Like all block drivers virtio-blk should not allow small than block size
granularity access. But given that the protocol specifies a
byte unit length field we currently accept such requests, which cause
qemu to abort() in lower layers. Add checks to the main read and
write handlers to catch them early.
Reported-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Tested-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The specification for the virtio balloon device requres that the values
in the config space be encoded little-endian. This differs from most
virtio things, where guest-native endian is the norm.
Currently, the qemu virtio-balloon code correctly makes the conversion
on get_config(), but doesn't on set_config for the 'actual' field. The
kernel driver, on the other hand, correctly converts when setting the
actual field, but does not convert when reading the config space. The
upshot is that virtio-balloon will only work correctly if both host and
guest are LE, making all the conversions nops.
This patch corrects the qemu side, correctly doing host-native <-> LE
conversions when accessing the config space. This won't break any setups
that aren't already broken, and fixes the case of BE host, LE guest.
Fixing the BE guest case will require kernel fixes as well.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
The 9p code already contains an attempt at the necessary endian
conversions, but it's broken.
The code which does conversion from host to guest does it correctly
and this code was copied to the function which does guest to host
conversion. However the copied code hasn't been correctly updated, so
it first endian converts some garbage on the stack and then overwrites
it with a field from incoming packet without conversion.
The patch fixes the mistakes.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Compiling with the DEBUG macro causes leaves hw/spapr_llan.c with an
unused variable, which is treated as an error in the qemu build.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
In previous life qdev_init_nofail() used to call hw_error() which
did register dump and other scary things. Now it calls
error_report() and does a regular exit(1). Fix the comment
to match reality.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
While looking at David Gibson's build-fix for hw/usb-ccid.c, I noticed a spello
in a comment on the following (unchanged) line.
Signed-off-by: Brad Hards <bradh@frogmouth.net>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
We need to keep DIR register unchanged across migration, but currently it
depends on the media_changed flags from block layer. Since we do not
save/restore it and the bdrv_open() called in dest node may set the
media_changed flag when trying to open floppy image, guest driver may think the
floppy have changed after migration. To fix this, a new filed media_changed in
FDrive strcutre was introduced in order to save and restore the it from block
layer through pre_save/post_load callbacks.
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
factor out ide initialization to call drive_get(IF_IDE)
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Bug fix: routines 'ioreq_runio_qemu_sync' and 'ioreq_runio_qemu_aio'
won't call 'ioreq_unmap' or 'ioreq_finish' on errors, leaving ioreq in
the blkdev->inflight list and a leak.
Signed-off-by: Feiran Zheng <famcool@gmail.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This is similar to pci_register_bar(), but automatically registers a single
memory region spanning the entire BAR.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Cirrus VGA (at least) calls register memory region
with the same values again and again. The
registration in vhost-net slows this a lot,
optimize by checking that the same data is already registered.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
At one point, usb-ccid.c attempts to use a %lX format specifier to print
a uint64_t, which is only correct on some host platforms. This patch
corrects the statement to use the stdint specified PRIX64 constant instead.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This patch adds almost complete support for the Milkymist system-on-chip
(http://www.milkymist.org).
Additional to running bare metal applications, booting a linux kernel with
initrd is supported.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds wrappers for easy creation of the qdev devices.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for Milkymist's VGA framebuffer.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for Milkymist's simple UART.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for Milkymist's texture mapping unit. For fast
computation this model needs hardware accelerated 3D graphics support
(OpenGL). There is no graphical output, all computations belong to internal
framebuffers only.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for Milkymist's System Controller core. The model
has the following features:
- support for shutting down and restarting the board
- provide two timers and GPIO
- provide registers for system identification and reading the boards
capabilities
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for Milkymist's SoftUSB core. This model differ
from the real hardware in its functionality. The real hardware consits of a
tiny freely programmable microcontroller which controls the USB ports. For
simplicity reasons, this model emulates only keyboard and mouse input
devices, eg. input events translates directly to the corresponding expected
messages.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for Milkymist's Programmable FPU.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for Milkymist's minimal Ethernet MAC.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for Milkymist's memory card core.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for the Milkymist's High Performance Dynamic Memory
Controller. This is just a dumb model without any functionality. While the
real hardware acts for example as a bridge between software and hardware
for sending SDRAM commans, this model will only eat up these commands and
always returns the expected hardware states, eg. PLL locked etc.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This patch adds support for the Milkymist AC97 compatible sound output and
input core.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Commit 6b331efb73 broke the s390 proxy version
of virtio-serial by only taking its PCI brother into account.
So let's adjust s390-virtio-serial the same way as its PCI counterpart, making
it compile and work again.
Signed-off-by: Alexander Graf <agraf@suse.de>
CC: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
We have two different virtio buses: pci and s390. The abstraction path
taken in qemu is to have generic aliases for each device type in the
architecture specific qdev devices.
So let's make use of these aliases whenever we can and define them
whenever we can.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
arpa/inet.h is not available for w32, so commit
edbb21363f breaks
w32 compilations.
This is fixed by using qemu_socket.h.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Reviewed-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Rx and Tx descriptors are 16 byte aligned, so the lower bits are
ignored by real hardware. In fact, they always read back as zero on real
hardware, but probably nobody relies on that.
Signed-off-by: Kevin Wolf <mail@kevin-wolf.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add a model of the ARM Versatile Express board (with A9MPx4
daughterboard).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This devices uses libcacard (internal) to emulate a smartcard conforming
to the CAC standard. It attaches to the usb-ccid bus. Usage instructions
(example command lines) are in the following patch in docs/ccid.txt. It
uses libcacard which uses nss, so it can work with both hw cards and
certificates (files).
Signed-off-by: Alon Levy <alevy@redhat.com>
---
changes from v20->v21: (Jes Sorenson review)
* cosmetics
* use qemu-thread and qemu_malloc/qemu_free
changes from v19->v20:
* checkpatch.pl
changes from v18->v19:
* add qdev.desc
* backend: drop the enumeration property, back to using a string one.
changes from v16->v17:
* use PROP_TYPE_ENUM for backend
changes from v15->v16:
* fix error reporting in initfn
* bump copyright year
* update copyright license
changes from v1:
* remove stale comments, use only c-style comments
* bugfix, forgot to set recv_len
* change reader name to 'Virtual Reader'
The passthru ccid card is a device sitting on the usb-ccid bus and
using a chardevice to communicate with a remote device using the
VSCard protocol defined in libcacard/vscard_common.h
Usage docs available in following patch in docs/ccid.txt
Signed-off-by: Alon Levy <alevy@redhat.com>
---
Changes from v23->v24:
* fixed double license line in header.
Changes from v20->v21: (Jes Sorensen review)
* add reference to COPYING in header
* long comment reformatting
Changes from v19->v20:
* checkpatch.pl
Changes from v18->v19:
* add qdev.desc
* remove .qdev.unplug (no hot unplug support for ccid bus)
Changes from v16->v17:
* fix wrong cast when receiving VSC_Error
* ccid-card-passthru: force chardev user wakeup by sending Init
see lengthy comment below.
Changes from v15->v16:
Behavioral changes:
* return correct size
* return error instead of assert if client sent too large ATR
* don't assert if client sent too large a size, but add asserts for indices to buffer
* reset vscard_in indices on chardev disconnect
* handle init from client
* error if no chardev supplied
* use ntoh, hton
* eradicate reader_id_t
* remove Reconnect usage (removed from VSCARD protocol)
* send VSC_SUCCESS on card insert/remove and reader add/remove
Style fixes:
* width of line fix
* update copyright
* remove old TODO's
* update file header comment
* use macros for debug levels
* c++ style comment replacement
* update copyright license
* fix ATR size comment
* fix whitespace in struct def
* fix DPRINTF prefix
* line width fix
ccid-card-passthru: force chardev user wakeup by sending Init
The problem: how to wakeup the user of the smartcard when the smartcard
device is initialized?
Long term solution: have a callback interface. This was done via
the deprecated so called chardev ioctl interface.
Short term solution: do a write. Specifically we write an Init message.
And we change the client to send it's own Init message regardless of
receiving this one. Additional Init messages will be regarded as
acceptable, the first one received after connection establishment is
the determining one wrt capabilities.
A CCID device is a smart card reader. It is a USB device, defined at [1].
This patch introduces the usb-ccid device that is a ccid bus. Next patches will
introduce two card types to use it, a passthru card and an emulated card.
[1] http://www.usb.org/developers/devclass_docs/DWG_Smart-Card_CCID_Rev110.
Signed-off-by: Alon Levy <alevy@redhat.com>
---
changes from v20->v21: (Jes Sorenson review)
* cosmetic changes - fix multi line comments.
* reorder fields in USBCCIDState
* add reference to COPYING
* add --enable-smartcard and --disable-smartcard here (moved
from last patch)
changes from v19->v20:
* checkpatch.pl
changes from v18->v19:
* merged: ccid.h: add copyright, fix define and remove non C89 comments
* add qdev.desc
changes from v15->v16:
Behavioral changes:
* fix abort on client answer after card remove
* enable migration
* remove side affect code from asserts
* return consistent self-powered state
* mask out reserved bits in ccid_set_parameters
* add missing abRFU in SetParameters (no affect on linux guest)
whitefixes / comments / consts defines:
* remove stale comment
* remove ccid_print_pending_answers if no DEBUG_CCID
* replace printf's with DPRINTF, remove DEBUG_CCID, add verbosity defines
* use error_report
* update copyright (most of the code is not original)
* reword known bug comment
* add missing closing quote in comment
* add missing whitespace on one line
* s/CCID_SetParameter/CCID_SetParameters/
* add comments
* use define for max packet size
Comment for "return consistent self-powered state":
the Configuration Descriptor bmAttributes claims we are self powered,
but we were returning not self powered to USB_REQ_GET_STATUS control message.
In practice, this message is not sent by a linux 2.6.35.10-74.fc14.x86_64
guest (not tested on other guests), unless you issue lsusb -v as root (for
example).
Correct the condition determining whether we instantiate the onboard
NIC or a PCI card NIC on VersatilePB and Realview boards. This was broken
in two ways:
(1) if the user asked for two default NICs ("-net nic -net nic") we would
crash trying to strcmp() a NULL pointer
(2) if the user asked for two NICs explicitly of the same model as the
onboard NIC (eg "-net nic,model=smc91c111 -net nic,model=smc91c111")
we would try to instantiate two onboard NICs at the same address.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The problem is with definitions in hw/pcnet.c such as:
#define CSR_CRDA(S) ((S)->csr[28] | ((S)->csr[29] << 16))
"(S)->csr[29]" is a uint16_t, but "(S)->csr[29] << 16" gets promoted to
int, so the overall CSR_CRDA(s) is a (signed) int rather than a uint32_t.
This then gets assigned to a uint64_t using
target_phys_addr_t crda = CSR_CRDA(s);
so when (S)->csr[29] has the high bit set, we end up with
crda=0xffffffffxxxxxxxx.
From: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
If these messages are not handled correctly the guest driver may hang.
Always mandatory:
- ABORT
- BUS DEVICE RESET
Mandatory if tagged queuing is implemented (which disks usually do):
- ABORT TAG
- CLEAR QUEUE
Signed-off-by: Bernhard Kohl <bernhard.kohl@nsn.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
I enable acpi_piix4 debug, and got the following build errors:
# make
CC libhw64/acpi_piix4.o
cc1: warnings being treated as errors
/home/wency/source/qemu/hw/acpi_piix4.c: In function ‘pm_ioport_write’:
/home/wency/source/qemu/hw/acpi_piix4.c:193: error: format ‘%04x’ expects type ‘unsigned int’, but argument 2 has type ‘uint64_t’
/home/wency/source/qemu/hw/acpi_piix4.c:193: error: format ‘%04x’ expects type ‘unsigned int’, but argument 3 has type ‘uint64_t’
/home/wency/source/qemu/hw/acpi_piix4.c: In function ‘pm_ioport_read’:
/home/wency/source/qemu/hw/acpi_piix4.c:219: error: format ‘%04x’ expects type ‘unsigned int’, but argument 2 has type ‘uint64_t’
make[1]: *** [acpi_piix4.o] Error 1
make: *** [subdir-libhw64] Error 2
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
