rpms
/
qemu
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update to 0.12.3, require seabios, Migration clear the fd in error cases 

(#518032)
This commit is contained in:
Justin M. Forbes 2010-03-10 18:09:38 +00:00
parent 35a944e0c3
commit 89af5928cf
23 changed files with 195 additions and 1629 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
0001-block-avoid-creating-too-large-iovecs-in-multiwrite_.patch Normal file
View File

@ -0,0 +1,53 @@
From c0c1147350005b47068285a288f848cf75eb60c6 Mon Sep 17 00:00:00 2001
From: Christoph Hellwig <hch@lst.de>
Date: Tue, 26 Jan 2010 14:49:08 +0100
Subject: [PATCH] block: avoid creating too large iovecs in multiwrite_merge
If we go over the maximum number of iovecs support by syscall we get
back EINVAL from the kernel which translate to I/O errors for the guest.
Add a MAX_IOV defintion for platforms that don't have it. For now we use
the same 1024 define that's used on Linux and various other platforms,
but until the windows block backend implements some kind of vectored I/O
it doesn't matter.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
block.c | 4 ++++
qemu-common.h | 4 ++++
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/block.c b/block.c
index 97af3f5..9697dc9 100644
--- a/block.c
+++ b/block.c
@@ -1669,6 +1669,10 @@ static int multiwrite_merge(BlockDriverState *bs, BlockRequest *reqs,
merge = bs->drv->bdrv_merge_requests(bs, &reqs[outidx], &reqs[i]);
}
+ if (reqs[outidx].qiov->niov + reqs[i].qiov->niov + 1 > IOV_MAX) {
+ merge = 0;
+ }
+
if (merge) {
size_t size;
QEMUIOVector *qiov = qemu_mallocz(sizeof(*qiov));
diff --git a/qemu-common.h b/qemu-common.h
index 1c5c0b2..b604ddf 100644
--- a/qemu-common.h
+++ b/qemu-common.h
@@ -54,6 +54,10 @@ struct iovec {
void *iov_base;
size_t iov_len;
};
+/*
+ * Use the same value as Linux for now.
+ */
+#define IOV_MAX 1024
#else
#include <sys/uio.h>
#endif
--
1.6.6.1

100
0002-migration-Clear-fd-also-in-error-cases.patch Normal file
View File

@ -0,0 +1,100 @@
From baaa7b9f8498f73d14c8457e0150d0dfdcdbd245 Mon Sep 17 00:00:00 2001
From: Juan Quintela <quintela@redhat.com>
Date: Tue, 9 Mar 2010 23:58:50 +0100
Subject: [PATCH] migration: Clear fd also in error cases
Not clearing the fd and closing the file makes qemu spin using 100%CPU
after incoming migration error.
See for instance bug:
https://bugzilla.redhat.com/show_bug.cgi?id=518032
Signed-off-by: Juan Quintela <quintela@trasno.org>
---
migration-exec.c | 3 +--
migration-fd.c | 3 +--
migration-tcp.c | 5 ++---
migration-unix.c | 5 ++---
4 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/migration-exec.c b/migration-exec.c
index 87f645b..e57a55d 100644
--- a/migration-exec.c
+++ b/migration-exec.c
@@ -120,12 +120,11 @@ static void exec_accept_incoming_migration(void *opaque)
}
qemu_announce_self();
dprintf("successfully loaded vm state\n");
- /* we've successfully migrated, close the fd */
- qemu_set_fd_handler2(qemu_stdio_fd(f), NULL, NULL, NULL, NULL);
if (autostart)
vm_start();
err:
+ qemu_set_fd_handler2(qemu_stdio_fd(f), NULL, NULL, NULL, NULL);
qemu_fclose(f);
}
diff --git a/migration-fd.c b/migration-fd.c
index ef7edbc..7325d13 100644
--- a/migration-fd.c
+++ b/migration-fd.c
@@ -113,12 +113,11 @@ static void fd_accept_incoming_migration(void *opaque)
}
qemu_announce_self();
dprintf("successfully loaded vm state\n");
- /* we've successfully migrated, close the fd */
- qemu_set_fd_handler2(qemu_stdio_fd(f), NULL, NULL, NULL, NULL);
if (autostart)
vm_start();
err:
+ qemu_set_fd_handler2(qemu_stdio_fd(f), NULL, NULL, NULL, NULL);
qemu_fclose(f);
}
diff --git a/migration-tcp.c b/migration-tcp.c
index 2cfa8cb..c328e73 100644
--- a/migration-tcp.c
+++ b/migration-tcp.c
@@ -170,15 +170,14 @@ static void tcp_accept_incoming_migration(void *opaque)
qemu_announce_self();
dprintf("successfully loaded vm state\n");
- /* we've successfully migrated, close the server socket */
- qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL);
- close(s);
if (autostart)
vm_start();
out_fopen:
qemu_fclose(f);
out:
+ qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL);
+ close(s);
close(c);
}
diff --git a/migration-unix.c b/migration-unix.c
index a141dbb..9685c4b 100644
--- a/migration-unix.c
+++ b/migration-unix.c
@@ -176,13 +176,12 @@ static void unix_accept_incoming_migration(void *opaque)
qemu_announce_self();
dprintf("successfully loaded vm state\n");
- /* we've successfully migrated, close the server socket */
- qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL);
- close(s);
out_fopen:
qemu_fclose(f);
out:
+ qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL);
+ close(s);
close(c);
}
--
1.6.6.1

6
ksm.init
View File

@ -40,8 +40,10 @@ default_max_kernel_pages () {
start() {
echo -n $"Starting $prog: "
KSM_MAX_KERNEL_PAGES=${KSM_MAX_KERNEL_PAGES:-`default_max_kernel_pages`}
echo $KSM_MAX_KERNEL_PAGES > /sys/kernel/mm/ksm/max_kernel_pages
if [ -f /sys/kernel/mm/ksm/max_kernel_pages ]; then
KSM_MAX_KERNEL_PAGES=${KSM_MAX_KERNEL_PAGES:-`default_max_kernel_pages`}
echo $KSM_MAX_KERNEL_PAGES > /sys/kernel/mm/ksm/max_kernel_pages
fi
echo 1 > /sys/kernel/mm/ksm/run
RETVAL=$?
[ $RETVAL = 0 ] && success $"$prog startup" || failure $"$prog startup"

26
ksmtuned
View File

@ -21,6 +21,14 @@ if [ -f /etc/ksmtuned.conf ]; then
. /etc/ksmtuned.conf
fi
debug() {
if [ -n "$DEBUG" ]; then
s="`/bin/date`: $*"
[ -n "$LOGFILE" ] && echo "$s" >> "$LOGFILE" || echo "$s"
fi
}
KSM_MONITOR_INTERVAL=${KSM_MONITOR_INTERVAL:-60}
KSM_NPAGES_BOOST=${KSM_NPAGES_BOOST:-300}
KSM_NPAGES_DECAY=${KSM_NPAGES_DECAY:--50}
@ -35,17 +43,17 @@ KSM_THRES_COEF=${KSM_THRES_COEF:-20}
KSM_THRES_CONST=${KSM_THRES_CONST:-2048}
total=`awk '/^MemTotal:/ {print $2}' /proc/meminfo`
[ -n "$DEBUG" ] && echo total $total
debug total $total
npages=0
sleep=$[KSM_SLEEP_MSEC * 16 * 1024 * 1024 / total]
[ $sleep -le 10 ] && sleep=10
[ -n "$DEBUG" ] && echo sleep $sleep
debug sleep $sleep
thres=$[total * KSM_THRES_COEF / 100]
if [ $KSM_THRES_CONST -gt $thres ]; then
thres=$KSM_THRES_CONST
fi
[ -n "$DEBUG" ] && echo thres $thres
debug thres $thres
KSMCTL () {
case x$1 in
@ -89,22 +97,22 @@ adjust () {
local free committed
free=`free_memory`
committed=`committed_memory`
[ -n "$DEBUG" ] && echo committed $committed free $free
debug committed $committed free $free
if [ $[committed + thres] -lt $total -a $free -gt $thres ]; then
KSMCTL stop
[ -n "$DEBUG" ] && echo "$[committed + thres] < $total and free > $thres, stop ksm"
debug "$[committed + thres] < $total and free > $thres, stop ksm"
return 1
fi
[ -n "$DEBUG" ] && echo "$[committed + thres] > $total, start ksm"
debug "$[committed + thres] > $total, start ksm"
if [ $free -lt $thres ]; then
npages=`increase_npages $KSM_NPAGES_BOOST`
[ -n "$DEBUG" ] && echo "$free < $thres, boost"
debug "$free < $thres, boost"
else
npages=`increase_npages $KSM_NPAGES_DECAY`
[ -n "$DEBUG" ] && echo "$free > $thres, decay"
debug "$free > $thres, decay"
fi
KSMCTL start $npages $sleep
[ -n "$DEBUG" ] && echo "KSMCTL start $npages $sleep"
debug "KSMCTL start $npages $sleep"
return 0
}

5
ksmtuned.conf
View File

@ -14,3 +14,8 @@
# KSM_THRES_COEF=20
# KSM_THRES_CONST=2048
# uncomment the following if you want ksmtuned debug info
# LOGFILE=/var/log/ksmtuned
# DEBUG=1

42
qemu-add-ksm-support.patch
View File

@ -1,42 +0,0 @@
From c6c94b043e8b3593d0beb52966dce43069233840 Mon Sep 17 00:00:00 2001
From: Izik Eidus <ieidus@redhat.com>
Date: Tue, 28 Jul 2009 19:14:26 +0300
Subject: [PATCH] kvm userspace: ksm support
rfc for ksm support to kvm userpsace.
Signed-off-by: Izik Eidus <ieidus@redhat.com>
signed-off-by: Justin M. Forbes <jforbes@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-add-ksm-support.patch
---
exec.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/exec.c b/exec.c
index 0655b4b..a0e2203 100644
--- a/exec.c
+++ b/exec.c
@@ -65,6 +65,9 @@
#undef DEBUG_TB_CHECK
#endif
+/* Quick hack to enable KSM support */
+#define MADV_MERGEABLE 12 /* KSM may merge identical pages */
+
#define SMC_BITMAP_USE_THRESHOLD 10
#if defined(TARGET_SPARC64)
@@ -2579,6 +2582,9 @@ ram_addr_t qemu_ram_alloc(ram_addr_t size)
new_block->host = file_ram_alloc(size, mem_path);
if (!new_block->host) {
new_block->host = qemu_vmalloc(size);
+#ifdef MADV_MERGEABLE
+ madvise(new_block->host, size, MADV_MERGEABLE);
+#endif
}
new_block->offset = last_ram_offset;
new_block->length = size;
--
1.6.2.5

37
qemu-allow-pulseaudio-to-be-the-default.patch
View File

@ -1,37 +0,0 @@
From 8ab0d97572264051176ff45171484fa463d1287f Mon Sep 17 00:00:00 2001
From: Mark McLoughlin <markmc@redhat.com>
Date: Fri, 4 Sep 2009 11:24:03 +0100
Subject: [PATCH] Allow pulseaudio backend to be the default
We're seeing various issues with the SDL audio backend and want to
switch to the pulseaudio backend. See e.g.
https://bugzilla.redhat.com/495964
https://bugzilla.redhat.com/519540
https://bugzilla.redhat.com/496627
The pulseaudio backend seems to work well, so we should allow it to be
selected as the default.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-allow-pulseaudio-to-be-the-default.patch
---
audio/paaudio.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/audio/paaudio.c b/audio/paaudio.c
index a50fccc..547e252 100644
--- a/audio/paaudio.c
+++ b/audio/paaudio.c
@@ -507,7 +507,7 @@ struct audio_driver pa_audio_driver = {
INIT_FIELD (init = ) qpa_audio_init,
INIT_FIELD (fini = ) qpa_audio_fini,
INIT_FIELD (pcm_ops = ) &qpa_pcm_ops,
- INIT_FIELD (can_be_default = ) 0,
+ INIT_FIELD (can_be_default = ) 1,
INIT_FIELD (max_voices_out = ) INT_MAX,
INIT_FIELD (max_voices_in = ) INT_MAX,
INIT_FIELD (voice_size_out = ) sizeof (PAVoiceOut),
--
1.6.2.5

81
qemu-bios-bigger-roms.patch
View File

@ -1,81 +0,0 @@
From b5c99e96655e8dc938f801e1ac0dbdf2d6dfba37 Mon Sep 17 00:00:00 2001
From: Glauber Costa <glommer@redhat.com>
Date: Wed, 24 Jun 2009 14:31:41 +0100
Subject: [PATCH] compute checksum for roms bigger than a segment
Some option roms (e1000 provided by gpxe project as an example)
are bigger than a segment. The current algorithm to compute the
checksum fails in such case. To proper compute the checksum, this
patch deals with the possibility of the rom's size crossing a
segment border.
We don't need to worry about it crossing more than one segment
border, since the option roms format only save one byte to store
the image size (thus, maximum size = 0xff = 128k = 2 segments)
[ including improvements suggested by malc ]
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-bios-bigger-roms.patch
---
kvm/bios/rombios.c | 33 +++++++++++++++++++++++++++------
1 files changed, 27 insertions(+), 6 deletions(-)
diff --git a/kvm/bios/rombios.c b/kvm/bios/rombios.c
index 6e1d446..8a96d8e 100644
--- a/kvm/bios/rombios.c
+++ b/kvm/bios/rombios.c
@@ -10189,22 +10189,43 @@ no_serial:
ret
rom_checksum:
- push ax
- push bx
- push cx
+ pusha
+ push ds
+
xor ax, ax
xor bx, bx
xor cx, cx
+ xor dx, dx
+
mov ch, [2]
shl cx, #1
+
+ jnc checksum_loop
+ xchg dx, cx
+ dec cx
+
checksum_loop:
add al, [bx]
inc bx
loop checksum_loop
+
+ test dx, dx
+ je checksum_out
+
+ add al, [bx]
+ mov cx, dx
+ mov dx, ds
+ add dh, #0x10
+ mov ds, dx
+ xor dx, dx
+ xor bx, bx
+
+ jmp checksum_loop
+
+checksum_out:
and al, #0xff
- pop cx
- pop bx
- pop ax
+ pop ds
+ popa
ret
--
1.6.2.5

118
qemu-correctly-free-nic-info-structure.patch
View File

@ -1,118 +0,0 @@
From 3675a0dde74f890404f392e194f1adc6b24285f7 Mon Sep 17 00:00:00 2001
From: Glauber Costa <glommer@redhat.com>
Date: Wed, 23 Sep 2009 09:49:43 +0100
Subject: [PATCH] Correctly free nd structure
When we "free" a NICInfo structure, we can leak pointers, since we don't do
much more than setting used = 0.
We free() the model parameter, but we don't set it to NULL. This means that
a new user of this structure will see garbage in there. It was not noticed
before because reusing a NICInfo is not that common, but it can be, for
users of device pci hotplug.
A user hit it, described at https://bugzilla.redhat.com/524022
This patch memset's the whole structure, guaranteeing that anyone reusing it
will see a fresh NICinfo. Also, we free some other strings that are currently
leaking.
This codebase is quite old, so this patch should feed all stable trees.
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-correctly-free-nic-info-structure.patch
---
net.c | 16 +++++++++++-----
net.h | 8 ++++----
vl.c | 2 +-
3 files changed, 16 insertions(+), 10 deletions(-)
diff --git a/net.c b/net.c
index a1c1111..da2f428 100644
--- a/net.c
+++ b/net.c
@@ -2559,7 +2559,7 @@ void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
int i, exit_status = 0;
if (!nd->model)
- nd->model = strdup(default_model);
+ nd->model = qemu_strdup(default_model);
if (strcmp(nd->model, "?") != 0) {
for (i = 0 ; models[i]; i++)
@@ -2629,6 +2629,7 @@ int net_client_init(Monitor *mon, const char *device, const char *p)
goto out;
}
nd = &nd_table[idx];
+ memset(nd, 0, sizeof(*nd));
macaddr = nd->macaddr;
macaddr[0] = 0x52;
macaddr[1] = 0x54;
@@ -2645,13 +2646,13 @@ int net_client_init(Monitor *mon, const char *device, const char *p)
}
}
if (get_param_value(buf, sizeof(buf), "model", p)) {
- nd->model = strdup(buf);
+ nd->model = qemu_strdup(buf);
}
if (get_param_value(buf, sizeof(buf), "addr", p)) {
- nd->devaddr = strdup(buf);
+ nd->devaddr = qemu_strdup(buf);
}
if (get_param_value(buf, sizeof(buf), "id", p)) {
- nd->id = strdup(buf);
+ nd->id = qemu_strdup(buf);
}
nd->nvectors = NIC_NVECTORS_UNSPECIFIED;
if (get_param_value(buf, sizeof(buf), "vectors", p)) {
@@ -2998,8 +2999,13 @@ void net_client_uninit(NICInfo *nd)
{
nd->vlan->nb_guest_devs--;
nb_nics--;
+
+ qemu_free(nd->model);
+ qemu_free(nd->name);
+ qemu_free(nd->devaddr);
+ qemu_free(nd->id);
+
nd->used = 0;
- free((void *)nd->model);
}
static int net_host_check_device(const char *device)
diff --git a/net.h b/net.h
index 57ab031..94db0d7 100644
--- a/net.h
+++ b/net.h
@@ -101,10 +101,10 @@ enum {
struct NICInfo {
uint8_t macaddr[6];
- const char *model;
- const char *name;
- const char *devaddr;
- const char *id;
+ char *model;
+ char *name;
+ char *devaddr;
+ char *id;
VLANState *vlan;
VLANClientState *vc;
void *private;
diff --git a/vl.c b/vl.c
index 26bced8..d7c7ab1 100644
--- a/vl.c
+++ b/vl.c
@@ -2594,7 +2594,7 @@ static int usb_device_add(const char *devname, int is_hotplug)
if (net_client_init(NULL, "nic", p) < 0)
return -1;
- nd_table[nic].model = "usb";
+ nd_table[nic].model = qemu_strdup("usb");
dev = usb_net_init(&nd_table[nic]);
} else if (!strcmp(devname, "bt") || strstart(devname, "bt:", &p)) {
dev = usb_bt_init(devname[2] ? hci_init(p) :
--
1.6.2.5

31
qemu-disable-preadv-support.patch
View File

@ -1,31 +0,0 @@
From ef41d27fae62bbb71f3af60488b455582ee92625 Mon Sep 17 00:00:00 2001
From: Mark McLoughlin <markmc@redhat.com>
Date: Wed, 4 Nov 2009 12:29:35 -0500
Subject: [PATCH] Disable preadv/pwritev support
Workaround for a data corruptor issue on 32 bit hosts:
https://bugzilla.redhat.com/526549
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-disable-preadv-support.patch
---
posix-aio-compat.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/posix-aio-compat.c b/posix-aio-compat.c
index e9fc9fa..b116933 100644
--- a/posix-aio-compat.c
+++ b/posix-aio-compat.c
@@ -34,7 +34,7 @@ static int idle_threads = 0;
static TAILQ_HEAD(, qemu_paiocb) request_list;
#ifdef HAVE_PREADV
-static int preadv_present = 1;
+static int preadv_present = 0;
#else
static int preadv_present = 0;
#endif
--
1.6.2.5

100
qemu-do-not-exit-on-pci-hotplug-invalid-nic1.patch
View File

@ -1,100 +0,0 @@
From 0ce1af6e7d4b1e2ffa4dedf6d415c4d86a1af490 Mon Sep 17 00:00:00 2001
From: Markus Armbruster <armbru@redhat.com>
Date: Fri, 25 Sep 2009 03:53:50 +0200
Subject: [PATCH] Make it obvious that pci_nic_init() can't fail
Before this patch, pci_nic_init() returns NULL when it can't find the
model in pci_nic_models[]. Except this can't happen, because
qemu_check_nic_model_list() just searched for model in
pci_nic_models[], and terminated the program on failure.
Repeating the search here is pointless. Instead, change
qemu_check_nic_model_list() to return the model's array index.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com
Fedora-patch: qemu-do-not-exit-on-pci-hotplug-invalid-nic1.patch
---
hw/pci.c | 25 +++++++++----------------
net.c | 6 +++---
net.h | 4 ++--
3 files changed, 14 insertions(+), 21 deletions(-)
diff --git a/hw/pci.c b/hw/pci.c
index a575d4a..eb990f9 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -937,22 +937,15 @@ PCIDevice *pci_nic_init(NICInfo *nd, const char *default_model,
DeviceState *dev;
int i;
- qemu_check_nic_model_list(nd, pci_nic_models, default_model);
-
- for (i = 0; pci_nic_models[i]; i++) {
- if (strcmp(nd->model, pci_nic_models[i]) == 0) {
- pci_dev = pci_create(pci_nic_names[i], devaddr);
- dev = &pci_dev->qdev;
- if (nd->id)
- dev->id = qemu_strdup(nd->id);
- dev->nd = nd;
- qdev_init(dev);
- nd->private = dev;
- return pci_dev;
- }
- }
-
- return NULL;
+ i = qemu_check_nic_model_list(nd, pci_nic_models, default_model);
+ pci_dev = pci_create(pci_nic_names[i], devaddr);
+ dev = &pci_dev->qdev;
+ if (nd->id)
+ dev->id = qemu_strdup(nd->id);
+ dev->nd = nd;
+ qdev_init(dev);
+ nd->private = dev;
+ return pci_dev;
}
typedef struct {
diff --git a/net.c b/net.c
index da2f428..047e72e 100644
--- a/net.c
+++ b/net.c
@@ -2553,8 +2553,8 @@ void qemu_check_nic_model(NICInfo *nd, const char *model)
qemu_check_nic_model_list(nd, models, model);
}
-void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
- const char *default_model)
+int qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
+ const char *default_model)
{
int i, exit_status = 0;
@@ -2564,7 +2564,7 @@ void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
if (strcmp(nd->model, "?") != 0) {
for (i = 0 ; models[i]; i++)
if (strcmp(nd->model, models[i]) == 0)
- return;
+ return i;
fprintf(stderr, "qemu: Unsupported NIC model: %s\n", nd->model);
exit_status = 1;
diff --git a/net.h b/net.h
index 94db0d7..9662988 100644
--- a/net.h
+++ b/net.h
@@ -80,8 +80,8 @@ void qemu_purge_queued_packets(VLANClientState *vc);
void qemu_flush_queued_packets(VLANClientState *vc);
void qemu_format_nic_info_str(VLANClientState *vc, uint8_t macaddr[6]);
void qemu_check_nic_model(NICInfo *nd, const char *model);
-void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
- const char *default_model);
+int qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
+ const char *default_model);
void qemu_handler_true(void *opaque);
void do_info_network(Monitor *mon);
--
1.6.2.5

324
qemu-do-not-exit-on-pci-hotplug-invalid-nic2.patch
View File

@ -1,324 +0,0 @@
From 0ba615f4e6ecf13839b7688c762961aa1d092504 Mon Sep 17 00:00:00 2001
From: Markus Armbruster <armbru@redhat.com>
Date: Fri, 25 Sep 2009 03:53:51 +0200
Subject: [PATCH] Fix pci_add nic not to exit on bad model
Monitor command "pci_add ADDR nic model=MODEL" uses pci_nic_init() to
create the NIC. When MODEL is unknown or "?", this prints to stderr
and terminates the program.
Change pci_nic_init() not to treat "?" specially, and to return NULL
on failure. Switch uses during startup to new convenience wrapper
pci_nic_init_nofail(), which behaves just like pci_nic_init() used to
do.
[markmc:
- rebase to stable-0.11
- drop qemu_error() usage
- go back to pci_create() in pci_nic_init
- qdev_init() doesn't have an error return
]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-do-not-exit-on-pci-hotplug-invalid-nic2.patch
---
hw/mips_malta.c | 2 +-
hw/pc.c | 2 +-
hw/pci.c | 19 ++++++++++++++++++-
hw/pci.h | 2 ++
hw/ppc440_bamboo.c | 2 +-
hw/ppc_newworld.c | 2 +-
hw/ppc_oldworld.c | 2 +-
hw/ppc_prep.c | 2 +-
hw/ppce500_mpc8544ds.c | 2 +-
hw/r2d.c | 2 +-
hw/realview.c | 2 +-
hw/sun4u.c | 2 +-
hw/versatilepb.c | 2 +-
net.c | 41 +++++++++++++++++++++++++----------------
net.h | 5 +++--
15 files changed, 59 insertions(+), 30 deletions(-)
diff --git a/hw/mips_malta.c b/hw/mips_malta.c
index 7728e58..ed86d4b 100644
--- a/hw/mips_malta.c
+++ b/hw/mips_malta.c
@@ -486,7 +486,7 @@ static void network_init(void)
/* The malta board has a PCNet card using PCI SLOT 11 */
default_devaddr = "0b";
- pci_nic_init(nd, "pcnet", default_devaddr);
+ pci_nic_init_nofail(nd, "pcnet", default_devaddr);
}
}
diff --git a/hw/pc.c b/hw/pc.c
index bcd2989..3b226f4 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -1360,7 +1360,7 @@ static void pc_init1(ram_addr_t ram_size,
if (!pci_enabled || (nd->model && strcmp(nd->model, "ne2k_isa") == 0))
pc_init_ne2k_isa(nd, i8259);
else
- pci_nic_init(nd, "rtl8139", NULL);
+ pci_nic_init_nofail(nd, "rtl8139", NULL);
}
piix4_acpi_system_hot_add_init(cpu_model);
diff --git a/hw/pci.c b/hw/pci.c
index eb990f9..9bcf49d 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -937,7 +937,10 @@ PCIDevice *pci_nic_init(NICInfo *nd, const char *default_model,
DeviceState *dev;
int i;
- i = qemu_check_nic_model_list(nd, pci_nic_models, default_model);
+ i = qemu_find_nic_model(nd, pci_nic_models, default_model);
+ if (i < 0)
+ return NULL;
+
pci_dev = pci_create(pci_nic_names[i], devaddr);
dev = &pci_dev->qdev;
if (nd->id)
@@ -948,6 +951,20 @@ PCIDevice *pci_nic_init(NICInfo *nd, const char *default_model,
return pci_dev;
}
+PCIDevice *pci_nic_init_nofail(NICInfo *nd, const char *default_model,
+ const char *default_devaddr)
+{
+ PCIDevice *res;
+
+ if (qemu_show_nic_models(nd->model, pci_nic_models))
+ exit(0);
+
+ res = pci_nic_init(nd, default_model, default_devaddr);
+ if (!res)
+ exit(1);
+ return res;
+}
+
typedef struct {
PCIDevice dev;
PCIBus *bus;
diff --git a/hw/pci.h b/hw/pci.h
index 7ca3ba9..18a05f5 100644
--- a/hw/pci.h
+++ b/hw/pci.h
@@ -291,6 +291,8 @@ PCIBus *pci_register_bus(DeviceState *parent, const char *name,
PCIDevice *pci_nic_init(NICInfo *nd, const char *default_model,
const char *default_devaddr);
+PCIDevice *pci_nic_init_nofail(NICInfo *nd, const char *default_model,
+ const char *default_devaddr);
void pci_data_write(void *opaque, uint32_t addr, uint32_t val, int len);
uint32_t pci_data_read(void *opaque, uint32_t addr, int len);
int pci_bus_num(PCIBus *s);
diff --git a/hw/ppc440_bamboo.c b/hw/ppc440_bamboo.c
index c74aa2f..9f22623 100644
--- a/hw/ppc440_bamboo.c
+++ b/hw/ppc440_bamboo.c
@@ -128,7 +128,7 @@ static void bamboo_init(ram_addr_t ram_size,
for (i = 0; i < nb_nics; i++) {
/* There are no PCI NICs on the Bamboo board, but there are
* PCI slots, so we can pick whatever default model we want. */
- pci_nic_init(&nd_table[i], "e1000", NULL);
+ pci_nic_init_nofail(&nd_table[i], "e1000", NULL);
}
}
diff --git a/hw/ppc_newworld.c b/hw/ppc_newworld.c
index 45480ea..5fa9e82 100644
--- a/hw/ppc_newworld.c
+++ b/hw/ppc_newworld.c
@@ -304,7 +304,7 @@ static void ppc_core99_init (ram_addr_t ram_size,
serial_hds[0], serial_hds[1], ESCC_CLOCK, 4);
for(i = 0; i < nb_nics; i++)
- pci_nic_init(&nd_table[i], "ne2k_pci", NULL);
+ pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
if (drive_get_max_bus(IF_IDE) >= MAX_IDE_BUS) {
fprintf(stderr, "qemu: too many IDE bus\n");
diff --git a/hw/ppc_oldworld.c b/hw/ppc_oldworld.c
index 5c745a0..49c8a00 100644
--- a/hw/ppc_oldworld.c
+++ b/hw/ppc_oldworld.c
@@ -315,7 +315,7 @@ static void ppc_heathrow_init (ram_addr_t ram_size,
serial_hds[1], ESCC_CLOCK, 4);
for(i = 0; i < nb_nics; i++)
- pci_nic_init(&nd_table[i], "ne2k_pci", NULL);
+ pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
if (drive_get_max_bus(IF_IDE) >= MAX_IDE_BUS) {
diff --git a/hw/ppc_prep.c b/hw/ppc_prep.c
index 7a21977..a8f0002 100644
--- a/hw/ppc_prep.c
+++ b/hw/ppc_prep.c
@@ -681,7 +681,7 @@ static void ppc_prep_init (ram_addr_t ram_size,
if (strcmp(nd_table[i].model, "ne2k_isa") == 0) {
isa_ne2000_init(ne2000_io[i], i8259[ne2000_irq[i]], &nd_table[i]);
} else {
- pci_nic_init(&nd_table[i], "ne2k_pci", NULL);
+ pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
}
}
diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
index db52cdd..5f2b526 100644
--- a/hw/ppce500_mpc8544ds.c
+++ b/hw/ppce500_mpc8544ds.c
@@ -228,7 +228,7 @@ static void mpc8544ds_init(ram_addr_t ram_size,
/* Register network interfaces. */
for (i = 0; i < nb_nics; i++) {
- pci_nic_init(&nd_table[i], "virtio", NULL);
+ pci_nic_init_nofail(&nd_table[i], "virtio", NULL);
}
}
diff --git a/hw/r2d.c b/hw/r2d.c
index 8ce6832..af229d4 100644
--- a/hw/r2d.c
+++ b/hw/r2d.c
@@ -231,7 +231,7 @@ static void r2d_init(ram_addr_t ram_size,
/* NIC: rtl8139 on-board, and 2 slots. */
for (i = 0; i < nb_nics; i++)
- pci_nic_init(&nd_table[i], "rtl8139", i==0 ? "2" : NULL);
+ pci_nic_init_nofail(&nd_table[i], "rtl8139", i==0 ? "2" : NULL);
/* Todo: register on board registers */
if (kernel_filename) {
diff --git a/hw/realview.c b/hw/realview.c
index 8e176b9..70c129b 100644
--- a/hw/realview.c
+++ b/hw/realview.c
@@ -125,7 +125,7 @@ static void realview_init(ram_addr_t ram_size,
smc91c111_init(nd, 0x4e000000, pic[28]);
done_smc = 1;
} else {
- pci_nic_init(nd, "rtl8139", NULL);
+ pci_nic_init_nofail(nd, "rtl8139", NULL);
}
}
diff --git a/hw/sun4u.c b/hw/sun4u.c
index 9d2a7f5..9fb5dcd 100644
--- a/hw/sun4u.c
+++ b/hw/sun4u.c
@@ -497,7 +497,7 @@ static void sun4uv_init(ram_addr_t RAM_size,
}
for(i = 0; i < nb_nics; i++)
- pci_nic_init(&nd_table[i], "ne2k_pci", NULL);
+ pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
if (drive_get_max_bus(IF_IDE) >= MAX_IDE_BUS) {
fprintf(stderr, "qemu: too many IDE bus\n");
diff --git a/hw/versatilepb.c b/hw/versatilepb.c
index 3371121..8e06c31 100644
--- a/hw/versatilepb.c
+++ b/hw/versatilepb.c
@@ -212,7 +212,7 @@ static void versatile_init(ram_addr_t ram_size,
smc91c111_init(nd, 0x10010000, sic[25]);
done_smc = 1;
} else {
- pci_nic_init(nd, "rtl8139", NULL);
+ pci_nic_init_nofail(nd, "rtl8139", NULL);
}
}
if (usb_enabled) {
diff --git a/net.c b/net.c
index 047e72e..3572c48 100644
--- a/net.c
+++ b/net.c
@@ -2543,6 +2543,19 @@ static int nic_get_free_idx(void)
return -1;
}
+int qemu_show_nic_models(const char *arg, const char *const *models)
+{
+ int i;
+
+ if (!arg || strcmp(arg, "?"))
+ return 0;
+
+ fprintf(stderr, "qemu: Supported NIC models: ");
+ for (i = 0 ; models[i]; i++)
+ fprintf(stderr, "%s%c", models[i], models[i+1] ? ',' : '\n');
+ return 1;
+}
+
void qemu_check_nic_model(NICInfo *nd, const char *model)
{
const char *models[2];
@@ -2550,31 +2563,27 @@ void qemu_check_nic_model(NICInfo *nd, const char *model)
models[0] = model;
models[1] = NULL;
- qemu_check_nic_model_list(nd, models, model);
+ if (qemu_show_nic_models(nd->model, models))
+ exit(0);
+ if (qemu_find_nic_model(nd, models, model) < 0)
+ exit(1);
}
-int qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
- const char *default_model)
+int qemu_find_nic_model(NICInfo *nd, const char * const *models,
+ const char *default_model)
{
- int i, exit_status = 0;
+ int i;
if (!nd->model)
nd->model = qemu_strdup(default_model);
- if (strcmp(nd->model, "?") != 0) {
- for (i = 0 ; models[i]; i++)
- if (strcmp(nd->model, models[i]) == 0)
- return i;
-
- fprintf(stderr, "qemu: Unsupported NIC model: %s\n", nd->model);
- exit_status = 1;
+ for (i = 0 ; models[i]; i++) {
+ if (strcmp(nd->model, models[i]) == 0)
+ return i;
}
- fprintf(stderr, "qemu: Supported NIC models: ");
- for (i = 0 ; models[i]; i++)
- fprintf(stderr, "%s%c", models[i], models[i+1] ? ',' : '\n');
-
- exit(exit_status);
+ fprintf(stderr, "qemu: Unsupported NIC model: %s\n", nd->model);
+ return -1;
}
static int net_handle_fd_param(Monitor *mon, const char *param)
diff --git a/net.h b/net.h
index 9662988..07b4c9a 100644
--- a/net.h
+++ b/net.h
@@ -79,9 +79,10 @@ ssize_t qemu_send_packet_async(VLANClientState *vc, const uint8_t *buf,
void qemu_purge_queued_packets(VLANClientState *vc);
void qemu_flush_queued_packets(VLANClientState *vc);
void qemu_format_nic_info_str(VLANClientState *vc, uint8_t macaddr[6]);
+int qemu_show_nic_models(const char *arg, const char *const *models);
void qemu_check_nic_model(NICInfo *nd, const char *model);
-int qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
- const char *default_model);
+int qemu_find_nic_model(NICInfo *nd, const char * const *models,
+ const char *default_model);
void qemu_handler_true(void *opaque);
void do_info_network(Monitor *mon);
--
1.6.2.5

88
qemu-fix-dropped-packets-with-non-virtio-nics.patch
View File

@ -1,88 +0,0 @@
From 2e7c7b6cb25603e2fa40990da86d03a57b2616bd Mon Sep 17 00:00:00 2001
From: Mark McLoughlin <markmc@redhat.com>
Date: Thu, 29 Oct 2009 11:34:17 +0000
Subject: [PATCH] net: disable draining tap queue in one go
If qemu_send_packet_async() returns zero, it means the packet has been
queued and the sent callback will be invoked once it has been flushed.
This is only possible where the NIC's receive() handler returns zero
and promises to notify the networking core that room is available in its
queue again.
In the case where the receive handler does not have this capability
(and its queue fills up) it returns -1 and the networking core does not
queue up the packet. This condition is indicated by a -1 return from
qemu_send_packet_async().
Currently, tap handles this condition simply by dropping the packet. It
should do its best to avoid getting into this situation by checking such
NIC's have room for a packet before copying the packet from the tap
interface.
tap_send() used to achieve this by only reading a single packet before
returning to the mainloop. That way, tap_can_send() is called before
reading each packet.
tap_send() was changed to completely drain the tap interface queue
without taking into account the situation where the NIC returns an
error and the packet is not queued. Let's start fixing this by
reverting to the previous behaviour of reading one packet at a time.
Reported-by: Scott Tsai <scottt.tw@gmail.com>
Tested-by: Sven Rudolph <Sven_Rudolph@drewag.de>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-fix-dropped-packets-with-non-virtio-nics.patch
---
net.c | 29 +++++++++++++----------------
1 files changed, 13 insertions(+), 16 deletions(-)
diff --git a/net.c b/net.c
index 3572c48..522e33c 100644
--- a/net.c
+++ b/net.c
@@ -1453,27 +1453,24 @@ static void tap_send(void *opaque)
{
TAPState *s = opaque;
int size;
+ uint8_t *buf = s->buf;
- do {
- uint8_t *buf = s->buf;
-
- size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
- if (size <= 0) {
- break;
- }
+ size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
+ if (size <= 0) {
+ return;
+ }
#ifdef IFF_VNET_HDR
- if (s->has_vnet_hdr && !s->using_vnet_hdr) {
- buf += sizeof(struct virtio_net_hdr);
- size -= sizeof(struct virtio_net_hdr);
- }
+ if (s->has_vnet_hdr && !s->using_vnet_hdr) {
+ buf += sizeof(struct virtio_net_hdr);
+ size -= sizeof(struct virtio_net_hdr);
+ }
#endif
- size = qemu_send_packet_async(s->vc, buf, size, tap_send_completed);
- if (size == 0) {
- tap_read_poll(s, 0);
- }
- } while (size > 0);
+ size = qemu_send_packet_async(s->vc, buf, size, tap_send_completed);
+ if (size == 0) {
+ tap_read_poll(s, 0);
+ }
}
#ifdef TUNSETSNDBUF
--
1.6.2.5

135
qemu-fix-linux-user-build-on-ppc.patch
View File

@ -1,135 +0,0 @@
From 8f4d4cb4e4e73d0533aa2cb421c14210c75f6edc Mon Sep 17 00:00:00 2001
From: Mark McLoughlin <markmc@redhat.com>
Date: Mon, 29 Jun 2009 14:49:03 +0100
Subject: [PATCH] Fix linux-user build on ppc
kvm-87 build fails on ppc:
https://koji.fedoraproject.org/koji/getfile?taskID=1441042&name=build.log
gcc -I. -I.. -I/builddir/build/BUILD/qemu-kvm-devel-87/target-i386
-I/builddir/build/BUILD/qemu-kvm-devel-87 -MMD -MT elfload.o -MP
-DNEED_CPU_H -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
-D__user= -I/builddir/build/BUILD/qemu-kvm-devel-87/tcg
-I/builddir/build/BUILD/qemu-kvm-devel-87/tcg/ppc64
-I/builddir/build/BUILD/qemu-kvm-devel-87/fpu
-I/builddir/build/BUILD/qemu-kvm-devel-87/linux-user
-I/builddir/build/BUILD/qemu-kvm-devel-87/linux-user/i386 -O2 -g -pipe
-Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
--param=ssp-buffer-size=4 -m64 -mminimal-toc -g -fno-strict-aliasing
-O2 -Wall -Wundef -Wendif-labels -Wwrite-strings -Wmissing-prototypes
-Wstrict-prototypes -Wredundant-decls -c -o elfload.o
/builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c
/builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c:214: error: conflicting types for 'elf_greg_t'
/usr/include/asm/elf.h:123: note: previous declaration of 'elf_greg_t' was here
/builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c:220: error: conflicting types for 'elf_gregset_t'
/usr/include/asm/elf.h:124: note: previous declaration of 'elf_gregset_t' was here
In file included from /builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c:697:
../elf.h:457:1: warning: "R_PPC_NUM" redefined
In file included from /usr/include/asm/sigcontext.h:13,
from /usr/include/bits/sigcontext.h:28,
from /usr/include/signal.h:339,
from /builddir/build/BUILD/qemu-kvm-devel-87/linux-user/qemu.h:4,
from /builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c:16:
/usr/include/asm/elf.h:81:1: warning: this is the location of the previous definition
Problem seems to be that signal.h is pulling in a bunch of ppc
headers which expose elf_greg_t, R_PPC_* and PPC_FEATURE_*.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-fix-linux-user-build-on-ppc.patch
---
elf.h | 2 ++
linux-user/elfload.c | 10 ++++++++++
2 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/elf.h b/elf.h
index b042002..14f8aa1 100644
--- a/elf.h
+++ b/elf.h
@@ -454,7 +454,9 @@ typedef struct {
#define R_PPC_SECTOFF_HI 35
#define R_PPC_SECTOFF_HA 36
/* Keep this the last entry. */
+#ifndef R_PPC_NUM
#define R_PPC_NUM 37
+#endif /* R_PPC_NUM */
/* ARM specific declarations */
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 3a8268b..d283f73 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -134,6 +134,7 @@ static inline void init_thread(struct target_pt_regs *regs, struct image_info *i
regs->rip = infop->entry;
}
+#ifdef FIX_BROKEN_PPC_BUILD
typedef target_ulong elf_greg_t;
typedef uint32_t target_uid_t;
typedef uint32_t target_gid_t;
@@ -179,6 +180,7 @@ static void elf_core_copy_regs(elf_gregset_t *regs, const CPUState *env)
(*regs)[25] = env->segs[R_FS].selector & 0xffff;
(*regs)[26] = env->segs[R_GS].selector & 0xffff;
}
+#endif /* FIX_BROKEN_PPC_BUILD */
#else
@@ -211,6 +213,7 @@ static inline void init_thread(struct target_pt_regs *regs, struct image_info *i
regs->edx = 0;
}
+#ifdef FIX_BROKEN_PPC_BUILD
typedef target_ulong elf_greg_t;
typedef uint16_t target_uid_t;
typedef uint16_t target_gid_t;
@@ -246,9 +249,12 @@ static void elf_core_copy_regs(elf_gregset_t *regs, const CPUState *env)
(*regs)[15] = env->regs[R_ESP];
(*regs)[16] = env->segs[R_SS].selector & 0xffff;
}
+#endif /* FIX_BROKEN_PPC_BUILD */
#endif
+#ifdef FIX_BROKEN_PPC_BUILD
#define USE_ELF_CORE_DUMP
+#endif /* FIX_BROKEN_PPC_BUILD */
#define ELF_EXEC_PAGESIZE 4096
#endif
@@ -286,6 +292,7 @@ static inline void init_thread(struct target_pt_regs *regs, struct image_info *i
regs->ARM_r10 = infop->start_data;
}
+#ifdef FIX_BROKEN_PPC_BUILD
typedef uint32_t elf_greg_t;
typedef uint16_t target_uid_t;
typedef uint16_t target_gid_t;
@@ -318,6 +325,7 @@ static void elf_core_copy_regs(elf_gregset_t *regs, const CPUState *env)
}
#define USE_ELF_CORE_DUMP
+#endif /* FIX_BROKEN_PPC_BUILD */
#define ELF_EXEC_PAGESIZE 4096
enum
@@ -421,6 +429,7 @@ static inline void init_thread(struct target_pt_regs *regs, struct image_info *i
/* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP).
See arch/powerpc/include/asm/cputable.h. */
+#ifndef PPC_FEATURE_32
enum {
PPC_FEATURE_32 = 0x80000000,
PPC_FEATURE_64 = 0x40000000,
@@ -452,6 +461,7 @@ enum {
PPC_FEATURE_TRUE_LE = 0x00000002,
PPC_FEATURE_PPC_LE = 0x00000001,
};
+#endif /* !defined(PPC_FEATURE_32) */
#define ELF_HWCAP get_elf_hwcap()
--
1.6.2.5

67
qemu-fix-msr-count-potential-segfault.patch
View File

@ -1,67 +0,0 @@
From 7834349cfcc68b946c0d241ffd99c598857e489b Mon Sep 17 00:00:00 2001
From: Eduardo Habkost <ehabkost@redhat.com>
Date: Wed, 14 Oct 2009 15:02:27 -0300
Subject: [PATCH] fix MSR_COUNT for kvm_arch_save_regs()
A new register was added to the load/save list on commit
d283d5a65a2bdcc570065267be21848bd6fe3d78, but MSR_COUNT was not updated, leading
to potential stack corruption on kvm_arch_save_regs().
The following registers are saved by kvm_arch_save_regs():
1) MSR_IA32_SYSENTER_CS
2) MSR_IA32_SYSENTER_ESP
3) MSR_IA32_SYSENTER_EIP
4) MSR_STAR
5) MSR_IA32_TSC
6) MSR_VM_HSAVE_PA
7) MSR_CSTAR (x86_64 only)
8) MSR_KERNELGSBASE (x86_64 only)
9) MSR_FMASK (x86_64 only)
10) MSR_LSTAR (x86_64 only)
(cherry picked from commit e7e5448ba387adc20be1cf08411a5b526d684299)
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-fix-msr-count-potential-segfault.patch
---
qemu-kvm-x86.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/qemu-kvm-x86.c b/qemu-kvm-x86.c
index 492dbc5..d5436b6 100644
--- a/qemu-kvm-x86.c
+++ b/qemu-kvm-x86.c
@@ -847,9 +847,9 @@ static int get_msr_entry(struct kvm_msr_entry *entry, CPUState *env)
}
#ifdef TARGET_X86_64
-#define MSR_COUNT 9
+#define MSR_COUNT 10
#else
-#define MSR_COUNT 5
+#define MSR_COUNT 6
#endif
static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
@@ -991,6 +991,7 @@ void kvm_arch_load_regs(CPUState *env)
/* msrs */
n = 0;
+ /* Remember to increase MSR_COUNT if you add new registers below */
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_CS, env->sysenter_cs);
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_ESP, env->sysenter_esp);
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_EIP, env->sysenter_eip);
@@ -1166,6 +1167,7 @@ void kvm_arch_save_regs(CPUState *env)
/* msrs */
n = 0;
+ /* Remember to increase MSR_COUNT if you add new registers below */
msrs[n++].index = MSR_IA32_SYSENTER_CS;
msrs[n++].index = MSR_IA32_SYSENTER_ESP;
msrs[n++].index = MSR_IA32_SYSENTER_EIP;
--
1.6.2.5

140
qemu-fix-qcow2-backing-file-with-virtio.patch
View File

@ -1,140 +0,0 @@
From 1df18d4a961a66b9ea28ab83b409f4d9d470f148 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Thu, 8 Oct 2009 15:02:08 +0200
Subject: [PATCH] qcow2: Bring synchronous read/write back to life
When the synchronous read and write functions were dropped, they were replaced
by generic emulation functions. Unfortunately, these emulation functions don't
provide the same semantics as the original functions did.
The original bdrv_read would mean that we read some data synchronously and that
we won't be interrupted during this read. The latter assumption is no longer
true with the emulation function which needs to use qemu_aio_poll and therefore
allows the callback of any other concurrent AIO request to be run during the
read. Which in turn means that (meta)data read earlier could have changed and
be invalid now. qcow2 is not prepared to work in this way and it's just scary
how many places there are where other requests could run.
I'm not sure yet where exactly it breaks, but you'll see breakage with virtio
on qcow2 with a backing file. Providing synchronous functions again fixes the
problem for me.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-fix-qcow2-backing-file-with-virtio.patch
---
block/qcow2-cluster.c | 6 ++--
block/qcow2.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++-
block/qcow2.h | 3 ++
3 files changed, 55 insertions(+), 5 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index d4631c3..4d0ce16 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -306,8 +306,8 @@ void qcow2_encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
}
-static int qcow_read(BlockDriverState *bs, int64_t sector_num,
- uint8_t *buf, int nb_sectors)
+int qcow2_read(BlockDriverState *bs, int64_t sector_num, uint8_t *buf,
+ int nb_sectors)
{
BDRVQcowState *s = bs->opaque;
int ret, index_in_cluster, n, n1;
@@ -358,7 +358,7 @@ static int copy_sectors(BlockDriverState *bs, uint64_t start_sect,
n = n_end - n_start;
if (n <= 0)
return 0;
- ret = qcow_read(bs, start_sect + n_start, s->cluster_data, n);
+ ret = qcow2_read(bs, start_sect + n_start, s->cluster_data, n);
if (ret < 0)
return ret;
if (s->crypt_method) {
diff --git a/block/qcow2.c b/block/qcow2.c
index dd32ea2..ced257e 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -855,6 +855,51 @@ static int qcow_make_empty(BlockDriverState *bs)
return 0;
}
+static int qcow2_write(BlockDriverState *bs, int64_t sector_num,
+ const uint8_t *buf, int nb_sectors)
+{
+ BDRVQcowState *s = bs->opaque;
+ int ret, index_in_cluster, n;
+ uint64_t cluster_offset;
+ int n_end;
+ QCowL2Meta l2meta;
+
+ while (nb_sectors > 0) {
+ memset(&l2meta, 0, sizeof(l2meta));
+
+ index_in_cluster = sector_num & (s->cluster_sectors - 1);
+ n_end = index_in_cluster + nb_sectors;
+ if (s->crypt_method &&
+ n_end > QCOW_MAX_CRYPT_CLUSTERS * s->cluster_sectors)
+ n_end = QCOW_MAX_CRYPT_CLUSTERS * s->cluster_sectors;
+ cluster_offset = qcow2_alloc_cluster_offset(bs, sector_num << 9,
+ index_in_cluster,
+ n_end, &n, &l2meta);
+ if (!cluster_offset)
+ return -1;
+ if (s->crypt_method) {
+ qcow2_encrypt_sectors(s, sector_num, s->cluster_data, buf, n, 1,
+ &s->aes_encrypt_key);
+ ret = bdrv_pwrite(s->hd, cluster_offset + index_in_cluster * 512,
+ s->cluster_data, n * 512);
+ } else {
+ ret = bdrv_pwrite(s->hd, cluster_offset + index_in_cluster * 512, buf, n * 512);
+ }
+ if (ret != n * 512 || qcow2_alloc_cluster_link_l2(bs, cluster_offset, &l2meta) < 0) {
+ qcow2_free_any_clusters(bs, cluster_offset, l2meta.nb_clusters);
+ return -1;
+ }
+ nb_sectors -= n;
+ sector_num += n;
+ buf += n * 512;
+ if (l2meta.nb_clusters != 0) {
+ LIST_REMOVE(&l2meta, next_in_flight);
+ }
+ }
+ s->cluster_cache_offset = -1; /* disable compressed cache */
+ return 0;
+}
+
/* XXX: put compressed sectors first, then all the cluster aligned
tables to avoid losing bytes in alignment */
static int qcow_write_compressed(BlockDriverState *bs, int64_t sector_num,
@@ -1037,8 +1082,10 @@ static BlockDriver bdrv_qcow2 = {
.bdrv_set_key = qcow_set_key,
.bdrv_make_empty = qcow_make_empty,
- .bdrv_aio_readv = qcow_aio_readv,
- .bdrv_aio_writev = qcow_aio_writev,
+ .bdrv_read = qcow2_read,
+ .bdrv_write = qcow2_write,
+ .bdrv_aio_readv = qcow_aio_readv,
+ .bdrv_aio_writev = qcow_aio_writev,
.bdrv_write_compressed = qcow_write_compressed,
.bdrv_snapshot_create = qcow2_snapshot_create,
diff --git a/block/qcow2.h b/block/qcow2.h
index 965a2f4..b41aa63 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -202,6 +202,9 @@ uint64_t qcow2_alloc_compressed_cluster_offset(BlockDriverState *bs,
int qcow2_alloc_cluster_link_l2(BlockDriverState *bs, uint64_t cluster_offset,
QCowL2Meta *m);
+int qcow2_read(BlockDriverState *bs, int64_t sector_num, uint8_t *buf,
+ int nb_sectors);
+
/* qcow2-snapshot.c functions */
int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info);
int qcow2_snapshot_goto(BlockDriverState *bs, const char *snapshot_id);
--
1.6.2.5

124
qemu-improve-error-reporting-on-file-access.patch
View File

@ -1,124 +0,0 @@
From 565c62123258970d9254bc7b8eaa8f4c66ab2a21 Mon Sep 17 00:00:00 2001
From: Justin M. Forbes <jforbes@redhat.com>
Date: Thu, 1 Oct 2009 16:13:56 -0500
Subject: [PATCH] Improve error reporting on file access
By making the error reporting include strerror(errno), it gives the user
a bit more indication as to why qemu failed. This is particularly
important for people running qemu as a non root user.
(cherry-picked from commit 850810d01b45e6ce99ac6696773e967890db2937)
Signed-off-by: Justin M. Forbes <jforbes@redhat.com>
Fedora-patch: qemu-improve-error-reporting-on-file-access.patch
---
hw/pc.c | 12 ++++++------
vl.c | 20 ++++++++++----------
2 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/hw/pc.c b/hw/pc.c
index 3b226f4..7a184cd 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -841,8 +841,8 @@ static void load_linux(void *fw_cfg,
if (!f || !(kernel_size = get_file_size(f)) ||
fread(header, 1, MIN(ARRAY_SIZE(header), kernel_size), f) !=
MIN(ARRAY_SIZE(header), kernel_size)) {
- fprintf(stderr, "qemu: could not load kernel '%s'\n",
- kernel_filename);
+ fprintf(stderr, "qemu: could not load kernel '%s': %s\n",
+ kernel_filename, strerror(errno));
exit(1);
}
@@ -947,8 +947,8 @@ static void load_linux(void *fw_cfg,
fi = fopen(initrd_filename, "rb");
if (!fi) {
- fprintf(stderr, "qemu: could not load initial ram disk '%s'\n",
- initrd_filename);
+ fprintf(stderr, "qemu: could not load initial ram disk '%s': %s\n",
+ initrd_filename, strerror(errno));
exit(1);
}
@@ -956,8 +956,8 @@ static void load_linux(void *fw_cfg,
initrd_addr = (initrd_max-initrd_size) & ~4095;
if (!fread_targphys_ok(initrd_addr, initrd_size, fi)) {
- fprintf(stderr, "qemu: read error on initial ram disk '%s'\n",
- initrd_filename);
+ fprintf(stderr, "qemu: read error on initial ram disk '%s': %s\n",
+ initrd_filename, strerror(errno));
exit(1);
}
fclose(fi);
diff --git a/vl.c b/vl.c
index d7c7ab1..9182d89 100644
--- a/vl.c
+++ b/vl.c
@@ -2379,8 +2379,8 @@ int drive_init(struct drive_opt *arg, int snapshot, void *opaque)
else if (cache == 2) /* write-back */
bdrv_flags |= BDRV_O_CACHE_WB;
if (bdrv_open2(bdrv, file, bdrv_flags, drv) < 0) {
- fprintf(stderr, "qemu: could not open disk image %s\n",
- file);
+ fprintf(stderr, "qemu: could not open disk image %s: %s\n",
+ file, strerror(errno));
return -1;
}
if (bdrv_key_required(bdrv))
@@ -5799,7 +5799,7 @@ int main(int argc, char **argv, char **envp)
if (len != 1)
exit(1);
else if (status == 1) {
- fprintf(stderr, "Could not acquire pidfile\n");
+ fprintf(stderr, "Could not acquire pidfile: %s\n", strerror(errno));
exit(1);
} else
exit(0);
@@ -5826,7 +5826,7 @@ int main(int argc, char **argv, char **envp)
uint8_t status = 1;
write(fds[1], &status, 1);
} else
- fprintf(stderr, "Could not acquire pid file\n");
+ fprintf(stderr, "Could not acquire pid file: %s\n", strerror(errno));
exit(1);
}
#endif
@@ -6031,8 +6031,8 @@ int main(int argc, char **argv, char **envp)
snprintf(label, sizeof(label), "serial%d", i);
serial_hds[i] = qemu_chr_open(label, devname, NULL);
if (!serial_hds[i]) {
- fprintf(stderr, "qemu: could not open serial device '%s'\n",
- devname);
+ fprintf(stderr, "qemu: could not open serial device '%s': %s\n",
+ devname, strerror(errno));
exit(1);
}
}
@@ -6045,8 +6045,8 @@ int main(int argc, char **argv, char **envp)
snprintf(label, sizeof(label), "parallel%d", i);
parallel_hds[i] = qemu_chr_open(label, devname, NULL);
if (!parallel_hds[i]) {
- fprintf(stderr, "qemu: could not open parallel device '%s'\n",
- devname);
+ fprintf(stderr, "qemu: could not open parallel device '%s': %s\n",
+ devname, strerror(errno));
exit(1);
}
}
@@ -6059,8 +6059,8 @@ int main(int argc, char **argv, char **envp)
snprintf(label, sizeof(label), "virtcon%d", i);
virtcon_hds[i] = qemu_chr_open(label, devname, NULL);
if (!virtcon_hds[i]) {
- fprintf(stderr, "qemu: could not open virtio console '%s'\n",
- devname);
+ fprintf(stderr, "qemu: could not open virtio console '%s': %s\n",
+ devname, strerror(errno));
exit(1);
}
}
--
1.6.2.5

41
qemu-parallels-image-format-overflow.patch
View File

@ -1,41 +0,0 @@
From ff1a1e986f2e167c2538160d0476ac61cda31f77 Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2@infradead.org>
Date: Sat, 7 Nov 2009 14:10:01 +0000
Subject: [PATCH] Fix 32-bit overflow in parallels image support
(cherry picked from commit c34d2451ed32651e14e309f94009be07d231ee96)
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-parallels-image-format-overflow.patch
---
block/parallels.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/block/parallels.c b/block/parallels.c
index 0b64a5c..63b6738 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -119,7 +119,8 @@ fail:
static inline int seek_to_sector(BlockDriverState *bs, int64_t sector_num)
{
BDRVParallelsState *s = bs->opaque;
- uint32_t index, offset, position;
+ uint32_t index, offset;
+ uint64_t position;
index = sector_num / s->tracks;
offset = sector_num % s->tracks;
@@ -128,7 +129,7 @@ static inline int seek_to_sector(BlockDriverState *bs, int64_t sector_num)
if ((index > s->catalog_size) || (s->catalog_bitmap[index] == 0))
return -1;
- position = (s->catalog_bitmap[index] + offset) * 512;
+ position = (uint64_t)(s->catalog_bitmap[index] + offset) * 512;
// fprintf(stderr, "sector: %llx index=%x offset=%x pointer=%x position=%x\n",
// sector_num, index, offset, s->catalog_bitmap[index], position);
--
1.6.2.5

119
qemu-properly-save-kvm-system-time-registers.patch
View File

@ -1,119 +0,0 @@
From 20a3c3095744ea65b4dfb5365efea8cdb802f7f5 Mon Sep 17 00:00:00 2001
From: Glauber Costa <glommer@redhat.com>
Date: Wed, 21 Oct 2009 10:52:46 -0400
Subject: [PATCH] properly save kvm system time msr registers
Currently, the msrs involved in setting up pvclock are not saved over
migration and/or save/restore. This patch puts their value in special
fields in our CPUState, and deal with them using vmstate.
kvm also has to account for it, by including them in the msr list
for the ioctls.
Fedora-patch: qemu-properly-save-kvm-system-time-registers.patch
Signed-off-by: Glauber Costa <glommer@redhat.com>
---
qemu-kvm-x86.c | 15 +++++++++++++--
target-i386/cpu.h | 5 ++++-
target-i386/machine.c | 8 ++++++++
3 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/qemu-kvm-x86.c b/qemu-kvm-x86.c
index d5436b6..300e6c2 100644
--- a/qemu-kvm-x86.c
+++ b/qemu-kvm-x86.c
@@ -839,6 +839,12 @@ static int get_msr_entry(struct kvm_msr_entry *entry, CPUState *env)
case MSR_VM_HSAVE_PA:
env->vm_hsave = entry->data;
break;
+ case MSR_KVM_SYSTEM_TIME:
+ env->system_time_msr = entry->data;
+ break;
+ case MSR_KVM_WALL_CLOCK:
+ env->wall_clock_msr = entry->data;
+ break;
default:
printf("Warning unknown msr index 0x%x\n", entry->index);
return 1;
@@ -847,9 +853,9 @@ static int get_msr_entry(struct kvm_msr_entry *entry, CPUState *env)
}
#ifdef TARGET_X86_64
-#define MSR_COUNT 10
+#define MSR_COUNT 12
#else
-#define MSR_COUNT 6
+#define MSR_COUNT 8
#endif
static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
@@ -1007,6 +1013,8 @@ void kvm_arch_load_regs(CPUState *env)
set_msr_entry(&msrs[n++], MSR_LSTAR , env->lstar);
}
#endif
+ set_msr_entry(&msrs[n++], MSR_KVM_SYSTEM_TIME, env->system_time_msr);
+ set_msr_entry(&msrs[n++], MSR_KVM_WALL_CLOCK, env->wall_clock_msr);
rc = kvm_set_msrs(env->kvm_cpu_state.vcpu_ctx, msrs, n);
if (rc == -1)
@@ -1184,6 +1192,9 @@ void kvm_arch_save_regs(CPUState *env)
msrs[n++].index = MSR_LSTAR;
}
#endif
+ msrs[n++].index = MSR_KVM_SYSTEM_TIME;
+ msrs[n++].index = MSR_KVM_WALL_CLOCK;
+
rc = kvm_get_msrs(env->kvm_cpu_state.vcpu_ctx, msrs, n);
if (rc == -1) {
perror("kvm_get_msrs FAILED");
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index 08200ed..22e76ec 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -640,6 +640,9 @@ typedef struct CPUX86State {
target_ulong fmask;
target_ulong kernelgsbase;
#endif
+ uint64_t system_time_msr;
+ uint64_t wall_clock_msr;
+
uint64_t tsc;
@@ -867,7 +870,7 @@ static inline int cpu_get_time_fast(void)
#define cpu_signal_handler cpu_x86_signal_handler
#define cpu_list x86_cpu_list
-#define CPU_SAVE_VERSION 10
+#define CPU_SAVE_VERSION 11
/* MMU modes definitions */
#define MMU_MODE0_SUFFIX _kernel
diff --git a/target-i386/machine.c b/target-i386/machine.c
index ca32a92..4654508 100644
--- a/target-i386/machine.c
+++ b/target-i386/machine.c
@@ -174,6 +174,9 @@ void cpu_save(QEMUFile *f, void *opaque)
qemu_put_be64s(f, &env->mce_banks[4*i + 3]);
}
}
+
+ qemu_put_be64s(f, &env->system_time_msr);
+ qemu_put_be64s(f, &env->wall_clock_msr);
}
#ifdef USE_X86LDOUBLE
@@ -405,5 +408,10 @@ int cpu_load(QEMUFile *f, void *opaque, int version_id)
kvm_arch_load_mpstate(env);
}
}
+
+ if (version_id >= 11) {
+ qemu_get_be64s(f, &env->system_time_msr);
+ qemu_get_be64s(f, &env->wall_clock_msr);
+ }
return 0;
}
--
1.6.2.2

31
qemu-slirp-use-after-free.patch
View File

@ -1,31 +0,0 @@
From 56d370091cb01878c580f528011cd1717f8077fa Mon Sep 17 00:00:00 2001
From: Mark McLoughlin <markmc@redhat.com>
Date: Fri, 20 Nov 2009 18:07:15 +0000
Subject: [PATCH] slirp: fix use-after-free
460fec67ee introduced a use-after free in slirp.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-slirp-use-after-free.patch
---
slirp/mbuf.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/slirp/mbuf.c b/slirp/mbuf.c
index 7652fea..87508ba 100644
--- a/slirp/mbuf.c
+++ b/slirp/mbuf.c
@@ -95,8 +95,8 @@ m_free(struct mbuf *m)
* Either free() it or put it on the free list
*/
if (m->m_flags & M_DOFREE) {
- free(m);
m->slirp->mbuf_alloced--;
+ free(m);
} else if ((m->m_flags & M_FREELIST) == 0) {
insque(m,&m->slirp->m_freelist);
m->m_flags = M_FREELIST; /* Clobber other flags */
--
1.6.2.5

79
qemu-usb-linux-fix-buffer-overflow.patch
View File

@ -1,79 +0,0 @@
From a7c87c869ac75a076fa5552f9604f73f710cff80 Mon Sep 17 00:00:00 2001
From: Jim Paris <jim@jtan.com>
Date: Mon, 24 Aug 2009 14:56:12 -0400
Subject: [PATCH] usb-linux.c: fix buffer overflow
In usb-linux.c:usb_host_handle_control, we pass a 1024-byte buffer and
length to the kernel. However, the length was provided by the caller
of dev->handle_packet, and is not checked, so the kernel might provide
too much data and overflow our buffer.
For example, hw/usb-uhci.c could set the length to 2047.
hw/usb-ohci.c looks like it might go up to 4096 or 8192.
This causes a qemu crash, as reported here:
http://www.mail-archive.com/kvm@vger.kernel.org/msg18447.html
This patch increases the usb-linux.c buffer size to 2048 to fix the
specific device reported, and adds a check to avoid the overflow in
any case.
Signed-off-by: Jim Paris <jim@jtan.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The WLAN USB stick ZyXEL NWD271N (0586:3417) uses very large
usb control transfers of more than 2048 bytes. Increasing the
buffer size to 8192.
Signed-off-by: Christian Krause <chkr@plauener.de>
---
usb-linux.c | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/usb-linux.c b/usb-linux.c
index f19f0c4..298f342 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -115,7 +115,7 @@ struct ctrl_struct {
uint16_t offset;
uint8_t state;
struct usb_ctrlrequest req;
- uint8_t buffer[1024];
+ uint8_t buffer[8192];
};
typedef struct USBHostDevice {
@@ -552,6 +552,7 @@ static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
struct usbdevfs_urb *urb;
AsyncURB *aurb;
int ret, value, index;
+ int buffer_len;
/*
* Process certain standard device requests.
@@ -580,6 +581,13 @@ static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
/* The rest are asynchronous */
+ buffer_len = 8 + s->ctrl.len;
+ if (buffer_len > sizeof(s->ctrl.buffer)) {
+ fprintf(stderr, "husb: ctrl buffer too small (%u > %lu)\n",
+ buffer_len, sizeof(s->ctrl.buffer));
+ return USB_RET_STALL;
+ }
+
aurb = async_alloc();
aurb->hdev = s;
aurb->packet = p;
@@ -596,7 +604,7 @@ static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
urb->endpoint = p->devep;
urb->buffer = &s->ctrl.req;
- urb->buffer_length = 8 + s->ctrl.len;
+ urb->buffer_length = buffer_len;
urb->usercontext = s;
--
1.6.2.5

75
qemu.spec
View File

@ -1,7 +1,7 @@
Summary: QEMU is a FAST! processor emulator
Name: qemu
Version: 0.11.0
Release: 13%{?dist}
Version: 0.12.3
Release: 1%{?dist}
# Epoch because we pushed a qemu-1.0 package
Epoch: 2
License: GPLv2+ and LGPLv2+ and BSD
@ -24,52 +24,13 @@ Source6: ksmtuned.init
Source7: ksmtuned
Source8: ksmtuned.conf
# Not upstream, why?
Patch01: qemu-bios-bigger-roms.patch
# Works around broken linux-user build on ppc
Patch02: qemu-fix-linux-user-build-on-ppc.patch
# Allow the pulseudio backend to be the default
Patch03: qemu-allow-pulseaudio-to-be-the-default.patch
# Add KSM support - see https://fedoraproject.org/wiki/Features/KSM
Patch04: qemu-add-ksm-support.patch
# Fix issue causing NIC hotplug confusion when no model is specified (#524022)
Patch05: qemu-correctly-free-nic-info-structure.patch
# Do not exit during PCI hotplug when an invalid NIC model is passed (#524022)
Patch06: qemu-do-not-exit-on-pci-hotplug-invalid-nic1.patch
Patch07: qemu-do-not-exit-on-pci-hotplug-invalid-nic2.patch
# Improve error reporting on file access
Patch08: qemu-improve-error-reporting-on-file-access.patch
# Fix fs errors with virtio and qcow2 backing file (#524734)
Patch09: qemu-fix-qcow2-backing-file-with-virtio.patch
# Fix potential segfault from too small MSR_COUNT (#528901)
Patch10: qemu-fix-msr-count-potential-segfault.patch
# Properly save kvm time registers (#524229)
Patch11: qemu-properly-save-kvm-system-time-registers.patch
# Fix dropped packets with non-virtio NICs (#531419)
Patch12: qemu-fix-dropped-packets-with-non-virtio-nics.patch
# Fix buffer overflow in usb-linux.c (#546483)
Patch13: qemu-usb-linux-fix-buffer-overflow.patch
# Fix a use-after-free crasher in the slirp code (#539583)
Patch14: qemu-slirp-use-after-free.patch
# Fix overflow in the parallels image format support (#533573)
Patch15: qemu-parallels-image-format-overflow.patch
Patch01: 0001-block-avoid-creating-too-large-iovecs-in-multiwrite_.patch
Patch02: 0002-migration-Clear-fd-also-in-error-cases.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: SDL-devel zlib-devel which texi2html gnutls-devel cyrus-sasl-devel
BuildRequires: rsync dev86 iasl
BuildRequires: libaio-devel
BuildRequires: rsync
BuildRequires: pciutils-devel
BuildRequires: pulseaudio-libs-devel
BuildRequires: ncurses-devel
@ -155,7 +116,7 @@ Requires: %{name}-common = %{epoch}:%{version}-%{release}
Provides: kvm = 85
Obsoletes: kvm < 85
Requires: vgabios
Requires: bochs-bios >= 2.3.8-0.8
Requires: seabios
Requires: /usr/share/gpxe/e1000-0x100e.rom
Requires: /usr/share/gpxe/rtl8029.rom
Requires: /usr/share/gpxe/pcnet32.rom
@ -256,19 +217,6 @@ such as kvmtrace and kvm_stat.
%patch01 -p1
%patch02 -p1
%patch03 -p1
%patch04 -p1
%patch05 -p1
%patch06 -p1
%patch07 -p1
%patch08 -p1
%patch09 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%build
# --build-id option is used fedora 8 onwards for giving info to the debug packages.
@ -385,7 +333,7 @@ pxe_link rtl8139 rtl8139
pxe_link virtio virtio-net
ln -s ../vgabios/VGABIOS-lgpl-latest.bin %{buildroot}/%{_datadir}/%{name}/vgabios.bin
ln -s ../vgabios/VGABIOS-lgpl-latest.cirrus.bin %{buildroot}/%{_datadir}/%{name}/vgabios-cirrus.bin
ln -s ../bochs/BIOS-bochs-kvm %{buildroot}/%{_datadir}/%{name}/bios.bin
ln -s ../seabios/bios.bin %{buildroot}/%{_datadir}/%{name}/bios.bin
ln -s ../openbios/openbios-ppc %{buildroot}/%{_datadir}/%{name}/openbios-ppc
ln -s ../openbios/openbios-sparc32 %{buildroot}/%{_datadir}/%{name}/openbios-sparc32
ln -s ../openbios/openbios-sparc64 %{buildroot}/%{_datadir}/%{name}/openbios-sparc64
@ -490,7 +438,9 @@ fi
%{_bindir}/qemu
%{_bindir}/qemu-system-x86_64
%{_datadir}/%{name}/bios.bin
%{_datadir}/%{name}/linuxboot.bin
%{_datadir}/%{name}/multiboot.bin
%{_datadir}/%{name}/vapic.bin
%{_datadir}/%{name}/vgabios.bin
%{_datadir}/%{name}/vgabios-cirrus.bin
%{_datadir}/%{name}/pxe-e1000.bin
@ -550,6 +500,11 @@ fi
%{_mandir}/man1/qemu-img.1*
%changelog
* Wed Mar 10 2010 Justin M. Forbes <jforbes@redhat.com> - 2:0.12.3-1
- Update to 0.12.3 upstream
- Require seabios
- Migration clear the fd in error cases (#518032)
* Wed Jan 20 2010 Justin M. Forbes <jforbes@redhat.com> - 2:0.11.0-13
- Re-enable preadv/pwritev support (#545006)
- Fix buffer overflow in usb-linux.c (#546483)

2
sources
View File

@ -1 +1 @@
440837a062967102a68e634d57eaf719 qemu-kvm-0.11.0.tar.gz
ab484975004f66fb48cb5589bd9b9dcb qemu-kvm-0.12.3.tar.gz