This was done with:
sed -i '/get_clock\>.*rt_clock/s/get_clock\>/get_clock_ms/' \
$(git grep -l 'get_clock\>.*rt_clock' )
sed -i '/new_timer\>.*rt_clock/s/new_timer\>/new_timer_ms/' \
$(git grep -l 'new_timer\>.*rt_clock' )
after checking that get_clock and new_timer never occur twice
on the same line. There were no missed occurrences; however, even
if there had been, they would have been caught by the compiler.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
make the code compile correctly when DEBUG is activated.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
x.tp_buf was declared as a uint8_t array, but always used as
a char array (which needed a lot of type casts).
The patch includes these changes:
* Fix declaration of x.tp_buf and remove all type casts.
* Use offsetof() to get the offset of x.tp_buf.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Since the addition of the slirp member to struct mbuf, the value of
SLIRP_MSIZE and the initialization of m_size have not been correct,
resulting in overrunning the end of the malloc'd buffer in some cases.
Signed-off-by: Bruce Rogers <brogers@novell.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
According to RFC 1350 (TFTP Revision 2) the mode field can contain any
combination of upper and lower case; also RFC 2349 propagates that the
transfer size option ("tsize") is case in-sensitive too.
Current implementation of embedded TFTP server missed that what does
mess some TFTP clients. Fixed by using STRCASECMP(3) in the required
places.
Signed-off-by: Sergei Gavrikov <sergei.gavrikov@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Edgar E. Iglesias <edgar@axis.com>
Slirp code tries to be smart an avoid data copy by using pointer to
the data. This solution leads to unaligned access, in this case
preq_addr, which is a 32-bit long structure. There is no real point
of avoiding data copy in a such case, as the value itself is smaller
or the same size as a pointer.
The patch replaces pointers to the preq_addr structure by the strcture
itself, and use the address 0.0.0.0 if no address has been requested
(this is not a valid address in such a request). It compares it with
htonl(0L) for correctness reasons, in case a code checker look for such
mistakes. It also uses memcpy() for copying the data, which takes care
of alignement issues.
This fixes an unaligned access on IA64 host while requesting a DHCP
address.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Neither DECLARE_SPRINTF nor BAD_SPRINTF are needed for QEMU.
QEMU won't support systems with missing or bad declarations
for sprintf. The unused code was detected while looking for
functions with missing format checking. Instead of adding
GCC_FMT_ATTR, the unused code was removed.
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Haiku has O_BINARY in fcntl.h.
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
IEEE 802.3 standard requires Ethernet frames to be at least 64 bytes long.
If it is not the case, they will be considered as runt frames, and may be ignored by netcard and/or OS
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Packets with TTL=1 may be directed to local network (DHCP/DNS servers for example), so don't discard them
This is required by old versions of NetBSD which send DHCP DISCOVER packets with TTL=1
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
The previous patches replaced u_int8_t, u_int16_t, u_int32_t, u_int64_t
by standard int types from stdint.h,
so we can now remove their declarations which are no longer needed.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
There is no need to have a second set of integral types.
Replace them by the standard types from stdint.h.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When available, we'd like to be able to access the DeviceState
when registering a savevm. For buses with a get_dev_path()
function, this will allow us to create more unique savevm
id strings.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A data structure of type sockaddr_in is allocated from stack but not
properly initialized. This may lead to a failure in the bind() call
later on. Fixed by filling the contents of the structure with zeroes
before using it.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Commits 376253ec..731b0364 introduced global variable cur_mon, which
points to the "default monitor" (if any), except during execution of
monitor_read() or monitor_control_read() it points to the monitor from
which we're reading instead (the "current monitor"). Monitor command
handlers run within monitor_read() or monitor_control_read().
Default monitor and current monitor are really separate things, and
squashing them together is confusing and error-prone.
For instance, usb_host_scan() can run both in "info usbhost" and
periodically via usb_host_auto_check(). It prints to cur_mon, which
is what we want in the former case: the monitor executing "info
usbhost". But since that's the default monitor in the latter case, it
periodically spams the default monitor there.
A few places use cur_mon to log stuff to the default monitor. If we
ever log something while cur_mon points to current monitor instead of
default monitor, the log temporarily "jumps" to another monitor.
Whether that can or cannot happen isn't always obvious.
Maybe logging to the default monitor (which may not even exist) is a
bad idea, and we should log to stderr or a logfile instead. But
that's outside the scope of this commit.
Change cur_mon to point to the current monitor. Create new
default_mon to point to the default monitor. Update users of cur_mon
accordingly.
This fixes the periodical spamming of the default monitor by
usb_host_scan(). It also stops "log jumping", should that problem
exist.
Although the value stored to 'r' is used in the enclosing expression,
the value is never actually read from 'r'.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Most of these are obvious NULL-deref bug fixes, for example,
the ones in these files:
block/curl.c
net.c
slirp/misc.c
and the first one in block/vvfat.c.
The others in block/vvfat.c may not lead to an immediate segfault, but I
traced the two schedule_rename(..., strdup(path)) uses, and a failed
strdup would appear to trigger this assertion in handle_renames_and_mkdirs:
assert(commit->path);
The conversion to use qemu_strdup in envlist_to_environ is not technically
needed, but does avoid a theoretical leak in the caller when strdup fails
for one value, but later succeeds in allocating another buffer(plausible,
if one string length is much larger than the others). The caller does
not know the length of the returned list, and as such can only free
pointers until it hits the first NULL. If there are non-NULL pointers
beyond the first, their buffers would be leaked. This one is admittedly
far-fetched.
The two in linux-user/main.c are worth fixing to ensure that an
OOM error is diagnosed up front, rather than letting it provoke some
harder-to-diagnose secondary error, in case of exec failure, or worse, in
case the exec succeeds but with an invalid list of command line options.
However, considering how unlikely it is to encounter a failed strdup early
in main, this isn't a big deal. Note that adding the required uses of
qemu_strdup here and in envlist.c induce link failures because qemu_strdup
is not currently in any library they're linked with. So for now, I've
omitted those changes, as well as the fixes in target-i386/helper.c
and target-sparc/helper.c.
If you'd like to see the above discussion (or anything else)
in the commit log, just let me know and I'll be happy to adjust.
>From 9af42864fd1ea666bd25e2cecfdfae74c20aa8c7 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Mon, 8 Feb 2010 18:29:29 +0100
Subject: [PATCH] don't dereference NULL after failed strdup
Handle failing strdup by replacing each use with qemu_strdup,
so as not to dereference NULL or trigger a failing assertion.
* block/curl.c (curl_open): s/\bstrdup\b/qemu_strdup/
* block/vvfat.c (init_directories): Likewise.
(get_cluster_count_for_direntry, check_directory_consistency): Likewise.
* net.c (parse_host_src_port): Likewise.
* slirp/misc.c (fork_exec): Likewise.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
According to RFC 1350 and RFC 2347, TFTP server should answer RRQ by
either OACK or DATA packet. Qemu's internal TFTP server answers RRQ with
additional options by sending both OACK and DATA packet, thus breaking
the "lock-step" feature of the protocol, and also confuses client.
Proposed solution would be to, in case of OACK packet, wait for ACK
from client and just then start sending data. Attached patch implements
this.
Signed-off-by: Thomas Horsten <thomas@horsten.com>
Signed-off-by: Milan Plzik <milan.plzik@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If a PXE client only wants to find out the size of a file, it will
open the file and then abort the transfer by sending a TFTP ERROR packet.
The ERROR packet should cause qemu to terminate the session. If not,
the sessions will soon run out and cause timeouts in the client.
Also, if a TFTP session already exists with same IP/UDP port, it
should be terminated when a new RRQ is received, instead of creating a
duplicate (which will never be used).
A patch for gPXE to send the ERROR packet is also being submitted to
gPXE. Together they resolve slowness/hanging when booting pxegrub from
qemu's internal TFTP server. The patch from Milan Plzik to return
after sending OACK is also required for a complete fix.
Signed-off-by: Thomas Horsten <thomas@horsten.com>
Signed-off-by: Milan Plzik <milan.plzik@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
CC slirp/misc.o
cc1: warnings being treated as errors
slirp/misc.c: In function 'fork_exec':
slirp/misc.c:209: error: ignoring return value of 'write', declared with attribute warn_unused_result
make: *** [slirp/misc.o] Error 1
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
At least under some mingw compilers slirp networking fails without declaring
these fields packed.
From: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Riku Voipio <riku.voipio@nokia.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
We're leaking file descriptors to child processes. Set FD_CLOEXEC on file
descriptors that don't need to be passed to children to stop this misbehaviour.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
460fec67ee introduced a use-after free in slirp.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Problem: Our file sys-queue.h is a copy of the BSD file, but there are
some additions and it's not entirely compatible. Because of that, there have
been conflicts with system headers on BSD systems. Some hacks have been
introduced in the commits 15cc923584,
f40d753718,
96555a96d7 and
3990d09adf but the fixes were fragile.
Solution: Avoid the conflict entirely by renaming the functions and the
file. Revert the previous hacks.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Starting with commit df7a86ed73,
mingw32 builds result in a compiler warning for dns_addr:
CC slirp/slirp.o
/home/stefan/src/qemu/savannah/qemu/slirp/slirp.c:50: warning: missing braces around initializer
/home/stefan/src/qemu/savannah/qemu/slirp/slirp.c:50: warning: (near initialization for ‘dns_addr.S_un’)
Removing the assignment fixes the warning without the need of special code
for mingw32 (and also saves some bytes in the resulting binary).
To fix another potential compiler warning, the missing 'static'
attribute was added.
The same changes were applied to dns_addr_time.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Currently the qemu user-mode networking stack reads the host DNS
configuration (/etc/resolv.conf or the Windows equivalent) only once
when qemu starts. This causes name lookups in the guest to fail if the
host is moved to a different network from which the original DNS servers
are unreachable, a common occurrence when the host is a laptop.
This patch changes the slirp code to read the host DNS configuration on
demand, caching the results for at most 1 second to avoid unnecessary
overhead if name lookups occur in rapid succession. On non-Windows
hosts, /etc/resolv.conf is re-read only if the file has been replaced or
if its size or mtime has changed.
Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Three problems with our_addr:
- It's determined only once when qemu starts, but the address can change
(just like the DNS configuration can).
- It's supposed to be the IP address of a host network interface, but
there's no guarantee that gethostbyname(gethostname()) actually does
that: the host might be a laptop that has only a loopback interface up,
or the hostname might be localhost.localdomain, etc.
- It's useless at best: get_dns_addr() calls it, there's no reason to
send DNS requests to a different IP address if you're running a DNS
server on the host and resolv.conf points to 127.0.0.1.
These problems are easily solved by removing the code.
Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Calling gettimeofday() to compute a time interval can cause problems if
the system clock jumps forwards or backwards; replace updtime() with
qemu_get_clock(rt_clock), which calls clock_gettime(CLOCK_MONOTONIC) if
it is available.
Also remove some useless macros.
Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The UDP emulation code for talk has been commented out since the
beginning of time, and unless someone who runs CU-SeeMe on qemu with
user-mode networking can vouch that the special magic (a) is necessary
and (b) works, let's get rid of the code.
Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Unless a virtual server address was explicitly defined (which is
impossible with the legacy -net channel format), guestfwd did not
properly forwarded host->guest packets. This patch fixes it.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
[ Applies on top of my recently posted slirp series. ]
Allow tftp requests with filenames that do not start with a slash.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Once again this was a long journey to reach the destination: Allow to
instantiate slirp multiple times. But as in the past, the journey was
worthwhile, cleaning up, fixing and enhancing various parts of the user
space network stack along the way.
What is this particular change good for? Multiple slirps instances
allow separated user space networks for guests with multiple NICs. This
is already possible, but without any slirp support for the second
network, ie. without a chance to talk to that network from the host via
IP. We have a legacy guest system here that benefits from this slirp
enhancement, allowing us to run both of its NICs purely over
unprivileged user space IP stacks.
Another benefit of this patch is that it simply removes an artificial
restriction of the configuration space qemu is providing, avoiding
another source of surprises that users may face when playing with
possible setups.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Allocate the internal slirp state dynamically and provide and call
slirp_cleanup to properly release it after use. This patch finally
unbreaks slirp release and re-instantiation via host_net_* monitor
commands.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>