Commit Graph

52593 Commits

Author SHA1 Message Date
Jason Wang
b4053c6483 e1000: disable debug by default
Disable debug output by default, the information were not needed for
release.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Stefan Hajnoczi <stefanha@gmail.com>
Cc: Leonid Bloch <leonid.bloch@ravellosystems.com>
Cc: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com>
Cc: qemu-stable@nongnu.org
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-03-31 08:48:13 +08:00
Jason Wang
1074b879d1 virtio-net: avoid call tap_enable when there's only one queue
We call tap_enable() even if for multiqueue is not enabled. This is
wrong since it should be used for multiqueue codes to enable a
disabled queue. Fixing this by only calling this when multiqueue is
used.

Fixes: 16dbaf905b ("tap: support enabling or disabling a queue")
Reported-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Tested-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-03-31 08:48:13 +08:00
Michael Roth
8251a72f8b qga: don't fail if mount doesn't have slave devices
In some cases the slave devices of a virtual block device are tracked
by the parent in the corresponding sysfs node. For instance, if we
have a loop-back mount of the form:

  /dev/loop3p1 on /home/mdroth/mnt type ext4 (rw,relatime,data=ordered)

this will be reflected in sysfs as:

  /sys/devices/virtual/block/loop3/
  ...
  /sys/devices/virtual/block/loop3/slaves
  /sys/devices/virtual/block/loop3/loop3p1

The current code however assumes the mounted virtual block device,
loop3p1 in this case, contains the slaves directory, and reports an
error otherwise. This breaks 'make check' in certain environments.

Fix this by simply skipping attempts to generate disk topology
information in these cases. Since this information is documented
in QAPI as optionally-reported, this should be ok from an API
perspective.

In the future, this can possibly be improved upon by collecting
topology information from the parent in these cases.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-30 14:12:57 -05:00
Peter Maydell
ddc2c3a57e vhost, pc: fixes
More fixes for 2.9. Region caching is still causing
 issues around reset, but we seem to be getting there.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJY3S71AAoJECgfDbjSjVRpGb8H/243oiZym4BnzScH/phUoUqJ
 0l4DclL5oROpiXSmhIaryjTQWU+BubCawBNVXj1cfL4a/CLWxDdLxDYfaHdTePRu
 FtBlav+T9BGjj5KkEt6QBZymmHVSmBEV/UIWFb0tdNTx39cpxpx1+5wajSIaYIYw
 nhQHyHA1jXmHQtoTycN1KaA+R7lknqXDpuAqyrlr+q6b8KRAcgTxhU2dBVA+mplL
 em8IkT+tIBzUZS0XWOI2NLW8ihYdgsG2cO7ZFZs1ZEu1jUZxa3wqvTwDNw+ElK1n
 lKK8IhXKZ6ZB+AlUQT2huwbcCnqCZU67r1hdKKpP+XkyD9+5prHRxgTjPZq4HHk=
 =04jy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

vhost, pc: fixes

More fixes for 2.9. Region caching is still causing
issues around reset, but we seem to be getting there.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Thu 30 Mar 2017 17:14:45 BST
# gpg:                using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  tests/acpi: don't pack a structure
  vhost: generalize iommu memory region

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-30 18:02:33 +01:00
Michael S. Tsirkin
0d876080a3 tests/acpi: don't pack a structure
There's no reason to pack structures where we don't care about size or
padding, this applies to AcpiStdTable in tests/acpi-utils.h.

OTOH bios-tables-test happens to be passing the address of a field in
this  struct to a function that expects a pointer to normally aligned
data which results in a SIGBUS on architectures like SPARC that have
strict alignment requirements.

Fixes: 9e8458c02 ("acpi unit-test: compare DSDT and SSDT tables against expected values")
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-30 19:12:44 +03:00
Jason Wang
375f74f473 vhost: generalize iommu memory region
We assumes the iommu_ops were attached to the root region of address
space. This may not be true for all kinds of IOMMU implementation and
especially after commit 3716d5902d ("pci: introduce a bus master
container"). So fix this by not assuming as->root has iommu_ops,
instead depending on the regions reported by memory listener through:

- register a memory listener to dma_as
- during region_add, if it's a region of IOMMU, register a specific
  IOMMU notifier, and store all notifiers in a list.
- during region_del, compare and delete the IOMMU notifier from the list

This is also a must for making vhost device IOTLB works for all types
of IOMMUs. Note, since we register one notifier during each
.region_add, the IOTLB may be flushed more than one times, this is
suboptimal and could be optimized in the future.

Reported-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Fixes: 3716d5902d ("pci: introduce a bus master container")
Cc: Peter Xu <peterx@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Tested-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2017-03-30 19:09:16 +03:00
Peter Maydell
e839001d5b slirp updates
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEErr90SPq5RTpFUjkOsKUb9YyRecUFAlja6QcACgkQsKUb9YyR
 ecUX2Q/9GWmhwicy0PqSDwqz/cKSqjs1PBCyiKhc4xVnR+kID5TjrnNTaOnlvGC/
 9Y4y6fYL7Z80Ir4ECIjHRI7csZ8wvEsZEAmSbvBtAn+5xaIBc0KaMvKZuV4v0kFf
 ufZxQpJOzob6C/2a+WOTVdhHKUyCUD7+B3qAlyrDmfR24sWKfsTkegDD/zFy82+b
 oN1pra5MofGvmKbT0qDDVQD12VeYkl2ugvEnMK9aYRJUtXv0oilmVhkKLREUSQfF
 N9wO5W6ULunvEMvfOgLBwxKig43z1zya4NGfEVs61OZgNQrpKqT6nsUq83hU16DN
 filwLRUidH5O8jK2nCPZ6WkmsV6Lg7hi/mv81vzKrWrL+pqs0nYB5RY71hBawpO3
 NhhcBHuTlsqP1nwYSUY+zQgIQXGykKRenMFbLPA5bxl5I7F4DAehlt3RueYhWyd4
 ZGlQ1AlBtEU0syqFxOnCxxl59y915korrBCkV9H6L3I9O/y0OIVfKUyG0DAVBYlR
 1o115msC+Y35psTNfT2c1TKI9msfY3NPG2+XL1xnoDUKw9AW1h42uOTKaxwxNUEn
 7umjAfT8FuGn8mLgVhpm+tE9Apsok1gIWLr+l3SthCvqBctfWzXQ4TLPoFrBSgqP
 LEKkpCJTpgqK9IS2KAKDQgd9AfrfFf/2YXyt/NlU9rY1BrFq3bQ=
 =KxSW
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging

slirp updates

# gpg: Signature made Tue 28 Mar 2017 23:51:51 BST
# gpg:                using RSA key 0xB0A51BF58C9179C5
# gpg: Good signature from "Samuel Thibault <samuel.thibault@aquilenet.fr>"
# gpg:                 aka "Samuel Thibault <sthibault@debian.org>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@gnu.org>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@inria.fr>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@labri.fr>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@ens-lyon.org>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@u-bordeaux.fr>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 900C B024 B679 31D4 0F82  304B D017 8C76 7D06 9EE6
#      Subkey fingerprint: AEBF 7448 FAB9 453A 4552  390E B0A5 1BF5 8C91 79C5

* remotes/thibault/tags/samuel-thibault:
  slirp: Send RDNSS in RA only if host has an IPv6 DNS server
  slirp: Make RA build more flexible
  slirp: fix compilation errors with DEBUG set

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-30 15:28:19 +01:00
Peter Maydell
a67ec6ee2d ppc patch queue for 2017-03-29
Two more bugfixes of sufficient severity to warrant going into 2.9.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABCAAGBQJY2yr/AAoJEGw4ysog2bOSANMP/35x0toieCOLosuB3BvaMldV
 UYjeryjCCu60NoDPLhLq2yy0ANn7tgLLN6F3O5yWiKPorcsmYX3KwIEIKcZHe5DU
 gNugCsvX83tHOO5r4ocxSQnKUU0fDGDa/4dx016a4Y9zkgMuNK74EYA5+3UDgx9M
 OynON0gv+VkvfbEkHq517EeNUkMkZNvYk3u8n3a3Y67lL86tU8mgIOwu0awf1sdr
 VVqKWioq8sTN3YI/09nt66fTkL0pC8DqLIQ0X5cPeo86uhWyXL71ijAIgLxgJ4js
 lBAIfS5A0WsJjokpLORuC2JbzcYatRhh8bnrBr9YPSLRXl+PhIH9WJsMrYAHpaNx
 8ikNZg9mw28tW8UcmtnXfQmpkkic7EfILy8cu1MFFaOqjxUZzyWbi0aVuOa2fXW9
 2QpcOT3pD9vJ2U6wRkHt/B3R7He4DMnm/0vfo1paxxb5hd9+VHt46aluGzfQc2Rd
 2L79bejXlDImVxKnlgnJ4tPe+Z0Nhn3S8mZQ/QxodcDgsx7cLWxrpc0PWFkagPN1
 H8Ug1TG+En78/yX3g8ml3r1hRTZepojsjQLX4JMVpwycKfUBsnH4EG5UbdIFFS5o
 lgRc+zVloc8E0O9q+RseEIrbbqmIrxiN2ZkIquRdzTn6dVNDO2/bZMhrpRA/X/P0
 x1HuvIg8FjhpHlwNsVW8
 =DtMn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.9-20170329' into staging

ppc patch queue for 2017-03-29

Two more bugfixes of sufficient severity to warrant going into 2.9.

# gpg: Signature made Wed 29 Mar 2017 04:33:19 BST
# gpg:                using RSA key 0x6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.9-20170329:
  spapr: fix memory hot-unplugging
  spapr: fix buffer-overflow

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-30 14:53:03 +01:00
Peter Maydell
e68dd68496 virtio, pci: fixes
More fixes for 2.9.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJY2vNVAAoJECgfDbjSjVRpJR0H/3d3GNakYN/eDUJCm+PLPZws
 ucYupNmzuTkwektOwg/qnYcq14VDc57M/9eq2ihRucgxI7PH4r8o/eqRGj+LxpJs
 rqeCcTYkQc5kSDItW+9KcJMMoIfhvhHILIKufYXd9zSRWmsXUqOu7bsvnWCg5X1d
 1ukWkGNLtwemmVjThnksGR6Viwx9Uz0JMah3keaJMrQH/7+q87r0odlrA1mx1GH1
 RpvFkbsTbllraB+78zF4hgnXWVl75VP4URiGJaKa/hWPxR6QYz0PSMwNohVRsO1F
 S2GdUf6DJGQQDd9kpfdkQi/N0iEFd54QiAqjLfiOU917QBPtIiths5EvjSMtHhM=
 =gjZ5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio, pci: fixes

More fixes for 2.9.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed 29 Mar 2017 00:35:49 BST
# gpg:                using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  virtio: fix vring_align() on 64-bit windows
  pci: Add missing drop of bus master AS reference
  event_notifier: prevent accidental use after close

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-30 13:55:40 +01:00
Peter Maydell
fb59dabd4f configure: Don't claim 'unsupported host OS' when better message available
The change in commit 898be3e041 which made completely
unrecognized OSes cause an error_exit "Unsupported host OS"
has some unfortunate unintended effects:
 * if you run 'configure --help' on an unsupported host OS
   (eg if intending to use it as a build machine for a
   cross compile to a supported host) then the message
   is printed instead of --help
 * if the C compiler doesn't work or is missing (eg if
   you passed an incorrect --cross-prefix by mistake)
   the message is printed instead of the more useful
   'compiler does not exist or does not work' message

Fix this by postponing the error_exit in this situation
until later, when we have already identified the more
useful cases for this.

The long term fix for this would be to move handling
of --help much further up in the configure script,
and make its output not dependent on checks that configure
runs. However for 2.9 this would be too invasive.

Reported-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Tested-by: Stefan Weil <sw@weilnetz.de>
2017-03-30 12:47:03 +01:00
Peter Maydell
b529aec1ee i386: Fix for "-cpu host,invtsc=on" bug
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJY2r6JAAoJECgHk2+YTcWm7Z4P/jPGeJ/p0oP0WlW37R+JRig1
 zlhXjpdKJV0Ema0hc4piH8JrM47vow0+iWU6epzdj9pjhWXzYmPD0dOyRwklG1DA
 yyS57L7CM1ndzqFnT+YM6JKcpvEirYvOHazOWK+3l3E+CzCg9zueGTfFQSJq0uy8
 sB/4xzGvFlBDUnztZrtOzfSMf+pfVsSlkkeYhwRTlkwlbFYcGSjvzUtt4BKtcxaK
 e57/tlJ82v3qdxhQSfrC0V6n6WmDpLmwnArIFb7gy5Y/KpiFoSRAQv1CD6P1LwOY
 kMnhdpvKXNkiaxkfx8C6Ho+qkU8Y3J58SnQOq5X6Hbb/pHXBr2el3Qulws29Q7zq
 VAXSNjJmrsJEYF4EC8L9rqksw5H3l+8cWQ6e+pTTlhF1x4MSqrVDT1f+Sx5LgLxj
 /4ffDng9oD6tMp7dIFjrL+CHNt+B7r9EfboN0w08xPznwQFyaYJuBkCuZhCrhlvQ
 Owof08Gpz7f6HYQ042MnhjFZLMuQ1KLgUTjX4xtDxgxnZybebKdCv2d0+lwFU7XL
 sOU72GI+aSQWsVl0xo9Gd9KH/58scVFKHgjoQCNeVf1dNcv2IeCpgeAoBv/Gh/e+
 UoRQwl1Dw0XgPBj5dL51NAOT5kDBsNHPp/GYmoqJU4b8ZzkKK9OZcWAVBKctXRY0
 /zT+i6HzLY3YcHpYMybK
 =XkU/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging

i386: Fix for "-cpu host,invtsc=on" bug

# gpg: Signature made Tue 28 Mar 2017 20:50:33 BST
# gpg:                using RSA key 0x2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/x86-pull-request:
  i386: Don't override -cpu options on -cpu host/max
  i386: Replace uint32_t* with FeatureWord on feature getter/setter

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-30 09:58:46 +01:00
Laurent Vivier
fe6824d126 spapr: fix memory hot-unplugging
If, once the kernel has booted, we try to remove a memory
hotplugged while the kernel was not started, QEMU crashes on
an assert:

    qemu-system-ppc64: hw/virtio/vhost.c:651:
                       vhost_commit: Assertion `r >= 0' failed.
    ...
    #4  in vhost_commit
    #5  in memory_region_transaction_commit
    #6  in pc_dimm_memory_unplug
    #7  in spapr_memory_unplug
    #8  spapr_machine_device_unplug
    #9  in hotplug_handler_unplug
    #10 in spapr_lmb_release
    #11 in detach
    #12 in set_allocation_state
    #13 in rtas_set_indicator
    ...

If we take a closer look to the guest kernel log, we can see when
we try to unplug the memory:

    pseries-hotplug-mem: Attempting to hot-add 4 LMB(s)

What happens:

    1- The kernel has ignored the memory hotplug event because
       it was not started when it was generated.

    2- When we hot-unplug the memory,
       QEMU starts to remove the memory,
            generates an hot-unplug event,
        and signals the kernel of the incoming new event

    3- as the kernel is started, on the QEMU signal, it reads
       the event list, decodes the hotplug event and tries to
       finish the hotplugging.

    4- QEMU receive the the hotplug notification while it
       is trying to hot-unplug the memory. This moves the memory
       DRC to an invalid state

This patch prevents this by not allowing to set the allocation
state to USABLE while the DRC is awaiting release.

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1432382

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-29 11:35:16 +11:00
Marc-André Lureau
24ec2863b1 spapr: fix buffer-overflow
Running postcopy-test with ASAN produces the following error:

QTEST_QEMU_BINARY=ppc64-softmmu/qemu-system-ppc64  tests/postcopy-test
...
=================================================================
==23641==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f1556600000 at pc 0x55b8e9d28208 bp 0x7f1555f4d3c0 sp 0x7f1555f4d3b0
READ of size 8 at 0x7f1556600000 thread T6
    #0 0x55b8e9d28207 in htab_save_first_pass /home/elmarco/src/qq/hw/ppc/spapr.c:1528
    #1 0x55b8e9d2939c in htab_save_iterate /home/elmarco/src/qq/hw/ppc/spapr.c:1665
    #2 0x55b8e9beae3a in qemu_savevm_state_iterate /home/elmarco/src/qq/migration/savevm.c:1044
    #3 0x55b8ea677733 in migration_thread /home/elmarco/src/qq/migration/migration.c:1976
    #4 0x7f15845f46c9 in start_thread (/lib64/libpthread.so.0+0x76c9)
    #5 0x7f157d9d0f7e in clone (/lib64/libc.so.6+0x107f7e)

0x7f1556600000 is located 0 bytes to the right of 2097152-byte region [0x7f1556400000,0x7f1556600000)
allocated by thread T0 here:
    #0 0x7f159bb76980 in posix_memalign (/lib64/libasan.so.3+0xc7980)
    #1 0x55b8eab185b2 in qemu_try_memalign /home/elmarco/src/qq/util/oslib-posix.c:106
    #2 0x55b8eab186c8 in qemu_memalign /home/elmarco/src/qq/util/oslib-posix.c:122
    #3 0x55b8e9d268a8 in spapr_reallocate_hpt /home/elmarco/src/qq/hw/ppc/spapr.c:1214
    #4 0x55b8e9d26e04 in ppc_spapr_reset /home/elmarco/src/qq/hw/ppc/spapr.c:1261
    #5 0x55b8ea12e913 in qemu_system_reset /home/elmarco/src/qq/vl.c:1697
    #6 0x55b8ea13fa40 in main /home/elmarco/src/qq/vl.c:4679
    #7 0x7f157d8e9400 in __libc_start_main (/lib64/libc.so.6+0x20400)

Thread T6 created by T0 here:
    #0 0x7f159bae0488 in __interceptor_pthread_create (/lib64/libasan.so.3+0x31488)
    #1 0x55b8eab1d9cb in qemu_thread_create /home/elmarco/src/qq/util/qemu-thread-posix.c:465
    #2 0x55b8ea67874c in migrate_fd_connect /home/elmarco/src/qq/migration/migration.c:2096
    #3 0x55b8ea66cbb0 in migration_channel_connect /home/elmarco/src/qq/migration/migration.c:500
    #4 0x55b8ea678f38 in socket_outgoing_migration /home/elmarco/src/qq/migration/socket.c:87
    #5 0x55b8eaa5a03a in qio_task_complete /home/elmarco/src/qq/io/task.c:142
    #6 0x55b8eaa599cc in gio_task_thread_result /home/elmarco/src/qq/io/task.c:88
    #7 0x7f15823e38e6  (/lib64/libglib-2.0.so.0+0x468e6)
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/elmarco/src/qq/hw/ppc/spapr.c:1528 in htab_save_first_pass

index seems to be wrongly incremented, unless I miss something that
would be worth a comment.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-29 11:35:02 +11:00
Andrew Baumann
b8adbc6578 virtio: fix vring_align() on 64-bit windows
long is 32-bits on 64-bit windows, which caused the top half of the
address to be truncated; this patch changes it to use the
QEMU_ALIGN_UP macro which does not suffer the same problem

Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-03-29 02:35:24 +03:00
Alexey Kardashevskiy
c53598ed18 pci: Add missing drop of bus master AS reference
The recent introduction of a bus master container added
memory_region_add_subregion() into the PCI device registering path but
missed memory_region_del_subregion() in the unregistering path leaving
a reference to the root memory region of the new container.

This adds missing memory_region_del_subregion().

Fixes: 3716d5902d ("pci: introduce a bus master container")
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-29 02:35:23 +03:00
Halil Pasic
aa26292859 event_notifier: prevent accidental use after close
Let's set the handles to the underlying facilities to their extremal
value so no accidental misuse can happen, and to make it obvious that the
notifier is dysfunctional. E.g. if we just close an fd but do not touch
the int holding the fd eventually a read/write could succeed again when
the fd gets reused, and corrupt the file addressed by the fd.

Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-03-29 02:35:23 +03:00
Samuel Thibault
a2f80fdfc6 slirp: Send RDNSS in RA only if host has an IPv6 DNS server
Previously we would always send an RDNSS option in the RA, making the guest
try to resolve DNS through IPv6, even if the host does not actually have
and IPv6 DNS server available.

This makes the RDNSS option enabled only when an IPv6 DNS server is
available.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-03-29 00:51:25 +02:00
Samuel Thibault
e42f869b51 slirp: Make RA build more flexible
Do not hardcode the RA size at all, use a pl_size variable which
accounts the accumulated size, and fill rip->ip_pl at the end.

This will allow to make some blocks optional.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-03-29 00:49:04 +02:00
Laurent Vivier
51149a2ac1 slirp: fix compilation errors with DEBUG set
slirp/slirp.c: In function 'get_dns_addr_resolv_conf':
slirp/slirp.c:202:29: error: initialization discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
                 char *res = inet_ntop(af, tmp_addr, s, sizeof(s));
                             ^~~~~~~~~
slirp/slirp.c:204:25: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
                     res = "(string conversion error)";

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2017-03-29 00:49:04 +02:00
Eduardo Habkost
d4a606b38b i386: Don't override -cpu options on -cpu host/max
The existing code for "host" and "max" CPU models overrides every
single feature in the CPU object at realize time, even the ones
that were explicitly enabled or disabled by the user using
"feat=on" or "feat=off", while features set using +feat/-feat are
kept.

This means "-cpu host,+invtsc" works as expected, while
"-cpu host,invtsc=on" doesn't.

This was a known bug, already documented in a comment inside
x86_cpu_expand_features(). What makes this bug worse now is that
libvirt 3.0.0 and newer now use "feat=on|off" instead of
+feat/-feat when it detects a QEMU version that supports it (see
libvirt commit d47db7b16dd5422c7e487c8c8ee5b181a2f9cd66).

Change the feature property getter/setter to set a
env->user_features field, to keep track of features that were
explicitly changed using QOM properties. Then make the
max_features code not override user features when handling "-cpu
host" and "-cpu max".

This will also allow us to remove the plus_features/minus_features
hack in the future, but I plan to do that after 2.9.0 is
released.

Reported-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20170327144815.8043-3-ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-03-28 16:41:10 -03:00
Eduardo Habkost
a7b0ffacc1 i386: Replace uint32_t* with FeatureWord on feature getter/setter
Instead of passing a pointer to the feature property getter and
setter functions, pass a FeatureWord enum so they can perform
other actions related to the feature flag.

This will be used to add a new "user_features" field to keep
track of features that were explicitly set by the user.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20170327144815.8043-2-ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-03-28 16:40:50 -03:00
Peter Maydell
df90463632 Update version for v2.9.0-rc2 release
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-28 19:11:16 +01:00
Peter Maydell
a634bbbafc Miscellaneous patches for 2017-03-28
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJY2pR6AAoJEDhwtADrkYZTj2oP/ik7CN46BDvZGTWuqS7TwElY
 sIEY39PdeTFGk1EqfeNLmkmsg3uvzkumiuzaScNgct1ZD04T+UoTv2qpK9wURS5q
 r66Ee9gTz4PfQZJ4YTB96ELDLI7G6pRk2frtBXhavUi0vjMbRKfGfJepdCxFCy3C
 CFM8GGYg6dn6KHe0C7KYv7Gb1WQvQozFVPVZraPedACFqQzY2b0BgFJB/OscC0OG
 m9f3Nd5EA93gAHV4IIMI5VO5wI+60HRME0CBwAN8oIlrilTBM+M6Y4++VvAeTRk5
 l69NV+vEFhWZIfC7NVkPt4Hk4WcV1QRp1j/LxkgHwjU8xTC1IUpQDmy+9d9lvme6
 Qke7S/9cNaekWN98+RjWTsuHcoCf8RfNAE0D6X2ZiHQp9ndDyofiTVH0fNB6cMFr
 0clsjKI8ZjwZI0OQFG9K3KjI5dlGHPgfywzOlkqrBcCvjUeJktddBP6uFBYT+YQI
 O2CxJOPo8IOUUviRnYxjD4wCYZ6ax1ECifFE7Z+/7FRAuehAEZyTpGHk5Vn8avRG
 LW5OBS1efPCQBgTj8VgVQrPW7hbgKLY+ZMHCn9VomtkM047yCUHS7ZUV/ooLf3fz
 QLzmkE6dQUsBOjnF3d4YtImVo+2S7SdvU+2UM6vmyBrEgqfiShGiw3b4/Iq/Jy8S
 aAnTTL1pNFL7AT3XltiH
 =KP0J
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2017-03-28' into staging

Miscellaneous patches for 2017-03-28

# gpg: Signature made Tue 28 Mar 2017 17:51:06 BST
# gpg:                using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-misc-2017-03-28:
  sockets: Fix socket_address_to_string() hostname truncation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-28 18:37:32 +01:00
Markus Armbruster
44fdc76455 sockets: Fix socket_address_to_string() hostname truncation
We first snprintf() to a fixed buffer, then g_strdup() the result
*boggle*.

Worse, the size of the fixed buffer INET6_ADDRSTRLEN + 5 + 4 is bogus:
the 4 correctly accounts for '[', ']', ':' and '\0', but
INET6_ADDRSTRLEN is not a suitable limit for inet->host, and 5 is not
one for inet->port!  They are for host and port in *numeric* form
(exploiting that INET6_ADDRSTRLEN > INET_ADDRSTRLEN), but inet->host
can also be a hostname, and inet->port can be a service name, to be
resolved with getaddrinfo().

Fortunately, the only user so far is the "socket" network backend's
net_socket_connected(), which uses it to initialize a NetSocketState's
info_str[].  info_str[] has considerable more space: 256 instead of
55.  So the bug's impact appears to be limited to truncated "info
networks" with the "socket" network backend.

The fix is obvious: use g_strdup_printf().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1490268208-23368-1-git-send-email-armbru@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-28 18:50:38 +02:00
Peter Maydell
b8dc35b252 -----BEGIN PGP SIGNATURE-----
iQEcBAABAgAGBQJY2nHDAAoJEJykq7OBq3PIOhoIAMN55aUNSnVqqDnVj/0FhO0s
 EUqx9+jXYd+WyGOkOE0WW2volFzIDlShlNC1jWlGqeHNB03YMlgzGd+9wfpcUhwJ
 hxzCJcZx/Yuyym67zDXePzqMeVeEX5FwMp/ASWbimNz7T8T48rSnq+a6fMgxqaOK
 uQD1API7sfdZ1DKjzHbQ9VlbgOxsenozPsp8e+iydZlzqrp8PRFlFccyY2DUxH/7
 MvWDYxvWt1FZhC+jRE9vnETl8H2NuGNgaturFRhIBHmvdky/pg2tppCYbO242fiU
 Fqxl+o2CpT15pWV2T2ShhznRzkEOReMXVm+5q+zYNzajdiIcgfYcvlz0UBbN+nY=
 =x5Jy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging

# gpg: Signature made Tue 28 Mar 2017 15:22:59 BST
# gpg:                using RSA key 0x9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/tracing-pull-request:
  trace: fix tcg tracing build breakage

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-28 17:20:11 +01:00
Peter Maydell
aba0fb1e2e -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJY2m0AAAoJEL2+eyfA3jBXiykP/1JuVkm8b+SJhcanFRNNdr4n
 bOKmJQot9dCVzC3PQTOgKL99j8ZFGCo3XVztoNy8ZM3lbIdiPE9YLS+llh2cflOY
 J95+leX6n5QSdFVGBUmmi3yGESD/4BdT4p04/mm2RcMfqN0ehuLKBQQ/9ucgXNL+
 8dRUFc5Sse3xxJcr+r4buTuffQI6fr6JZw5Z6MkishZOQKz3zMIzQgtk9YpurcuY
 Mz7HFh7lY6v1zQEUyM4kwk57+5EQ977tbAQ3/dFaNWrHxDSMSAK7cyEBfHlhIFLl
 6pa5hFvg6q4zSZ8mrkSt5uSSj2dg6mx08p8b1qhMQcmnMeYpsnJ6rubnvWlh26qZ
 NGH7dQRFFpJOM8HVDzEOS9ePNhIyYc03FTSQyVArSygrJRF4BRGqlMc1JdiDUBKl
 9ksG+73MPK2lGW609jNHhpvcZUfUGagFJHCF1g5RqH5zTvJXa/VJbAOFMKLzSHH3
 OYnm7yLkbmTEfUDY0s9RxQbZXJYPnWn8Pc+yHyJFxT1gb0qqK6wtzKeJIHPYKH2q
 IjijGvkyTdZ6+ODdywlUF7S4rcFPnojWCedX9EwGAIFVK3RVLxnQdsWoJu6vXDZU
 bFY+nnV5dlMjE2QiPBekfuT7qrREI291AxoMOUibCfDMMMTkNIc+3UTKxcyPkpzZ
 91KFPRKL0X3pgIocbTZb
 =Shqy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging

# gpg: Signature made Tue 28 Mar 2017 15:02:40 BST
# gpg:                using RSA key 0xBDBE7B27C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg:                 aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg:                 aka "Jeffrey Cody <codyprime@gmail.com>"
# Primary key fingerprint: 9957 4B4D 3474 90E7 9D98  D624 BDBE 7B27 C0DE 3057

* remotes/cody/tags/block-pull-request:
  rbd: Fix bugs around -drive parameter "server"
  rbd: Revert -blockdev parameter password-secret
  rbd: Revert -blockdev and -drive parameter auth-supported
  rbd: Clean up qemu_rbd_create()'s detour through QemuOpts
  rbd: Clean up runtime_opts, fix -drive to reject filename
  rbd: Don't accept -drive driver=rbd, keyvalue-pairs=...
  rbd: Clean up after the previous commit
  rbd: Don't limit length of parameter values
  rbd: Fix to cleanly reject -drive without pool or image
  rbd: Reject -blockdev server.*.{numeric, to, ipv4, ipv6}

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-28 15:56:05 +01:00
Markus Armbruster
2836284db6 rbd: Fix bugs around -drive parameter "server"
qemu_rbd_open() takes option parameters as a flattened QDict, with
keys of the form server.%d.host, server.%d.port, where %d counts up
from zero.

qemu_rbd_array_opts() extracts these values as follows.  First, it
calls qdict_array_entries() to find the list's length.  For each list
element, it formats the list's key prefix (e.g. "server.0."), then
creates a new QDict holding the options with that key prefix, then
converts that to a QemuOpts, so it can finally get the member values
from there.

If there's one surefire way to make code using QDict more awkward,
it's creating more of them and mixing in QemuOpts for good measure.

The extraction of keys starting with server.%d into another QDict
makes us ignore parameters like server.0.neither-host-nor-port
silently.

The conversion to QemuOpts abuses runtime_opts, as described a few
commits ago.

Rewrite to simply get the values straight from the options QDict.

Fixes -drive not to crash when server.*.* are present, but
server.*.host is absent.

Fixes -drive to reject invalid server.*.*.

Permits cleaning up runtime_opts.  Do that, and fix -drive to reject
bogus parameters host and port instead of silently ignoring them.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-11-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 10:01:21 -04:00
Markus Armbruster
577d8c9a81 rbd: Revert -blockdev parameter password-secret
This reverts a part of commit 8a47e8e.  We're having second thoughts
on the QAPI schema (and thus the external interface), and haven't
reached consensus, yet.  Issues include:

* BlockdevOptionsRbd member @password-secret isn't actually a
  password, it's a key generated by Ceph.

* We're not sure where member @password-secret belongs (see the
  previous commit).

* How @password-secret interacts with settings from a configuration
  file specified with @conf is undocumented.

Let's avoid painting ourselves into a corner now, and revert the
feature for 2.9.

Note that users can still configure an authentication key with a
configuration file.  They probably do that anyway if they use Ceph
outside QEMU as well.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-10-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 10:01:21 -04:00
Markus Armbruster
464444fcc1 rbd: Revert -blockdev and -drive parameter auth-supported
This reverts half of commit 0a55679.  We're having second thoughts on
the QAPI schema (and thus the external interface), and haven't reached
consensus, yet.  Issues include:

* The implementation uses deprecated rados_conf_set() key
  "auth_supported".  No biggie.

* The implementation makes -drive silently ignore invalid parameters
  "auth" and "auth-supported.*.X" where X isn't "auth".  Fixable (in
  fact I'm going to fix similar bugs around parameter server), so
  again no biggie.

* BlockdevOptionsRbd member @password-secret applies only to
  authentication method cephx.  Should it be a variant member of
  RbdAuthMethod?

* BlockdevOptionsRbd member @user could apply to both methods cephx
  and none, but I'm not sure it's actually used with none.  If it
  isn't, should it be a variant member of RbdAuthMethod?

* The client offers a *set* of authentication methods, not a list.
  Should the methods be optional members of BlockdevOptionsRbd instead
  of members of list @auth-supported?  The latter begs the question
  what multiple entries for the same method mean.  Trivial question
  now that RbdAuthMethod contains nothing but @type, but less so when
  RbdAuthMethod acquires other members, such the ones discussed above.

* How BlockdevOptionsRbd member @auth-supported interacts with
  settings from a configuration file specified with @conf is
  undocumented.  I suspect it's untested, too.

Let's avoid painting ourselves into a corner now, and revert the
feature for 2.9.

Note that users can still configure authentication methods with a
configuration file.  They probably do that anyway if they use Ceph
outside QEMU as well.

Further note that this doesn't affect use of key "auth-supported" in
-drive file=rbd:...:key=value.

qemu_rbd_array_opts()'s parameter @type now must be RBD_MON_HOST,
which is silly.  This will be cleaned up shortly.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-9-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 10:01:21 -04:00
Markus Armbruster
078463977a rbd: Clean up qemu_rbd_create()'s detour through QemuOpts
The conversion from QDict to QemuOpts is pointless.  Simply get the
stuff straight from the QDict.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-8-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 10:00:57 -04:00
Markus Armbruster
cbf036b4f3 rbd: Clean up runtime_opts, fix -drive to reject filename
runtime_opts is used for three different purposes:

* qemu_rbd_open() uses it to accept options it recognizes, such as
  "pool" and "image".  Other .bdrv_open() methods do it similarly.

* qemu_rbd_open() accepts additional list-valued options
  auth-supported and server, with the help of qemu_rbd_array_opts().
  The list elements are again dictionaries.  qemu_rbd_array_opts()
  uses runtime_opts to accept their members.  Thus, runtime_opts
  contains recognized sub-sub-options "auth", "host", "port" in
  addition to recognized options.  No other block driver does that.

* qemu_rbd_create() uses it to convert the QDict produced by
  qemu_rbd_parse_filename() to QemuOpts.  No other block driver does
  that.  The keys produced by qemu_rbd_parse_filename() are "pool",
  "image", "snapshot", "conf", "user" and "keyvalue-pairs".
  qemu_rbd_open() accepts these, so no additional ones here.

This is a confusing mess.  Dates back to commit 0f9d252.  First step
to clean it up is documenting runtime_opts.desc[]:

* Reorder entries to match the QAPI schema, like we do in other block
  drivers.

* Document why the schema's "server" and "auth-supported" aren't in
  .desc[].

* Document why "keyvalue-pairs", "host", "port" and "auth" are in
  .desc[], but not the schema.

* Delete "filename", because none of the three users actually uses it.
  This fixes -drive to reject parameter filename instead of silently
  ignoring it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-7-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 09:53:16 -04:00
Markus Armbruster
82f20e8547 rbd: Don't accept -drive driver=rbd, keyvalue-pairs=...
The way we communicate extra key-value pairs from
qemu_rbd_parse_filename() to qemu_rbd_open() exposes option parameter
"keyvalue-pairs" on the command line.  It's not wanted there.  Hack:
rename the parameter to "=keyvalue-pairs" to make it inaccessible.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-6-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 09:53:16 -04:00
Markus Armbruster
8efb339dd4 rbd: Clean up after the previous commit
This code in qemu_rbd_parse_filename()

    found_str = qemu_rbd_next_tok(p, '\0', &p);
    p = found_str;

has no effect.  Drop it, and simplify qemu_rbd_next_tok().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-5-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 09:53:16 -04:00
Markus Armbruster
730b00bbfd rbd: Don't limit length of parameter values
We laboriously enforce that parameter values are between one and some
arbitrary limit in length.  Only RBD_MAX_IMAGE_NAME_SIZE comes from
librbd.h, and I'm not sure it applies.  Where the other limits come
from is unclear.

Drop the length checking.  The limits librbd actually imposes must be
checked by librbd anyway.

There's one minor complication: BDRVRBDState member name is a
fixed-size array.  Depends on the length limit.  Make it a pointer to
a dynamically allocated string.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-4-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 09:53:16 -04:00
Markus Armbruster
f51c363c2b rbd: Fix to cleanly reject -drive without pool or image
qemu_rbd_open() neglects to check pool and image are present.  Missing
image is caught by rbd_open(), but missing pool crashes.  Reproducer:

    $ qemu-system-x86_64 -nodefaults -drive driver=rbd,id=rbd,image=i,...
    terminate called after throwing an instance of 'std::logic_error'
      what():  basic_string::_M_construct null not valid
    Aborted (core dumped)

where ... is a working server.0.{host,port} configuration.

Doesn't affect -drive with file=..., because qemu_rbd_parse_filename()
always sets both pool and image.

Doesn't affect -blockdev, because pool and image are mandatory in the
QAPI schema.

Fix by adding the missing checks.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-3-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 09:53:16 -04:00
Markus Armbruster
eb87203b64 rbd: Reject -blockdev server.*.{numeric, to, ipv4, ipv6}
We use InetSocketAddress in the QAPI schema.  However, the code
doesn't use inet_connect_saddr(), but formats "host" and "port" into a
configuration string for rados_conf_set().  Thus, members "numeric",
"to", "ipv4" and "ipv6" are silently ignored.  Not nice.  Example:

    -blockdev rbd,node-name=nn,pool=p,image=i,server.0.host=h0,server.0.port=12345,server.0.ipv4=off

Factor a suitable InetSocketAddressBase out of InetSocketAddress, and
use that.  "numeric", "to", "ipv4" and "ipv6" are now rejected.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1490691368-32099-2-git-send-email-armbru@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-28 09:53:16 -04:00
Peter Maydell
4d2bee82f4 Block patches for 2017-03-28
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJY2mgRAAoJEDhwtADrkYZTEN4P/2eOapJWi+WfCqfQPW5KXyv1
 yX+dOrulD8Z7YuRgmOx5xwdKHltCiqsMXjrknNQ/0abSWF+CeVfGTeuHrG2+XCrn
 1/z3uaeKi4Eu6Jo3blgxnp3IIms5ZzD4gxRHZ93buHt2jyejrJpqh6V/fZLYWuI9
 HgLRtxG932WHDhOxmQLsIpVYcC9+ywjfX4scEBpiUMBMiPaCVqwM4g3Bm/ShrfpV
 M6iPQ/fx5rAlrsynW8rxHKe/Hk5h0ZbajmCd9+3CsD2c32irKa2YR92k6H5WVHm1
 E6Med0roH4vdbpLc9gmo9opIlh2oEDe08/gRVYulZISkojBqTEzHTAJOkMopsgV6
 TVI5QxE/dztO8l2Jhl1eVlJT9b9Zs1ApCla7b73w/ChznnD39ntOWhHTQ4OzgM91
 YMCZOMeHF1uQjwGujIm4OUDbAw975iY79v2JgBfZOW7B6HA8ME7OdP95Drkd3fEZ
 CCQcT4GzSpMzD7jE7ey13sPsMaA/px42I+A33uy/MSLMbEzrFNIIbnnT8GUyNU7k
 ui0R+8BjiNL+yY6rrPo6KBcTkogWjgVz8wYmFmylUuLzesail7aXO4CVG/i6A1Ck
 MV6eOslgoMr59n1BQYBa4aSpEaLLU65mgIb+5tHomdsrUqLMGCi7OR1N86hedkS6
 6f6rsr/FWBXT62pofYZI
 =g/2e
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-block-2017-03-28' into staging

Block patches for 2017-03-28

# gpg: Signature made Tue 28 Mar 2017 14:41:37 BST
# gpg:                using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-block-2017-03-28:
  block: Declare blockdev-add and blockdev-del supported

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-28 14:48:07 +01:00
Markus Armbruster
79b7a77eda block: Declare blockdev-add and blockdev-del supported
It's been a long journey, but here we are.

The supported blockdev-add is not compatible to its experimental
predecessors; bump all Since: tags to 2.9.

x-blockdev-remove-medium, x-blockdev-insert-medium and
x-blockdev-change need a bit more work, so leave them alone for now.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2017-03-28 15:23:23 +02:00
Peter Maydell
0491c22154 MTTCG regression fixes for rc2
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJY2jLeAAoJEPvQ2wlanipED3sH/R1rexS6OKyKannz5SrqxgxK
 l3oD/OxBLT1KsBRxAtu7g6RR84Mzjfp5ILAYcDLv97uG8Y5AaVVhXXxv3HsDRE5E
 US95v5J6ZjqYwDs2ryNtDO27GDF56TAx8nfpX7kxkxRM7E9GSEYjrQSkwebOkYrA
 svdu1TpYYC++QlUcAe7rQCAoPRE4KbaorADiPw/6NJmq4fr0hMLZ0Cjsi+RaSpn8
 lkyJNlyQl3cHnFPDJInm3V+kX6kaEF/O/fDQHCWB30IbkE1cVrL7/1E21eaqf46M
 94CtkowSnCmC6zoGmZO7Nci6emyzlv3SUeQL2AmdcVURZlNncdtuzmPaqeEDmwk=
 =d0OM
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stsquad/tags/pull-mttcg-fixups-for-rc2-280317-1' into staging

MTTCG regression fixes for rc2

# gpg: Signature made Tue 28 Mar 2017 10:54:38 BST
# gpg:                using RSA key 0xFBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>"
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8  DF35 FBD0 DB09 5A9E 2A44

* remotes/stsquad/tags/pull-mttcg-fixups-for-rc2-280317-1:
  replay/replay.c: bump REPLAY_VERSION
  tcg: Add a new line after incompatibility warning
  ui/console: use exclusive mechanism directly
  ui/console: ensure do_safe_dpy_refresh holds BQL
  bsd-user: align use of mmap_lock to that of linux-user
  user-exec: handle synchronous signals from QEMU gracefully

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-28 12:34:23 +01:00
Peter Maydell
142b9ca51d -----BEGIN PGP SIGNATURE-----
iQEcBAABAgAGBQJY2jXGAAoJEJykq7OBq3PIancIAMKmUvcRoOKv0jfq3bnT3E67
 GouHtYZuQdUgx/OHJJwgCTGC1Oz+oMED6hfUMIp9vUWOb104AJycbJOXErP706fi
 659xi/NCRv8hyNsf1vwey50Ri6m7EyH2LwErDamJJx8w9/WRf87w6vk+xRjqp5by
 PSXy3aqUqrriOWmsoz4jUoP05dPGI2yqGxIqWQBC0JCBwrxEWJ28vWA1PLIftqWj
 R2dH9ZlPOPxp/rDR6xn1n2nQipMFJq278db7BSQoF7OiYsWaHZ9cEHSxMHds3eEE
 4qEMj5AejQRGK+qZO4BV1KYMSIZPVs2RazozwHSdH8fG1eP85cZcTtuyxYyxRUA=
 =Ugpp
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Tue 28 Mar 2017 11:07:02 BST
# gpg:                using RSA key 0x9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  parallels: wrong call to bdrv_truncate

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-28 11:10:36 +01:00
Stefan Hajnoczi
7609ffb919 trace: fix tcg tracing build breakage
Commit 0ab8ed18a6 ("trace: switch to
modular code generation for sub-directories") forgot to convert "tcg"
trace events to the modular code generation approach where each
sub-directory has its own trace-events file.

This patch fixes compilation for "tcg" trace events.  Currently they are
only used in the root ./trace-events file.

"tcg" trace events can only be used in the root ./trace-events file for
the time being.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20170327131718.18268-1-stefanha@redhat.com
Suggested-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-03-28 11:07:46 +01:00
Denis V. Lunev
dc62da88b5 parallels: wrong call to bdrv_truncate
Parallels driver should not call bdrv_truncate if the image was opened
in the read-only mode. Without the patch
    qemu-img check harddisk.hds
asserts with
    bdrv_truncate: Assertion `child->perm & BLK_PERM_RESIZE' failed.

Parameters used on the write path are not needed if the image is opened
in the read-only mode.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reported-by: Edgar Kaziahmedov <edos@virtuozzo.mipt.ru>
Message-id: 1490625488-7980-1-git-send-email-den@openvz.org
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-03-28 11:06:00 +01:00
Alex Bennée
5b12c163c8 replay/replay.c: bump REPLAY_VERSION
A previous commit (3d4d16f4) added support for audio record/playback.
However this breaks the logfile ABI due to the re-ordering of the
ReplayEvents enum. The REPLAY_VERSION check is meant to prevent you
from using old log files in newer QEMUs but this is currently broken.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-28 10:52:50 +01:00
Pranith Kumar
8cfef89271 tcg: Add a new line after incompatibility warning
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-28 10:52:50 +01:00
Alex Bennée
0096109052 ui/console: use exclusive mechanism directly
The previous commit (8bb93c6f99) using async_safe_run_on_cpu() doesn't
work on graphics sub-system which restrict which threads can do GUI
updates. Rather the special casing MacOS we just directly call the
helper and move all the exclusive handling into do_dafe_dpy_refresh().

The unfortunate bouncing of the BQL is to ensure there is no deadlock
as vCPUs waiting on the BQL are kicked into their quiescent state.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
2017-03-28 10:52:45 +01:00
Alex Bennée
8539093919 ui/console: ensure do_safe_dpy_refresh holds BQL
I missed the fact that when an exclusive work item runs it drops the
BQL to ensure all no vCPUs are stuck waiting for it, hence causing a
deadlock. However the actual helper needs to take the BQL especially
as we'll be messing with device emulation bits during the update which
all assume BQL is held.

We make a minor cpu_reloading_memory_map which must try and unlock the
RCU if we are actually outside the running context.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
2017-03-28 10:52:24 +01:00
Alex Bennée
95992b674c bsd-user: align use of mmap_lock to that of linux-user
The introduction of stricter mmap_lock checking in translate-all broke
the BSD user build. The working mmap_lock functions were hidden behind
CONFIG_USE_NPTL which is never defined. This patch brings them inline
with linux-user.

Despite the disapearence of the comment "We aren't threadsafe to start
with..." this doesn't make bsd-user so. It will still need the rest of
the fixes that have been done in linux-user ported over.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-28 10:50:40 +01:00
Alex Bennée
02bed6bd5f user-exec: handle synchronous signals from QEMU gracefully
When "tcg: enable thread-per-vCPU" (commit 3725794) was merged the
lifetime of current_cpu was changed. Previously a broken linux-user
call might abort() which can eventually escalate into a SIGSEGV which
would then crash qemu as it attempted to deref a NULL current_cpu.
After commit 3725794 it would attempt to fixup state and re-start the
run-loop and much hilarity (i.e. a looping lockup) would ensue from
jumping into a stale jmp_env.

As we can actually tell if we are in the run-loop from looking at the
cpu->running flag we should catch this badness first and abort()
cleanly rather than try to soldier on. There is a theoretical race
between the flag being set and sigsetjmp refreshing the jump buffer
but we can try really hard to not introduce crashes into that code.

[LV: setgroups03 fails on powerpc LTP]
Reported-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-28 10:50:35 +01:00
Peter Maydell
8c9ee217f0 This series fixes potential memory/fd leaks in 9pfs and a crash when
running tests/virtio-9p-test on SPARC hosts.
 -----BEGIN PGP SIGNATURE-----
 
 iEYEABECAAYFAljaIlUACgkQAvw66wEB28KzKQCfZRTq74rKjFUv20D0ur+8qHb5
 iFwAn12UyalKt14ztoKRGyfGyYZjWe13
 =XeLy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging

This series fixes potential memory/fd leaks in 9pfs and a crash when
running tests/virtio-9p-test on SPARC hosts.

# gpg: Signature made Tue 28 Mar 2017 09:44:05 BST
# gpg:                using DSA key 0x02FC3AEB0101DBC2
# gpg: Good signature from "Greg Kurz <groug@kaod.org>"
# gpg:                 aka "Greg Kurz <groug@free.fr>"
# gpg:                 aka "Greg Kurz <gkurz@linux.vnet.ibm.com>"
# gpg:                 aka "Gregory Kurz (Groug) <groug@free.fr>"
# gpg:                 aka "[jpeg image of size 3330]"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 2BD4 3B44 535E C0A7 9894  DBA2 02FC 3AEB 0101 DBC2

* remotes/gkurz/tags/for-upstream:
  tests/virtio-9p-test: Don't call le*_to_cpus on fields of packed struct
  9pfs: fix file descriptor leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-28 09:48:23 +01:00
Peter Maydell
34ef723ce3 tests/virtio-9p-test: Don't call le*_to_cpus on fields of packed struct
For a packed struct like 'P9Hdr' the fields within it may not be
aligned as much as the natural alignment for their types.  This means
it is not valid to pass the address of such a field to a function
like le32_to_cpus() which operate on uint32_t* and assume alignment.
Doing this results in a SIGBUS on hosts like SPARC which have strict
alignment requirements.

Use ldl_le_p() instead, which is specified to correctly handle
unaligned pointers.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-03-27 21:15:31 +02:00