Compare commits

...

6 Commits
master ... f7

Author SHA1 Message Date
Fedora Release Engineering e0bbf96f5b dist-git conversion 2010-07-29 10:58:51 +00:00
Bill Nottingham ef98d49613 Fix typo that causes a failure to update the common directory. (releng
#2781)
2009-11-26 01:16:14 +00:00
Daniel P. Berrange 462cf9b17c Fix block device checks for extendable disk formats (rhbz #435139) 2008-02-28 00:41:54 +00:00
Daniel P. Berrange b63773c517 Fix block device extents check (rhbz #433560) 2008-02-23 16:04:41 +00:00
Daniel P. Berrange 6e8d2af47a Fixed rtl8139 checksum calculation for Vista (rhbz #308201) Fixed rtl8139
mmio region mappings Fix ATAPI CDROM emulation (rhbz #253542)
2007-09-27 03:27:17 +00:00
Bill Nottingham 5500ca8b3c Initialize branch F-7 for qemu 2007-05-18 09:19:54 +00:00
7 changed files with 361 additions and 23 deletions

View File

View File

@ -1,21 +0,0 @@
# Makefile for source rpm: qemu
# $Id$
NAME := qemu
SPECFILE = $(firstword $(wildcard *.spec))
define find-makefile-common
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
endef
MAKEFILE_COMMON := $(shell $(find-makefile-common))
ifeq ($(MAKEFILE_COMMON),)
# attept a checkout
define checkout-makefile-common
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
endef
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
endif
include $(MAKEFILE_COMMON)

View File

@ -0,0 +1,52 @@
From: Brandon Philips <brandon@ifup.org>
Newsgroups: gmane.comp.emulators.qemu
Subject: [PATCH][RFC] Fix bugs in the ATAPI cdrom driver
Date: Fri, 17 Aug 2007 16:43:04 -0700
Message-ID: <20070817234304.GB10490@ifup.org>
Reply-To: qemu-devel@nongnu.org
The new libata-eh in the Linux kernel is throwing a fit over the QEMU
cdrom device for two reasons:
1) DRQ can be set with ERR_STAT set. This is a violation of the ATAPI
state machine.
2) After a TEST_UNIT_READY ATAPI command is sent ERR_STAT is getting set
which is correct. But, when the OS issues another ATAPI command
ERR_STAT is still set. Which is bad since the next expected command
from the OS is REQUEST_SENSE to find out why ERR_STAT is set.
bug this fixes: https://bugzilla.novell.com/show_bug.cgi?id=291775
Signed-off-by: Brandon Philips <bphilips@suse.de>
---
hw/ide.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
Index: qemu-0.9.0/hw/ide.c
===================================================================
--- qemu-0.9.0.orig/hw/ide.c
+++ qemu-0.9.0/hw/ide.c
@@ -586,7 +586,9 @@ static void ide_transfer_start(IDEState
s->end_transfer_func = end_transfer_func;
s->data_ptr = buf;
s->data_end = buf + size;
- s->status |= DRQ_STAT;
+ /* don't violate the HSM */
+ if (!(s->status & ERR_STAT))
+ s->status |= DRQ_STAT;
}
static void ide_transfer_stop(IDEState *s)
@@ -1805,6 +1807,7 @@ static void ide_ioport_write(void *opaqu
/* overlapping commands not supported */
if (s->feature & 0x02)
goto abort_cmd;
+ s->status = READY_STAT;
s->atapi_dma = s->feature & 1;
s->nsector = 1;
ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,

View File

@ -0,0 +1,212 @@
diff -rup qemu-0.9.0.orig/block.c qemu-0.9.0.new/block.c
--- qemu-0.9.0.orig/block.c 2008-02-27 19:16:26.000000000 -0500
+++ qemu-0.9.0.new/block.c 2008-02-27 19:19:00.000000000 -0500
@@ -120,6 +120,60 @@ void path_combine(char *dest, int dest_s
}
}
+static int bdrv_rd_badreq_sectors(BlockDriverState *bs,
+ int64_t sector_num, int nb_sectors)
+{
+ return
+ nb_sectors < 0 ||
+ sector_num < 0 ||
+ nb_sectors > bs->total_sectors ||
+ sector_num > bs->total_sectors - nb_sectors;
+}
+
+static int bdrv_rd_badreq_bytes(BlockDriverState *bs,
+ int64_t offset, int count)
+{
+ int64_t size = bs->total_sectors << SECTOR_BITS;
+ return
+ count < 0 ||
+ size < 0 ||
+ count > size ||
+ offset > size - count;
+}
+
+static int bdrv_wr_badreq_sectors(BlockDriverState *bs,
+ int64_t sector_num, int nb_sectors)
+{
+ if (sector_num < 0 ||
+ nb_sectors < 0)
+ return 1;
+
+ if (sector_num > bs->total_sectors - nb_sectors) {
+ if (bs->autogrow)
+ bs->total_sectors = sector_num + nb_sectors;
+ else
+ return 1;
+ }
+ return 0;
+}
+
+static int bdrv_wr_badreq_bytes(BlockDriverState *bs,
+ int64_t offset, int count)
+{
+ int64_t size = bs->total_sectors << SECTOR_BITS;
+ if (count < 0 ||
+ offset < 0)
+ return 1;
+
+ if (offset > size - count) {
+ if (bs->autogrow)
+ bs->total_sectors = (offset + count + SECTOR_SIZE - 1) >> SECTOR_BITS;
+ else
+ return 1;
+ }
+ return 0;
+}
+
void bdrv_register(BlockDriver *bdrv)
{
@@ -328,6 +382,10 @@ int bdrv_open2(BlockDriverState *bs, con
bs->read_only = 0;
bs->is_temporary = 0;
bs->encrypted = 0;
+ bs->autogrow = 0;
+
+ if (flags & BDRV_O_AUTOGROW)
+ bs->autogrow = 1;
if (flags & BDRV_O_SNAPSHOT) {
BlockDriverState *bs1;
@@ -372,6 +430,7 @@ int bdrv_open2(BlockDriverState *bs, con
}
bs->drv = drv;
bs->opaque = qemu_mallocz(drv->instance_size);
+ bs->total_sectors = 0; /* driver will set if it does not do getlength */
if (bs->opaque == NULL && drv->instance_size > 0)
return -1;
/* Note: for compatibility, we open disk image files as RDWR, and
@@ -437,6 +496,7 @@ void bdrv_close(BlockDriverState *bs)
bs->drv = NULL;
/* call the change callback */
+ bs->total_sectors = 0;
bs->media_changed = 1;
if (bs->change_cb)
bs->change_cb(bs->change_opaque);
@@ -502,6 +562,8 @@ int bdrv_read(BlockDriverState *bs, int6
if (!drv)
return -ENOMEDIUM;
+ if (bdrv_rd_badreq_sectors(bs, sector_num, nb_sectors))
+ return -EDOM;
if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) {
memcpy(buf, bs->boot_sector_data, 512);
sector_num++;
@@ -539,6 +601,8 @@ int bdrv_write(BlockDriverState *bs, int
return -ENOMEDIUM;
if (bs->read_only)
return -EACCES;
+ if (bdrv_wr_badreq_sectors(bs, sector_num, nb_sectors))
+ return -EDOM;
if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) {
memcpy(bs->boot_sector_data, buf, 512);
}
@@ -661,6 +725,8 @@ int bdrv_pread(BlockDriverState *bs, int
return -ENOMEDIUM;
if (!drv->bdrv_pread)
return bdrv_pread_em(bs, offset, buf1, count1);
+ if (bdrv_rd_badreq_bytes(bs, offset, count1))
+ return -EDOM;
return drv->bdrv_pread(bs, offset, buf1, count1);
}
@@ -676,6 +742,8 @@ int bdrv_pwrite(BlockDriverState *bs, in
return -ENOMEDIUM;
if (!drv->bdrv_pwrite)
return bdrv_pwrite_em(bs, offset, buf1, count1);
+ if (bdrv_wr_badreq_bytes(bs, offset, count1))
+ return -EDOM;
return drv->bdrv_pwrite(bs, offset, buf1, count1);
}
@@ -917,6 +985,8 @@ int bdrv_write_compressed(BlockDriverSta
return -ENOMEDIUM;
if (!drv->bdrv_write_compressed)
return -ENOTSUP;
+ if (bdrv_wr_badreq_sectors(bs, sector_num, nb_sectors))
+ return -EDOM;
return drv->bdrv_write_compressed(bs, sector_num, buf, nb_sectors);
}
@@ -1062,6 +1132,8 @@ BlockDriverAIOCB *bdrv_aio_read(BlockDri
if (!drv)
return NULL;
+ if (bdrv_rd_badreq_sectors(bs, sector_num, nb_sectors))
+ return NULL;
/* XXX: we assume that nb_sectors == 0 is suppored by the async read */
if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) {
@@ -1084,6 +1156,8 @@ BlockDriverAIOCB *bdrv_aio_write(BlockDr
return NULL;
if (bs->read_only)
return NULL;
+ if (bdrv_wr_badreq_sectors(bs, sector_num, nb_sectors))
+ return NULL;
if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) {
memcpy(bs->boot_sector_data, buf, 512);
}
diff -rup qemu-0.9.0.orig/block_int.h qemu-0.9.0.new/block_int.h
--- qemu-0.9.0.orig/block_int.h 2007-02-05 18:01:54.000000000 -0500
+++ qemu-0.9.0.new/block_int.h 2008-02-27 19:17:46.000000000 -0500
@@ -87,6 +87,7 @@ struct BlockDriverState {
int removable; /* if true, the media can be removed */
int locked; /* if true, the media cannot temporarily be ejected */
int encrypted; /* if true, the media is encrypted */
+ int autogrow; /* if true, the backing store can auto-extend to allocate new extents */
/* event callback when inserting/removing */
void (*change_cb)(void *opaque);
void *change_opaque;
diff -rup qemu-0.9.0.orig/block-qcow2.c qemu-0.9.0.new/block-qcow2.c
--- qemu-0.9.0.orig/block-qcow2.c 2007-02-05 18:01:54.000000000 -0500
+++ qemu-0.9.0.new/block-qcow2.c 2008-02-27 19:17:16.000000000 -0500
@@ -191,7 +191,7 @@ static int qcow_open(BlockDriverState *b
int len, i, shift, ret;
QCowHeader header;
- ret = bdrv_file_open(&s->hd, filename, flags);
+ ret = bdrv_file_open(&s->hd, filename, flags | BDRV_O_AUTOGROW);
if (ret < 0)
return ret;
if (bdrv_pread(s->hd, 0, &header, sizeof(header)) != sizeof(header))
diff -rup qemu-0.9.0.orig/block-qcow.c qemu-0.9.0.new/block-qcow.c
--- qemu-0.9.0.orig/block-qcow.c 2007-02-05 18:01:54.000000000 -0500
+++ qemu-0.9.0.new/block-qcow.c 2008-02-27 19:17:16.000000000 -0500
@@ -95,7 +95,7 @@ static int qcow_open(BlockDriverState *b
int len, i, shift, ret;
QCowHeader header;
- ret = bdrv_file_open(&s->hd, filename, flags);
+ ret = bdrv_file_open(&s->hd, filename, flags | BDRV_O_AUTOGROW);
if (ret < 0)
return ret;
if (bdrv_pread(s->hd, 0, &header, sizeof(header)) != sizeof(header))
diff -rup qemu-0.9.0.orig/block-vmdk.c qemu-0.9.0.new/block-vmdk.c
--- qemu-0.9.0.orig/block-vmdk.c 2007-02-05 18:01:54.000000000 -0500
+++ qemu-0.9.0.new/block-vmdk.c 2008-02-27 19:17:16.000000000 -0500
@@ -352,7 +352,7 @@ static int vmdk_open(BlockDriverState *b
uint32_t magic;
int l1_size, i, ret;
- ret = bdrv_file_open(&s->hd, filename, flags);
+ ret = bdrv_file_open(&s->hd, filename, flags | BDRV_O_AUTOGROW);
if (ret < 0)
return ret;
if (bdrv_pread(s->hd, 0, &magic, sizeof(magic)) != sizeof(magic))
diff -rup qemu-0.9.0.orig/vl.h qemu-0.9.0.new/vl.h
--- qemu-0.9.0.orig/vl.h 2008-02-27 19:16:02.000000000 -0500
+++ qemu-0.9.0.new/vl.h 2008-02-27 19:18:19.000000000 -0500
@@ -576,6 +576,7 @@ typedef struct QEMUSnapshotInfo {
use a disk image format on top of
it (default for
bdrv_file_open()) */
+#define BDRV_O_AUTOGROW 0x0040 /* Allow backing file to extend when writing past end of file */
void bdrv_init(void);
BlockDriver *bdrv_find_format(const char *format_name);

View File

@ -0,0 +1,47 @@
Index: hw/rtl8139.c
===================================================================
RCS file: /sources/qemu/qemu/hw/rtl8139.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- hw/rtl8139.c 11 Jul 2007 22:48:58 -0000 1.10
+++ hw/rtl8139.c 1 Aug 2007 13:10:29 -0000 1.11
@@ -53,9 +53,8 @@
/* debug RTL8139 card C+ mode only */
//#define DEBUG_RTL8139CP 1
-/* RTL8139 provides frame CRC with received packet, this feature seems to be
- ignored by most drivers, disabled by default */
-//#define RTL8139_CALCULATE_RXCRC 1
+/* Calculate CRCs properly on Rx packets */
+#define RTL8139_CALCULATE_RXCRC 1
/* Uncomment to enable on-board timer interrupts */
//#define RTL8139_ONBOARD_TIMER 1
@@ -747,7 +746,7 @@
int wrapped = MOD2(s->RxBufAddr + size, s->RxBufferSize);
/* write packet data */
- if (wrapped && s->RxBufferSize < 65536 && !rtl8139_RxWrap(s))
+ if (wrapped && !(s->RxBufferSize < 65536 && rtl8139_RxWrap(s)))
{
DEBUG_PRINT((">>> RTL8139: rx packet wrapped in buffer at %d\n", size-wrapped));
@@ -1023,7 +1022,7 @@
/* write checksum */
#if defined (RTL8139_CALCULATE_RXCRC)
- val = cpu_to_le32(crc32(~0, buf, size));
+ val = cpu_to_le32(crc32(0, buf, size));
#else
val = 0;
#endif
@@ -1129,7 +1128,7 @@
/* write checksum */
#if defined (RTL8139_CALCULATE_RXCRC)
- val = cpu_to_le32(crc32(~0, buf, size));
+ val = cpu_to_le32(crc32(0, buf, size));
#else
val = 0;
#endif

View File

@ -0,0 +1,25 @@
diff -rup qemu-0.9.0.orig/hw/rtl8139.c qemu-0.9.0.new/hw/rtl8139.c
--- qemu-0.9.0.orig/hw/rtl8139.c 2007-02-05 18:01:54.000000000 -0500
+++ qemu-0.9.0.new/hw/rtl8139.c 2007-08-28 11:37:29.000000000 -0400
@@ -3325,7 +3325,7 @@ static void rtl8139_mmio_map(PCIDevice *
PCIRTL8139State *d = (PCIRTL8139State *)pci_dev;
RTL8139State *s = &d->rtl8139;
- cpu_register_physical_memory(addr + 0, 0x100, s->rtl8139_mmio_io_addr);
+ cpu_register_physical_memory(addr + 0, 0x1000, s->rtl8139_mmio_io_addr);
}
static void rtl8139_ioport_map(PCIDevice *pci_dev, int region_num,
@@ -3438,10 +3438,10 @@ void pci_rtl8139_init(PCIBus *bus, NICIn
s->rtl8139_mmio_io_addr =
cpu_register_io_memory(0, rtl8139_mmio_read, rtl8139_mmio_write, s);
- pci_register_io_region(&d->dev, 0, 0x100,
+ pci_register_io_region(&d->dev, 0, 0x1000,
PCI_ADDRESS_SPACE_IO, rtl8139_ioport_map);
- pci_register_io_region(&d->dev, 1, 0x100,
+ pci_register_io_region(&d->dev, 1, 0x1000,
PCI_ADDRESS_SPACE_MEM, rtl8139_mmio_map);
s->irq = 16; /* PCI interrupt */

View File

@ -8,8 +8,8 @@
Summary: QEMU is a FAST! processor emulator
Name: qemu
Version: 0.9.0
Release: 2%{?dist}
License: GPL/LGPL
Release: 5%{?dist}
License: GPLv2+, LGPLv2+
Group: Development/Tools
URL: http://www.qemu.org/
Source0: http://www.qemu.org/%{name}-%{version}.tar.gz
@ -17,6 +17,13 @@ Source1: qemu.init
Patch0: qemu-0.7.0-build.patch
Patch1: qemu-0.8.0-sdata.patch
Patch2: qemu-0.9.0-load-initrd.patch
# Fix RTL8139 MMIO regions. Remove at next upgrade
Patch5: qemu-0.9.0-rtl8139-mmio-regions.patch
# Fix Atapi errors with latest kernel
Patch6: qemu-0.9.0-atapi-hsm.patch
# Fix RTL8139 checksum calculations for Vista
Patch7: qemu-0.9.0-rtl8139-checksum.patch
Patch8: qemu-%{version}-block-rw-range-check.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: SDL-devel compat-gcc-%{gccver} zlib-devel which texi2html
Requires(post): /sbin/chkconfig
@ -42,6 +49,10 @@ As QEMU requires no host kernel patches to run, it is safe and easy to use.
%patch0 -p1
%patch1 -p1
%patch2 -p0
%patch5 -p1
%patch6 -p1
%patch7 -p0
%patch8 -p1
%build
./configure \
@ -92,6 +103,18 @@ fi
%{_mandir}/man1/*
%changelog
* Wed Feb 27 2008 Daniel P. Berrange <berrange@redhat.com> - 0.9.0-5.fc7
- Fix block device checks for extendable disk formats (rhbz #435139)
* Sat Feb 23 2008 Daniel P. Berrange <berrange@redhat.com> - 0.9.0-4.fc7
- Fix block device extents check (rhbz #433560)
* Wed Sep 26 2007 Daniel P. Berrange <berrange@redhat.com> - 0.9.0-3.fc7
- Update licence
- Fix CDROM emulation (rhbz #253542)
- Fix rtl8139 mmio region mappings with multiple NICs
- Fix rtl8139 checksum calculation for Vista (rhbz #308201)
* Sun Apr 1 2007 Hans de Goede <j.w.r.degoede@hhs.nl> 0.9.0-2
- Fix direct loading of a linux kernel with -kernel & -initrd (bz 234681)
- Remove spurious execute bits from manpages (bz 222573)