Convert to realize
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17 14:11:43 +01:00
Markus Armbruster
87581feaa1 ohci: Complete conversion to realize
Commit 457215ec "ohci: Use QOM realize for OHCI" converted only
"sysbus-ohci".  Finish the job: convert "pci-ohci".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17 14:11:43 +01:00
Markus Armbruster
2e269f3d9d usb: Improve companion configuration error messages
The previous commit broke the additional messages explaining the error
messages.  Improve the error messages, so they don't need explaining
so much.  Helps QMP users as well, unlike additional explanations.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17 14:11:43 +01:00
Markus Armbruster
f4bbaaf584 usb: Propagate errors through usb_register_companion()
This loses the messages explaining the error printed with
error_printf_unless_qmp().  The next commit will make up for the loss.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17 14:11:42 +01:00
Peter Maydell
23a7a28796 - scsi: improvements to error reporting and conversion to realize,
Coverity/sparse fix for iscsi driver
 - RCU fallout: fix -daemonize and s390x system emulation
 - KVM: kvm_stat improvements and new man page
 - x86: SYSRET fix for VxWorks
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJU/sUFAAoJEL/70l94x66D1JwIAJ28Lan2DQwi+xHvNxF8zW6n
 v7eMc04/fepuon0TYmUZC3qbqc00sccEQZQ+yAAauT9epZ/kdSDudDOzG+3F4MuQ
 /X3crXw2/jrhtWedGq49vFCONX4MKoaoudqK8kOFMe1ImQgkOYeAzOoqeFXyHsFh
 jINlKTJZB6oKzrZ+SYryY14cO7pvGaIhyqaCC+6GcVihTjm9Yq13lP1lFj7LsVRV
 aGfd6xH9RSV/mwzvZwD4i3cUWSUaV/wY0NDhAEzDPCUcxX0/nAj3XF1YeJUF30Qd
 ETaCLo/Nxq2R6POK3c/Zm/FRLvjzZ2caD+q1LcwB/bCYdc2lJ1JDxE/hr48ANv0=
 =OWXY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

- scsi: improvements to error reporting and conversion to realize,
  Coverity/sparse fix for iscsi driver
- RCU fallout: fix -daemonize and s390x system emulation
- KVM: kvm_stat improvements and new man page
- x86: SYSRET fix for VxWorks

# gpg: Signature made Tue Mar 10 10:18:45 2015 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  x86: fix SS selector in SYSRET
  scsi: Convert remaining PCI HBAs to realize()
  scsi: Improve error reporting for invalid drive property
  hw: Propagate errors through qdev_prop_set_drive()
  scsi: Clean up duplicated error in legacy if=scsi code
  cpus: initialize cpu->memory_dispatch
  rcu: handle forks safely
  qemu-thread: do not use PTHREAD_MUTEX_ERRORCHECK
  kvm_stat: add kvm_stat.1 man page
  kvm_stat: add column headers to text UI
  iscsi: Fix check for username

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-10 18:03:02 +00:00
Peter Maydell
1976058109 Block patches for 2.3
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJU/uuVAAoJEH8JsnLIjy/WULwP/jeARjYkFuG3ahSWpeY0JnTK
 QCkLF06iSQQUiirXI4H+Tofl8kNVBd/Iinv+LbkF27iWbTiwalmLz7NiyboX8dl+
 NJZtCrqp44q7KFbl3g19/jop/zdZ9N5Gxp8BARVUILHQb1y5cXJwrDhBxTmNRDL+
 sSZXfomCgKtMP40nGLa0CcNIYKlm8MePJEM2TsMoWv7tYz4CXgBG39EqK6NJluCY
 kTTMcbdrLbR0imfKOVPutCgV8rhRXJ0oGVD3Q+D3/LFmPG++hoRnWCcDm6ZZ62Hi
 Ra7u87TBfAUUtiT+vFQJnd7hTpN+stQidsCDBLEY3qPTKYhzm648PHvcEwOAv6YW
 sjAELF2Rrsbe4vkL3/qgYDusnaPMElrHVEdbKtHofWtg6KctLnYIhusV+qKq1Fpa
 cRQEbQIZMVFeWN1G9WuYH8RBYrwJqp+/qq7DcnV62lUAdY4e3iO7E3yMLFDwpxku
 PLl7eofU/ZpnAOrrU2QAQvgXZRqy1ie/Unv8jFwefQkK5mXHoCtkAeBlOM8t4kJf
 HjkC/hYO7kwPdaz6xK80wpXqYd3vT6jKi7mlJqC5oQQLGJbRigxlMZ16UIAx+IrL
 NxhnQChp7IP21KMATFbpvYjcJyGMw3ZuVRaUhQBgqQArIomVHvM5WcN9M6S5dsmj
 vClFOIqjlSbtsmChceWr
 =hlbC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block patches for 2.3

# gpg: Signature made Tue Mar 10 13:03:17 2015 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream: (73 commits)
  MAINTAINERS: Add jcody as blockjobs, block devices maintainer
  iotests: add O_DIRECT alignment probing test
  block/raw-posix: fix launching with failed disks
  MAINTAINERS: Add jsnow as IDE maintainer
  sheepdog: Fix misleading error messages in sd_snapshot_create()
  Add testcase for scsi-hd devices without drive property
  scsi-hd: fix property unset case
  block/vdi: Add locking for parallel requests
  iotests: Drop vpc from 004's and 104's format list
  iotests: Remove 006
  iotests: Fix 051's reference output
  virtio-blk: Remove the stale FIXME comment
  tests: Check QVIRTIO_F_ANY_LAYOUT flag in virtio-blk test
  libqos: Solve bug in interrupt checking when using MSIX in virtio-pci.c
  sheepdog: fix confused return values
  qtest/ahci: add fragmented dma test
  qtest/ahci: Add PIO and LBA48 tests
  qtest/ahci: Add DMA test variants
  libqos/ahci: add ahci command helpers
  qtest/ahci: Add a macro bootup routine
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-10 14:01:22 +00:00
Ekaterina Tumanova
0eb28a4228 BlockConf: Call backend functions to detect geometry and blocksizes
geometry: hd_geometry_guess function autodetects the drive geometry.
This patch adds a block backend call, that probes the backing device
geometry. If the inner driver method is implemented and succeeds
(currently only for DASDs), the blkconf_geometry will pass-through
the backing device geometry. Otherwise will fallback to old logic.

blocksize: This patch initializes blocksize properties to 0.
In order to set the property a blkconf_blocksizes was introduced.
If user didn't set physical or logical blocksize, it will
retrieve its value from a driver (only succeeds for DASD), otherwise
it will set default 512 value.

The blkconf_blocksizes call was added to all users of BlkConf.

Signed-off-by: Ekaterina Tumanova <tumanova@linux.vnet.ibm.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1424087278-49393-6-git-send-email-tumanova@linux.vnet.ibm.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-03-10 14:02:22 +01:00
Markus Armbruster
9b3d111ad9 hw: Propagate errors through qdev_prop_set_drive()
Three kinds of callers:

1. On failure, report the error and abort

   Passing &error_abort does the job.  No functional change.

2. On failure, report the error and exit()

   This is qdev_prop_set_drive_nofail().  Error reporting moves from
   qdev_prop_set_drive() to its caller.  Because hiding away the error
   in the monitor right before exit() isn't helpful, replace
   qerror_report_err() by error_report_err().  Shouldn't make a
   difference, because qdev_prop_set_drive_nofail() should never be
   used in QMP context.

3. On failure, report the error and recover

   This is usb_msd_init() and scsi_bus_legacy_add_drive().  Error
   reporting and freeing the error object moves from
   qdev_prop_set_drive() to its callers.

   Because usb_msd_init() can't run in QMP context, replace
   qerror_report_err() by error_report_err() there.

   No functional change.

   scsi_bus_legacy_add_drive() calling qerror_report_err() is of
   course inappropriate, but this commit merely makes it more obvious.
   The next one will clean it up.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-Id: <1425925048-15482-3-git-send-email-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-10 11:18:23 +01:00
Peter Maydell
0048fa6c80 pci, pc, virtio fixes and cleanups
A bunch of fixes all over the place.
 All of ACPI refactoring has been merged.
 Legacy pci commands have been dropped.
 virtio header cleanup
 initial patches from virtio-1.0 branch
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJU/CoXAAoJECgfDbjSjVRpX7EH/RMmgtsDO4wvqJu++lHvkB/q
 kSaXZYTpJTo0i5JE7n2brwuXA4902tTg9g5TMUpGPh9Pt2QRg7RTgGC1vqZyOBos
 MPw+4BO2v66S6qgX7bOf222z7r64cHTY7pLkQlrfD4usPlu2eusZ64UTW6Ru51fW
 WF9E9aunbl+HnuCGq6Iez3sCLscTBJpU/lEr6oSyHhuq3aa0CjjraEeV0E/QcwJG
 HTUeFymL8NFvlXZblsLI++VOv7Mxpi6yiCQ5XoKpFgGMvidwo41Aso6gB3ySGxOd
 w8O3Nbu77Iw/StDRNCg/5/GapabMKh2bE4UCsYY5OS63ZtD0fl0CCblhzm/ZFPw=
 =LY/j
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pci, pc, virtio fixes and cleanups

A bunch of fixes all over the place.
All of ACPI refactoring has been merged.
Legacy pci commands have been dropped.
virtio header cleanup
initial patches from virtio-1.0 branch

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

* remotes/mst/tags/for_upstream: (130 commits)
  acpi: drop unused code
  aml-build: comment fix
  acpi-build: fix typo in comment
  acpi: update generated files
  vhost user:support vhost user nic for non msi guests
  aml-build: fix build for glib < 2.22
  acpi: update generated files
  Makefile.target: binary depends on config-devices
  acpi-test-data: update after pci rewrite
  acpi, mem-hotplug: use PC_DIMM_SLOT_PROP in acpi_memory_plug_cb().
  pci-hotplug-old: Has been dead for five major releases, bury
  pci: Give a few helpers internal linkage
  acpi: make build_*() routines static to aml-build.c
  pc: acpi: remove not used anymore ssdt-[misc|pcihp].hex.generated blobs
  pc: acpi-build: drop template patching and create PCI bus tree dynamically
  tests: ACPI: update pc/SSDT.bridge due to new alg of PCI tree creation
  pc: acpi-build: simplify PCI bus tree generation
  tests: add ACPI blobs for qemu with bridge cases
  tests: bios-tables-test: add support for testing bridges
  tests: ACPI test blobs update due to PCI0._CRS changes
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Conflicts:
	hw/pci/pci-hotplug-old.c
2015-03-09 09:14:28 +00:00
Peter Maydell
b6d527fbc0 xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJU9WUDAAoJEEy22O7T6HE4oj4QALvuVh+ZBk9WMRs+6+e/hNwl
 EQwx3+yy1A4eB/XetCdBOT6Besk1t4snDXqw3GwCVXbRzCNOyNn+ptynDvIOMxqH
 2juKCB91yhSrgGUqx/sU3iNe9PjUE+g5MZE3BBgmjgKSNlqULP1lSKmRNfdYGH+3
 vLF2P0Qtv7AHCN+eRLZJGCD3xxaE0QAU9t77OoTyYS6KRFinAaOiU6FBTLH11xVW
 LPWU3iVY7SuE7PT8EsmAwr2Gizt/pztRSOViIqba6UxUhrRM8zjMfi7bKC+NqIP6
 aeCAoQExCvs7tVBQ/N4+NLmYzbhRdyCNxMVmWFOnF37FH9aRMZRypc0dxvEksW8p
 HsRBNXWiuQyAtdOPiaQ/XBFKzpUjFo6s6GBtPMGkXRA/6puEvzIUQZmFbWfFpkVr
 Ippj3vMTgJv9IE1wzExv9inamzko+kWPI8JQBuMN7XvNpKAMHyGmIKniNDMZaqNA
 /iFMFJXLwTNTO/oYLkHCttgfty50ktZ1wvlZnbKt4zV89Qw2lOaeGiFIgJdUcMHN
 54ssxDaoECMFiRlhqmraUg5HgjHTc5Bo0P/sp8G183Vp63mZS52/KRldvqmrM8jK
 ZpvEmbwpGzZsHsDEszInvJTUX6QTE6rSvwMJdfoy9tVWsyIGMJDiyJXotVZZZepz
 OTr6WkRo9KpYNRafuuG7
 =+CKl
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20150303-1' into staging

xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set

# gpg: Signature made Tue Mar  3 07:38:43 2015 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-usb-20150303-1:
  xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-08 07:33:45 +00:00
Laszlo Ersek
aa6857891d xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set
At the moment, when the XHCI driver in edk2
(MdeModulePkg/Bus/Pci/XhciDxe/XhciDxe.inf) runs on QEMU, with the options

  -device nec-usb-xhci -device usb-kbd

it crashes with:

  ASSERT MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c(1759):
  TrsRing != ((void*) 0)

The crash hits in the following edk2 call sequence (all files under
MdeModulePkg/Bus/):

UsbEnumerateNewDev()                         [Usb/UsbBusDxe/UsbEnumer.c]
  UsbBuildDescTable()                        [Usb/UsbBusDxe/UsbDesc.c]
    UsbGetDevDesc()                          [Usb/UsbBusDxe/UsbDesc.c]
      UsbCtrlGetDesc(USB_REQ_GET_DESCRIPTOR) [Usb/UsbBusDxe/UsbDesc.c]
        UsbCtrlRequest()                     [Usb/UsbBusDxe/UsbDesc.c]
          UsbHcControlTransfer()             [Usb/UsbBusDxe/UsbUtility.c]
            XhcControlTransfer()             [Pci/XhciDxe/Xhci.c]
              XhcCreateUrb()                 [Pci/XhciDxe/XhciSched.c]
                XhcCreateTransferTrb()       [Pci/XhciDxe/XhciSched.c]
              XhcExecTransfer()              [Pci/XhciDxe/XhciSched.c]
                XhcCheckUrbResult()          [Pci/XhciDxe/XhciSched.c]
                  //
                  // look for TRB_TYPE_DATA_STAGE event [1]
                  //
              //
              // Store a copy of the device descriptor, as the hub device
              // needs this info to configure endpoint. [2]
              //
  UsbSetConfig()                             [Usb/UsbBusDxe/UsbDesc.c]
    UsbCtrlRequest(USB_REQ_SET_CONFIG)       [Usb/UsbBusDxe/UsbDesc.c]
      UsbHcControlTransfer()                 [Usb/UsbBusDxe/UsbUtility.c]
        XhcControlTransfer()                 [Pci/XhciDxe/Xhci.c]
          XhcSetConfigCmd()                  [Pci/XhciDxe/XhciSched.c]
            XhcInitializeEndpointContext()   [Pci/XhciDxe/XhciSched.c]
              //
              // allocate transfer ring for the endpoint [3]
              //

USBKeyboardDriverBindingStart()              [Usb/UsbKbDxe/EfiKey.c]
  UsbIoAsyncInterruptTransfer()              [Usb/UsbBusDxe/UsbBus.c]
    UsbHcAsyncInterruptTransfer()            [Usb/UsbBusDxe/UsbUtility.c]
      XhcAsyncInterruptTransfer()            [Pci/XhciDxe/Xhci.c]
        XhcCreateUrb()                       [Pci/XhciDxe/Xhci.c]
          XhcCreateTransferTrb()             [Pci/XhciDxe/XhciSched.c]
            XhcSyncTrsRing()                 [Pci/XhciDxe/XhciSched.c]
              ASSERT (TrsRing != NULL) [4]

UsbEnumerateNewDev() in the USB bus driver issues a GET_DESCRIPTOR
request, in order to determine the number of configurations that the
endpoint supports. The requests consists of three stages (three TRBs),
setup, data, and status. The length of the response is determined in [1],
namely from the transfer event that the host controller generates in
response to the request's middle stage (ie. the data stage).

If the length of the answer is correct (a full GET_DESCRIPTOR request
takes 18 bytes), then the XHCI driver that underlies the USB bus driver
"snoops" (caches) the descriptor data for later [2].

Later, the USB bus driver sends a SET_CONFIG request. The underlying XHCI
driver allocates a transfer ring for the endpoint, relying on the data
snooped and cached in step [2].

Finally, the USB keyboard driver submits an asynchronous interrupt
transfer to manage the keyboard. As part of this it asserts [4] that the
ring has been allocated in step [3].

And this ASSERT() fires. The root cause can be found in the way QEMU
handles the initial GET_DESCRIPTOR request.

Again, that request consists of three stages (TRBs, Transfer Request
Blocks), "setup", "data", and "status". The XhcCreateTransferTrb()
function sets the IOC ("Interrupt on Completion") flag in each of these
TRBs.

According to the XHCI specification, the host controller shall generate a
Transfer Event in response to *each* individual TRB of the request that
had the IOC flag set. This means that QEMU should queue three events:
setup, data, and status, for edk2's XHCI driver.

However, QEMU only generates two events:
- one for the setup (ie. 1st) stage,
- another for the status (ie. 3rd) stage.

No event is generated for the middle (ie. data) stage. The loop in QEMU's
xhci_xfer_report() function runs three times, but due to the "reported"
variable, only the first and the last TRBs elicit events, the middle (data
stage) results in no event queued.

As a consequence:
- When handling the GET_DESCRIPTOR request, XhcCheckUrbResult() in [1]
  does not update the response length from zero.

- XhcControlTransfer() thinks that the response is invalid (it has zero
  length payload instead of 18 bytes), hence [2] is not reached; the
  device descriptor is not stashed for later, and the number of possible
  configurations is left at zero.

- When handling the SET_CONFIG request, (NumConfigurations == 0) from
  above prevents the allocation of the endpoint's transfer ring.

- When the keyboard driver tries to use the endpoint, the ASSERT() blows
  up.

The solution is to correct the emulation in QEMU, and to generate a
transfer event whenever IOC is set in a TRB.

The patch replaces

  !reported && (IOC || foo)    == !reported && IOC ||
                                  !reported && foo

with

  IOC || (!reported && foo)    == IOC ||
                                  !reported && foo

which only changes how

  reported && IOC

is handled. (Namely, it now generates an event.)

Tested with edk2 built for "qemu-system-aarch64 -M virt" (ie.
"ArmVirtualizationQemu.dsc", aka "AAVMF"), and guest Linux.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-03 08:36:58 +01:00
Markus Armbruster
f43e47dbf6 QemuOpts: Drop qemu_opt_set(), rename qemu_opt_set_err(), fix use
qemu_opt_set() is a wrapper around qemu_opt_set() that reports the
error with qerror_report_err().

Most of its users assume the function can't fail.  Make them use
qemu_opt_set_err() with &error_abort, so that should the assumption
ever break, it'll break noisily.

Just two users remain, in util/qemu-config.c.  Switch them to
qemu_opt_set_err() as well, then rename qemu_opt_set_err() to
qemu_opt_set().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2015-02-26 14:49:31 +01:00
Markus Armbruster
9af21dbee1 pci: Trivial device model conversions to realize
Convert the device models where initialization obviously can't fail.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2015-02-26 12:42:16 +01:00
Peter Maydell
c5c6d7f81a Clean up around error_get_pretty(), qerror_report_err()
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJU5GT/AAoJEDhwtADrkYZT6H8QAJSdCnymglYhsJ0L8Pn+mFbw
 ukAxSBjZ+XJXwSBCjSLB9e2Tb6PJZAbAdQJjmI1Ijb+3cXqjRURErTsp+Caz1pjj
 Zw4v4whxNedXl+WeZEwX7sU6WlDhMEk51E1NHssd9dyZ/noEqHiw/XzoqimaYlPK
 nrSTBZ94N+F+Daw1d/cjbRMHHGVSjpVraDEPvZIkC6Mv43dGhSdCT529FXthMpUd
 OhoaQvEdy/75RqFwd4gbjHzA2qHVVsKdq8EfDdHAlcg2LSGB8zM4LlRmYxMKmy2g
 ylZLXtm6v7Pm+tYFVdLc7xWnRIh4vFXBHFJ8O9jFXziV4Nkj7s7qXdLJXxYWfRXU
 KC4/vw9IEkHWWUtn1A69ktyPFjEcnW0ieiEOA7/2FXiH7RARnWTl/YChlQrSgSAM
 zh+/01UhHvKBkxmkJIWpHzR+70A/GyubvlrcSd0g6L+g1hXEw78aryivCoFTKocl
 MNTlI7AcaGW2qpSUn5kr99aBdKD1sSdGPbNqqZMOzUekGQHeUuNNrFlvsTibMo5G
 OikdrgygmoLHBcMCgVykYoHen5lMcz+PS5aGFoGwvMV3DQZAsAwltXGeJSNck143
 WuEatwA0PhuA0S/dZMELC27kUdsbvpBUhboHuShz4pvytihWu0HmVAWDeShd9uPB
 r/WSqvETUcdSOqExGEP2
 =g7dZ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-02-18' into staging

Clean up around error_get_pretty(), qerror_report_err()

# gpg: Signature made Wed Feb 18 10:10:07 2015 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-error-2015-02-18:
  qemu-char: Avoid qerror_report_err() outside QMP command handlers
  qemu-img: Avoid qerror_report_err() outside QMP command handlers
  vl: Avoid qerror_report_err() outside QMP command handlers
  tpm: Avoid qerror_report_err() outside QMP command handlers
  numa: Avoid qerror_report_err() outside QMP command handlers
  net: Avoid qerror_report_err() outside QMP command handlers
  monitor: Avoid qerror_report_err() outside QMP command handlers
  monitor: Clean up around monitor_handle_fd_param()
  error: Use error_report_err() where appropriate
  error: New convenience function error_report_err()
  vhost-scsi: Improve error reporting for invalid vhostfd

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-02-26 07:01:08 +00:00
Peter Maydell
68b459eaa6 hmp: Normalize HMP command handler names
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJU5HCgAAoJEDhwtADrkYZT0gcP/ijfMUqLlOPMagm5ggDCx/HK
 IFFgcrynQNS6FwTNSIEW04So4q2EMbqwuTEpZ5pe330brGy0U/UgkVmz76BkyoXT
 9LcgKwtVytfc/niF4k5nIKXrasNG1DHPrhd+zx/oTvwmC/8r+NqHZoPOjNaOPLCX
 18SWJMy57l47XAzVOUoFHEW3mEO5YjF8qo3eRcbUWEWXkRp6wg/d2f9nkiHIAfcB
 0XVso0PUJ3jID/WkNqb9JoexTnH5rQSkbeJVZWed8iSAt2cCi+pnE/RjL75M9VF8
 3mPh2Zhi1lEV4qsYQH1OY7909RtKIj7EBDd7kuUWBi1oSIEaIn5GjNWBGCmBbPbY
 0ZVhGFXFvvtI+tPEK3aqRSlyENReT29oKfEv0LAKoUQFBl+jb7qqBns4cfOF+i26
 Tb4cnzqN1rdnlCNemTQATOrr01JAZEkdp3NHq+Bx967ocP3zxfL+pX2Q/3S8aFDs
 j9Ynq+3FvweeDKeYbHKKscELII1DZcNs1CYJOtJIl+XgzowfgpoTRP7P/e2qFM+z
 ey5qF8nc3mW8tVSkotMeeseFe9tj1xxIV+CslTRiYqnxHnmq4HgsN3DoDtnyy9De
 g3U0d9rgBKFPEkAWXg939GXbH2HVUqLkOSy50WGRruP4dzco7BhLyhQimqPchBFj
 b7P40f6NyWCYDhzJu6+N
 =Kleh
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-02-18' into staging

hmp: Normalize HMP command handler names

# gpg: Signature made Wed Feb 18 10:59:44 2015 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-monitor-2015-02-18:
  hmp: Name HMP info handler functions hmp_info_SUBCOMMAND()
  hmp: Name HMP command handler functions hmp_COMMAND()
  hmp: Clean up declarations for long-gone info handlers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-02-25 13:14:37 +00:00
Markus Armbruster
1ce6be24df hmp: Name HMP info handler functions hmp_info_SUBCOMMAND()
Some are called do_info_SUBCOMMAND() (old ones, usually), some
hmp_info_SUBCOMMAND(), some SUBCOMMAND_info(), sometimes SUBCOMMAND
pointlessly differs in spelling.

Normalize to hmp_info_SUBCOMMAND(), where SUBCOMMAND is exactly the
subcommand name with '-' replaced by '_'.

Exceptions:

* sun4m_irq_info(), sun4m_pic_info() renamed to sun4m_hmp_info_irq(),
  sun4m_hmp_info_pic().

* lm32_irq_info(), lm32_pic_info() renamed to lm32_hmp_info_irq(),
  lm32_hmp_info_pic().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
2015-02-18 11:58:50 +01:00
David Gibson
c3cf77cb63 Make sysbus EHCI devices ARM only by default
A number of ARM embedded boards include EHCI USB host controllers which
appear as directly mapped devices, rather than sitting on a PCI bus.

At present code to emulate such devices is included whenever EHCI support
is included.  This patch adjusts teh config options to only include them
in builds targetting ARM by default.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-18 10:53:10 +01:00
Markus Armbruster
599655c91f usb: Change usb_create_simple() to abort on failure
Instead of returning null pointer.  Matches pci_create_simple(),
isa_create_simple(), sysbus_create_simple().  It's unused since the
previous commit, but I'll put it to use again shortly.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-18 10:53:10 +01:00
Markus Armbruster
bd8b92d5c8 usb: Suppress bogus error when automatic usb-hub creation fails
USBDevice's realize method usb_qdev_realize() automatically creates a
usb-hub when only one port is left.  Creating devices in realize
methods is questionable, but works.

If usb-hub creation fails, an error is reported to stderr, but the
failure is otherwise ignored.  We then create the actual device using
the last port, which may well succeed.

Example:

    $ qemu -nodefaults -S -display none -machine usb=on -monitor stdio
    QEMU 2.2.50 monitor - type 'help' for more information
    (qemu) device_add usb-mouse
    [Repeat 36 times]
    (qemu) info usb
      Device 0.0, Port 1, Speed 12 Mb/s, Product QEMU USB Mouse
      Device 0.0, Port 2, Speed 12 Mb/s, Product QEMU USB Hub
      Device 0.0, Port 2.1, Speed 12 Mb/s, Product QEMU USB Mouse
    [More mice and hubs omitted...]
      Device 0.0, Port 2.8.8.8.8.7, Speed 12 Mb/s, Product QEMU USB Mouse
    (qemu) device_add usb-mouse
    usb hub chain too deep
    Failed to initialize USB device 'usb-hub'
    (qemu) info usb
    [...]
      Device 0.0, Port 2.8.8.8.8.7, Speed 12 Mb/s, Product QEMU USB Mouse
      Device 0.0, Port 2.8.8.8.8.8, Speed 12 Mb/s, Product QEMU USB Mouse

Despite the "Failed" message, the command actually succeeded.

In QMP, it's worse.  When adding the 37th mouse via QMP, the command
fails with

    {"error": {"class": "GenericError", "desc": "usb hub chain too deep"}}

Additionally, "Failed to initialize USB device 'usb-hub'" is reported
on stderr.  Despite the command failure, the device was created.  This
is wrong.

Fix by avoiding qdev_init() for usb-hub creation, so we can ignore
errors cleanly.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-18 10:53:10 +01:00
Markus Armbruster
06f22eb78f usb: Do not prefix error_setg() messages with "Error: "
Because it produces beauties like

    (qemu) usb_add mouse
    Failed to initialize USB device 'usb-mouse': Error: tried to attach usb device QEMU USB Mouse to a bus with no free ports

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-18 10:53:10 +01:00
Markus Armbruster
3bc36a401e usb: Improve -usbdevice error reporting a bit
Most LegacyUSBFactory usbdevice_init() methods realize with
qdev_init_nofail(), even though their caller usbdevice_create() can
handle failure.  Okay if it really can't fail (I didn't check), but
somewhat brittle.

usb_msd_init() and usb_bt_init() call qdev_init().  The latter
additionally reports an error when qdev_init() fails.

Realization failure produces multiple error reports: a specific one
from qdev_init(), and generic ones from usb_bt_init(),
usb_create_simple(), usbdevice_create() and usb_parse().

Remove realization from the usbdevice_init() methods.  Realize in
usbdevice_create(), and produce exactly one error message there.  You
still get another one from usb_parse().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-18 10:53:10 +01:00
Markus Armbruster
4806ec9b2c usb: usb_create() can't fail, drop useless error handling
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-18 10:53:09 +01:00
Markus Armbruster
565f65d271 error: Use error_report_err() where appropriate
Coccinelle semantic patch:

    @@
    expression E;
    @@
    -    error_report("%s", error_get_pretty(E));
    -    error_free(E);
    +    error_report_err(E);
    @@
    expression E, S;
    @@
    -    error_report("%s", error_get_pretty(E));
    +    error_report_err(E);
    (
         exit(S);
    |
         abort();
    )

Trivial manual touch-ups in block/sheepdog.c.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2015-02-18 10:51:09 +01:00
Markus Armbruster
0c6f807f4a usb: Pair g_malloc() with g_free(), not free()
Spotted by Coverity with preview checker ALLOC_FREE_MISMATCH enabled
and my "coverity: Model g_free() isn't necessarily free()" model patch
applied.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-02-10 09:27:20 +03:00
Paolo Bonzini
e720677e32 vmstate: accept QEMUTimer in VMSTATE_TIMER*, add VMSTATE_TIMER_PTR*
Old users of VMSTATE_TIMER* are mechanically changed to VMSTATE_TIMER_PTR
variants.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-01-26 12:22:44 +01:00
lijun
7251711472 usb: delete redundant brackets in usb_host_handle_control()
When see usb codes, find there are redundant brackets !((udev->port->speedmask
& USB_SPEED_MASK_SUPER)) here. So delete it.

Signed-off-by: Jun Li <junmuzi@gmail.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-12-10 11:24:35 +03:00
Paolo Bonzini
a9be76576e hcd-musb: fix dereference null return value
usb_ep_get and usb_handle_packet can deal with a NULL device, but we have
to avoid dereferencing NULL pointers when building the id.

Thanks to Gonglei for an initial stab at fixing this.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-11-17 18:02:31 +01:00
Gerd Hoffmann
79ae25af15 usb-host: fix usb_host_speed_compat tyops
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2014-11-12 15:27:23 +01:00
Gerd Hoffmann
f2ad97ff81 xhci: add sanity checks to xhci_lookup_uport
Also catch xhci_lookup_uport failures in post_load.

https://bugzilla.redhat.com/show_bug.cgi?id=1074219

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-11 08:48:16 +01:00
Chris Johns
1e03e40784 Provide the missing LIBUSB_LOG_LEVEL_* for older libusb or FreeBSD. Providing just the needed value as a defined.
Signed-off-by: Chris Johns <chrisj@rtems.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-11 08:48:16 +01:00
Gonglei
a65e4ef90f uhci: remove useless DEBUG
commit 50dcc0f8 (uhci: tracing support) had removed
DPRINTF, the DEBUG marco is useless now, remove it.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-28 11:38:18 +01:00
Gerd Hoffmann
2aa6bfcb66 xhci: add property to turn on/off streams support
streams support in usb-redir and usb-host works only with recent enough
versions of the support libraries (libusbredir and libusbx).  Failure
mode is rather unelegant:  Any stream usb transfers will throw stall
errors.  Turning off support for streams in the xhci host controller
will work better as the guest can figure beforehand that streams are
not going to work.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
2014-10-28 11:38:18 +01:00
Peter Maydell
8f4699d873 Block patches
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJURPo5AAoJEH8JsnLIjy/WK1gP/2PhKD4lsjQ0O9TYlwu2aWCc
 eej/z2wp47996KAkhRgS4mf/E0FnPSh80cHV1wobPJfRSTPPNuGgrmhX+HLcjlPz
 fWb3qN6Ikneou1TYCO/r1wMwhPpE1GKjZmuHQcH3B27GW5cqx/s1sPCxqwDJJnYq
 oBbbcIGZGNYLHlyJvl88gBTkIHBs5/nxhzVnPnpQi6JqtGz8CAbo6e36A5RQCqyV
 RoYEe5Lif81lZpaTpYFsoUhOcH9YtQnKoUSdAnqtXtLO9fOHsn7/75hnmT4bs5CR
 p6UAiutN+jiUcRrlF//TK5TNlS7KvOAf+LirEURAY0j5IJNXh30/5x8hXzHJxb60
 eY6ePrhnbkPeLfg1Qh/7LJyi/W0cl2YN6I2oslnMUfcumu9Ns1FfsFrFpKtgT/yM
 fkjQEo7w9khKT+iZaOm1XaNDliUKZiG2wLhni6KYAGM2edmE8W7VCkjSTFcz/4eQ
 vn7G3T1OnglW1cSt0onTAKNWn2swh0lXOXv7iBupmiNoy+hafNwTa1eHw+jjvXeF
 3WdfMxT6fRKAQUC/hwVlvyeJcZyBMG11BuovX9gNgdx5/UpWJFjxHsEmbiP9TtkO
 CJ5dGi+PgM/fxLJj4IW0zSVSL+mnhQmQdtzksU+l4GBHuErXdkt9W61sOHHQJGTf
 NGIkh6DwV4VfFZd6bzf0
 =8BaC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block patches

# gpg: Signature made Mon 20 Oct 2014 13:04:09 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream: (28 commits)
  block: Make device model's references to BlockBackend strong
  block: Lift device model API into BlockBackend
  blockdev: Convert qmp_eject(), qmp_change_blockdev() to BlockBackend
  block/qapi: Convert qmp_query_block() to BlockBackend
  blockdev: Fix blockdev-add not to create DriveInfo
  blockdev: Drop superfluous DriveInfo member id
  pc87312: Drop unused members of PC87312State
  ide: Complete conversion from BlockDriverState to BlockBackend
  hw: Convert from BlockDriverState to BlockBackend, mostly
  virtio-blk: Rename VirtIOBlkConf variables to conf
  virtio-blk: Drop redundant VirtIOBlock member conf
  block: Rename BlockDriverCompletionFunc to BlockCompletionFunc
  block: Rename BlockDriverAIOCB* to BlockAIOCB*
  block: Eliminate DriveInfo member bdrv, use blk_by_legacy_dinfo()
  block: Merge BlockBackend and BlockDriverState name spaces
  block: Eliminate BlockDriverState member device_name[]
  block: Eliminate bdrv_iterate(), use bdrv_next()
  blockdev: Eliminate drive_del()
  block: Make BlockBackend own its BlockDriverState
  block: Code motion to get rid of stubs/blockdev.c
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-22 16:39:49 +01:00
Peter Maydell
895b810c12 usb: add high speed mouse & keyboard configuration
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJUPl2cAAoJEEy22O7T6HE4HikP/Aoq2JHGLtEqQKzS/hH3+T7C
 FA2vyneUWKAZN5JMMArOTmIhL5lZJ4nxi6lD4+lX88RLvn2RC7mSxwE9tH412jKO
 d093y6WEpTmXfNN5uP2sy2RXr4DF+Hc2nCozMTGgnjFk5D+YN2iAEExy0UyDOmFZ
 xBbvVs61YyuC6EIGpr1gY/R7yxsflZS5KfbbhZt4sBmd9X6khXzKif3gLkIMF1SB
 jBg8zXTlnfaiFerso72sW+zRCKcK/UmwaC0lg8clIGp5s7tPRFM/6njaEHDzSYr8
 4Sgjx1qHoN5uq89W0SnKFPUbYHMZ4jkDCSN88wLmCQhJzuymoHH94SXhj9hNhhRC
 r0RUjBSGxuvwqEQImknHZ8Yis62hySK/TE8aFCEB9OB2L+4kUOxJMdDmy7E5O4vT
 anzvkL7MHOEgHc5M+T0dIzRlF/4OaHMZ4eRXe76AqqHGAa2jK8JpNYuweNjDLUJ9
 tcSS0EzLb2sZlM9eMn5xzTh1gZqoARqiWE6Q3vYyCMJgLor3IsYSC2eaL3mVezxb
 JtKEFycR1PLIEOiKC8aw0HFf3bsUhhQLYdawipSpRUNSW4143/YRcYYXB5jljuHY
 61ylv9JeRGcqzLKwmUVIsn41xDOFthnOWtC1d+y+uZ1HGk04v7K+tMyJEd6knQwd
 Ro1SUYPn/bIfGoB+AHBY
 =oWcL
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20141015-2' into staging

usb: add high speed mouse & keyboard configuration

* remotes/kraxel/tags/pull-usb-20141015-2:
  xhci: remove dead code
  usb-hid: Add high speed keyboard configuration
  usb-hid: Add high speed mouse configuration
  usb-hid: Move descriptor decision to usb-hid initfn

Conflicts:
	include/hw/i386/pc.h
[Fixed trivial merge conflict in the pc-2.1 property list]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-22 15:48:32 +01:00
Markus Armbruster
4be746345f hw: Convert from BlockDriverState to BlockBackend, mostly
Device models should access their block backends only through the
block-backend.h API.  Convert them, and drop direct includes of
inappropriate headers.

Just four uses of BlockDriverState are left:

* The Xen paravirtual block device backend (xen_disk.c) opens images
  itself when set up via xenbus, bypassing blockdev.c.  I figure it
  should go through qmp_blockdev_add() instead.

* Device model "usb-storage" prompts for keys.  No other device model
  does, and this one probably shouldn't do it, either.

* ide_issue_trim_cb() uses bdrv_aio_discard() instead of
  blk_aio_discard() because it fishes its backend out of a BlockAIOCB,
  which has only the BlockDriverState.

* PC87312State has an unused BlockDriverState[] member.

The next two commits take care of the latter two.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-20 14:02:25 +02:00
Markus Armbruster
fa1d36df74 block: Eliminate DriveInfo member bdrv, use blk_by_legacy_dinfo()
The patch is big, but all it really does is replacing

    dinfo->bdrv

by

    blk_bs(blk_by_legacy_dinfo(dinfo))

The replacement is repetitive, but the conversion of device models to
BlockBackend is imminent, and will shorten it to just
blk_legacy_dinfo(dinfo).

Line wrapping muddies the waters a bit.  I also omit tests whether
dinfo->bdrv is null, because it never is.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoît Canet <benoit.canet@nodalink.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-20 13:41:27 +02:00
Peter Maydell
605c690b1b allow changing bootorder via monitor at runtime,
by making bootindex a writable qom property.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJUPjeVAAoJEEy22O7T6HE4j5QP/RtecYdC9yiOGsGcI4lrDMo8
 5j61JzvY7bpPGJykXH7c8B9s3n2LQIW4rzD5mDVB/bKXPwh3SbqPBQmd1T6G7lrR
 4lV+c/pvrTDE9V1k0Favbe0pbfOkaBAnMyYEYFkoK7hzVUTN6acbkz0LhXudb4ci
 7V9wbSLnZZrTxB50NTJu17EIa7RCDKQR6urskrxAsJeqCAT7NQtXM5ls1dfGvHQs
 Tc6u4+zRqv2Rzr9YxkFKPZe55rTBMUw3fcwg9F3657dCujYvcMq8+ZwFGiMXSjll
 oUFxwgZn05aRQwxG1YfFDI576+f9ZCirkQBoDBwgp3ZSLTN8CLVDZ0X1FA7vjntH
 fr5j7D0M2ftSsUDI2E3UOzaNtbtyQaCkggl+zc0fgw7dEfbitqpUZQQ4wGngBTKJ
 BFkky+29MhBTLqBC38S9iUGqUbHbrqIHP/hSW8ixAGm4n8dul+ROgX4ynFZNOuxE
 NEA1rRspDHNVanb+gcpK0wv58vvmwbECGrovkI7ffeCo+8+MDW3ebRbQ2fIxUa4C
 KbPp6b5vICVcsG0+XRbjA2rNn76iJYCjc+PX1WQX6vgPYEPRah51G44KLyN/r8kj
 fw7wOuYomtu+2nymH/8QXBEyACiuCJLTmOykHxsrYURR3VvVeg2Z0j4e7fNOg/Is
 +d+cVKKkN8JLFRlXG8qu
 =utUi
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-bootindex-20141015-1' into staging

allow changing bootorder via monitor at runtime,
by making bootindex a writable qom property.

* remotes/kraxel/tags/pull-bootindex-20141015-1: (34 commits)
  bootindex: change fprintf to error_report
  bootindex: delete bootindex when device is removed
  bootindex: move calling add_boot_device_patch to bootindex setter function
  ide: add calling add_boot_device_patch in bootindex setter function
  nvma: ide: add bootindex to qom property
  usb-storage: add bootindex to qom property
  virtio-blk: alias bootindex property explicitly for virt-blk-pci/ccw/s390
  block: remove bootindex property from qdev to qom
  virtio-blk: add bootindex to qom property
  ide: add bootindex to qom property
  scsi: add bootindex to qom property
  isa-fdc: remove bootindexA/B property from qdev to qom
  redirect: remove bootindex property from qdev to qom
  vfio: remove bootindex property from qdev to qom
  pci-assign: remove bootindex property from qdev to qom
  host-libusb: remove bootindex property from qdev to qom
  virtio-net: alias bootindex property explicitly for virt-net-pci/ccw/s390
  net: remove bootindex property from qdev to qom
  usb-net: add bootindex to qom property
  vmxnet3: add bootindex to qom property
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-16 09:24:45 +01:00
Gerd Hoffmann
ac20e1bb0e xhci: remove dead code
Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 13:39:48 +02:00
Jan Vesely
b13ce07688 usb-hid: Add high speed keyboard configuration
Signed-off-by: Jan Vesely <jano.vesely@gmail.com>

[ kraxel: fixup compat property to apply to 2.1 & older ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 13:39:22 +02:00
Jan Vesely
58e4fee24a usb-hid: Add high speed mouse configuration
Signed-off-by: Jan Vesely <jano.vesely@gmail.com>

[ kraxel: fixup compat property to apply to 2.1 & older ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 13:38:09 +02:00
Jan Vesely
ff326ffaeb usb-hid: Move descriptor decision to usb-hid initfn
Signed-off-by: Jan Vesely <jano.vesely@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 11:08:34 +02:00
Gonglei
d749e10c4f bootindex: move calling add_boot_device_patch to bootindex setter function
On this way, we can assure the new bootindex take effect
during vm rebooting.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 10:46:01 +02:00
Gonglei
89f0762dde usb-storage: add bootindex to qom property
Add a qom property with the same name 'bootindex',
when we remove it form qdev property, things will
continue to work just fine, and we can use qom features
which are not supported by qdev property.

Because usb-storage rely on scsi-disk which is created
in usb_msg_realize_storage(), so we should store the SCSIDevice
pointer in MSDState struct. Only in this way, we can change
the global boot_order_list when we want to change the bootindex
during vm rebooting by calling object_property_set_int(Object(SCSIDevice),).

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 10:27:07 +02:00
Gonglei
295857994c redirect: remove bootindex property from qdev to qom
Remove bootindex form qdev property to qom, things will
continue to work just fine, and we can use qom features
which are not supported by qdev property.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 09:52:55 +02:00
Gonglei
e6adae52b1 host-libusb: remove bootindex property from qdev to qom
Remove bootindex form qdev property to qom, things will
continue to work just fine, and we can use qom features
which are not supported by qdev property.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 09:52:54 +02:00
Gonglei
c11f4bc9ff usb-net: add bootindex to qom property
Add a qom property with the same name 'bootindex',
when we remove it form qdev property, things will
continue to work just fine, and we can use qom features
which are not supported by qdev property.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 09:52:54 +02:00
Igor Mammedov
5f4d917376 usb: Convert usb devices to hotplug handler API
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-10-15 05:03:14 +02:00
Igor Mammedov
138d587afb usb: Convert usb-ccid to hotplug handler API
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-10-15 05:03:14 +02:00
Igor Mammedov
77de4a09c6 usb-storage: Drop not needed "allow_hotplug = 0"
Drop useless hack that disables hotplug on bus, after backend
storage was added to it, by setting "allow_hotplug = 0". Even
if bus is hotpluggable, it won't be possible to add another
SCSI device to bus since its realize will fail early with
error "no free target" in scsi_qdev_realize() method.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-10-15 05:03:14 +02:00
Igor Mammedov
af01492755 usb-bot: Drop not needed "allow_hotplug = 0"
Drop useless hack that disables hotplug on bus by setting
"allow_hotplug = 0". Even if bus is hotpluggable, It won't
be possible to add another SCSI device to bus since its
realization will fail early with error "no free target"
in scsi_qdev_realize() method.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-10-15 05:03:14 +02:00
Igor Mammedov
e9fd12aa0d usb-bot: Mark device as non hotpluggable
usb-bot creates SCSI bus and immediately makes it
non hotpluggable which was making not possible to
hotplug usb-bot since QEMU would abort at
bus_add_child(scsi-hd) time when usb-bot is
realized.

Mark usb-bot as not hotpluggable so that attempt
to hotplug it would error out even before it gets
to device initialization point.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-10-15 05:03:14 +02:00
Alex Bennée
bc0d104c6a ohci: drop computed flags from trace events
This exceeded the trace argument limit for LTTNG UST and wasn't really
needed as the flags value is stored anyway. Dropping this fixes the
compile failure for UST. It can probably be merged with the previous
trace shortening patch.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-26 09:43:06 +01:00
Alexey Kardashevskiy
3af8f177fa ohci: Split long traces to smaller ones
Recent traces rework introduced 2 tracepoints with 13 and 20
arguments. When dtrace backend is selected
(--enable-trace-backend=dtrace), compile fails as
sys/sdt.h defines DTRACE_PROBE up to DTRACE_PROBE12 only.

This splits long tracepoints.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-26 09:43:06 +01:00
Gerd Hoffmann
ec56214f6f usb: tag standalone ehci as hotpluggable
Add a flag to EHCIPCIInfo saying whenever the controller supports
companions or not.  Make sure we only allow registering companions for
ehci versions supporting that.  Enable pci hotplug for the ehci
variants not supporting companions.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:08 +02:00
Gerd Hoffmann
638ca939d8 usb: tag standalone uhci as hotpluggable
uhci hostadapters in companion setups can't be hotplugged.  So leave
hotplug disabled for all ich9 variants (which are already tagged with
unplug = true in the info struct).  For the other variants we'll enable
hotplug and remove the companion setup properties.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:08 +02:00
Gerd Hoffmann
3533c3d2bf usb: tag xhci as hotpluggable
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:08 +02:00
Gonglei
7334d6507a usb-serial: only check speed once at realize time
Whatever the chardev is open or not, we should assure
the speed is matched each other. So, call usb_check_attach()
check speed. And then pass &error_abort at all calls to
usb_device_attach().

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:08 +02:00
Gonglei
594a53607e usb-bus: introduce a wrapper function to check speed
In this way, we can check speed directly, don't need
call usb_device_attach(), which has other conditions,
such as checking the chardev is open.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:08 +02:00
Gonglei
bd2ba2752d usb-bus: remove "init" from USBDeviceClass struct
All usb-bus devices are realized by realize(),
remove init callback function from USBDeviceClass struct.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:08 +02:00
Gonglei
df9bb6660d usb-mtp: convert init to realize
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
77e35b4bbe usb-redir: convert init to realize
In this way, all the implementations now use
error_setg instead of qerror_report for reporting error.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
5450eeaaad usb-audio: convert init to realize
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
27107d416e dev-wacom: convert init to realize
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
276b7ac8e9 dev-hid: convert init to realize
In this way, all the implementations now use
error_setg instead of error_report for reporting error.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
0b8b863fb2 usb-ccid: convert init to realize
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
38fff2c9f4 dev-serial: convert init to realize
In this way, all the implementations now use
error_setg instead of error_report for reporting error.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
63cdca364c dev-bluetooth: convert init to realize
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
6b7afb7f0b dev-uas: using error_report instead of fprintf
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
b89dc7e33f dev-uas: convert init to realize
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
f5dc597878 dev-storage: usring error_report instead of fprintf/printf
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
5a882e40d5 dev-storage: convert init to realize
In this way, all the implementations now use
error_setg instead of error_report for reporting error.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
f3f8c45972 usb-hub: convert init to realize
In this way, all the implementations now use
error_setg instead of error_report for reporting error.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
2e6a0dd1ac libusb: using error_report instead of fprintf
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
2aa76dc18c libusb: convert init to realize
In this way, all the implementations now use
error_setg instead of error_report for reporting error.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:07 +02:00
Gonglei
d73ad35990 usb-net: convert init to realize
meanwhile, qerror_report_err() is a transitional interface to
help with converting existing HMP commands to QMP. It should
not be used elsewhere.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:06 +02:00
Gonglei
7d553f27fc usb-bus: convert USBDeviceClass init to realize
Add "realize/unrealize" in USBDeviceClass, which has errp
as a parameter. So all the implementations now use
error_setg instead of error_report for reporting error.

Note: this patch still keep "init" in USBDeviceClass, and
call kclass->init in usb_device_realize(), avoid breaking
git bisect. After realize all usb devices, will be removed.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:06 +02:00
Alexey Kardashevskiy
dc1f598845 ohci: Convert fprint/DPRINTF/print to traces
This converts many kinds of debug prints to traces.

This implements packets logging to avoid unnecessary calculations if
usb_ohci_td_pkt_short/usb_ohci_td_pkt_long is not enabled.

This makes OHCI errors (such as "DMA error") invisible by default.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 12:51:06 +02:00
Gonglei
f0bc7fe3b7 usb-storage: fix possible memory leak and missing error message
When scsi_bus_legacy_add_drive() return NULL, meanwhile err will
be not NULL, which will casue memory leak and missing error message.

Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-23 11:41:45 +02:00
Markus Armbruster
31376776d0 usb-storage: Fix how legacy init handles option ID clash
usb_msd_init() calls qemu_opts_create() with a made-up ID and false
fail_if_exists.  If the ID already exists, it happily messes up those
options, then fails drive_new(), because the BlockDriverState with
that ID already exists, too.

Reproducer: -drive if=none,id=usb0,format=raw -usbdevice disk:tmp.qcow2

Pass true fail_if_exists to qemu_opts_create(), and if it fails, try
the next made-up ID.

The reproducer now succeeds, and creates an usb-storage device with ID
usb1.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-22 09:55:55 +02:00
Dr. David Alan Gilbert
e6043e92c2 xhci PCIe endpoint migration compatibility fix
Add back the PCIe config capabilities on XHCI cards in non-PCIe slots,
but only for machine types before 2.1.

This fixes a migration incompatibility in the XHCI PCI devices
caused by:
   058fdcf52c - xhci: add endpoint cap on express bus only

Note that in fixing it for compatibility with older QEMUs, it breaks
compatibility with existing QEMU 2.1's on older machine types.

The status before this patch was (if it used an XHCI adapter):
   machine type | source qemu
     any           pre-2.1     - FAIL
     any           2.1...      - PASS

With this patch:
   machine type | source qemu
     any           pre-2.1    - PASS
     pre-2.1       2.1...     - FAIL
     2.1           2.1...     - PASS

A test to trigger it is to add '-device nec-usb-xhci,id=xhci,addr=0x12'
to the command line.

Cc: qemu-stable@nongnu.org
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-10 07:20:53 +02:00
Gonglei
d733f74c33 usb: add usb host adapters exit trace
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
53c30545fb usb-xhci: add exit function
clean up xhci resource when xhci pci device exit.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
96e14926c6 usb-ehci: add ehci-pci device exit function
clean up ehci resource when ehci pci device exit.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
4e130cf6a8 usb-ehci: add ehci unrealize funciton
cleanup ehci controller resource, both pci and sysbus
if they're necessary.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
05a36991c5 usb-ehci: add vmstate properity for EHCIState
since hotunplug the ehci host adapter, we should
delete vm_change_state_handler also, so the
VMChangeStateEntry should be saved in EHCIState.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
3a3464b000 usb-uhci: clean up uhci resource when pci-uhci exit
clean up uhci resource when uhci pci device exit.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:13 +02:00
Gonglei
07832c38d3 usb-ohci: add exit function
clean up ohci resource when ohci pci device exit.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:13 +02:00
Gonglei
80be63df5a usb-ohci: Fix memory leak for ohci timer
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:44 +02:00
Gonglei
e5a9bece9b usb: add usb_bus_release function
add global variables releasing logic when the usb buses
were removed or hot-unpluged.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:44 +02:00
Gerd Hoffmann
f90e160b50 Revert "xhci: Fix number of streams allocated when using streams"
This reverts commit d063c3112c.

"2 << x" is the same as "2 ^ (x + 1)", so the old code is correct.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:44 +02:00
Gerd Hoffmann
3d80365b55 xhci: use (1u << i)
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 12:51:43 +02:00
Jack Un
cae7f29c47 Fix OHCI ISO TD state never being written back.
There appears to be typo in OHCI with isochronous transfers
resulting in isoch. transfer descriptor state never being written back.
The'put_words' function is in a OR statement hence it is never called.

Signed-off-by: Jack Un <jack.un@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:43 +02:00
Gonglei
8c244210d8 xhci: fix debug print compiling error
after commit 003e15a180
the DPRINTF will broke compiling, adjust its location.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:43 +02:00
Markus Armbruster
830cd54fca usb: Fix bootindex for portnr > 9
We identify devices by their Open Firmware device paths.  The encoding
of the host controller and hub port numbers is incorrect:
usb_get_fw_dev_path() formats them in decimal, while SeaBIOS uses
hexadecimal.  When some port number > 9, SeaBIOS will miss the
bootindex (lucky case), or apply it to another device (unlucky case).

The relevant spec[*] agrees with SeaBIOS (and OVMF, for that matter).
Change %d to %x.

Bug can bite only with host controllers or hubs sporting more than ten
ports.  I'm not aware of any.

[*] Open Firmware Recommended Practice: Universal Serial Bus,
Version 1, Section 3.2.1 Device Node Address Representation
http://www.openfirmware.org/1275/bindings/usb/usb-1_0.ps

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

Note: xhci can be configured with up to 15 ports (default is 4 ports).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:43 +02:00
Peter Maydell
0e4a773705 SCSI changes that enable sending vendor-specific commands via virtio-scsi.
Memory changes for QOMification and automatic tracking of MR lifetime.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJT8et9AAoJEBvWZb6bTYbyIJAQAI3AlLSe27xWoUGfQUgWH30z
 Rt/pShHz3BJMfQpD79JfTH8u6uBpkQmKtflerNT7FhXN9ULDzNq+b/jRtke8nkuy
 ctCt05FhhK00rfWpUoRue4XiCuvbizBU7MK0DI3yCyNdXQyYnFvgnvsJtlqox8Zh
 J5HZcBJEmdCiWBxq7UPk0qBitp4PqNoy7jlD/Ex3m7fJN5WK2cyspQIT9zmhehVn
 B8Nwp+RitDDbXbwm0r18col5rFr/6Nj6+dW1gr+7sVJDLNsmJEqC2l3Kgk0wbPkG
 Uqwbih29me9PC9/L1VLGHY0ApKDQ8JGE0GrYgEg162hbhoxEHkjjoHMhDUfV6Pj8
 NkqcjjWl11UUhgkNqrGafayXbBVnOiEglxy8uXCeq14y9Xd/gjK9Fz6MQvRSOjms
 PFmaKknhdmpxh0DuZmTix7WBmKim8zOiCE0/vrAPvwx5L+d1bn5xh6yQvtVjBMpU
 Sru3Mhdm9bL9dUDBgOM/G6WCxSTVLBlExOblcYkQh03MfabD7bfplcrKYPXt5ull
 Y8YLjqkoIfoy5t0ErvtlpdBJjeEz99JXU+wLQ6NYHnzwzTV+oUtSaEph14mAFOcY
 XkFKdoPDI9PnyEfvy4193du8z/dSbhu7sWgHWbTCQyrcaNnSaVhlH43NUC+p23YN
 8vfEsVLd1X7MFkDBUmWp
 =M+/m
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

SCSI changes that enable sending vendor-specific commands via virtio-scsi.

Memory changes for QOMification and automatic tracking of MR lifetime.

# gpg: Signature made Mon 18 Aug 2014 13:03:09 BST using RSA key ID 9B4D86F2
# gpg: Good signature from "Paolo Bonzini <pbonzini@redhat.com>"
# gpg:                 aka "Paolo Bonzini <bonzini@gnu.org>"

* remotes/bonzini/tags/for-upstream:
  mtree: remove write-only field
  memory: Use canonical path component as the name
  memory: Use memory_region_name for name access
  memory: constify memory_region_name
  exec: Abstract away ref to memory region names
  loader: Abstract away ref to memory region names
  tpm_tis: remove instance_finalize callback
  memory: remove memory_region_destroy
  memory: convert memory_region_destroy to object_unparent
  ioport: split deletion and destruction
  nic: do not destroy memory regions in cleanup functions
  vga: do not dynamically allocate chain4_alias
  sysbus: remove unused function sysbus_del_io
  qom: object: move unparenting to the child property's release callback
  qom: object: delete properties before calling instance_finalize
  virtio-scsi: implement parse_cdb
  scsi-block, scsi-generic: implement parse_cdb
  scsi-block: extract scsi_block_is_passthrough
  scsi-bus: introduce parse_cdb in SCSIDeviceClass and SCSIBusInfo
  scsi-bus: prepare scsi_req_new for introduction of parse_cdb

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 13:00:57 +01:00
Paolo Bonzini
469b046ead memory: remove memory_region_destroy
The function is empty after the previous patch, so remove it.

Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18 12:06:21 +02:00
Gonglei
d0657b2aab usb: don't use 'Yoda conditions'
imitate nearby code about using '!value' or 'value == NULL'

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:06 +04:00
Gerd Hoffmann
cf679caf91 usb: mtp: tag root property as experimental
Reason: we don't want commit to that interface yet.  Possibly
the implementation will be switched over to use fsdev.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-23 08:55:40 +02:00
Laszlo Ersek
3afca1d6d4 vmstate_xhci_event: fix unterminated field list
"vmstate_xhci_event" was introduced in commit 37352df3 ("xhci: add live
migration support"), and first released in v1.6.0. The field list in this
VMSD is not terminated with the VMSTATE_END_OF_LIST() macro.

During normal use (ie. migration), the issue is practically invisible,
because the "vmstate_xhci_event" object (with the unterminated field list)
is only ever referenced -- via "vmstate_xhci_intr" -- if xhci_er_full()
returns true, for the "ev_buffer" test. Since that field_exists() check
(apparently) almost always returns false, we almost never traverse
"vmstate_xhci_event" during migration, which hides the bug.

However, Amit's vmstate checker forces recursion into this VMSD as well,
and the lack of VMSTATE_END_OF_LIST() breaks the field list terminator
check (field->name != NULL) in dump_vmstate_vmsd(). The result is
undefined behavior, which in my case translates to infinite recursion
(because the loop happens to overflow into "vmstate_xhci_intr", which then
links back to "vmstate_xhci_event").

Add the missing terminator.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-22 17:34:24 +01:00
Stefan Weil
b9b45b4a88 hw/usb: Add missing 'static' attribute
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-07-18 17:45:37 +04:00
Gerd Hoffmann
13d54125a3 mtp: linux guest detection fix.
Attach a name to the MTP interface (android phones have this too).

With this patch recent linux guests such as fedora 20 happily detect and
use the device.  It shows up in nautilus file manager automatically, and
simple-mtpfs can mount it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-11 12:31:41 +02:00
Paolo Bonzini
c1129f6bff ccid-card-emulated: use EventNotifier
Shut up Coverity's complaint about unchecked fcntl return values,
and especially make the code simpler and more efficient.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-01 15:49:51 +02:00
Jincheng Miao
3ce2144538 usb: initialize libusb_device to avoid crash
If libusb_get_device_list() fails, the uninitialized local variable
libusb_device would be passed to libusb_free_device_list(), that
will cause a crash, like:
(gdb) bt
 #0  0x00007fbbb4bafc10 in pthread_mutex_lock () from /lib64/libpthread.so.0
 #1  0x00007fbbb233e653 in libusb_unref_device (dev=0x6275682d627375)
     at core.c:902
 #2  0x00007fbbb233e739 in libusb_free_device_list (list=0x7fbbb6e8436e,
     unref_devices=<optimized out>) at core.c:653
 #3  0x00007fbbb6cd80a4 in usb_host_auto_check (unused=unused@entry=0x0)
     at hw/usb/host-libusb.c:1446
 #4  0x00007fbbb6cd8525 in usb_host_initfn (udev=0x7fbbbd3c5670)
     at hw/usb/host-libusb.c:912
 #5  0x00007fbbb6cc123b in usb_device_init (dev=0x7fbbbd3c5670)
     at hw/usb/bus.c:106
 ...

So initialize libusb_device at the begin time.

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-01 13:26:37 +02:00
Hani Benhabiles
c340a284f3 usb: Fix usb-bt-dongle initialization.
Due to an incomplete initialization, adding a usb-bt-dongle device through HMP
or QMP will cause a segmentation fault.

Signed-off-by: Hani Benhabiles <hani@linux.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-01 13:26:37 +02:00
Roger Pau Monne
e02bc6de30 serial: poll the serial console with G_IO_HUP
On FreeBSD polling a master pty while the other end is not connected
with G_IO_OUT only results in an endless wait. This is different from
the Linux behaviour, that returns immediately. In order to demonstrate
this, I have the following example code:

http://xenbits.xen.org/people/royger/test_poll.c

When executed on Linux:

$ ./test_poll
In callback

On FreeBSD instead, the callback never gets called:

$ ./test_poll

So, in order to workaround this, poll the source with G_IO_HUP (which
makes the code behave the same way on both Linux and FreeBSD).

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Cc: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Cc: Michael Tokarev <mjt@tls.msk.ru>
Cc: "Andreas Färber" <afaerber@suse.de>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: xen-devel@lists.xenproject.org
[Add hw/char/cadence_uart.c too. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-06-30 15:04:34 +02:00
Juan Quintela
25feab2fc2 migration: Remove unneeded minimum_version_id_old
Once there, make checkpatch happy.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2014-06-23 19:14:52 +02:00
Markus Armbruster
60e19e06a4 blockdev: Rename drive_init(), drive_uninit() to drive_new(), drive_del()
"Init" and "uninit" suggest the functions don't allocate / free
storage.  But they do.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-06-16 17:23:19 +08:00
Gerd Hoffmann
f3cda6e060 usb-host: add range checks for usb-host parameters
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-06-13 12:34:57 +02:00
Gerd Hoffmann
7bafd8889e xhci: order superspeed ports first
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-06-02 16:38:09 +02:00
Gerd Hoffmann
7bd3055ffd xhci: make port reset trace point more verbose
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-06-02 16:29:00 +02:00
Gerd Hoffmann
b791c3b38c usb: add usb_pick_speed
We can pick the usb port speed in generic code, by looking at the port
and device speed masks and looking for the fastest match.  So add a
function to do exactly that, and drop the speed setting code from
usb_desc_attach as it isn't needed any more.

This way we can set the device speed before calling port->ops->attach,
which fixes some xhci hotplug issues.

https://bugzilla.redhat.com/show_bug.cgi?id=1046873

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-06-02 16:29:00 +02:00
Gerd Hoffmann
322fd1f4f7 usb-host: add HAVE_STREAMS define 2014-06-02 16:29:00 +02:00
Gerd Hoffmann
b88a3e01f5 usb-host: allow attaching usb3 devices to ehci
Extend compatibility test function to also figure whenever usb3
devices can be supported on ehci.  Tweak ep0 maxpacketsize field
due to usb2 <-> usb3 difference.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-06-02 16:28:59 +02:00
Gerd Hoffmann
381626a969 usb: move ehci register defines to header file
So we can easily use them in tests.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-06-02 16:28:59 +02:00
Gerd Hoffmann
9a1d111e70 usb: move uhci register defines to header file
So we can easily use them in tests.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-06-02 16:28:59 +02:00
Peter Maydell
972b09c219 usb: usb3 streams support for usb-host and usb-redir
usb: xhci and mtp bugfixes.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJTgv7ZAAoJEEy22O7T6HE4FPgP/3eTqypKijaSwPAN7s0OqpKo
 DuI9bXPRlludn1zWGi/Da7iYDy0OwlfDksJddU3I8Qdxo+Y5DG/ERh0yxaKoE8Cw
 bT/eAtTmtAuCI0Spu0TdojPUDmjCIpAoO1Ta3WTi0IqR8LhMUyWwyMeQafMujeCn
 QvXax+Xw5wl7a6ogk1mBa8IfHBtmQIcscT7oc9pg59/zlcN7omW/g5pkz8pLjzmu
 LQYiSkUGt6LEViaKG2rTZ/dEOzqLe5Ot8SZ4Y2r+C6yOjsdG9J1kOhU5wGs1WuVU
 i57Zj/VRlZ3jLxCeU3dBT+kgJvi3mCnPZFni67iBtAlDDreSchVJJwY42SNZxea0
 yLZSMFyMF+LBNrlbA9RFqlrnzr1sSfcjaOhQOajP6IVfjCsAiv0zivUJ4u6ijZ4R
 cGk1oJYsN888LUzgaszA3MTy593e7MI1cpPL79gt3lhh/Fu+mqTkFxcEUvrHqwSi
 0LepENhE3tIgqSZH7MEtos+Avf8Uo2x/RULYZV3D0qRLLkhGcafJYIhb6mQsJug3
 8D45yQ8YnsAmxpah0WopshlNxOi2hc/e5ADOCh4H+fNTmX5J9oN2IM4bQqqE+ci4
 IkcYyyruNW5RGgHjlOZfAceC/CJ8Er/ocSuwvF9uTEiZ+unGotD4Xhaxyfrr3B+G
 BHkkzcySLzGfkbUuebSL
 =y+dq
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-7' into staging

usb: usb3 streams support for usb-host and usb-redir
usb: xhci and mtp bugfixes.

# gpg: Signature made Mon 26 May 2014 09:44:09 BST using RSA key ID D3E87138
# gpg: Can't check signature: public key not found

* remotes/kraxel/tags/pull-usb-7:
  usb-host-libusb: Set stream id when submitting bulk-stream transfers
  usb-host-libusb: Add alloc / free streams ops
  usb-host-libusb: Fill in endpoint max_streams when available
  usb-redir: Add support for bulk streams
  usb-mtp: handle usb_mtp_get_object failure
  usb-mtp: handle lseek failure
  usb-mtp: use bool to track MTPObject init status
  xhci: add xhci_get_flag
  xhci: add endpoint cap on express bus only
  xhci: child detach fix

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-05-28 13:52:03 +01:00
Gerd Hoffmann
f85d28316a usb: add input routing support for tablet and keyboard
Add display property to the keyboard.
Add display and head properties to the tablet.

If properties are set bind device to the display specified to
setup input routing.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:42:43 +02:00
Hans de Goede
8d1bd3c901 usb-host-libusb: Set stream id when submitting bulk-stream transfers
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Hans de Goede
56a9f18051 usb-host-libusb: Add alloc / free streams ops
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Hans de Goede
b664b80f19 usb-host-libusb: Fill in endpoint max_streams when available
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Hans de Goede
19e8393170 usb-redir: Add support for bulk streams
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Gerd Hoffmann
22513a9b44 usb-mtp: handle usb_mtp_get_object failure
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Gerd Hoffmann
68206d7342 usb-mtp: handle lseek failure
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Gerd Hoffmann
36084d7e31 usb-mtp: use bool to track MTPObject init status
Stop setting nchildren to -1.  Use separate bool variable to track
whenever we've already fetched the child objects instead.

Also make nchildren unsigned.

Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Gerd Hoffmann
f995523582 xhci: add xhci_get_flag
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Gerd Hoffmann
058fdcf52c xhci: add endpoint cap on express bus only
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-26 08:41:07 +02:00
Gerd Hoffmann
463c534db5 xhci: child detach fix
xhci_child_detach() zaps the wrong slot when unplugging a device
connected via usb-hub:  Instead of the device's slot the slot of the
usb-hub is used.  Fix it.

https://bugzilla.redhat.com/show_bug.cgi?id=1075846

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2014-05-26 08:41:07 +02:00
Michael S. Tsirkin
719ffe1f5f usb: fix up post load checks
Correct post load checks:
1. dev->setup_len == sizeof(dev->data_buf)
    seems fine, no need to fail migration
2. When state is DATA, passing index > len
   will cause memcpy with negative length,
   resulting in heap overflow

First of the issues was reported by dgilbert.

Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2014-05-14 15:24:52 +02:00
Juan Quintela
6e3d652ab2 savevm: Remove all the unneeded version_minimum_id_old (usb)
After previous Peter patch, they are redundant.  This way we don't
assign them except when needed.  Once there, there were lots of case
where the ".fields" indentation was wrong:

     .fields = (VMStateField []) {
and
     .fields =      (VMStateField []) {

Change all the combinations to:

     .fields = (VMStateField[]){

The biggest problem (appart from aesthetics) was that checkpatch complained
when we copy&pasted the code from one place to another.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-14 15:24:51 +02:00
Michael Tokarev
9d171bd937 libcacard: remove libcacard-specific CFLAGS and LIBS from global vars
Currently all what's needed for single file libcacard/vcard_emul_nss.c
(libnss cflags) and hw/usb/ccid-card-emulated.c (libcacard includes)
together with the libs is added to global QEMU_CFLAGS and libs_softmmu.

Use the cflags only where really used (for two mentioned files), and
libs only where needed.

While at it, rename variables to better reflect reality: libcacard_*
is really nss_*.

This needs a bit more tweaking: $(NSS_LIBS) should not contain $glib_libs
(ditto for _cflags).  But in order to fix it, some more preparations
should be made first.  So add a FIXME comment.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-05-09 22:59:40 +02:00
Peter Maydell
c9541f67df migration/next for 20140505
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJTZ/QsAAoJEPSH7xhYctcjJ4wP/31lNMpPLxdRpxpUoTPK39L0
 zEoBTUH5dzG2FG34p8/znNH0Lbmc3GALqP9UzyM0sL3QU0EDwqAP0idLJ/8zHrYN
 ZNJnNH6wexlpEypAsyQiayAFYAq6bc3hYtnEurN56dQgPVgb6jCicuOAt26JafLg
 xuGIuencgaEFZaIb8iobxloqDX9raoq0+JfnoV8r02+ES+PG+HHfZsAlbDiWpj/Z
 o06WBq9Xvf8X/zvuGHb9PCLGK36+kxPJ2G2531TJGZ6BjjewDExF2xlQH+PQ8pQB
 d2OKCP0In66JfyLu6JBz21APrks7DJxsuenvoqPhxhtlIcBSm+grZElNLbccDMLQ
 3fteWOCcri5WSwKNAkZ138D5SzIArZFBlqD9qW0GQsiaj3tCxfy162JAmzRPa94i
 R5OJCTDclwjCH6JvRsOs8NrQyYcXHcEl2rfeymfr68YOH5XBMeRPhcR91tVr03ow
 ZVgvwC/TJHntKnW+qtGIOa9Wfq4KghjddD37ayPAqKM/GQ0TV2sAPEr2htDaBZ0l
 5O/YGsAZPKax72OnMR2ObqoIMokympeanQLxG3Q8VKQSU2c+aU3rGVQrG1juiVYw
 NiC/nzarFzFWU8UYToXIu2QBDTde2vuRLX/myzL7L4OLavOcv8EXZBp60DP/bktE
 Pd+jdeLMh9kWu1tFrE8F
 =VoYL
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20140505' into staging

migration/next for 20140505

# gpg: Signature made Mon 05 May 2014 21:27:24 BST using RSA key ID 5872D723
# gpg: Can't check signature: public key not found

* remotes/juanquintela/tags/migration/20140505: (36 commits)
  migration: expose xbzrle cache miss rate
  migration: expose the bitmap_sync_count to the end
  migration: Add counts of updating the dirty bitmap
  XBZRLE: Fix one XBZRLE corruption issues
  migration: remove duplicate code
  Coverity: Fix failure path for qemu_accept in migration
  Init the XBZRLE.lock in ram_mig_init
  Provide init function for ram migration
  Count used RAMBlock pages for migration_dirty_pages
  Make qemu_peek_buffer loop until it gets it's data
  Disallow outward migration while awaiting incoming migration
  virtio: validate config_len on load
  virtio-net: out-of-bounds buffer write on load
  openpic: avoid buffer overrun on incoming migration
  ssi-sd: fix buffer overrun on invalid state load
  savevm: Ignore minimum_version_id_old if there is no load_state_old
  usb: sanity check setup_index+setup_len in post_load
  vmstate: s/VMSTATE_INT32_LE/VMSTATE_INT32_POSITIVE_LE/
  virtio-scsi: fix buffer overrun on invalid state load
  zaurus: fix buffer overrun on invalid state load
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-05-07 14:51:21 +01:00
Michael S. Tsirkin
9f8e9895c5 usb: sanity check setup_index+setup_len in post_load
CVE-2013-4541

s->setup_len and s->setup_index are fed into usb_packet_copy as
size/offset into s->data_buf, it's possible for invalid state to exploit
this to load arbitrary data.

setup_len and setup_index should be checked to make sure
they are not negative.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2014-05-05 22:15:03 +02:00
Gerd Hoffmann
8ebb876357 usb: mtp: reply INCOMPLETE_TRANSFER on read errors
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:58:02 +02:00
Gerd Hoffmann
afa82daf16 usb: mtp: fix possible buffer overflow
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:57:58 +02:00
Gerd Hoffmann
9cd04ccf75 usb: mtp: drop data-out hexdump
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:57:53 +02:00
Gerd Hoffmann
457d397a24 usb: mtp: avoid empty description string
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:57:49 +02:00
Gerd Hoffmann
2dc7fdf33d usb: mtp: fix error path memory leak
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:57:45 +02:00
Gerd Hoffmann
9e4eff5b54 usb: mtp: fix serial (must be exact 32 chars)
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:57:41 +02:00
Gerd Hoffmann
f7eaed8555 usb: mtp: fix version (is decimal not bcd)
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:57:35 +02:00
Gerd Hoffmann
ada435f47e usb: mtp: fix usb_mtp_add_u64
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:57:30 +02:00
Gerd Hoffmann
1c76551fae usb: mtp: replace debug printfs with trace points
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-05 12:57:21 +02:00
Alexey Kardashevskiy
69e25d26b4 usb-ohci: Add vmstate descriptor
This adds migration support for OHCI.

This defines a descriptor for OHCIState.
This changes some OHCIState field types to be migration compatible.
This adds a descriptor for OHCIPort.
This migrates the EOF timer if the USB was started at the time of
migration.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-05 12:29:41 +02:00
Gerd Hoffmann
840a178c94 usb: mtp filesharing
Implementation of a USB Media Transfer Device device for easy
filesharing.  Read-only.  No access control inside qemu, it will
happily export any file it is able to open to the guest, i.e.
standard unix access rights for the qemu process apply.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-04-23 10:28:14 +02:00
Gerd Hoffmann
409951f552 usb: add CompatibleID support to msos
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-04-22 12:40:57 +02:00
Peter Maydell
00b0179347 hw/usb/hcd-ohci.c: Avoid shifting left into sign bit
Add U suffix to avoid undefined behaviour. This is only
strictly necessary for the 1<<31 cases, but we add it for the
other constants in these groups for consistency.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-03-27 19:22:49 +04:00
Dr. David Alan Gilbert
4900116e6f Add a 'name' parameter to qemu_thread_create
If enabled, set the thread name at creation (on GNU systems with
  pthread_set_np)
Fix up all the callers with a thread name

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2014-03-09 21:09:38 +02:00
Peter Maydell
2ca92bb993 - xhci improvements and fixes.
- uhci bugfix.
 - cleanups.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJTA4C6AAoJEEy22O7T6HE4/fwQAInLoeat3FFl3dPXueFRyqAy
 6ArfUtwVGsggYh/KVmbUAbvhXUE5WC1G4dyUVJJUMPhAMWG7r7PblTWhCj6R0Zd3
 Jkm6WFVma8np/fVc4GUM10HtrGHxHhgZLVAXCLrPCxHhAvPeBPvo3+KrnCoGhVTL
 9ChBcDt8qLq/U14s9wUPEs+UPBx/5NM4jwT6+hPyiOB6HFbQ/mKoUr9kiq27KGyK
 Ueh+SxLgX6bQ9GyubPTRCaCKXJfi4nYbwaMsKeTyyFJAwdrZJfmOLhCChg6fuU5A
 zcZRRLnmkiYW+DePZakzxNDLuK8krPLqa/eCn+2iFfqbiGpx65Kcph7zO8q49q+9
 +nnY14MpUAMcuT1lP1kC1YXzufeV0gMU6MZtHDfAnrRJmqryAffDJd8yerdbibbm
 4DeFdaREbCTpRqAjZroOOEnBcLAjOTPrLQS364ZsLkOtTnNzR2D37eXBZn+9UA0e
 F0pBvEjKG/D5NM4jtTiaSVfWgMNz2LdDJWfW68N3EQ2AH93rDQNG3vxGEnOYB8l7
 mT/YKBTs0LqHfT+zPEvY4y8fajfq72ADfcPUDUL7S+ne5604DBe6WkmOxmQjIexF
 7tzPZUHsD5X4gcNcShaZqO3awoD+qGOOa5tIXXRz+ccpSWBHnJ+/ibNJig5cfp78
 7iFAP4xJusmI3efIeAqt
 =2+kd
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-3' into staging

- xhci improvements and fixes.
- uhci bugfix.
- cleanups.

# gpg: Signature made Tue 18 Feb 2014 15:48:10 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-usb-3:
  xhci: use DPRINTF() instead of fprintf(stderr, ...)
  xhci: switch debug printf to tracepoint
  xhci iso: allow for some latency
  xhci iso: fix time calculation
  uhci: invalidate queue on device address changes
  xhci: fix overflow in usb_xhci_post_load
  usb: Remove magic constants from device bmAttributes

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-02-20 15:25:05 +00:00