Update to 0.12.3, require seabios, Migration clear the fd in error cases
(#518032)
This commit is contained in:
parent
81e6cc02b8
commit
b85e6209ac
@ -0,0 +1,53 @@
|
|||||||
|
From c0c1147350005b47068285a288f848cf75eb60c6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Christoph Hellwig <hch@lst.de>
|
||||||
|
Date: Tue, 26 Jan 2010 14:49:08 +0100
|
||||||
|
Subject: [PATCH] block: avoid creating too large iovecs in multiwrite_merge
|
||||||
|
|
||||||
|
If we go over the maximum number of iovecs support by syscall we get
|
||||||
|
back EINVAL from the kernel which translate to I/O errors for the guest.
|
||||||
|
|
||||||
|
Add a MAX_IOV defintion for platforms that don't have it. For now we use
|
||||||
|
the same 1024 define that's used on Linux and various other platforms,
|
||||||
|
but until the windows block backend implements some kind of vectored I/O
|
||||||
|
it doesn't matter.
|
||||||
|
|
||||||
|
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
||||||
|
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
||||||
|
---
|
||||||
|
block.c | 4 ++++
|
||||||
|
qemu-common.h | 4 ++++
|
||||||
|
2 files changed, 8 insertions(+), 0 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/block.c b/block.c
|
||||||
|
index 97af3f5..9697dc9 100644
|
||||||
|
--- a/block.c
|
||||||
|
+++ b/block.c
|
||||||
|
@@ -1669,6 +1669,10 @@ static int multiwrite_merge(BlockDriverState *bs, BlockRequest *reqs,
|
||||||
|
merge = bs->drv->bdrv_merge_requests(bs, &reqs[outidx], &reqs[i]);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (reqs[outidx].qiov->niov + reqs[i].qiov->niov + 1 > IOV_MAX) {
|
||||||
|
+ merge = 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (merge) {
|
||||||
|
size_t size;
|
||||||
|
QEMUIOVector *qiov = qemu_mallocz(sizeof(*qiov));
|
||||||
|
diff --git a/qemu-common.h b/qemu-common.h
|
||||||
|
index 1c5c0b2..b604ddf 100644
|
||||||
|
--- a/qemu-common.h
|
||||||
|
+++ b/qemu-common.h
|
||||||
|
@@ -54,6 +54,10 @@ struct iovec {
|
||||||
|
void *iov_base;
|
||||||
|
size_t iov_len;
|
||||||
|
};
|
||||||
|
+/*
|
||||||
|
+ * Use the same value as Linux for now.
|
||||||
|
+ */
|
||||||
|
+#define IOV_MAX 1024
|
||||||
|
#else
|
||||||
|
#include <sys/uio.h>
|
||||||
|
#endif
|
||||||
|
--
|
||||||
|
1.6.6.1
|
||||||
|
|
100
0002-migration-Clear-fd-also-in-error-cases.patch
Normal file
100
0002-migration-Clear-fd-also-in-error-cases.patch
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
From baaa7b9f8498f73d14c8457e0150d0dfdcdbd245 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Juan Quintela <quintela@redhat.com>
|
||||||
|
Date: Tue, 9 Mar 2010 23:58:50 +0100
|
||||||
|
Subject: [PATCH] migration: Clear fd also in error cases
|
||||||
|
|
||||||
|
Not clearing the fd and closing the file makes qemu spin using 100%CPU
|
||||||
|
after incoming migration error.
|
||||||
|
|
||||||
|
See for instance bug:
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=518032
|
||||||
|
|
||||||
|
Signed-off-by: Juan Quintela <quintela@trasno.org>
|
||||||
|
---
|
||||||
|
migration-exec.c | 3 +--
|
||||||
|
migration-fd.c | 3 +--
|
||||||
|
migration-tcp.c | 5 ++---
|
||||||
|
migration-unix.c | 5 ++---
|
||||||
|
4 files changed, 6 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/migration-exec.c b/migration-exec.c
|
||||||
|
index 87f645b..e57a55d 100644
|
||||||
|
--- a/migration-exec.c
|
||||||
|
+++ b/migration-exec.c
|
||||||
|
@@ -120,12 +120,11 @@ static void exec_accept_incoming_migration(void *opaque)
|
||||||
|
}
|
||||||
|
qemu_announce_self();
|
||||||
|
dprintf("successfully loaded vm state\n");
|
||||||
|
- /* we've successfully migrated, close the fd */
|
||||||
|
- qemu_set_fd_handler2(qemu_stdio_fd(f), NULL, NULL, NULL, NULL);
|
||||||
|
if (autostart)
|
||||||
|
vm_start();
|
||||||
|
|
||||||
|
err:
|
||||||
|
+ qemu_set_fd_handler2(qemu_stdio_fd(f), NULL, NULL, NULL, NULL);
|
||||||
|
qemu_fclose(f);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/migration-fd.c b/migration-fd.c
|
||||||
|
index ef7edbc..7325d13 100644
|
||||||
|
--- a/migration-fd.c
|
||||||
|
+++ b/migration-fd.c
|
||||||
|
@@ -113,12 +113,11 @@ static void fd_accept_incoming_migration(void *opaque)
|
||||||
|
}
|
||||||
|
qemu_announce_self();
|
||||||
|
dprintf("successfully loaded vm state\n");
|
||||||
|
- /* we've successfully migrated, close the fd */
|
||||||
|
- qemu_set_fd_handler2(qemu_stdio_fd(f), NULL, NULL, NULL, NULL);
|
||||||
|
if (autostart)
|
||||||
|
vm_start();
|
||||||
|
|
||||||
|
err:
|
||||||
|
+ qemu_set_fd_handler2(qemu_stdio_fd(f), NULL, NULL, NULL, NULL);
|
||||||
|
qemu_fclose(f);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/migration-tcp.c b/migration-tcp.c
|
||||||
|
index 2cfa8cb..c328e73 100644
|
||||||
|
--- a/migration-tcp.c
|
||||||
|
+++ b/migration-tcp.c
|
||||||
|
@@ -170,15 +170,14 @@ static void tcp_accept_incoming_migration(void *opaque)
|
||||||
|
qemu_announce_self();
|
||||||
|
dprintf("successfully loaded vm state\n");
|
||||||
|
|
||||||
|
- /* we've successfully migrated, close the server socket */
|
||||||
|
- qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL);
|
||||||
|
- close(s);
|
||||||
|
if (autostart)
|
||||||
|
vm_start();
|
||||||
|
|
||||||
|
out_fopen:
|
||||||
|
qemu_fclose(f);
|
||||||
|
out:
|
||||||
|
+ qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL);
|
||||||
|
+ close(s);
|
||||||
|
close(c);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/migration-unix.c b/migration-unix.c
|
||||||
|
index a141dbb..9685c4b 100644
|
||||||
|
--- a/migration-unix.c
|
||||||
|
+++ b/migration-unix.c
|
||||||
|
@@ -176,13 +176,12 @@ static void unix_accept_incoming_migration(void *opaque)
|
||||||
|
qemu_announce_self();
|
||||||
|
dprintf("successfully loaded vm state\n");
|
||||||
|
|
||||||
|
- /* we've successfully migrated, close the server socket */
|
||||||
|
- qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL);
|
||||||
|
- close(s);
|
||||||
|
|
||||||
|
out_fopen:
|
||||||
|
qemu_fclose(f);
|
||||||
|
out:
|
||||||
|
+ qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL);
|
||||||
|
+ close(s);
|
||||||
|
close(c);
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
1.6.6.1
|
||||||
|
|
2
ksm.init
2
ksm.init
@ -40,8 +40,10 @@ default_max_kernel_pages () {
|
|||||||
|
|
||||||
start() {
|
start() {
|
||||||
echo -n $"Starting $prog: "
|
echo -n $"Starting $prog: "
|
||||||
|
if [ -f /sys/kernel/mm/ksm/max_kernel_pages ]; then
|
||||||
KSM_MAX_KERNEL_PAGES=${KSM_MAX_KERNEL_PAGES:-`default_max_kernel_pages`}
|
KSM_MAX_KERNEL_PAGES=${KSM_MAX_KERNEL_PAGES:-`default_max_kernel_pages`}
|
||||||
echo $KSM_MAX_KERNEL_PAGES > /sys/kernel/mm/ksm/max_kernel_pages
|
echo $KSM_MAX_KERNEL_PAGES > /sys/kernel/mm/ksm/max_kernel_pages
|
||||||
|
fi
|
||||||
echo 1 > /sys/kernel/mm/ksm/run
|
echo 1 > /sys/kernel/mm/ksm/run
|
||||||
RETVAL=$?
|
RETVAL=$?
|
||||||
[ $RETVAL = 0 ] && success $"$prog startup" || failure $"$prog startup"
|
[ $RETVAL = 0 ] && success $"$prog startup" || failure $"$prog startup"
|
||||||
|
26
ksmtuned
26
ksmtuned
@ -21,6 +21,14 @@ if [ -f /etc/ksmtuned.conf ]; then
|
|||||||
. /etc/ksmtuned.conf
|
. /etc/ksmtuned.conf
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
debug() {
|
||||||
|
if [ -n "$DEBUG" ]; then
|
||||||
|
s="`/bin/date`: $*"
|
||||||
|
[ -n "$LOGFILE" ] && echo "$s" >> "$LOGFILE" || echo "$s"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
KSM_MONITOR_INTERVAL=${KSM_MONITOR_INTERVAL:-60}
|
KSM_MONITOR_INTERVAL=${KSM_MONITOR_INTERVAL:-60}
|
||||||
KSM_NPAGES_BOOST=${KSM_NPAGES_BOOST:-300}
|
KSM_NPAGES_BOOST=${KSM_NPAGES_BOOST:-300}
|
||||||
KSM_NPAGES_DECAY=${KSM_NPAGES_DECAY:--50}
|
KSM_NPAGES_DECAY=${KSM_NPAGES_DECAY:--50}
|
||||||
@ -35,17 +43,17 @@ KSM_THRES_COEF=${KSM_THRES_COEF:-20}
|
|||||||
KSM_THRES_CONST=${KSM_THRES_CONST:-2048}
|
KSM_THRES_CONST=${KSM_THRES_CONST:-2048}
|
||||||
|
|
||||||
total=`awk '/^MemTotal:/ {print $2}' /proc/meminfo`
|
total=`awk '/^MemTotal:/ {print $2}' /proc/meminfo`
|
||||||
[ -n "$DEBUG" ] && echo total $total
|
debug total $total
|
||||||
|
|
||||||
npages=0
|
npages=0
|
||||||
sleep=$[KSM_SLEEP_MSEC * 16 * 1024 * 1024 / total]
|
sleep=$[KSM_SLEEP_MSEC * 16 * 1024 * 1024 / total]
|
||||||
[ $sleep -le 10 ] && sleep=10
|
[ $sleep -le 10 ] && sleep=10
|
||||||
[ -n "$DEBUG" ] && echo sleep $sleep
|
debug sleep $sleep
|
||||||
thres=$[total * KSM_THRES_COEF / 100]
|
thres=$[total * KSM_THRES_COEF / 100]
|
||||||
if [ $KSM_THRES_CONST -gt $thres ]; then
|
if [ $KSM_THRES_CONST -gt $thres ]; then
|
||||||
thres=$KSM_THRES_CONST
|
thres=$KSM_THRES_CONST
|
||||||
fi
|
fi
|
||||||
[ -n "$DEBUG" ] && echo thres $thres
|
debug thres $thres
|
||||||
|
|
||||||
KSMCTL () {
|
KSMCTL () {
|
||||||
case x$1 in
|
case x$1 in
|
||||||
@ -89,22 +97,22 @@ adjust () {
|
|||||||
local free committed
|
local free committed
|
||||||
free=`free_memory`
|
free=`free_memory`
|
||||||
committed=`committed_memory`
|
committed=`committed_memory`
|
||||||
[ -n "$DEBUG" ] && echo committed $committed free $free
|
debug committed $committed free $free
|
||||||
if [ $[committed + thres] -lt $total -a $free -gt $thres ]; then
|
if [ $[committed + thres] -lt $total -a $free -gt $thres ]; then
|
||||||
KSMCTL stop
|
KSMCTL stop
|
||||||
[ -n "$DEBUG" ] && echo "$[committed + thres] < $total and free > $thres, stop ksm"
|
debug "$[committed + thres] < $total and free > $thres, stop ksm"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
[ -n "$DEBUG" ] && echo "$[committed + thres] > $total, start ksm"
|
debug "$[committed + thres] > $total, start ksm"
|
||||||
if [ $free -lt $thres ]; then
|
if [ $free -lt $thres ]; then
|
||||||
npages=`increase_npages $KSM_NPAGES_BOOST`
|
npages=`increase_npages $KSM_NPAGES_BOOST`
|
||||||
[ -n "$DEBUG" ] && echo "$free < $thres, boost"
|
debug "$free < $thres, boost"
|
||||||
else
|
else
|
||||||
npages=`increase_npages $KSM_NPAGES_DECAY`
|
npages=`increase_npages $KSM_NPAGES_DECAY`
|
||||||
[ -n "$DEBUG" ] && echo "$free > $thres, decay"
|
debug "$free > $thres, decay"
|
||||||
fi
|
fi
|
||||||
KSMCTL start $npages $sleep
|
KSMCTL start $npages $sleep
|
||||||
[ -n "$DEBUG" ] && echo "KSMCTL start $npages $sleep"
|
debug "KSMCTL start $npages $sleep"
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -14,3 +14,8 @@
|
|||||||
|
|
||||||
# KSM_THRES_COEF=20
|
# KSM_THRES_COEF=20
|
||||||
# KSM_THRES_CONST=2048
|
# KSM_THRES_CONST=2048
|
||||||
|
|
||||||
|
# uncomment the following if you want ksmtuned debug info
|
||||||
|
|
||||||
|
# LOGFILE=/var/log/ksmtuned
|
||||||
|
# DEBUG=1
|
||||||
|
@ -1,42 +0,0 @@
|
|||||||
From c6c94b043e8b3593d0beb52966dce43069233840 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Izik Eidus <ieidus@redhat.com>
|
|
||||||
Date: Tue, 28 Jul 2009 19:14:26 +0300
|
|
||||||
Subject: [PATCH] kvm userspace: ksm support
|
|
||||||
|
|
||||||
rfc for ksm support to kvm userpsace.
|
|
||||||
|
|
||||||
Signed-off-by: Izik Eidus <ieidus@redhat.com>
|
|
||||||
signed-off-by: Justin M. Forbes <jforbes@redhat.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-add-ksm-support.patch
|
|
||||||
---
|
|
||||||
exec.c | 6 ++++++
|
|
||||||
1 files changed, 6 insertions(+), 0 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/exec.c b/exec.c
|
|
||||||
index 0655b4b..a0e2203 100644
|
|
||||||
--- a/exec.c
|
|
||||||
+++ b/exec.c
|
|
||||||
@@ -65,6 +65,9 @@
|
|
||||||
#undef DEBUG_TB_CHECK
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+/* Quick hack to enable KSM support */
|
|
||||||
+#define MADV_MERGEABLE 12 /* KSM may merge identical pages */
|
|
||||||
+
|
|
||||||
#define SMC_BITMAP_USE_THRESHOLD 10
|
|
||||||
|
|
||||||
#if defined(TARGET_SPARC64)
|
|
||||||
@@ -2579,6 +2582,9 @@ ram_addr_t qemu_ram_alloc(ram_addr_t size)
|
|
||||||
new_block->host = file_ram_alloc(size, mem_path);
|
|
||||||
if (!new_block->host) {
|
|
||||||
new_block->host = qemu_vmalloc(size);
|
|
||||||
+#ifdef MADV_MERGEABLE
|
|
||||||
+ madvise(new_block->host, size, MADV_MERGEABLE);
|
|
||||||
+#endif
|
|
||||||
}
|
|
||||||
new_block->offset = last_ram_offset;
|
|
||||||
new_block->length = size;
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,37 +0,0 @@
|
|||||||
From 8ab0d97572264051176ff45171484fa463d1287f Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Date: Fri, 4 Sep 2009 11:24:03 +0100
|
|
||||||
Subject: [PATCH] Allow pulseaudio backend to be the default
|
|
||||||
|
|
||||||
We're seeing various issues with the SDL audio backend and want to
|
|
||||||
switch to the pulseaudio backend. See e.g.
|
|
||||||
|
|
||||||
https://bugzilla.redhat.com/495964
|
|
||||||
https://bugzilla.redhat.com/519540
|
|
||||||
https://bugzilla.redhat.com/496627
|
|
||||||
|
|
||||||
The pulseaudio backend seems to work well, so we should allow it to be
|
|
||||||
selected as the default.
|
|
||||||
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-allow-pulseaudio-to-be-the-default.patch
|
|
||||||
---
|
|
||||||
audio/paaudio.c | 2 +-
|
|
||||||
1 files changed, 1 insertions(+), 1 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/audio/paaudio.c b/audio/paaudio.c
|
|
||||||
index a50fccc..547e252 100644
|
|
||||||
--- a/audio/paaudio.c
|
|
||||||
+++ b/audio/paaudio.c
|
|
||||||
@@ -507,7 +507,7 @@ struct audio_driver pa_audio_driver = {
|
|
||||||
INIT_FIELD (init = ) qpa_audio_init,
|
|
||||||
INIT_FIELD (fini = ) qpa_audio_fini,
|
|
||||||
INIT_FIELD (pcm_ops = ) &qpa_pcm_ops,
|
|
||||||
- INIT_FIELD (can_be_default = ) 0,
|
|
||||||
+ INIT_FIELD (can_be_default = ) 1,
|
|
||||||
INIT_FIELD (max_voices_out = ) INT_MAX,
|
|
||||||
INIT_FIELD (max_voices_in = ) INT_MAX,
|
|
||||||
INIT_FIELD (voice_size_out = ) sizeof (PAVoiceOut),
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,81 +0,0 @@
|
|||||||
From b5c99e96655e8dc938f801e1ac0dbdf2d6dfba37 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Glauber Costa <glommer@redhat.com>
|
|
||||||
Date: Wed, 24 Jun 2009 14:31:41 +0100
|
|
||||||
Subject: [PATCH] compute checksum for roms bigger than a segment
|
|
||||||
|
|
||||||
Some option roms (e1000 provided by gpxe project as an example)
|
|
||||||
are bigger than a segment. The current algorithm to compute the
|
|
||||||
checksum fails in such case. To proper compute the checksum, this
|
|
||||||
patch deals with the possibility of the rom's size crossing a
|
|
||||||
segment border.
|
|
||||||
|
|
||||||
We don't need to worry about it crossing more than one segment
|
|
||||||
border, since the option roms format only save one byte to store
|
|
||||||
the image size (thus, maximum size = 0xff = 128k = 2 segments)
|
|
||||||
|
|
||||||
[ including improvements suggested by malc ]
|
|
||||||
|
|
||||||
Signed-off-by: Glauber Costa <glommer@redhat.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-bios-bigger-roms.patch
|
|
||||||
---
|
|
||||||
kvm/bios/rombios.c | 33 +++++++++++++++++++++++++++------
|
|
||||||
1 files changed, 27 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/kvm/bios/rombios.c b/kvm/bios/rombios.c
|
|
||||||
index 6e1d446..8a96d8e 100644
|
|
||||||
--- a/kvm/bios/rombios.c
|
|
||||||
+++ b/kvm/bios/rombios.c
|
|
||||||
@@ -10189,22 +10189,43 @@ no_serial:
|
|
||||||
ret
|
|
||||||
|
|
||||||
rom_checksum:
|
|
||||||
- push ax
|
|
||||||
- push bx
|
|
||||||
- push cx
|
|
||||||
+ pusha
|
|
||||||
+ push ds
|
|
||||||
+
|
|
||||||
xor ax, ax
|
|
||||||
xor bx, bx
|
|
||||||
xor cx, cx
|
|
||||||
+ xor dx, dx
|
|
||||||
+
|
|
||||||
mov ch, [2]
|
|
||||||
shl cx, #1
|
|
||||||
+
|
|
||||||
+ jnc checksum_loop
|
|
||||||
+ xchg dx, cx
|
|
||||||
+ dec cx
|
|
||||||
+
|
|
||||||
checksum_loop:
|
|
||||||
add al, [bx]
|
|
||||||
inc bx
|
|
||||||
loop checksum_loop
|
|
||||||
+
|
|
||||||
+ test dx, dx
|
|
||||||
+ je checksum_out
|
|
||||||
+
|
|
||||||
+ add al, [bx]
|
|
||||||
+ mov cx, dx
|
|
||||||
+ mov dx, ds
|
|
||||||
+ add dh, #0x10
|
|
||||||
+ mov ds, dx
|
|
||||||
+ xor dx, dx
|
|
||||||
+ xor bx, bx
|
|
||||||
+
|
|
||||||
+ jmp checksum_loop
|
|
||||||
+
|
|
||||||
+checksum_out:
|
|
||||||
and al, #0xff
|
|
||||||
- pop cx
|
|
||||||
- pop bx
|
|
||||||
- pop ax
|
|
||||||
+ pop ds
|
|
||||||
+ popa
|
|
||||||
ret
|
|
||||||
|
|
||||||
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,118 +0,0 @@
|
|||||||
From 3675a0dde74f890404f392e194f1adc6b24285f7 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Glauber Costa <glommer@redhat.com>
|
|
||||||
Date: Wed, 23 Sep 2009 09:49:43 +0100
|
|
||||||
Subject: [PATCH] Correctly free nd structure
|
|
||||||
|
|
||||||
When we "free" a NICInfo structure, we can leak pointers, since we don't do
|
|
||||||
much more than setting used = 0.
|
|
||||||
|
|
||||||
We free() the model parameter, but we don't set it to NULL. This means that
|
|
||||||
a new user of this structure will see garbage in there. It was not noticed
|
|
||||||
before because reusing a NICInfo is not that common, but it can be, for
|
|
||||||
users of device pci hotplug.
|
|
||||||
|
|
||||||
A user hit it, described at https://bugzilla.redhat.com/524022
|
|
||||||
|
|
||||||
This patch memset's the whole structure, guaranteeing that anyone reusing it
|
|
||||||
will see a fresh NICinfo. Also, we free some other strings that are currently
|
|
||||||
leaking.
|
|
||||||
|
|
||||||
This codebase is quite old, so this patch should feed all stable trees.
|
|
||||||
|
|
||||||
Signed-off-by: Glauber Costa <glommer@redhat.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-correctly-free-nic-info-structure.patch
|
|
||||||
---
|
|
||||||
net.c | 16 +++++++++++-----
|
|
||||||
net.h | 8 ++++----
|
|
||||||
vl.c | 2 +-
|
|
||||||
3 files changed, 16 insertions(+), 10 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/net.c b/net.c
|
|
||||||
index a1c1111..da2f428 100644
|
|
||||||
--- a/net.c
|
|
||||||
+++ b/net.c
|
|
||||||
@@ -2559,7 +2559,7 @@ void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
|
|
||||||
int i, exit_status = 0;
|
|
||||||
|
|
||||||
if (!nd->model)
|
|
||||||
- nd->model = strdup(default_model);
|
|
||||||
+ nd->model = qemu_strdup(default_model);
|
|
||||||
|
|
||||||
if (strcmp(nd->model, "?") != 0) {
|
|
||||||
for (i = 0 ; models[i]; i++)
|
|
||||||
@@ -2629,6 +2629,7 @@ int net_client_init(Monitor *mon, const char *device, const char *p)
|
|
||||||
goto out;
|
|
||||||
}
|
|
||||||
nd = &nd_table[idx];
|
|
||||||
+ memset(nd, 0, sizeof(*nd));
|
|
||||||
macaddr = nd->macaddr;
|
|
||||||
macaddr[0] = 0x52;
|
|
||||||
macaddr[1] = 0x54;
|
|
||||||
@@ -2645,13 +2646,13 @@ int net_client_init(Monitor *mon, const char *device, const char *p)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (get_param_value(buf, sizeof(buf), "model", p)) {
|
|
||||||
- nd->model = strdup(buf);
|
|
||||||
+ nd->model = qemu_strdup(buf);
|
|
||||||
}
|
|
||||||
if (get_param_value(buf, sizeof(buf), "addr", p)) {
|
|
||||||
- nd->devaddr = strdup(buf);
|
|
||||||
+ nd->devaddr = qemu_strdup(buf);
|
|
||||||
}
|
|
||||||
if (get_param_value(buf, sizeof(buf), "id", p)) {
|
|
||||||
- nd->id = strdup(buf);
|
|
||||||
+ nd->id = qemu_strdup(buf);
|
|
||||||
}
|
|
||||||
nd->nvectors = NIC_NVECTORS_UNSPECIFIED;
|
|
||||||
if (get_param_value(buf, sizeof(buf), "vectors", p)) {
|
|
||||||
@@ -2998,8 +2999,13 @@ void net_client_uninit(NICInfo *nd)
|
|
||||||
{
|
|
||||||
nd->vlan->nb_guest_devs--;
|
|
||||||
nb_nics--;
|
|
||||||
+
|
|
||||||
+ qemu_free(nd->model);
|
|
||||||
+ qemu_free(nd->name);
|
|
||||||
+ qemu_free(nd->devaddr);
|
|
||||||
+ qemu_free(nd->id);
|
|
||||||
+
|
|
||||||
nd->used = 0;
|
|
||||||
- free((void *)nd->model);
|
|
||||||
}
|
|
||||||
|
|
||||||
static int net_host_check_device(const char *device)
|
|
||||||
diff --git a/net.h b/net.h
|
|
||||||
index 57ab031..94db0d7 100644
|
|
||||||
--- a/net.h
|
|
||||||
+++ b/net.h
|
|
||||||
@@ -101,10 +101,10 @@ enum {
|
|
||||||
|
|
||||||
struct NICInfo {
|
|
||||||
uint8_t macaddr[6];
|
|
||||||
- const char *model;
|
|
||||||
- const char *name;
|
|
||||||
- const char *devaddr;
|
|
||||||
- const char *id;
|
|
||||||
+ char *model;
|
|
||||||
+ char *name;
|
|
||||||
+ char *devaddr;
|
|
||||||
+ char *id;
|
|
||||||
VLANState *vlan;
|
|
||||||
VLANClientState *vc;
|
|
||||||
void *private;
|
|
||||||
diff --git a/vl.c b/vl.c
|
|
||||||
index 26bced8..d7c7ab1 100644
|
|
||||||
--- a/vl.c
|
|
||||||
+++ b/vl.c
|
|
||||||
@@ -2594,7 +2594,7 @@ static int usb_device_add(const char *devname, int is_hotplug)
|
|
||||||
|
|
||||||
if (net_client_init(NULL, "nic", p) < 0)
|
|
||||||
return -1;
|
|
||||||
- nd_table[nic].model = "usb";
|
|
||||||
+ nd_table[nic].model = qemu_strdup("usb");
|
|
||||||
dev = usb_net_init(&nd_table[nic]);
|
|
||||||
} else if (!strcmp(devname, "bt") || strstart(devname, "bt:", &p)) {
|
|
||||||
dev = usb_bt_init(devname[2] ? hci_init(p) :
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,31 +0,0 @@
|
|||||||
From ef41d27fae62bbb71f3af60488b455582ee92625 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Date: Wed, 4 Nov 2009 12:29:35 -0500
|
|
||||||
Subject: [PATCH] Disable preadv/pwritev support
|
|
||||||
|
|
||||||
Workaround for a data corruptor issue on 32 bit hosts:
|
|
||||||
|
|
||||||
https://bugzilla.redhat.com/526549
|
|
||||||
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-disable-preadv-support.patch
|
|
||||||
---
|
|
||||||
posix-aio-compat.c | 2 +-
|
|
||||||
1 files changed, 1 insertions(+), 1 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/posix-aio-compat.c b/posix-aio-compat.c
|
|
||||||
index e9fc9fa..b116933 100644
|
|
||||||
--- a/posix-aio-compat.c
|
|
||||||
+++ b/posix-aio-compat.c
|
|
||||||
@@ -34,7 +34,7 @@ static int idle_threads = 0;
|
|
||||||
static TAILQ_HEAD(, qemu_paiocb) request_list;
|
|
||||||
|
|
||||||
#ifdef HAVE_PREADV
|
|
||||||
-static int preadv_present = 1;
|
|
||||||
+static int preadv_present = 0;
|
|
||||||
#else
|
|
||||||
static int preadv_present = 0;
|
|
||||||
#endif
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,100 +0,0 @@
|
|||||||
From 0ce1af6e7d4b1e2ffa4dedf6d415c4d86a1af490 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Markus Armbruster <armbru@redhat.com>
|
|
||||||
Date: Fri, 25 Sep 2009 03:53:50 +0200
|
|
||||||
Subject: [PATCH] Make it obvious that pci_nic_init() can't fail
|
|
||||||
|
|
||||||
Before this patch, pci_nic_init() returns NULL when it can't find the
|
|
||||||
model in pci_nic_models[]. Except this can't happen, because
|
|
||||||
qemu_check_nic_model_list() just searched for model in
|
|
||||||
pci_nic_models[], and terminated the program on failure.
|
|
||||||
|
|
||||||
Repeating the search here is pointless. Instead, change
|
|
||||||
qemu_check_nic_model_list() to return the model's array index.
|
|
||||||
|
|
||||||
Signed-off-by: Markus Armbruster <armbru@redhat.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com
|
|
||||||
Fedora-patch: qemu-do-not-exit-on-pci-hotplug-invalid-nic1.patch
|
|
||||||
---
|
|
||||||
hw/pci.c | 25 +++++++++----------------
|
|
||||||
net.c | 6 +++---
|
|
||||||
net.h | 4 ++--
|
|
||||||
3 files changed, 14 insertions(+), 21 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/hw/pci.c b/hw/pci.c
|
|
||||||
index a575d4a..eb990f9 100644
|
|
||||||
--- a/hw/pci.c
|
|
||||||
+++ b/hw/pci.c
|
|
||||||
@@ -937,22 +937,15 @@ PCIDevice *pci_nic_init(NICInfo *nd, const char *default_model,
|
|
||||||
DeviceState *dev;
|
|
||||||
int i;
|
|
||||||
|
|
||||||
- qemu_check_nic_model_list(nd, pci_nic_models, default_model);
|
|
||||||
-
|
|
||||||
- for (i = 0; pci_nic_models[i]; i++) {
|
|
||||||
- if (strcmp(nd->model, pci_nic_models[i]) == 0) {
|
|
||||||
- pci_dev = pci_create(pci_nic_names[i], devaddr);
|
|
||||||
- dev = &pci_dev->qdev;
|
|
||||||
- if (nd->id)
|
|
||||||
- dev->id = qemu_strdup(nd->id);
|
|
||||||
- dev->nd = nd;
|
|
||||||
- qdev_init(dev);
|
|
||||||
- nd->private = dev;
|
|
||||||
- return pci_dev;
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- return NULL;
|
|
||||||
+ i = qemu_check_nic_model_list(nd, pci_nic_models, default_model);
|
|
||||||
+ pci_dev = pci_create(pci_nic_names[i], devaddr);
|
|
||||||
+ dev = &pci_dev->qdev;
|
|
||||||
+ if (nd->id)
|
|
||||||
+ dev->id = qemu_strdup(nd->id);
|
|
||||||
+ dev->nd = nd;
|
|
||||||
+ qdev_init(dev);
|
|
||||||
+ nd->private = dev;
|
|
||||||
+ return pci_dev;
|
|
||||||
}
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
diff --git a/net.c b/net.c
|
|
||||||
index da2f428..047e72e 100644
|
|
||||||
--- a/net.c
|
|
||||||
+++ b/net.c
|
|
||||||
@@ -2553,8 +2553,8 @@ void qemu_check_nic_model(NICInfo *nd, const char *model)
|
|
||||||
qemu_check_nic_model_list(nd, models, model);
|
|
||||||
}
|
|
||||||
|
|
||||||
-void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
|
|
||||||
- const char *default_model)
|
|
||||||
+int qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
|
|
||||||
+ const char *default_model)
|
|
||||||
{
|
|
||||||
int i, exit_status = 0;
|
|
||||||
|
|
||||||
@@ -2564,7 +2564,7 @@ void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
|
|
||||||
if (strcmp(nd->model, "?") != 0) {
|
|
||||||
for (i = 0 ; models[i]; i++)
|
|
||||||
if (strcmp(nd->model, models[i]) == 0)
|
|
||||||
- return;
|
|
||||||
+ return i;
|
|
||||||
|
|
||||||
fprintf(stderr, "qemu: Unsupported NIC model: %s\n", nd->model);
|
|
||||||
exit_status = 1;
|
|
||||||
diff --git a/net.h b/net.h
|
|
||||||
index 94db0d7..9662988 100644
|
|
||||||
--- a/net.h
|
|
||||||
+++ b/net.h
|
|
||||||
@@ -80,8 +80,8 @@ void qemu_purge_queued_packets(VLANClientState *vc);
|
|
||||||
void qemu_flush_queued_packets(VLANClientState *vc);
|
|
||||||
void qemu_format_nic_info_str(VLANClientState *vc, uint8_t macaddr[6]);
|
|
||||||
void qemu_check_nic_model(NICInfo *nd, const char *model);
|
|
||||||
-void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
|
|
||||||
- const char *default_model);
|
|
||||||
+int qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
|
|
||||||
+ const char *default_model);
|
|
||||||
void qemu_handler_true(void *opaque);
|
|
||||||
|
|
||||||
void do_info_network(Monitor *mon);
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,324 +0,0 @@
|
|||||||
From 0ba615f4e6ecf13839b7688c762961aa1d092504 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Markus Armbruster <armbru@redhat.com>
|
|
||||||
Date: Fri, 25 Sep 2009 03:53:51 +0200
|
|
||||||
Subject: [PATCH] Fix pci_add nic not to exit on bad model
|
|
||||||
|
|
||||||
Monitor command "pci_add ADDR nic model=MODEL" uses pci_nic_init() to
|
|
||||||
create the NIC. When MODEL is unknown or "?", this prints to stderr
|
|
||||||
and terminates the program.
|
|
||||||
|
|
||||||
Change pci_nic_init() not to treat "?" specially, and to return NULL
|
|
||||||
on failure. Switch uses during startup to new convenience wrapper
|
|
||||||
pci_nic_init_nofail(), which behaves just like pci_nic_init() used to
|
|
||||||
do.
|
|
||||||
|
|
||||||
[markmc:
|
|
||||||
|
|
||||||
- rebase to stable-0.11
|
|
||||||
- drop qemu_error() usage
|
|
||||||
- go back to pci_create() in pci_nic_init
|
|
||||||
- qdev_init() doesn't have an error return
|
|
||||||
]
|
|
||||||
|
|
||||||
Signed-off-by: Markus Armbruster <armbru@redhat.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-do-not-exit-on-pci-hotplug-invalid-nic2.patch
|
|
||||||
---
|
|
||||||
hw/mips_malta.c | 2 +-
|
|
||||||
hw/pc.c | 2 +-
|
|
||||||
hw/pci.c | 19 ++++++++++++++++++-
|
|
||||||
hw/pci.h | 2 ++
|
|
||||||
hw/ppc440_bamboo.c | 2 +-
|
|
||||||
hw/ppc_newworld.c | 2 +-
|
|
||||||
hw/ppc_oldworld.c | 2 +-
|
|
||||||
hw/ppc_prep.c | 2 +-
|
|
||||||
hw/ppce500_mpc8544ds.c | 2 +-
|
|
||||||
hw/r2d.c | 2 +-
|
|
||||||
hw/realview.c | 2 +-
|
|
||||||
hw/sun4u.c | 2 +-
|
|
||||||
hw/versatilepb.c | 2 +-
|
|
||||||
net.c | 41 +++++++++++++++++++++++++----------------
|
|
||||||
net.h | 5 +++--
|
|
||||||
15 files changed, 59 insertions(+), 30 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/hw/mips_malta.c b/hw/mips_malta.c
|
|
||||||
index 7728e58..ed86d4b 100644
|
|
||||||
--- a/hw/mips_malta.c
|
|
||||||
+++ b/hw/mips_malta.c
|
|
||||||
@@ -486,7 +486,7 @@ static void network_init(void)
|
|
||||||
/* The malta board has a PCNet card using PCI SLOT 11 */
|
|
||||||
default_devaddr = "0b";
|
|
||||||
|
|
||||||
- pci_nic_init(nd, "pcnet", default_devaddr);
|
|
||||||
+ pci_nic_init_nofail(nd, "pcnet", default_devaddr);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/hw/pc.c b/hw/pc.c
|
|
||||||
index bcd2989..3b226f4 100644
|
|
||||||
--- a/hw/pc.c
|
|
||||||
+++ b/hw/pc.c
|
|
||||||
@@ -1360,7 +1360,7 @@ static void pc_init1(ram_addr_t ram_size,
|
|
||||||
if (!pci_enabled || (nd->model && strcmp(nd->model, "ne2k_isa") == 0))
|
|
||||||
pc_init_ne2k_isa(nd, i8259);
|
|
||||||
else
|
|
||||||
- pci_nic_init(nd, "rtl8139", NULL);
|
|
||||||
+ pci_nic_init_nofail(nd, "rtl8139", NULL);
|
|
||||||
}
|
|
||||||
|
|
||||||
piix4_acpi_system_hot_add_init(cpu_model);
|
|
||||||
diff --git a/hw/pci.c b/hw/pci.c
|
|
||||||
index eb990f9..9bcf49d 100644
|
|
||||||
--- a/hw/pci.c
|
|
||||||
+++ b/hw/pci.c
|
|
||||||
@@ -937,7 +937,10 @@ PCIDevice *pci_nic_init(NICInfo *nd, const char *default_model,
|
|
||||||
DeviceState *dev;
|
|
||||||
int i;
|
|
||||||
|
|
||||||
- i = qemu_check_nic_model_list(nd, pci_nic_models, default_model);
|
|
||||||
+ i = qemu_find_nic_model(nd, pci_nic_models, default_model);
|
|
||||||
+ if (i < 0)
|
|
||||||
+ return NULL;
|
|
||||||
+
|
|
||||||
pci_dev = pci_create(pci_nic_names[i], devaddr);
|
|
||||||
dev = &pci_dev->qdev;
|
|
||||||
if (nd->id)
|
|
||||||
@@ -948,6 +951,20 @@ PCIDevice *pci_nic_init(NICInfo *nd, const char *default_model,
|
|
||||||
return pci_dev;
|
|
||||||
}
|
|
||||||
|
|
||||||
+PCIDevice *pci_nic_init_nofail(NICInfo *nd, const char *default_model,
|
|
||||||
+ const char *default_devaddr)
|
|
||||||
+{
|
|
||||||
+ PCIDevice *res;
|
|
||||||
+
|
|
||||||
+ if (qemu_show_nic_models(nd->model, pci_nic_models))
|
|
||||||
+ exit(0);
|
|
||||||
+
|
|
||||||
+ res = pci_nic_init(nd, default_model, default_devaddr);
|
|
||||||
+ if (!res)
|
|
||||||
+ exit(1);
|
|
||||||
+ return res;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
typedef struct {
|
|
||||||
PCIDevice dev;
|
|
||||||
PCIBus *bus;
|
|
||||||
diff --git a/hw/pci.h b/hw/pci.h
|
|
||||||
index 7ca3ba9..18a05f5 100644
|
|
||||||
--- a/hw/pci.h
|
|
||||||
+++ b/hw/pci.h
|
|
||||||
@@ -291,6 +291,8 @@ PCIBus *pci_register_bus(DeviceState *parent, const char *name,
|
|
||||||
|
|
||||||
PCIDevice *pci_nic_init(NICInfo *nd, const char *default_model,
|
|
||||||
const char *default_devaddr);
|
|
||||||
+PCIDevice *pci_nic_init_nofail(NICInfo *nd, const char *default_model,
|
|
||||||
+ const char *default_devaddr);
|
|
||||||
void pci_data_write(void *opaque, uint32_t addr, uint32_t val, int len);
|
|
||||||
uint32_t pci_data_read(void *opaque, uint32_t addr, int len);
|
|
||||||
int pci_bus_num(PCIBus *s);
|
|
||||||
diff --git a/hw/ppc440_bamboo.c b/hw/ppc440_bamboo.c
|
|
||||||
index c74aa2f..9f22623 100644
|
|
||||||
--- a/hw/ppc440_bamboo.c
|
|
||||||
+++ b/hw/ppc440_bamboo.c
|
|
||||||
@@ -128,7 +128,7 @@ static void bamboo_init(ram_addr_t ram_size,
|
|
||||||
for (i = 0; i < nb_nics; i++) {
|
|
||||||
/* There are no PCI NICs on the Bamboo board, but there are
|
|
||||||
* PCI slots, so we can pick whatever default model we want. */
|
|
||||||
- pci_nic_init(&nd_table[i], "e1000", NULL);
|
|
||||||
+ pci_nic_init_nofail(&nd_table[i], "e1000", NULL);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/hw/ppc_newworld.c b/hw/ppc_newworld.c
|
|
||||||
index 45480ea..5fa9e82 100644
|
|
||||||
--- a/hw/ppc_newworld.c
|
|
||||||
+++ b/hw/ppc_newworld.c
|
|
||||||
@@ -304,7 +304,7 @@ static void ppc_core99_init (ram_addr_t ram_size,
|
|
||||||
serial_hds[0], serial_hds[1], ESCC_CLOCK, 4);
|
|
||||||
|
|
||||||
for(i = 0; i < nb_nics; i++)
|
|
||||||
- pci_nic_init(&nd_table[i], "ne2k_pci", NULL);
|
|
||||||
+ pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
|
|
||||||
|
|
||||||
if (drive_get_max_bus(IF_IDE) >= MAX_IDE_BUS) {
|
|
||||||
fprintf(stderr, "qemu: too many IDE bus\n");
|
|
||||||
diff --git a/hw/ppc_oldworld.c b/hw/ppc_oldworld.c
|
|
||||||
index 5c745a0..49c8a00 100644
|
|
||||||
--- a/hw/ppc_oldworld.c
|
|
||||||
+++ b/hw/ppc_oldworld.c
|
|
||||||
@@ -315,7 +315,7 @@ static void ppc_heathrow_init (ram_addr_t ram_size,
|
|
||||||
serial_hds[1], ESCC_CLOCK, 4);
|
|
||||||
|
|
||||||
for(i = 0; i < nb_nics; i++)
|
|
||||||
- pci_nic_init(&nd_table[i], "ne2k_pci", NULL);
|
|
||||||
+ pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
|
|
||||||
|
|
||||||
|
|
||||||
if (drive_get_max_bus(IF_IDE) >= MAX_IDE_BUS) {
|
|
||||||
diff --git a/hw/ppc_prep.c b/hw/ppc_prep.c
|
|
||||||
index 7a21977..a8f0002 100644
|
|
||||||
--- a/hw/ppc_prep.c
|
|
||||||
+++ b/hw/ppc_prep.c
|
|
||||||
@@ -681,7 +681,7 @@ static void ppc_prep_init (ram_addr_t ram_size,
|
|
||||||
if (strcmp(nd_table[i].model, "ne2k_isa") == 0) {
|
|
||||||
isa_ne2000_init(ne2000_io[i], i8259[ne2000_irq[i]], &nd_table[i]);
|
|
||||||
} else {
|
|
||||||
- pci_nic_init(&nd_table[i], "ne2k_pci", NULL);
|
|
||||||
+ pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
|
|
||||||
index db52cdd..5f2b526 100644
|
|
||||||
--- a/hw/ppce500_mpc8544ds.c
|
|
||||||
+++ b/hw/ppce500_mpc8544ds.c
|
|
||||||
@@ -228,7 +228,7 @@ static void mpc8544ds_init(ram_addr_t ram_size,
|
|
||||||
|
|
||||||
/* Register network interfaces. */
|
|
||||||
for (i = 0; i < nb_nics; i++) {
|
|
||||||
- pci_nic_init(&nd_table[i], "virtio", NULL);
|
|
||||||
+ pci_nic_init_nofail(&nd_table[i], "virtio", NULL);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/hw/r2d.c b/hw/r2d.c
|
|
||||||
index 8ce6832..af229d4 100644
|
|
||||||
--- a/hw/r2d.c
|
|
||||||
+++ b/hw/r2d.c
|
|
||||||
@@ -231,7 +231,7 @@ static void r2d_init(ram_addr_t ram_size,
|
|
||||||
|
|
||||||
/* NIC: rtl8139 on-board, and 2 slots. */
|
|
||||||
for (i = 0; i < nb_nics; i++)
|
|
||||||
- pci_nic_init(&nd_table[i], "rtl8139", i==0 ? "2" : NULL);
|
|
||||||
+ pci_nic_init_nofail(&nd_table[i], "rtl8139", i==0 ? "2" : NULL);
|
|
||||||
|
|
||||||
/* Todo: register on board registers */
|
|
||||||
if (kernel_filename) {
|
|
||||||
diff --git a/hw/realview.c b/hw/realview.c
|
|
||||||
index 8e176b9..70c129b 100644
|
|
||||||
--- a/hw/realview.c
|
|
||||||
+++ b/hw/realview.c
|
|
||||||
@@ -125,7 +125,7 @@ static void realview_init(ram_addr_t ram_size,
|
|
||||||
smc91c111_init(nd, 0x4e000000, pic[28]);
|
|
||||||
done_smc = 1;
|
|
||||||
} else {
|
|
||||||
- pci_nic_init(nd, "rtl8139", NULL);
|
|
||||||
+ pci_nic_init_nofail(nd, "rtl8139", NULL);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/hw/sun4u.c b/hw/sun4u.c
|
|
||||||
index 9d2a7f5..9fb5dcd 100644
|
|
||||||
--- a/hw/sun4u.c
|
|
||||||
+++ b/hw/sun4u.c
|
|
||||||
@@ -497,7 +497,7 @@ static void sun4uv_init(ram_addr_t RAM_size,
|
|
||||||
}
|
|
||||||
|
|
||||||
for(i = 0; i < nb_nics; i++)
|
|
||||||
- pci_nic_init(&nd_table[i], "ne2k_pci", NULL);
|
|
||||||
+ pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
|
|
||||||
|
|
||||||
if (drive_get_max_bus(IF_IDE) >= MAX_IDE_BUS) {
|
|
||||||
fprintf(stderr, "qemu: too many IDE bus\n");
|
|
||||||
diff --git a/hw/versatilepb.c b/hw/versatilepb.c
|
|
||||||
index 3371121..8e06c31 100644
|
|
||||||
--- a/hw/versatilepb.c
|
|
||||||
+++ b/hw/versatilepb.c
|
|
||||||
@@ -212,7 +212,7 @@ static void versatile_init(ram_addr_t ram_size,
|
|
||||||
smc91c111_init(nd, 0x10010000, sic[25]);
|
|
||||||
done_smc = 1;
|
|
||||||
} else {
|
|
||||||
- pci_nic_init(nd, "rtl8139", NULL);
|
|
||||||
+ pci_nic_init_nofail(nd, "rtl8139", NULL);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (usb_enabled) {
|
|
||||||
diff --git a/net.c b/net.c
|
|
||||||
index 047e72e..3572c48 100644
|
|
||||||
--- a/net.c
|
|
||||||
+++ b/net.c
|
|
||||||
@@ -2543,6 +2543,19 @@ static int nic_get_free_idx(void)
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
+int qemu_show_nic_models(const char *arg, const char *const *models)
|
|
||||||
+{
|
|
||||||
+ int i;
|
|
||||||
+
|
|
||||||
+ if (!arg || strcmp(arg, "?"))
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
+ fprintf(stderr, "qemu: Supported NIC models: ");
|
|
||||||
+ for (i = 0 ; models[i]; i++)
|
|
||||||
+ fprintf(stderr, "%s%c", models[i], models[i+1] ? ',' : '\n');
|
|
||||||
+ return 1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
void qemu_check_nic_model(NICInfo *nd, const char *model)
|
|
||||||
{
|
|
||||||
const char *models[2];
|
|
||||||
@@ -2550,31 +2563,27 @@ void qemu_check_nic_model(NICInfo *nd, const char *model)
|
|
||||||
models[0] = model;
|
|
||||||
models[1] = NULL;
|
|
||||||
|
|
||||||
- qemu_check_nic_model_list(nd, models, model);
|
|
||||||
+ if (qemu_show_nic_models(nd->model, models))
|
|
||||||
+ exit(0);
|
|
||||||
+ if (qemu_find_nic_model(nd, models, model) < 0)
|
|
||||||
+ exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
-int qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
|
|
||||||
- const char *default_model)
|
|
||||||
+int qemu_find_nic_model(NICInfo *nd, const char * const *models,
|
|
||||||
+ const char *default_model)
|
|
||||||
{
|
|
||||||
- int i, exit_status = 0;
|
|
||||||
+ int i;
|
|
||||||
|
|
||||||
if (!nd->model)
|
|
||||||
nd->model = qemu_strdup(default_model);
|
|
||||||
|
|
||||||
- if (strcmp(nd->model, "?") != 0) {
|
|
||||||
- for (i = 0 ; models[i]; i++)
|
|
||||||
- if (strcmp(nd->model, models[i]) == 0)
|
|
||||||
- return i;
|
|
||||||
-
|
|
||||||
- fprintf(stderr, "qemu: Unsupported NIC model: %s\n", nd->model);
|
|
||||||
- exit_status = 1;
|
|
||||||
+ for (i = 0 ; models[i]; i++) {
|
|
||||||
+ if (strcmp(nd->model, models[i]) == 0)
|
|
||||||
+ return i;
|
|
||||||
}
|
|
||||||
|
|
||||||
- fprintf(stderr, "qemu: Supported NIC models: ");
|
|
||||||
- for (i = 0 ; models[i]; i++)
|
|
||||||
- fprintf(stderr, "%s%c", models[i], models[i+1] ? ',' : '\n');
|
|
||||||
-
|
|
||||||
- exit(exit_status);
|
|
||||||
+ fprintf(stderr, "qemu: Unsupported NIC model: %s\n", nd->model);
|
|
||||||
+ return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int net_handle_fd_param(Monitor *mon, const char *param)
|
|
||||||
diff --git a/net.h b/net.h
|
|
||||||
index 9662988..07b4c9a 100644
|
|
||||||
--- a/net.h
|
|
||||||
+++ b/net.h
|
|
||||||
@@ -79,9 +79,10 @@ ssize_t qemu_send_packet_async(VLANClientState *vc, const uint8_t *buf,
|
|
||||||
void qemu_purge_queued_packets(VLANClientState *vc);
|
|
||||||
void qemu_flush_queued_packets(VLANClientState *vc);
|
|
||||||
void qemu_format_nic_info_str(VLANClientState *vc, uint8_t macaddr[6]);
|
|
||||||
+int qemu_show_nic_models(const char *arg, const char *const *models);
|
|
||||||
void qemu_check_nic_model(NICInfo *nd, const char *model);
|
|
||||||
-int qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
|
|
||||||
- const char *default_model);
|
|
||||||
+int qemu_find_nic_model(NICInfo *nd, const char * const *models,
|
|
||||||
+ const char *default_model);
|
|
||||||
void qemu_handler_true(void *opaque);
|
|
||||||
|
|
||||||
void do_info_network(Monitor *mon);
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,88 +0,0 @@
|
|||||||
From 2e7c7b6cb25603e2fa40990da86d03a57b2616bd Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Date: Thu, 29 Oct 2009 11:34:17 +0000
|
|
||||||
Subject: [PATCH] net: disable draining tap queue in one go
|
|
||||||
|
|
||||||
If qemu_send_packet_async() returns zero, it means the packet has been
|
|
||||||
queued and the sent callback will be invoked once it has been flushed.
|
|
||||||
|
|
||||||
This is only possible where the NIC's receive() handler returns zero
|
|
||||||
and promises to notify the networking core that room is available in its
|
|
||||||
queue again.
|
|
||||||
|
|
||||||
In the case where the receive handler does not have this capability
|
|
||||||
(and its queue fills up) it returns -1 and the networking core does not
|
|
||||||
queue up the packet. This condition is indicated by a -1 return from
|
|
||||||
qemu_send_packet_async().
|
|
||||||
|
|
||||||
Currently, tap handles this condition simply by dropping the packet. It
|
|
||||||
should do its best to avoid getting into this situation by checking such
|
|
||||||
NIC's have room for a packet before copying the packet from the tap
|
|
||||||
interface.
|
|
||||||
|
|
||||||
tap_send() used to achieve this by only reading a single packet before
|
|
||||||
returning to the mainloop. That way, tap_can_send() is called before
|
|
||||||
reading each packet.
|
|
||||||
|
|
||||||
tap_send() was changed to completely drain the tap interface queue
|
|
||||||
without taking into account the situation where the NIC returns an
|
|
||||||
error and the packet is not queued. Let's start fixing this by
|
|
||||||
reverting to the previous behaviour of reading one packet at a time.
|
|
||||||
|
|
||||||
Reported-by: Scott Tsai <scottt.tw@gmail.com>
|
|
||||||
Tested-by: Sven Rudolph <Sven_Rudolph@drewag.de>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
|
|
||||||
Fedora-patch: qemu-fix-dropped-packets-with-non-virtio-nics.patch
|
|
||||||
---
|
|
||||||
net.c | 29 +++++++++++++----------------
|
|
||||||
1 files changed, 13 insertions(+), 16 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/net.c b/net.c
|
|
||||||
index 3572c48..522e33c 100644
|
|
||||||
--- a/net.c
|
|
||||||
+++ b/net.c
|
|
||||||
@@ -1453,27 +1453,24 @@ static void tap_send(void *opaque)
|
|
||||||
{
|
|
||||||
TAPState *s = opaque;
|
|
||||||
int size;
|
|
||||||
+ uint8_t *buf = s->buf;
|
|
||||||
|
|
||||||
- do {
|
|
||||||
- uint8_t *buf = s->buf;
|
|
||||||
-
|
|
||||||
- size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
|
|
||||||
- if (size <= 0) {
|
|
||||||
- break;
|
|
||||||
- }
|
|
||||||
+ size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
|
|
||||||
+ if (size <= 0) {
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
#ifdef IFF_VNET_HDR
|
|
||||||
- if (s->has_vnet_hdr && !s->using_vnet_hdr) {
|
|
||||||
- buf += sizeof(struct virtio_net_hdr);
|
|
||||||
- size -= sizeof(struct virtio_net_hdr);
|
|
||||||
- }
|
|
||||||
+ if (s->has_vnet_hdr && !s->using_vnet_hdr) {
|
|
||||||
+ buf += sizeof(struct virtio_net_hdr);
|
|
||||||
+ size -= sizeof(struct virtio_net_hdr);
|
|
||||||
+ }
|
|
||||||
#endif
|
|
||||||
|
|
||||||
- size = qemu_send_packet_async(s->vc, buf, size, tap_send_completed);
|
|
||||||
- if (size == 0) {
|
|
||||||
- tap_read_poll(s, 0);
|
|
||||||
- }
|
|
||||||
- } while (size > 0);
|
|
||||||
+ size = qemu_send_packet_async(s->vc, buf, size, tap_send_completed);
|
|
||||||
+ if (size == 0) {
|
|
||||||
+ tap_read_poll(s, 0);
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef TUNSETSNDBUF
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,135 +0,0 @@
|
|||||||
From 8f4d4cb4e4e73d0533aa2cb421c14210c75f6edc Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Date: Mon, 29 Jun 2009 14:49:03 +0100
|
|
||||||
Subject: [PATCH] Fix linux-user build on ppc
|
|
||||||
|
|
||||||
kvm-87 build fails on ppc:
|
|
||||||
|
|
||||||
https://koji.fedoraproject.org/koji/getfile?taskID=1441042&name=build.log
|
|
||||||
|
|
||||||
gcc -I. -I.. -I/builddir/build/BUILD/qemu-kvm-devel-87/target-i386
|
|
||||||
-I/builddir/build/BUILD/qemu-kvm-devel-87 -MMD -MT elfload.o -MP
|
|
||||||
-DNEED_CPU_H -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
|
|
||||||
-D__user= -I/builddir/build/BUILD/qemu-kvm-devel-87/tcg
|
|
||||||
-I/builddir/build/BUILD/qemu-kvm-devel-87/tcg/ppc64
|
|
||||||
-I/builddir/build/BUILD/qemu-kvm-devel-87/fpu
|
|
||||||
-I/builddir/build/BUILD/qemu-kvm-devel-87/linux-user
|
|
||||||
-I/builddir/build/BUILD/qemu-kvm-devel-87/linux-user/i386 -O2 -g -pipe
|
|
||||||
-Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
|
|
||||||
--param=ssp-buffer-size=4 -m64 -mminimal-toc -g -fno-strict-aliasing
|
|
||||||
-O2 -Wall -Wundef -Wendif-labels -Wwrite-strings -Wmissing-prototypes
|
|
||||||
-Wstrict-prototypes -Wredundant-decls -c -o elfload.o
|
|
||||||
/builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c
|
|
||||||
/builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c:214: error: conflicting types for 'elf_greg_t'
|
|
||||||
/usr/include/asm/elf.h:123: note: previous declaration of 'elf_greg_t' was here
|
|
||||||
/builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c:220: error: conflicting types for 'elf_gregset_t'
|
|
||||||
/usr/include/asm/elf.h:124: note: previous declaration of 'elf_gregset_t' was here
|
|
||||||
In file included from /builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c:697:
|
|
||||||
../elf.h:457:1: warning: "R_PPC_NUM" redefined
|
|
||||||
In file included from /usr/include/asm/sigcontext.h:13,
|
|
||||||
from /usr/include/bits/sigcontext.h:28,
|
|
||||||
from /usr/include/signal.h:339,
|
|
||||||
from /builddir/build/BUILD/qemu-kvm-devel-87/linux-user/qemu.h:4,
|
|
||||||
from /builddir/build/BUILD/qemu-kvm-devel-87/linux-user/elfload.c:16:
|
|
||||||
/usr/include/asm/elf.h:81:1: warning: this is the location of the previous definition
|
|
||||||
|
|
||||||
Problem seems to be that signal.h is pulling in a bunch of ppc
|
|
||||||
headers which expose elf_greg_t, R_PPC_* and PPC_FEATURE_*.
|
|
||||||
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-fix-linux-user-build-on-ppc.patch
|
|
||||||
---
|
|
||||||
elf.h | 2 ++
|
|
||||||
linux-user/elfload.c | 10 ++++++++++
|
|
||||||
2 files changed, 12 insertions(+), 0 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/elf.h b/elf.h
|
|
||||||
index b042002..14f8aa1 100644
|
|
||||||
--- a/elf.h
|
|
||||||
+++ b/elf.h
|
|
||||||
@@ -454,7 +454,9 @@ typedef struct {
|
|
||||||
#define R_PPC_SECTOFF_HI 35
|
|
||||||
#define R_PPC_SECTOFF_HA 36
|
|
||||||
/* Keep this the last entry. */
|
|
||||||
+#ifndef R_PPC_NUM
|
|
||||||
#define R_PPC_NUM 37
|
|
||||||
+#endif /* R_PPC_NUM */
|
|
||||||
|
|
||||||
/* ARM specific declarations */
|
|
||||||
|
|
||||||
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
|
|
||||||
index 3a8268b..d283f73 100644
|
|
||||||
--- a/linux-user/elfload.c
|
|
||||||
+++ b/linux-user/elfload.c
|
|
||||||
@@ -134,6 +134,7 @@ static inline void init_thread(struct target_pt_regs *regs, struct image_info *i
|
|
||||||
regs->rip = infop->entry;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#ifdef FIX_BROKEN_PPC_BUILD
|
|
||||||
typedef target_ulong elf_greg_t;
|
|
||||||
typedef uint32_t target_uid_t;
|
|
||||||
typedef uint32_t target_gid_t;
|
|
||||||
@@ -179,6 +180,7 @@ static void elf_core_copy_regs(elf_gregset_t *regs, const CPUState *env)
|
|
||||||
(*regs)[25] = env->segs[R_FS].selector & 0xffff;
|
|
||||||
(*regs)[26] = env->segs[R_GS].selector & 0xffff;
|
|
||||||
}
|
|
||||||
+#endif /* FIX_BROKEN_PPC_BUILD */
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
@@ -211,6 +213,7 @@ static inline void init_thread(struct target_pt_regs *regs, struct image_info *i
|
|
||||||
regs->edx = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#ifdef FIX_BROKEN_PPC_BUILD
|
|
||||||
typedef target_ulong elf_greg_t;
|
|
||||||
typedef uint16_t target_uid_t;
|
|
||||||
typedef uint16_t target_gid_t;
|
|
||||||
@@ -246,9 +249,12 @@ static void elf_core_copy_regs(elf_gregset_t *regs, const CPUState *env)
|
|
||||||
(*regs)[15] = env->regs[R_ESP];
|
|
||||||
(*regs)[16] = env->segs[R_SS].selector & 0xffff;
|
|
||||||
}
|
|
||||||
+#endif /* FIX_BROKEN_PPC_BUILD */
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+#ifdef FIX_BROKEN_PPC_BUILD
|
|
||||||
#define USE_ELF_CORE_DUMP
|
|
||||||
+#endif /* FIX_BROKEN_PPC_BUILD */
|
|
||||||
#define ELF_EXEC_PAGESIZE 4096
|
|
||||||
|
|
||||||
#endif
|
|
||||||
@@ -286,6 +292,7 @@ static inline void init_thread(struct target_pt_regs *regs, struct image_info *i
|
|
||||||
regs->ARM_r10 = infop->start_data;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#ifdef FIX_BROKEN_PPC_BUILD
|
|
||||||
typedef uint32_t elf_greg_t;
|
|
||||||
typedef uint16_t target_uid_t;
|
|
||||||
typedef uint16_t target_gid_t;
|
|
||||||
@@ -318,6 +325,7 @@ static void elf_core_copy_regs(elf_gregset_t *regs, const CPUState *env)
|
|
||||||
}
|
|
||||||
|
|
||||||
#define USE_ELF_CORE_DUMP
|
|
||||||
+#endif /* FIX_BROKEN_PPC_BUILD */
|
|
||||||
#define ELF_EXEC_PAGESIZE 4096
|
|
||||||
|
|
||||||
enum
|
|
||||||
@@ -421,6 +429,7 @@ static inline void init_thread(struct target_pt_regs *regs, struct image_info *i
|
|
||||||
|
|
||||||
/* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP).
|
|
||||||
See arch/powerpc/include/asm/cputable.h. */
|
|
||||||
+#ifndef PPC_FEATURE_32
|
|
||||||
enum {
|
|
||||||
PPC_FEATURE_32 = 0x80000000,
|
|
||||||
PPC_FEATURE_64 = 0x40000000,
|
|
||||||
@@ -452,6 +461,7 @@ enum {
|
|
||||||
PPC_FEATURE_TRUE_LE = 0x00000002,
|
|
||||||
PPC_FEATURE_PPC_LE = 0x00000001,
|
|
||||||
};
|
|
||||||
+#endif /* !defined(PPC_FEATURE_32) */
|
|
||||||
|
|
||||||
#define ELF_HWCAP get_elf_hwcap()
|
|
||||||
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,67 +0,0 @@
|
|||||||
From 7834349cfcc68b946c0d241ffd99c598857e489b Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eduardo Habkost <ehabkost@redhat.com>
|
|
||||||
Date: Wed, 14 Oct 2009 15:02:27 -0300
|
|
||||||
Subject: [PATCH] fix MSR_COUNT for kvm_arch_save_regs()
|
|
||||||
|
|
||||||
A new register was added to the load/save list on commit
|
|
||||||
d283d5a65a2bdcc570065267be21848bd6fe3d78, but MSR_COUNT was not updated, leading
|
|
||||||
to potential stack corruption on kvm_arch_save_regs().
|
|
||||||
|
|
||||||
The following registers are saved by kvm_arch_save_regs():
|
|
||||||
|
|
||||||
1) MSR_IA32_SYSENTER_CS
|
|
||||||
2) MSR_IA32_SYSENTER_ESP
|
|
||||||
3) MSR_IA32_SYSENTER_EIP
|
|
||||||
4) MSR_STAR
|
|
||||||
5) MSR_IA32_TSC
|
|
||||||
6) MSR_VM_HSAVE_PA
|
|
||||||
7) MSR_CSTAR (x86_64 only)
|
|
||||||
8) MSR_KERNELGSBASE (x86_64 only)
|
|
||||||
9) MSR_FMASK (x86_64 only)
|
|
||||||
10) MSR_LSTAR (x86_64 only)
|
|
||||||
|
|
||||||
(cherry picked from commit e7e5448ba387adc20be1cf08411a5b526d684299)
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
||||||
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-fix-msr-count-potential-segfault.patch
|
|
||||||
---
|
|
||||||
qemu-kvm-x86.c | 6 ++++--
|
|
||||||
1 files changed, 4 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/qemu-kvm-x86.c b/qemu-kvm-x86.c
|
|
||||||
index 492dbc5..d5436b6 100644
|
|
||||||
--- a/qemu-kvm-x86.c
|
|
||||||
+++ b/qemu-kvm-x86.c
|
|
||||||
@@ -847,9 +847,9 @@ static int get_msr_entry(struct kvm_msr_entry *entry, CPUState *env)
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef TARGET_X86_64
|
|
||||||
-#define MSR_COUNT 9
|
|
||||||
+#define MSR_COUNT 10
|
|
||||||
#else
|
|
||||||
-#define MSR_COUNT 5
|
|
||||||
+#define MSR_COUNT 6
|
|
||||||
#endif
|
|
||||||
|
|
||||||
static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
|
|
||||||
@@ -991,6 +991,7 @@ void kvm_arch_load_regs(CPUState *env)
|
|
||||||
|
|
||||||
/* msrs */
|
|
||||||
n = 0;
|
|
||||||
+ /* Remember to increase MSR_COUNT if you add new registers below */
|
|
||||||
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_CS, env->sysenter_cs);
|
|
||||||
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_ESP, env->sysenter_esp);
|
|
||||||
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_EIP, env->sysenter_eip);
|
|
||||||
@@ -1166,6 +1167,7 @@ void kvm_arch_save_regs(CPUState *env)
|
|
||||||
|
|
||||||
/* msrs */
|
|
||||||
n = 0;
|
|
||||||
+ /* Remember to increase MSR_COUNT if you add new registers below */
|
|
||||||
msrs[n++].index = MSR_IA32_SYSENTER_CS;
|
|
||||||
msrs[n++].index = MSR_IA32_SYSENTER_ESP;
|
|
||||||
msrs[n++].index = MSR_IA32_SYSENTER_EIP;
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,140 +0,0 @@
|
|||||||
From 1df18d4a961a66b9ea28ab83b409f4d9d470f148 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kevin Wolf <kwolf@redhat.com>
|
|
||||||
Date: Thu, 8 Oct 2009 15:02:08 +0200
|
|
||||||
Subject: [PATCH] qcow2: Bring synchronous read/write back to life
|
|
||||||
|
|
||||||
When the synchronous read and write functions were dropped, they were replaced
|
|
||||||
by generic emulation functions. Unfortunately, these emulation functions don't
|
|
||||||
provide the same semantics as the original functions did.
|
|
||||||
|
|
||||||
The original bdrv_read would mean that we read some data synchronously and that
|
|
||||||
we won't be interrupted during this read. The latter assumption is no longer
|
|
||||||
true with the emulation function which needs to use qemu_aio_poll and therefore
|
|
||||||
allows the callback of any other concurrent AIO request to be run during the
|
|
||||||
read. Which in turn means that (meta)data read earlier could have changed and
|
|
||||||
be invalid now. qcow2 is not prepared to work in this way and it's just scary
|
|
||||||
how many places there are where other requests could run.
|
|
||||||
|
|
||||||
I'm not sure yet where exactly it breaks, but you'll see breakage with virtio
|
|
||||||
on qcow2 with a backing file. Providing synchronous functions again fixes the
|
|
||||||
problem for me.
|
|
||||||
|
|
||||||
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-fix-qcow2-backing-file-with-virtio.patch
|
|
||||||
---
|
|
||||||
block/qcow2-cluster.c | 6 ++--
|
|
||||||
block/qcow2.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++-
|
|
||||||
block/qcow2.h | 3 ++
|
|
||||||
3 files changed, 55 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
|
|
||||||
index d4631c3..4d0ce16 100644
|
|
||||||
--- a/block/qcow2-cluster.c
|
|
||||||
+++ b/block/qcow2-cluster.c
|
|
||||||
@@ -306,8 +306,8 @@ void qcow2_encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
-static int qcow_read(BlockDriverState *bs, int64_t sector_num,
|
|
||||||
- uint8_t *buf, int nb_sectors)
|
|
||||||
+int qcow2_read(BlockDriverState *bs, int64_t sector_num, uint8_t *buf,
|
|
||||||
+ int nb_sectors)
|
|
||||||
{
|
|
||||||
BDRVQcowState *s = bs->opaque;
|
|
||||||
int ret, index_in_cluster, n, n1;
|
|
||||||
@@ -358,7 +358,7 @@ static int copy_sectors(BlockDriverState *bs, uint64_t start_sect,
|
|
||||||
n = n_end - n_start;
|
|
||||||
if (n <= 0)
|
|
||||||
return 0;
|
|
||||||
- ret = qcow_read(bs, start_sect + n_start, s->cluster_data, n);
|
|
||||||
+ ret = qcow2_read(bs, start_sect + n_start, s->cluster_data, n);
|
|
||||||
if (ret < 0)
|
|
||||||
return ret;
|
|
||||||
if (s->crypt_method) {
|
|
||||||
diff --git a/block/qcow2.c b/block/qcow2.c
|
|
||||||
index dd32ea2..ced257e 100644
|
|
||||||
--- a/block/qcow2.c
|
|
||||||
+++ b/block/qcow2.c
|
|
||||||
@@ -855,6 +855,51 @@ static int qcow_make_empty(BlockDriverState *bs)
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static int qcow2_write(BlockDriverState *bs, int64_t sector_num,
|
|
||||||
+ const uint8_t *buf, int nb_sectors)
|
|
||||||
+{
|
|
||||||
+ BDRVQcowState *s = bs->opaque;
|
|
||||||
+ int ret, index_in_cluster, n;
|
|
||||||
+ uint64_t cluster_offset;
|
|
||||||
+ int n_end;
|
|
||||||
+ QCowL2Meta l2meta;
|
|
||||||
+
|
|
||||||
+ while (nb_sectors > 0) {
|
|
||||||
+ memset(&l2meta, 0, sizeof(l2meta));
|
|
||||||
+
|
|
||||||
+ index_in_cluster = sector_num & (s->cluster_sectors - 1);
|
|
||||||
+ n_end = index_in_cluster + nb_sectors;
|
|
||||||
+ if (s->crypt_method &&
|
|
||||||
+ n_end > QCOW_MAX_CRYPT_CLUSTERS * s->cluster_sectors)
|
|
||||||
+ n_end = QCOW_MAX_CRYPT_CLUSTERS * s->cluster_sectors;
|
|
||||||
+ cluster_offset = qcow2_alloc_cluster_offset(bs, sector_num << 9,
|
|
||||||
+ index_in_cluster,
|
|
||||||
+ n_end, &n, &l2meta);
|
|
||||||
+ if (!cluster_offset)
|
|
||||||
+ return -1;
|
|
||||||
+ if (s->crypt_method) {
|
|
||||||
+ qcow2_encrypt_sectors(s, sector_num, s->cluster_data, buf, n, 1,
|
|
||||||
+ &s->aes_encrypt_key);
|
|
||||||
+ ret = bdrv_pwrite(s->hd, cluster_offset + index_in_cluster * 512,
|
|
||||||
+ s->cluster_data, n * 512);
|
|
||||||
+ } else {
|
|
||||||
+ ret = bdrv_pwrite(s->hd, cluster_offset + index_in_cluster * 512, buf, n * 512);
|
|
||||||
+ }
|
|
||||||
+ if (ret != n * 512 || qcow2_alloc_cluster_link_l2(bs, cluster_offset, &l2meta) < 0) {
|
|
||||||
+ qcow2_free_any_clusters(bs, cluster_offset, l2meta.nb_clusters);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+ nb_sectors -= n;
|
|
||||||
+ sector_num += n;
|
|
||||||
+ buf += n * 512;
|
|
||||||
+ if (l2meta.nb_clusters != 0) {
|
|
||||||
+ LIST_REMOVE(&l2meta, next_in_flight);
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ s->cluster_cache_offset = -1; /* disable compressed cache */
|
|
||||||
+ return 0;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/* XXX: put compressed sectors first, then all the cluster aligned
|
|
||||||
tables to avoid losing bytes in alignment */
|
|
||||||
static int qcow_write_compressed(BlockDriverState *bs, int64_t sector_num,
|
|
||||||
@@ -1037,8 +1082,10 @@ static BlockDriver bdrv_qcow2 = {
|
|
||||||
.bdrv_set_key = qcow_set_key,
|
|
||||||
.bdrv_make_empty = qcow_make_empty,
|
|
||||||
|
|
||||||
- .bdrv_aio_readv = qcow_aio_readv,
|
|
||||||
- .bdrv_aio_writev = qcow_aio_writev,
|
|
||||||
+ .bdrv_read = qcow2_read,
|
|
||||||
+ .bdrv_write = qcow2_write,
|
|
||||||
+ .bdrv_aio_readv = qcow_aio_readv,
|
|
||||||
+ .bdrv_aio_writev = qcow_aio_writev,
|
|
||||||
.bdrv_write_compressed = qcow_write_compressed,
|
|
||||||
|
|
||||||
.bdrv_snapshot_create = qcow2_snapshot_create,
|
|
||||||
diff --git a/block/qcow2.h b/block/qcow2.h
|
|
||||||
index 965a2f4..b41aa63 100644
|
|
||||||
--- a/block/qcow2.h
|
|
||||||
+++ b/block/qcow2.h
|
|
||||||
@@ -202,6 +202,9 @@ uint64_t qcow2_alloc_compressed_cluster_offset(BlockDriverState *bs,
|
|
||||||
int qcow2_alloc_cluster_link_l2(BlockDriverState *bs, uint64_t cluster_offset,
|
|
||||||
QCowL2Meta *m);
|
|
||||||
|
|
||||||
+int qcow2_read(BlockDriverState *bs, int64_t sector_num, uint8_t *buf,
|
|
||||||
+ int nb_sectors);
|
|
||||||
+
|
|
||||||
/* qcow2-snapshot.c functions */
|
|
||||||
int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info);
|
|
||||||
int qcow2_snapshot_goto(BlockDriverState *bs, const char *snapshot_id);
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,124 +0,0 @@
|
|||||||
From 565c62123258970d9254bc7b8eaa8f4c66ab2a21 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Justin M. Forbes <jforbes@redhat.com>
|
|
||||||
Date: Thu, 1 Oct 2009 16:13:56 -0500
|
|
||||||
Subject: [PATCH] Improve error reporting on file access
|
|
||||||
|
|
||||||
By making the error reporting include strerror(errno), it gives the user
|
|
||||||
a bit more indication as to why qemu failed. This is particularly
|
|
||||||
important for people running qemu as a non root user.
|
|
||||||
|
|
||||||
(cherry-picked from commit 850810d01b45e6ce99ac6696773e967890db2937)
|
|
||||||
|
|
||||||
Signed-off-by: Justin M. Forbes <jforbes@redhat.com>
|
|
||||||
Fedora-patch: qemu-improve-error-reporting-on-file-access.patch
|
|
||||||
---
|
|
||||||
hw/pc.c | 12 ++++++------
|
|
||||||
vl.c | 20 ++++++++++----------
|
|
||||||
2 files changed, 16 insertions(+), 16 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/hw/pc.c b/hw/pc.c
|
|
||||||
index 3b226f4..7a184cd 100644
|
|
||||||
--- a/hw/pc.c
|
|
||||||
+++ b/hw/pc.c
|
|
||||||
@@ -841,8 +841,8 @@ static void load_linux(void *fw_cfg,
|
|
||||||
if (!f || !(kernel_size = get_file_size(f)) ||
|
|
||||||
fread(header, 1, MIN(ARRAY_SIZE(header), kernel_size), f) !=
|
|
||||||
MIN(ARRAY_SIZE(header), kernel_size)) {
|
|
||||||
- fprintf(stderr, "qemu: could not load kernel '%s'\n",
|
|
||||||
- kernel_filename);
|
|
||||||
+ fprintf(stderr, "qemu: could not load kernel '%s': %s\n",
|
|
||||||
+ kernel_filename, strerror(errno));
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -947,8 +947,8 @@ static void load_linux(void *fw_cfg,
|
|
||||||
|
|
||||||
fi = fopen(initrd_filename, "rb");
|
|
||||||
if (!fi) {
|
|
||||||
- fprintf(stderr, "qemu: could not load initial ram disk '%s'\n",
|
|
||||||
- initrd_filename);
|
|
||||||
+ fprintf(stderr, "qemu: could not load initial ram disk '%s': %s\n",
|
|
||||||
+ initrd_filename, strerror(errno));
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -956,8 +956,8 @@ static void load_linux(void *fw_cfg,
|
|
||||||
initrd_addr = (initrd_max-initrd_size) & ~4095;
|
|
||||||
|
|
||||||
if (!fread_targphys_ok(initrd_addr, initrd_size, fi)) {
|
|
||||||
- fprintf(stderr, "qemu: read error on initial ram disk '%s'\n",
|
|
||||||
- initrd_filename);
|
|
||||||
+ fprintf(stderr, "qemu: read error on initial ram disk '%s': %s\n",
|
|
||||||
+ initrd_filename, strerror(errno));
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
fclose(fi);
|
|
||||||
diff --git a/vl.c b/vl.c
|
|
||||||
index d7c7ab1..9182d89 100644
|
|
||||||
--- a/vl.c
|
|
||||||
+++ b/vl.c
|
|
||||||
@@ -2379,8 +2379,8 @@ int drive_init(struct drive_opt *arg, int snapshot, void *opaque)
|
|
||||||
else if (cache == 2) /* write-back */
|
|
||||||
bdrv_flags |= BDRV_O_CACHE_WB;
|
|
||||||
if (bdrv_open2(bdrv, file, bdrv_flags, drv) < 0) {
|
|
||||||
- fprintf(stderr, "qemu: could not open disk image %s\n",
|
|
||||||
- file);
|
|
||||||
+ fprintf(stderr, "qemu: could not open disk image %s: %s\n",
|
|
||||||
+ file, strerror(errno));
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
if (bdrv_key_required(bdrv))
|
|
||||||
@@ -5799,7 +5799,7 @@ int main(int argc, char **argv, char **envp)
|
|
||||||
if (len != 1)
|
|
||||||
exit(1);
|
|
||||||
else if (status == 1) {
|
|
||||||
- fprintf(stderr, "Could not acquire pidfile\n");
|
|
||||||
+ fprintf(stderr, "Could not acquire pidfile: %s\n", strerror(errno));
|
|
||||||
exit(1);
|
|
||||||
} else
|
|
||||||
exit(0);
|
|
||||||
@@ -5826,7 +5826,7 @@ int main(int argc, char **argv, char **envp)
|
|
||||||
uint8_t status = 1;
|
|
||||||
write(fds[1], &status, 1);
|
|
||||||
} else
|
|
||||||
- fprintf(stderr, "Could not acquire pid file\n");
|
|
||||||
+ fprintf(stderr, "Could not acquire pid file: %s\n", strerror(errno));
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
@@ -6031,8 +6031,8 @@ int main(int argc, char **argv, char **envp)
|
|
||||||
snprintf(label, sizeof(label), "serial%d", i);
|
|
||||||
serial_hds[i] = qemu_chr_open(label, devname, NULL);
|
|
||||||
if (!serial_hds[i]) {
|
|
||||||
- fprintf(stderr, "qemu: could not open serial device '%s'\n",
|
|
||||||
- devname);
|
|
||||||
+ fprintf(stderr, "qemu: could not open serial device '%s': %s\n",
|
|
||||||
+ devname, strerror(errno));
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -6045,8 +6045,8 @@ int main(int argc, char **argv, char **envp)
|
|
||||||
snprintf(label, sizeof(label), "parallel%d", i);
|
|
||||||
parallel_hds[i] = qemu_chr_open(label, devname, NULL);
|
|
||||||
if (!parallel_hds[i]) {
|
|
||||||
- fprintf(stderr, "qemu: could not open parallel device '%s'\n",
|
|
||||||
- devname);
|
|
||||||
+ fprintf(stderr, "qemu: could not open parallel device '%s': %s\n",
|
|
||||||
+ devname, strerror(errno));
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -6059,8 +6059,8 @@ int main(int argc, char **argv, char **envp)
|
|
||||||
snprintf(label, sizeof(label), "virtcon%d", i);
|
|
||||||
virtcon_hds[i] = qemu_chr_open(label, devname, NULL);
|
|
||||||
if (!virtcon_hds[i]) {
|
|
||||||
- fprintf(stderr, "qemu: could not open virtio console '%s'\n",
|
|
||||||
- devname);
|
|
||||||
+ fprintf(stderr, "qemu: could not open virtio console '%s': %s\n",
|
|
||||||
+ devname, strerror(errno));
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,41 +0,0 @@
|
|||||||
From ff1a1e986f2e167c2538160d0476ac61cda31f77 Mon Sep 17 00:00:00 2001
|
|
||||||
From: David Woodhouse <dwmw2@infradead.org>
|
|
||||||
Date: Sat, 7 Nov 2009 14:10:01 +0000
|
|
||||||
Subject: [PATCH] Fix 32-bit overflow in parallels image support
|
|
||||||
|
|
||||||
(cherry picked from commit c34d2451ed32651e14e309f94009be07d231ee96)
|
|
||||||
|
|
||||||
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
|
|
||||||
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-parallels-image-format-overflow.patch
|
|
||||||
---
|
|
||||||
block/parallels.c | 5 +++--
|
|
||||||
1 files changed, 3 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/block/parallels.c b/block/parallels.c
|
|
||||||
index 0b64a5c..63b6738 100644
|
|
||||||
--- a/block/parallels.c
|
|
||||||
+++ b/block/parallels.c
|
|
||||||
@@ -119,7 +119,8 @@ fail:
|
|
||||||
static inline int seek_to_sector(BlockDriverState *bs, int64_t sector_num)
|
|
||||||
{
|
|
||||||
BDRVParallelsState *s = bs->opaque;
|
|
||||||
- uint32_t index, offset, position;
|
|
||||||
+ uint32_t index, offset;
|
|
||||||
+ uint64_t position;
|
|
||||||
|
|
||||||
index = sector_num / s->tracks;
|
|
||||||
offset = sector_num % s->tracks;
|
|
||||||
@@ -128,7 +129,7 @@ static inline int seek_to_sector(BlockDriverState *bs, int64_t sector_num)
|
|
||||||
if ((index > s->catalog_size) || (s->catalog_bitmap[index] == 0))
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
- position = (s->catalog_bitmap[index] + offset) * 512;
|
|
||||||
+ position = (uint64_t)(s->catalog_bitmap[index] + offset) * 512;
|
|
||||||
|
|
||||||
// fprintf(stderr, "sector: %llx index=%x offset=%x pointer=%x position=%x\n",
|
|
||||||
// sector_num, index, offset, s->catalog_bitmap[index], position);
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,119 +0,0 @@
|
|||||||
From 20a3c3095744ea65b4dfb5365efea8cdb802f7f5 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Glauber Costa <glommer@redhat.com>
|
|
||||||
Date: Wed, 21 Oct 2009 10:52:46 -0400
|
|
||||||
Subject: [PATCH] properly save kvm system time msr registers
|
|
||||||
|
|
||||||
Currently, the msrs involved in setting up pvclock are not saved over
|
|
||||||
migration and/or save/restore. This patch puts their value in special
|
|
||||||
fields in our CPUState, and deal with them using vmstate.
|
|
||||||
|
|
||||||
kvm also has to account for it, by including them in the msr list
|
|
||||||
for the ioctls.
|
|
||||||
|
|
||||||
Fedora-patch: qemu-properly-save-kvm-system-time-registers.patch
|
|
||||||
Signed-off-by: Glauber Costa <glommer@redhat.com>
|
|
||||||
---
|
|
||||||
qemu-kvm-x86.c | 15 +++++++++++++--
|
|
||||||
target-i386/cpu.h | 5 ++++-
|
|
||||||
target-i386/machine.c | 8 ++++++++
|
|
||||||
3 files changed, 25 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/qemu-kvm-x86.c b/qemu-kvm-x86.c
|
|
||||||
index d5436b6..300e6c2 100644
|
|
||||||
--- a/qemu-kvm-x86.c
|
|
||||||
+++ b/qemu-kvm-x86.c
|
|
||||||
@@ -839,6 +839,12 @@ static int get_msr_entry(struct kvm_msr_entry *entry, CPUState *env)
|
|
||||||
case MSR_VM_HSAVE_PA:
|
|
||||||
env->vm_hsave = entry->data;
|
|
||||||
break;
|
|
||||||
+ case MSR_KVM_SYSTEM_TIME:
|
|
||||||
+ env->system_time_msr = entry->data;
|
|
||||||
+ break;
|
|
||||||
+ case MSR_KVM_WALL_CLOCK:
|
|
||||||
+ env->wall_clock_msr = entry->data;
|
|
||||||
+ break;
|
|
||||||
default:
|
|
||||||
printf("Warning unknown msr index 0x%x\n", entry->index);
|
|
||||||
return 1;
|
|
||||||
@@ -847,9 +853,9 @@ static int get_msr_entry(struct kvm_msr_entry *entry, CPUState *env)
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef TARGET_X86_64
|
|
||||||
-#define MSR_COUNT 10
|
|
||||||
+#define MSR_COUNT 12
|
|
||||||
#else
|
|
||||||
-#define MSR_COUNT 6
|
|
||||||
+#define MSR_COUNT 8
|
|
||||||
#endif
|
|
||||||
|
|
||||||
static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
|
|
||||||
@@ -1007,6 +1013,8 @@ void kvm_arch_load_regs(CPUState *env)
|
|
||||||
set_msr_entry(&msrs[n++], MSR_LSTAR , env->lstar);
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
+ set_msr_entry(&msrs[n++], MSR_KVM_SYSTEM_TIME, env->system_time_msr);
|
|
||||||
+ set_msr_entry(&msrs[n++], MSR_KVM_WALL_CLOCK, env->wall_clock_msr);
|
|
||||||
|
|
||||||
rc = kvm_set_msrs(env->kvm_cpu_state.vcpu_ctx, msrs, n);
|
|
||||||
if (rc == -1)
|
|
||||||
@@ -1184,6 +1192,9 @@ void kvm_arch_save_regs(CPUState *env)
|
|
||||||
msrs[n++].index = MSR_LSTAR;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
+ msrs[n++].index = MSR_KVM_SYSTEM_TIME;
|
|
||||||
+ msrs[n++].index = MSR_KVM_WALL_CLOCK;
|
|
||||||
+
|
|
||||||
rc = kvm_get_msrs(env->kvm_cpu_state.vcpu_ctx, msrs, n);
|
|
||||||
if (rc == -1) {
|
|
||||||
perror("kvm_get_msrs FAILED");
|
|
||||||
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
|
|
||||||
index 08200ed..22e76ec 100644
|
|
||||||
--- a/target-i386/cpu.h
|
|
||||||
+++ b/target-i386/cpu.h
|
|
||||||
@@ -640,6 +640,9 @@ typedef struct CPUX86State {
|
|
||||||
target_ulong fmask;
|
|
||||||
target_ulong kernelgsbase;
|
|
||||||
#endif
|
|
||||||
+ uint64_t system_time_msr;
|
|
||||||
+ uint64_t wall_clock_msr;
|
|
||||||
+
|
|
||||||
|
|
||||||
uint64_t tsc;
|
|
||||||
|
|
||||||
@@ -867,7 +870,7 @@ static inline int cpu_get_time_fast(void)
|
|
||||||
#define cpu_signal_handler cpu_x86_signal_handler
|
|
||||||
#define cpu_list x86_cpu_list
|
|
||||||
|
|
||||||
-#define CPU_SAVE_VERSION 10
|
|
||||||
+#define CPU_SAVE_VERSION 11
|
|
||||||
|
|
||||||
/* MMU modes definitions */
|
|
||||||
#define MMU_MODE0_SUFFIX _kernel
|
|
||||||
diff --git a/target-i386/machine.c b/target-i386/machine.c
|
|
||||||
index ca32a92..4654508 100644
|
|
||||||
--- a/target-i386/machine.c
|
|
||||||
+++ b/target-i386/machine.c
|
|
||||||
@@ -174,6 +174,9 @@ void cpu_save(QEMUFile *f, void *opaque)
|
|
||||||
qemu_put_be64s(f, &env->mce_banks[4*i + 3]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ qemu_put_be64s(f, &env->system_time_msr);
|
|
||||||
+ qemu_put_be64s(f, &env->wall_clock_msr);
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef USE_X86LDOUBLE
|
|
||||||
@@ -405,5 +408,10 @@ int cpu_load(QEMUFile *f, void *opaque, int version_id)
|
|
||||||
kvm_arch_load_mpstate(env);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ if (version_id >= 11) {
|
|
||||||
+ qemu_get_be64s(f, &env->system_time_msr);
|
|
||||||
+ qemu_get_be64s(f, &env->wall_clock_msr);
|
|
||||||
+ }
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
--
|
|
||||||
1.6.2.2
|
|
||||||
|
|
@ -1,31 +0,0 @@
|
|||||||
From 56d370091cb01878c580f528011cd1717f8077fa Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Date: Fri, 20 Nov 2009 18:07:15 +0000
|
|
||||||
Subject: [PATCH] slirp: fix use-after-free
|
|
||||||
|
|
||||||
460fec67ee introduced a use-after free in slirp.
|
|
||||||
|
|
||||||
Cc: Jan Kiszka <jan.kiszka@siemens.com>
|
|
||||||
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
||||||
Fedora-patch: qemu-slirp-use-after-free.patch
|
|
||||||
---
|
|
||||||
slirp/mbuf.c | 2 +-
|
|
||||||
1 files changed, 1 insertions(+), 1 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/slirp/mbuf.c b/slirp/mbuf.c
|
|
||||||
index 7652fea..87508ba 100644
|
|
||||||
--- a/slirp/mbuf.c
|
|
||||||
+++ b/slirp/mbuf.c
|
|
||||||
@@ -95,8 +95,8 @@ m_free(struct mbuf *m)
|
|
||||||
* Either free() it or put it on the free list
|
|
||||||
*/
|
|
||||||
if (m->m_flags & M_DOFREE) {
|
|
||||||
- free(m);
|
|
||||||
m->slirp->mbuf_alloced--;
|
|
||||||
+ free(m);
|
|
||||||
} else if ((m->m_flags & M_FREELIST) == 0) {
|
|
||||||
insque(m,&m->slirp->m_freelist);
|
|
||||||
m->m_flags = M_FREELIST; /* Clobber other flags */
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
@ -1,79 +0,0 @@
|
|||||||
From a7c87c869ac75a076fa5552f9604f73f710cff80 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Jim Paris <jim@jtan.com>
|
|
||||||
Date: Mon, 24 Aug 2009 14:56:12 -0400
|
|
||||||
Subject: [PATCH] usb-linux.c: fix buffer overflow
|
|
||||||
|
|
||||||
In usb-linux.c:usb_host_handle_control, we pass a 1024-byte buffer and
|
|
||||||
length to the kernel. However, the length was provided by the caller
|
|
||||||
of dev->handle_packet, and is not checked, so the kernel might provide
|
|
||||||
too much data and overflow our buffer.
|
|
||||||
|
|
||||||
For example, hw/usb-uhci.c could set the length to 2047.
|
|
||||||
hw/usb-ohci.c looks like it might go up to 4096 or 8192.
|
|
||||||
|
|
||||||
This causes a qemu crash, as reported here:
|
|
||||||
http://www.mail-archive.com/kvm@vger.kernel.org/msg18447.html
|
|
||||||
|
|
||||||
This patch increases the usb-linux.c buffer size to 2048 to fix the
|
|
||||||
specific device reported, and adds a check to avoid the overflow in
|
|
||||||
any case.
|
|
||||||
|
|
||||||
Signed-off-by: Jim Paris <jim@jtan.com>
|
|
||||||
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
||||||
|
|
||||||
The WLAN USB stick ZyXEL NWD271N (0586:3417) uses very large
|
|
||||||
usb control transfers of more than 2048 bytes. Increasing the
|
|
||||||
buffer size to 8192.
|
|
||||||
|
|
||||||
Signed-off-by: Christian Krause <chkr@plauener.de>
|
|
||||||
---
|
|
||||||
usb-linux.c | 12 ++++++++++--
|
|
||||||
1 files changed, 10 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/usb-linux.c b/usb-linux.c
|
|
||||||
index f19f0c4..298f342 100644
|
|
||||||
--- a/usb-linux.c
|
|
||||||
+++ b/usb-linux.c
|
|
||||||
@@ -115,7 +115,7 @@ struct ctrl_struct {
|
|
||||||
uint16_t offset;
|
|
||||||
uint8_t state;
|
|
||||||
struct usb_ctrlrequest req;
|
|
||||||
- uint8_t buffer[1024];
|
|
||||||
+ uint8_t buffer[8192];
|
|
||||||
};
|
|
||||||
|
|
||||||
typedef struct USBHostDevice {
|
|
||||||
@@ -552,6 +552,7 @@ static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
|
|
||||||
struct usbdevfs_urb *urb;
|
|
||||||
AsyncURB *aurb;
|
|
||||||
int ret, value, index;
|
|
||||||
+ int buffer_len;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Process certain standard device requests.
|
|
||||||
@@ -580,6 +581,13 @@ static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
|
|
||||||
|
|
||||||
/* The rest are asynchronous */
|
|
||||||
|
|
||||||
+ buffer_len = 8 + s->ctrl.len;
|
|
||||||
+ if (buffer_len > sizeof(s->ctrl.buffer)) {
|
|
||||||
+ fprintf(stderr, "husb: ctrl buffer too small (%u > %lu)\n",
|
|
||||||
+ buffer_len, sizeof(s->ctrl.buffer));
|
|
||||||
+ return USB_RET_STALL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
aurb = async_alloc();
|
|
||||||
aurb->hdev = s;
|
|
||||||
aurb->packet = p;
|
|
||||||
@@ -596,7 +604,7 @@ static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
|
|
||||||
urb->endpoint = p->devep;
|
|
||||||
|
|
||||||
urb->buffer = &s->ctrl.req;
|
|
||||||
- urb->buffer_length = 8 + s->ctrl.len;
|
|
||||||
+ urb->buffer_length = buffer_len;
|
|
||||||
|
|
||||||
urb->usercontext = s;
|
|
||||||
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
75
qemu.spec
75
qemu.spec
@ -1,7 +1,7 @@
|
|||||||
Summary: QEMU is a FAST! processor emulator
|
Summary: QEMU is a FAST! processor emulator
|
||||||
Name: qemu
|
Name: qemu
|
||||||
Version: 0.11.0
|
Version: 0.12.3
|
||||||
Release: 13%{?dist}
|
Release: 1%{?dist}
|
||||||
# Epoch because we pushed a qemu-1.0 package
|
# Epoch because we pushed a qemu-1.0 package
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
License: GPLv2+ and LGPLv2+ and BSD
|
License: GPLv2+ and LGPLv2+ and BSD
|
||||||
@ -24,52 +24,13 @@ Source6: ksmtuned.init
|
|||||||
Source7: ksmtuned
|
Source7: ksmtuned
|
||||||
Source8: ksmtuned.conf
|
Source8: ksmtuned.conf
|
||||||
|
|
||||||
# Not upstream, why?
|
Patch01: 0001-block-avoid-creating-too-large-iovecs-in-multiwrite_.patch
|
||||||
Patch01: qemu-bios-bigger-roms.patch
|
Patch02: 0002-migration-Clear-fd-also-in-error-cases.patch
|
||||||
|
|
||||||
# Works around broken linux-user build on ppc
|
|
||||||
Patch02: qemu-fix-linux-user-build-on-ppc.patch
|
|
||||||
|
|
||||||
# Allow the pulseudio backend to be the default
|
|
||||||
Patch03: qemu-allow-pulseaudio-to-be-the-default.patch
|
|
||||||
|
|
||||||
# Add KSM support - see https://fedoraproject.org/wiki/Features/KSM
|
|
||||||
Patch04: qemu-add-ksm-support.patch
|
|
||||||
|
|
||||||
# Fix issue causing NIC hotplug confusion when no model is specified (#524022)
|
|
||||||
Patch05: qemu-correctly-free-nic-info-structure.patch
|
|
||||||
|
|
||||||
# Do not exit during PCI hotplug when an invalid NIC model is passed (#524022)
|
|
||||||
Patch06: qemu-do-not-exit-on-pci-hotplug-invalid-nic1.patch
|
|
||||||
Patch07: qemu-do-not-exit-on-pci-hotplug-invalid-nic2.patch
|
|
||||||
|
|
||||||
# Improve error reporting on file access
|
|
||||||
Patch08: qemu-improve-error-reporting-on-file-access.patch
|
|
||||||
|
|
||||||
# Fix fs errors with virtio and qcow2 backing file (#524734)
|
|
||||||
Patch09: qemu-fix-qcow2-backing-file-with-virtio.patch
|
|
||||||
|
|
||||||
# Fix potential segfault from too small MSR_COUNT (#528901)
|
|
||||||
Patch10: qemu-fix-msr-count-potential-segfault.patch
|
|
||||||
|
|
||||||
# Properly save kvm time registers (#524229)
|
|
||||||
Patch11: qemu-properly-save-kvm-system-time-registers.patch
|
|
||||||
|
|
||||||
# Fix dropped packets with non-virtio NICs (#531419)
|
|
||||||
Patch12: qemu-fix-dropped-packets-with-non-virtio-nics.patch
|
|
||||||
|
|
||||||
# Fix buffer overflow in usb-linux.c (#546483)
|
|
||||||
Patch13: qemu-usb-linux-fix-buffer-overflow.patch
|
|
||||||
|
|
||||||
# Fix a use-after-free crasher in the slirp code (#539583)
|
|
||||||
Patch14: qemu-slirp-use-after-free.patch
|
|
||||||
|
|
||||||
# Fix overflow in the parallels image format support (#533573)
|
|
||||||
Patch15: qemu-parallels-image-format-overflow.patch
|
|
||||||
|
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
BuildRequires: SDL-devel zlib-devel which texi2html gnutls-devel cyrus-sasl-devel
|
BuildRequires: SDL-devel zlib-devel which texi2html gnutls-devel cyrus-sasl-devel
|
||||||
BuildRequires: rsync dev86 iasl
|
BuildRequires: libaio-devel
|
||||||
|
BuildRequires: rsync
|
||||||
BuildRequires: pciutils-devel
|
BuildRequires: pciutils-devel
|
||||||
BuildRequires: pulseaudio-libs-devel
|
BuildRequires: pulseaudio-libs-devel
|
||||||
BuildRequires: ncurses-devel
|
BuildRequires: ncurses-devel
|
||||||
@ -155,7 +116,7 @@ Requires: %{name}-common = %{epoch}:%{version}-%{release}
|
|||||||
Provides: kvm = 85
|
Provides: kvm = 85
|
||||||
Obsoletes: kvm < 85
|
Obsoletes: kvm < 85
|
||||||
Requires: vgabios
|
Requires: vgabios
|
||||||
Requires: bochs-bios >= 2.3.8-0.8
|
Requires: seabios
|
||||||
Requires: /usr/share/gpxe/e1000-0x100e.rom
|
Requires: /usr/share/gpxe/e1000-0x100e.rom
|
||||||
Requires: /usr/share/gpxe/rtl8029.rom
|
Requires: /usr/share/gpxe/rtl8029.rom
|
||||||
Requires: /usr/share/gpxe/pcnet32.rom
|
Requires: /usr/share/gpxe/pcnet32.rom
|
||||||
@ -256,19 +217,6 @@ such as kvmtrace and kvm_stat.
|
|||||||
|
|
||||||
%patch01 -p1
|
%patch01 -p1
|
||||||
%patch02 -p1
|
%patch02 -p1
|
||||||
%patch03 -p1
|
|
||||||
%patch04 -p1
|
|
||||||
%patch05 -p1
|
|
||||||
%patch06 -p1
|
|
||||||
%patch07 -p1
|
|
||||||
%patch08 -p1
|
|
||||||
%patch09 -p1
|
|
||||||
%patch10 -p1
|
|
||||||
%patch11 -p1
|
|
||||||
%patch12 -p1
|
|
||||||
%patch13 -p1
|
|
||||||
%patch14 -p1
|
|
||||||
%patch15 -p1
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# --build-id option is used fedora 8 onwards for giving info to the debug packages.
|
# --build-id option is used fedora 8 onwards for giving info to the debug packages.
|
||||||
@ -385,7 +333,7 @@ pxe_link rtl8139 rtl8139
|
|||||||
pxe_link virtio virtio-net
|
pxe_link virtio virtio-net
|
||||||
ln -s ../vgabios/VGABIOS-lgpl-latest.bin %{buildroot}/%{_datadir}/%{name}/vgabios.bin
|
ln -s ../vgabios/VGABIOS-lgpl-latest.bin %{buildroot}/%{_datadir}/%{name}/vgabios.bin
|
||||||
ln -s ../vgabios/VGABIOS-lgpl-latest.cirrus.bin %{buildroot}/%{_datadir}/%{name}/vgabios-cirrus.bin
|
ln -s ../vgabios/VGABIOS-lgpl-latest.cirrus.bin %{buildroot}/%{_datadir}/%{name}/vgabios-cirrus.bin
|
||||||
ln -s ../bochs/BIOS-bochs-kvm %{buildroot}/%{_datadir}/%{name}/bios.bin
|
ln -s ../seabios/bios.bin %{buildroot}/%{_datadir}/%{name}/bios.bin
|
||||||
ln -s ../openbios/openbios-ppc %{buildroot}/%{_datadir}/%{name}/openbios-ppc
|
ln -s ../openbios/openbios-ppc %{buildroot}/%{_datadir}/%{name}/openbios-ppc
|
||||||
ln -s ../openbios/openbios-sparc32 %{buildroot}/%{_datadir}/%{name}/openbios-sparc32
|
ln -s ../openbios/openbios-sparc32 %{buildroot}/%{_datadir}/%{name}/openbios-sparc32
|
||||||
ln -s ../openbios/openbios-sparc64 %{buildroot}/%{_datadir}/%{name}/openbios-sparc64
|
ln -s ../openbios/openbios-sparc64 %{buildroot}/%{_datadir}/%{name}/openbios-sparc64
|
||||||
@ -490,7 +438,9 @@ fi
|
|||||||
%{_bindir}/qemu
|
%{_bindir}/qemu
|
||||||
%{_bindir}/qemu-system-x86_64
|
%{_bindir}/qemu-system-x86_64
|
||||||
%{_datadir}/%{name}/bios.bin
|
%{_datadir}/%{name}/bios.bin
|
||||||
|
%{_datadir}/%{name}/linuxboot.bin
|
||||||
%{_datadir}/%{name}/multiboot.bin
|
%{_datadir}/%{name}/multiboot.bin
|
||||||
|
%{_datadir}/%{name}/vapic.bin
|
||||||
%{_datadir}/%{name}/vgabios.bin
|
%{_datadir}/%{name}/vgabios.bin
|
||||||
%{_datadir}/%{name}/vgabios-cirrus.bin
|
%{_datadir}/%{name}/vgabios-cirrus.bin
|
||||||
%{_datadir}/%{name}/pxe-e1000.bin
|
%{_datadir}/%{name}/pxe-e1000.bin
|
||||||
@ -550,6 +500,11 @@ fi
|
|||||||
%{_mandir}/man1/qemu-img.1*
|
%{_mandir}/man1/qemu-img.1*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Mar 10 2010 Justin M. Forbes <jforbes@redhat.com> - 2:0.12.3-1
|
||||||
|
- Update to 0.12.3 upstream
|
||||||
|
- Require seabios
|
||||||
|
- Migration clear the fd in error cases (#518032)
|
||||||
|
|
||||||
* Wed Jan 20 2010 Justin M. Forbes <jforbes@redhat.com> - 2:0.11.0-13
|
* Wed Jan 20 2010 Justin M. Forbes <jforbes@redhat.com> - 2:0.11.0-13
|
||||||
- Re-enable preadv/pwritev support (#545006)
|
- Re-enable preadv/pwritev support (#545006)
|
||||||
- Fix buffer overflow in usb-linux.c (#546483)
|
- Fix buffer overflow in usb-linux.c (#546483)
|
||||||
|
Loading…
Reference in New Issue
Block a user