Commit Graph

51594 Commits

Author SHA1 Message Date
Paolo Bonzini
65c9d60a3a target-i386: correctly propagate retaddr into SVM helpers
Commit 2afbdf8 ("target-i386: exception handling for memory helpers",
2015-09-15) changed tlb_fill's cpu_restore_state+raise_exception_err
to raise_exception_err_ra.  After this change, the cpu_restore_state
and raise_exception_err's cpu_loop_exit are merged into
raise_exception_err_ra's cpu_loop_exit_restore.

This actually fixed some bugs, but when SVM is enabled there is a
second path from raise_exception_err_ra to cpu_loop_exit.  This is
the VMEXIT path, and now cpu_vmexit is called without a
cpu_restore_state before.

The fix is to pass the retaddr to cpu_vmexit (via
cpu_svm_check_intercept_param).  All helpers can now use GETPC() to pass
the correct retaddr, too.

Cc: qemu-stable@nongnu.org
Fixes: 2afbdf8480
Reported-by: Alexander Boettcher <alexander.boettcher@genode-labs.com>
Tested-by: Alexander Boettcher <alexander.boettcher@genode-labs.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 18:37:01 +01:00
Peter Maydell
7a37b59f1d -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJYpbjCAAoJEPMMOL0/L748ARIP/jv29RefAEjkZOllN/qcwbYE
 5vEhGkByS+4ZgaQuVF0WVWhjW3x4tmHqE63c7NaNeqjjTuMaYHnzvVYMOQRLoRWL
 pidtCZfJdZxO8jIgQO57ccs5w60ziov8nUC1Q92+vFkTHifK4eLkur9MEllAER03
 zc9Oz0rYZ4atQw7T3gnsJPaPL+q1ufmpT86IgPoCYozVPyb2vJqYrv2d1GS0zxew
 3xeWKZ6SkCVr98glz8NkFDagRedjqHleHXkxWTSxnT/f6HqyWjCKaKCkyWrVYyIe
 1YZdDfxUAXT6K6Cz/xYNICPB1TFHHCspIT8VisivAV1xKGfgQ+nKdMgW3qW6ypM0
 eRO1EjVmonc7mDkzDpfl765mqkS4rBasbzDNSHleeyfYXTWyo7UVMY3ttsMqC+1f
 tHHE6X/8kAyPmCSVB3/ZsDcxcX9cRZURImkHvwuswCdygFKT2TuZvWu76CXino6S
 QITIU5gQ+FUlbpuC0bIvCQD5jo4W0RLNJ7O3SEZK81UHXVlDx2G25n3jYfbBCFi6
 q5TIXppWN76acqHupiqCrHUmT1wVHNcNaDCQdfQMMIc1ixrApEPkUCTxJnqbEW1h
 E4qNdKQrSsW1bwsZhuo7gP3aYAbItEkL+3m7xHTLIhY3PTX5XeZ2jPQglOXkyfcl
 UK+6BEZTmnxpsSah6Qwp
 =bijl
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-upstream-pull-request' into staging

# gpg: Signature made Thu 16 Feb 2017 14:35:46 GMT
# gpg:                using RSA key 0xF30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-upstream-pull-request:
  linux-user: Add FICLONE and FICLONERANGE ioctls
  linux-user: Use correct types in load_symbols()
  linux-user: fill target sigcontext struct accordingly
  linux-user: fix tcg/mmap test
  linux-user: fix settime old value location
  linux-user: Update m68k syscall definitions to match Linux 4.6
  linux-user: Update sh4 syscall definitions to match Linux 4.8
  linux-user: manage two new IFLA host message types
  linux-user: Fix mq_open
  linux-user: Fix readahead
  linux-user: Fix inotify_init1 support
  linux-user: Fix s390x safe-syscall for z900
  linux-user: drop __cygwin__ ifdef
  linux-user: remove ifdef __USER_MISC

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-02-16 15:03:28 +00:00
Anton Nefedov
f47291b7a7 vl: log available guest crash information
There is a suitable log mask for the purpose.

Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Message-Id: <1487053524-18674-4-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 15:30:49 +01:00
Anton Nefedov
c86f106b85 report guest crash information in GUEST_PANICKED event
it's not very convenient to use the crash-information property interface,
so provide a CPU class callback to get the guest crash information, and pass
that information in the event

Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Message-Id: <1487053524-18674-3-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 15:30:49 +01:00
Anton Nefedov
d187e08dc4 i386/cpu: add crash-information QOM property
Windows reports BSOD parameters through Hyper-V crash MSRs. This
information is very useful for initial crash analysis and thus
it would be nice to have a way to fetch it.

Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Message-Id: <1487053524-18674-2-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 15:30:49 +01:00
Lin Ma
d9e73d32a8 Makefile: avoid leaving the temporary QEMU_PKGVERSION header file
By commit 67a1de0d, When we perform 'git pull && make && sudo make install',
In 'make' stage a qemu-version.h.tmp will be generated. If the content of
qemu-version.h.tmp and qemu-version.h aren't consistent, The qemu-version.h.tmp
will be renamed to qemu-version.h. Because of the target FORCE, The same action
will be do again in 'make install' stage.

In 'make install' stage, If there is no qemu-version.h.tmp exists and we run
'make install' with sudo, The owner and group of new qemu-version.h.tmp will be
privileged user/group. When we run 'make' next time, qemu-version.h.tmp can't
be overwritten because of permission issue.

This patch removed qemu-version.h.tmp after build to fix this issue.

Signed-off-by: Lin Ma <lma@suse.com>
Message-Id: <20170215024030.23895-1-lma@suse.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 15:30:49 +01:00
Dou Liyang
3741c2503b vl: Move the cpu_synchronize_all_post_init() after generic devices initialization
At the Qemu initialization, we call the cpu_synchronize_all_post_init()
to synchronize All CPU states to KVM in the ./vl.c::main().

Currently, it is called before we initialize the CPUs, which is created
by "-device" command and parsed by generic devices initialization, So,
these CPUs may be ignored to synchronize.

The patch moves the cpu_synchronize_all_post_init func after generic
devices initialization to make sure that all the CPUs can be included.

Signed-off-by: Dou Liyang <douly.fnst@cn.fujitsu.com>
Message-Id: <1485916178-17838-1-git-send-email-douly.fnst@cn.fujitsu.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 15:30:49 +01:00
Richard W.M. Jones
a721f53b8f qemu-nbd: Implement socket activation.
Socket activation (sometimes known as systemd socket activation)
allows an Internet superserver to pass a pre-opened listening socket
to the process, instead of having qemu-nbd open a socket itself.  This
is done via the LISTEN_FDS and LISTEN_PID environment variables, and a
standard file descriptor range.

This change partially implements socket activation for qemu-nbd.  If
the environment variables are set correctly, then socket activation
will happen automatically, otherwise everything works as before.  The
limitation is that LISTEN_FDS must be 1.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Message-Id: <20170204100317.32425-2-rjones@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 15:30:45 +01:00
Helge Deller
21992cb679 linux-user: Add FICLONE and FICLONERANGE ioctls
Add missing FICLONE and FICLONERANGE ioctls.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20170211222602.GA6399@ls3530.fritz.box>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-02-16 15:29:30 +01:00
Peter Maydell
1e06262da6 linux-user: Use correct types in load_symbols()
Coverity doesn't like the code in load_symbols() which assumes
it can use 'int' for a variable that might hold an offset into
the guest ELF file, because in a 64-bit guest that could
overflow. Guest binaries with 2GB sections aren't very likely
and this isn't a security issue because we fully trust the
guest linux-user binary anyway, but we might as well use the
right types, which will placate Coverity. Use uint64_t to
hold section sizes, and bail out if the symbol table is too
large rather than just overflowing an int.

(Coverity issue CID1005776)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <1486249533-5260-1-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-02-16 15:29:30 +01:00
Jose Ricardo Ziviani
26920a2961 linux-user: fill target sigcontext struct accordingly
A segfault is noticed when an emulated program uses any of ucontext
regs fields. Risu detected this issue in the following operation when
handling a signal:
  ucontext_t *uc = (ucontext_t*)uc;
  uc->uc_mcontext.regs->nip += 4;

but this works fine:
  uc->uc_mcontext.gp_regs[PT_NIP] += 4;

This patch set regs to a valid location as well as other sigcontext
fields.

Signed-off-by: Jose Ricardo Ziviani <joserz@linux.vnet.ibm.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1485900317-3256-1-git-send-email-joserz@linux.vnet.ibm.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-02-16 15:29:30 +01:00
Marc-André Lureau
35f2fd04ce linux-user: fix tcg/mmap test
tests/tcg/mmap test fails with values other than default target page
size. When creating a map beyond EOF, extra anonymous pages are added up
to the target page boundary. Currently, this operation is performed only
when qemu_real_host_page_size < TARGET_PAGE_SIZE, but it should be
performed if the configured page size (qemu -p) is larger than
qemu_real_host_page_size too.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
[pranith: dropped checkpatch changes]
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20170119151533.29328-2-bobby.prani@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-02-16 15:29:30 +01:00
Marc-André Lureau
40c80b5e9e linux-user: fix settime old value location
old_value is the 4th argument of timer_settime(), not the 2nd.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20170119151533.29328-1-bobby.prani@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-02-16 15:29:30 +01:00
John Paul Adrian Glaubitz
23d208ce6d linux-user: Update m68k syscall definitions to match Linux 4.6
Signed-off-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20170116224915.19430-2-glaubitz@physik.fu-berlin.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-02-16 15:29:26 +01:00
John Paul Adrian Glaubitz
3148ff8404 linux-user: Update sh4 syscall definitions to match Linux 4.8
Signed-off-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20170116223140.18634-2-glaubitz@physik.fu-berlin.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-02-16 15:29:16 +01:00
Alberto Garcia
41eeb0e601 qemu-doc: Clarify that -vga std is now the default
The QEMU manual page states that Cirrus Logic is the default video
card if the user doesn't specify any. However this is not true since
QEMU 2.2.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Message-Id: <20170127094154.19778-1-berto@igalia.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:56 +01:00
Paolo Bonzini
4515e58d60 cpu-exec: remove outermost infinite loop
Reorganize the sigsetjmp so that the restart case falls through
to cpu_handle_exception and the execution loop.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:56 +01:00
Paolo Bonzini
a42cf3f3f2 cpu-exec: avoid repeated sigsetjmp on interrupts
The sigsetjmp only needs to be prepared once for the whole execution
of cpu_exec.  This patch takes care of the "== 0" side, using a
nested loop so that cpu_handle_interrupt goes straight back to
cpu_handle_exception without doing another sigsetjmp.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:56 +01:00
Paolo Bonzini
209b71b60e cpu-exec: avoid cpu_loop_exit in cpu_handle_interrupt
The siglongjmp goes straight back to the beginning of cpu_exec's
outermost loop.  We do not need a siglongjmp, we can simply
leave the inner TB execution loop.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:56 +01:00
Paolo Bonzini
a70fe14b7d cpu-exec: tighten barrier on TCG_EXIT_REQUESTED
This seems to have worked just fine so far on weakly-ordered
architectures, but I don't see anything that prevents the
reordering from:

    store 1 to exit_request
    store 1 to tcg_exit_req
                                 load tcg_exit_req
                                 store 0 to tcg_exit_req
                                 load exit_request
                                 store 0 to exit_request
    store 1 to exit_request
    store 1 to tcg_exit_req

to this:

    store 1 to exit_request
    store 1 to tcg_exit_req
                                 load tcg_exit_req
                                 load exit_request
    store 1 to exit_request
    store 1 to tcg_exit_req
                                 store 0 to tcg_exit_req
                                 store 0 to exit_request

therefore losing a request.  It's possible that other memory barriers
(e.g. in rcu_read_unlock) are hiding it, but better safe than
sorry.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:56 +01:00
Paolo Bonzini
43d70ddf9f cpu-exec: fix icount out-of-bounds access
When icount is active, tb_add_jump is surprisingly called with an
out of bounds basic block index.  I have no idea how that can work,
but it does not seem like a good idea.  Clear *last_tb for all
TB_EXIT_ICOUNT_EXPIRED cases, even when all you have to do is
refill icount_extra.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:56 +01:00
Thomas Huth
d9ff1d35c5 hw/char/mcf_uart: QOMify the ColdFire UART
Use type_init() etc. to adapt the ColdFire UART
to the latest QEMU device conventions.

Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <1485586582-6490-1-git-send-email-huth@tuxfamily.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:56 +01:00
Claudio Imbrenda
544177ad1c gdbstub: Fix vCont behaviour
When GDB issues a "vCont", QEMU was not handling it correctly when
multiple VCPUs are active.
For vCont, for each thread (VCPU), it can be specified whether to
single step, continue or stop that thread. The default is to stop a
thread.
However, when (for example) "vCont;s:2" is issued, all VCPUs continue
to run, although all but VCPU nr 2 are to be stopped.

This patch completely rewrites the vCont parsing code.

Please note that this improvement only works in system emulation mode,
when in userspace emulation mode the old behaviour is preserved.

Signed-off-by: Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>
Message-Id: <1487092068-16562-3-git-send-email-imbrenda@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:56 +01:00
Claudio Imbrenda
2d76e82395 move vm_start to cpus.c
This patch:

* moves vm_start to cpus.c.
* exports qemu_vmstop_requested, since it's needed by vm_start.
* extracts vm_prepare_start from vm_start; it does what vm_start did,
  except restarting the cpus.
* vm_start now calls vm_prepare_start and then restarts the cpus.

Signed-off-by: Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>
Message-Id: <1487092068-16562-2-git-send-email-imbrenda@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:55 +01:00
Ed Swierk
1c64fdbc81 char: drop data written to a disconnected pty
When a serial port writes data to a pty that's disconnected, drop the
data and return the length dropped. This avoids triggering pointless
retries in callers like the 16550A serial_xmit(), and causes
qemu_chr_fe_write() to write all data to the log file, rather than
logging only while a pty client like virsh console happens to be
connected.

Signed-off-by: Ed Swierk <eswierk@skyportsystems.com>
Message-Id: <1485870329-79428-1-git-send-email-eswierk@skyportsystems.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:55 +01:00
Pavel Dovgalyuk
f65e821262 apic: reset apic_delivered global variable on machine reset
This patch adds call to apic_reset_irq_delivered when the virtual
machine is reset.

Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Message-Id: <20170131114054.276.62201.stgit@PASHA-ISP>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:55 +01:00
Anton Nefedov
b0a335e351 qemu-char: socket backend: disconnect on write error
Socket backend read handler should normally perform a disconnect, however
the read handler may not get a chance to run if the frontend is not ready
(qemu_chr_be_can_write() == 0).

This means that in virtio-serial frontend case if
 - the host has disconnected (giving EPIPE on socket write)
 - and the guest has disconnected (-> frontend not ready -> backend
   will not read)
 - and there is still data (frontend->backend) to flush (has to be a really
   tricky timing but nevertheless, we have observed the case in production)

This results in virtio-serial trying to flush this data continiously forming
a busy loop.

Solution: react on write error in the socket write handler.
errno is not reliable after qio_channel_writev_full(), so we may not get
the exact EPIPE, so disconnect on any error but QIO_CHANNEL_ERR_BLOCK which
io_channel_send_full() converts to errno EAGAIN.
We must not disconnect right away though, there still may be data to read
(see 4bf1cb0).

Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Daniel P. Berrange <berrange@redhat.com>
CC: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1486045589-8074-1-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:55 +01:00
Paolo Bonzini
a3fd46152e test-vmstate: remove yield_until_fd_readable
The function is not needed anymore now that migration is built on
top of QIOChannel.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:55 +01:00
Peter Xu
b7a4104b73 kvm/ioapic: correct kvm ioapic version
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <1486106298-3699-4-git-send-email-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:55 +01:00
Peter Xu
8d5516be12 ioapic: fix error report value of def version
It should be 0x20, rather than 0x11.

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <1486106298-3699-3-git-send-email-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:55 +01:00
Peter Xu
c6fcb0e201 kvm/ioapic: dump real object instead of a fake one
When we do "info ioapic" for kvm ioapic, we were building up a temporary
ioapic object. Let's fetch the real one and update correspond to the
real object as well.

This fixes printing uninitialized version field in
ioapic_print_redtbl().

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <1486106298-3699-2-git-send-email-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16 14:06:55 +01:00
Peter Maydell
ca5266de6c -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJYo88zAAoJEO8Ells5jWIRal0H/3iRDDvo6lj+mjQySNBOdMZJ
 BGqqG6SqqX6kJaoBldAyIyVpRWOrVPZGkX4HfUQkAcdWtv5QRMselyhOlhxJRYD8
 jUixpxX2oXD/gokkbsMJOH5KMPea5E7J/IBWC9c+Rgh6VV91r0/pML68piA8sDqU
 GZpNVhCWwUBEx4ZWy1wdKpreEsNy7fb3MuWmqFDNGSLEN2/JCqx+mrY+WvagmGAM
 HpmcS4Sflm5OUi7dcedB7gcYCbeIAIjaxKpjWtHaHlyFmdFlwDXFFEXlEHjrpjqw
 SrYacth/Xj/lcbRFQ65dMe7lxtKvt8a9PW4RVD/Iiw3bHj9bEmdGd+Ki815DcQg=
 =O8NL
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Wed 15 Feb 2017 03:46:59 GMT
# gpg:                using RSA key 0xEF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  net: e1000e: fix an infinite loop issue
  net: imx: limit buffer descriptor count
  colo-compare: sort TCP packet queue by sequence number
  net: e1000e: fix dead code in e1000e_write_packet_to_guest
  net: Mark 'vlan' parameter as deprecated

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-02-16 12:36:24 +00:00
Li Qiang
4154c7e03f net: e1000e: fix an infinite loop issue
This issue is like the issue in e1000 network card addressed in
this commit:
e1000: eliminate infinite loops on out-of-bounds transfer start.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-02-15 11:18:57 +08:00
Prasad J Pandit
81f17e0d43 net: imx: limit buffer descriptor count
i.MX Fast Ethernet Controller uses buffer descriptors to manage
data flow to/fro receive & transmit queues. While transmitting
packets, it could continue to read buffer descriptors if a buffer
descriptor has length of zero and has crafted values in bd.flags.
Set an upper limit to number of buffer descriptors.

Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-02-15 11:18:57 +08:00
Zhang Chen
a935cc3132 colo-compare: sort TCP packet queue by sequence number
Improve efficiency of TCP packet comparison.

Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-02-15 11:18:57 +08:00
Paolo Bonzini
e514fc7e12 net: e1000e: fix dead code in e1000e_write_packet_to_guest
Because is_first is declared inside a loop, it is always true.  The store
is dead, and so is the "else" branch of "if (is_first)".  is_last is
okay though.

Reported by Coverity.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-02-15 11:18:57 +08:00
Thomas Huth
a2dbe1356f net: Mark 'vlan' parameter as deprecated
The 'vlan' parameter is a continuous source of confusion for the users,
many people mix it up with the more common term VLAN (the link layer
packet encapsulation), and even if they realize that the QEMU 'vlan' is
rather some kind of network hub emulation, there is still a high risk
that they configure their QEMU networking in a wrong way with this
parameter (e.g. by hooking NICs together, so they get a 'loopback'
between one and the other NIC).
Thus at one point in time, we should finally get rid of the 'vlan'
feature in QEMU. Let's do a first step in this direction by declaring
the 'vlan' parameter as deprecated and informing the users to use the
'netdev' parameter instead.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-02-15 11:18:57 +08:00
Laurent Vivier
a1488b8661 linux-user: manage two new IFLA host message types
Add QEMU_IFLA_GSO_MAX_SEGS and QEMU_IFLA_GSO_MAX_SIZE
in host_to_target_data_link_rtattr().

These two messages are sent by the host kernel when
we use "sudo".

Found with qemu-m68k and Debian etch-m68k (sudo 1.6.8p12-4) and
host kernel 4.7.6-200.fc24.x86_64

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1477530049-15676-1-git-send-email-laurent@vivier.eu>
2017-02-14 18:08:11 +01:00
Lena Djokic
2640077527 linux-user: Fix mq_open
If fourth argument is NULL it should be passed without
using lock_user function which would, in that case, return
EFAULT, and system call supports passing NULL as fourth argument.

Signed-off-by: Lena Djokic <Lena.Djokic@rt-rk.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2017-02-14 17:18:03 +01:00
Lena Djokic
77c6850fd7 linux-user: Fix readahead
Calculation of 64-bit offset was not correct for all cases.

Signed-off-by: Lena Djokic <Lena.Djokic@rt-rk.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2017-02-14 17:18:03 +01:00
Lena Djokic
fea243e90a linux-user: Fix inotify_init1 support
This commit adds necessary conversion of argument passed to inotify_init1.
inotify_init1 flags can be IN_NONBLOCK and IN_CLOEXEC which rely on O_NONBLOCK
and O_CLOEXEC and those can have different values on different platforms.

Signed-off-by: Lena Djokic <Lena.Djokic@rt-rk.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2017-02-14 17:18:03 +01:00
Richard Henderson
6cde51769e linux-user: Fix s390x safe-syscall for z900
The LT instruction was added in the extended immediate facility
introduced with the z9-109 processor.

Cc: Riku Voipio <riku.voipio@iki.fi>
Reported-by: Michael Tokarev <mjt@tls.msk.ru>
Fixes: c9bc3437a9
Suggested-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2017-02-14 17:18:03 +01:00
Riku Voipio
5fbf66e6a1 linux-user: drop __cygwin__ ifdef
linux-user doesn't work on cygwin anyways.

Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2017-02-14 17:18:03 +01:00
Riku Voipio
b9a0be9239 linux-user: remove ifdef __USER_MISC
This preprocessor macro isn't set anywhere. Remove
the check so -strace can show these options.

Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2017-02-14 17:18:03 +01:00
Peter Maydell
5dae13cd71 Queued openrisc patches
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJYoiM/AAoJEK0ScMxN0CebYVwIAIGCLck2AG7mgY377NerD7zj
 Z8PZ/0Rpx75Hin2JVx/E6haXjBZMYdGhi55RtffmLCVr52kFap8hfwpISPEo0V3Y
 XGg13lYlsDq+nzOx/YQvsYZg7JKFhu9m3w39ZoFL4YSMPoDgOBMx8dOZ/Oa7i6AQ
 n006YXVs5rDZhcm36Uwy3e0+gz5Cuzy4u3KsCdRWX5poSWuR0NXV/Apbhgq7i70l
 7c+R3Y+vlv7weWFr2svuIiX7hXt/2pCHH0KLWJoxH2fj/bo9A2DzGSnYhGxNYKu6
 cvqpsvolmBdv+yyXyeF3Yj7yldUv7wcTQVviOLbqZgIf7GweNurvUFf64HJs4tU=
 =wDfr
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-or-20170214' into staging

Queued openrisc patches

# gpg: Signature made Mon 13 Feb 2017 21:21:03 GMT
# gpg:                using RSA key 0xAD1270CC4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"
# Primary key fingerprint: 9CB1 8DDA F8E8 49AD 2AFC  16A4 AD12 70CC 4DD0 279B

* remotes/rth/tags/pull-or-20170214: (24 commits)
  target/openrisc: Optimize for r0 being zero
  target/openrisc: Tidy handling of delayed branches
  target/openrisc: Tidy ppc/npc implementation
  target/openrisc: Optimize l.jal to next
  target/openrisc: Fix madd
  target/openrisc: Implement muld, muldu, macu, msbu
  target/openrisc: Represent MACHI:MACLO as a single unit
  target/openrisc: Implement msync
  target/openrisc: Enable trap, csync, msync, psync for user mode
  target/openrisc: Set flags on helpers
  target/openrisc: Use movcond where appropriate
  target/openrisc: Keep SR_CY and SR_OV in a separate variables
  target/openrisc: Keep SR_F in a separate variable
  target/openrisc: Invert the decoding in dec_calc
  target/openrisc: Put SR[OVE] in TB flags
  target/openrisc: Streamline arithmetic and OVE
  target/openrisc: Rationalize immediate extraction
  target/openrisc: Tidy insn dumping
  target/openrisc: Implement lwa, swa
  target/openrisc: Fix exception handling status registers
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-02-14 09:55:48 +00:00
Richard Henderson
6597c28d61 target/openrisc: Optimize for r0 being zero
The HW does not special-case r0, but the ABI specifies that r0 should
contain 0.  If we expose this fact to the optimizer, we can simplify
a lot of the generated code.  We must of course verify that r0==0, but
that is trivial to do with a TB flag.

Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-02-14 08:15:00 +11:00
Richard Henderson
a01deb36a6 target/openrisc: Tidy handling of delayed branches
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-02-14 08:15:00 +11:00
Richard Henderson
24c328521b target/openrisc: Tidy ppc/npc implementation
The NPC SPR is really only supposed to be used for FPGA debugging.
It contains the same contents as PC, unless one plays games.  Follow
the or1ksim implementation in flushing delayed branch state when it
is changed.

The PPC SPR need not be updated every instruction, merely when we
exit the TB or attempt to read its contents.

Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-02-14 08:15:00 +11:00
Richard Henderson
a8000cb480 target/openrisc: Optimize l.jal to next
This allows the tcg optimizer to see, and fold, all of the
constants involved in a GOT base register load sequence.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-02-14 08:15:00 +11:00
Richard Henderson
762e22edcd target/openrisc: Fix madd
Note that the specification for lf.madd.s is confused.  It's
the only mention of supposed FPMADDHI/FPMADDLO special registers.
On the other hand, or1ksim implements a somewhat normal non-fused
multiply and add.  Mirror that.

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-02-14 08:15:00 +11:00