Fam Zheng f...@redhat.com writes:
On Tue, 10/28 17:03, Markus Armbruster wrote:
diff --git a/block/vmdk.c b/block/vmdk.c
index 673d3f5..91a42d2 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -2225,6 +2225,7 @@ static BlockDriver bdrv_vmdk = {
.format_name = vmdk,
Jeff Cody jc...@redhat.com writes:
On Tue, Oct 28, 2014 at 05:03:40PM +0100, Markus Armbruster wrote:
If the user neglects to specify the image format, QEMU probes the
image to guess it automatically, for convenience.
Relying on format probing is insecure for raw images (CVE-2008-2004).
If
On 09/23/2014 05:23 PM, Yang Hongyang wrote:
Virtual machine (VM) replication is a well known technique for
providing application-agnostic software-implemented hardware fault
tolerance non-stop service. COLO is a high availability solution.
Both primary VM (PVM) and secondary VM (SVM) run in
On 28 Oct 2014, at 16:18, Peter Maydell peter.mayd...@linaro.org wrote:
(There's also flash at address zero.)
if this is wrong, can you suggest a fix? some time ago when I first used qemu
the entire memory was similar, ram or flash alike. should I define them
explicitly?
so valid RAM is
Eric Blake ebl...@redhat.com writes:
On 10/28/2014 10:03 AM, Markus Armbruster wrote:
If the user neglects to specify the image format, QEMU probes the
image to guess it automatically, for convenience.
Relying on format probing is insecure for raw images (CVE-2008-2004).
If the guest
On Mon, Sep 29, 2014 at 11:09:56AM +0200, Gerd Hoffmann wrote:
Hi,
It doesn't matter, so users might release the modifier key or not.
we should make both works
1)
sendkey Ctrl-Scroll
sendkey Ctrl-Scroll
Good to know this works.
2)
sendkey Ctrl-Scroll-Scroll
Why?
On 28 Oct 2014, at 19:08, Peter Maydell peter.mayd...@linaro.org wrote:
once the core Cortex-M emulation is fully functional, it should be
easier to add support for specific devices, by configuring some of
the parameters (flash/ram, add some peripherals, etc).
QEMU doesn't conveniently
Eric Blake ebl...@redhat.com writes:
On 10/28/2014 12:29 PM, Jeff Cody wrote:
[...]
What happens if more than one format tends to pick the same extension?
For example, would you consider '.qcow' a typical extension for qcow2
files, even though it would probably match the older qcow driver
Jeff Cody jc...@redhat.com writes:
On Tue, Oct 28, 2014 at 12:56:37PM -0600, Eric Blake wrote:
On 10/28/2014 12:29 PM, Jeff Cody wrote:
This patch is RFC because of open questions:
* Should tools warn, too? Probing isn't insecure there, but a this
may pick a different format in the
6 byte CDBs do not have a dedicated area for LBAs, and even if
it certainly won't be at byte 0.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/scsi-bus.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index 919a86c..64d0880 100644
---
The CD-ROM signature is 0xeb140101, not 0xeb14.
Without this change OVMF/Duet runs into a timeout trying
to detect a SATA cdrom.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/ide/ahci.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/ide/ahci.h b/hw/ide/ahci.h
The EFI firmware doesn't handle unit attentions properly,
so we need to clear the Power On/Reset unit attention upon
initial reset.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 20 +++-
trace-events | 2 +-
2 files changed, 20 insertions(+), 2
All scsi functions take a scsi device as argument, which has
a LUN assigned to it. So we can get rid of specifying the 'lun'
as separate argument.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/esp.c | 2 +-
hw/scsi/lsi53c895a.c | 3 +--
hw/scsi/megasas.c | 44
The trace events already contain the function name, so the actual
message doesn't need to contain any of these informations.
Signed-off-by: Hannes Reinecke h...@suse.de
---
trace-events | 38 +++---
1 file changed, 19 insertions(+), 19 deletions(-)
diff --git
scsi_cdb_length() does not return the length of the cdb, but
the transfersize encoded in the cdb. So rename it to scsi_xfer_length()
and add a new scsi_cdb_length() which actually does return the
length of the cdb.
With that DEBUG_SCSI can now display the correct CDB buffer.
Signed-off-by: Hannes
The MFI_DCMD_LD_LIST_QUERY function is using a different format than
MFI_DCMD_LD_LIST, so we need to implement it differently.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 37 ++---
hw/scsi/mfi.h | 7 +++
2 files changed, 41
Logical drives can only be addressed with the 'target_id' number;
LUN numbers cannot be selected.
Physical drives can be selected with both, target and LUN id.
So we should disallow LUN numbers not equal to 0 when in
RAID mode.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c |
The windows driver is sending several init_firmware commands
when in MSI-X mode. It is, however, using only the first
queue. So disregard any additional init_firmware commands
until the HBA is reset.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 9 ++---
trace-events
The 2108 chip supports MSI and MSI-X, so update the emulation
to support both chips.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c| 218 +--
hw/scsi/mfi.h| 7 ++
include/hw/pci/pci_ids.h | 1 +
3 files
To ease debugging we should be decoding
the register names.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 23 ---
trace-events | 4 ++--
2 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index
Hi all,
here is an update to the megasas emulation. It adds a new emulation
type (called 'megasas-gen2'), which emulates a newer (PCIe-based)
version of the MegaRAID HBA. As this hardware does MSI-X I've also
fixed up MSI-X support for the megasas emulation.
With these patches Win7 and Linux boot
Windows requires the frames to be unmapped, otherwise we run
into a race condition where the updated frame data is not
visible to the guest.
With that we can simplify the queue algorithm and use a bitmap
for tracking free frames.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c
Some implementations use DCMD_CLUSTER_RESET_LD to simulate
a device reset.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 16 +++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index c1bc563..2a99c5e 100644
MSI-X works slightly different than INTx; the doorbell
registers are not necessarily used as MSI-X interrupts
are directed anyway. So the head pointer on the
reply queue needs to be updated as soon as a frame
is completed, and we can set the doorbell only
when in INTx mode.
Signed-off-by: Hannes
Improve queue logging by displaying head and tail pointer
of the completion queue.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 26 +-
trace-events | 7 ---
2 files changed, 21 insertions(+), 12 deletions(-)
diff --git a/hw/scsi/megasas.c
The sense code needs to be cleared after REQUEST SENSE.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/ide/atapi.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index 10218df..fca9174 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@
Copying John Snow for additional AHCI expertise.
Hannes Reinecke h...@suse.de writes:
The CD-ROM signature is 0xeb140101, not 0xeb14.
Without this change OVMF/Duet runs into a timeout trying
to detect a SATA cdrom.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/ide/ahci.h | 2 +-
On 10/29/2014 09:07 AM, Markus Armbruster wrote:
Copying John Snow for additional AHCI expertise.
Hannes Reinecke h...@suse.de writes:
The CD-ROM signature is 0xeb140101, not 0xeb14.
Without this change OVMF/Duet runs into a timeout trying
to detect a SATA cdrom.
Signed-off-by:
On 2014-10-29 at 08:36, Markus Armbruster wrote:
Jeff Cody jc...@redhat.com writes:
On Tue, Oct 28, 2014 at 12:56:37PM -0600, Eric Blake wrote:
On 10/28/2014 12:29 PM, Jeff Cody wrote:
This patch is RFC because of open questions:
* Should tools warn, too? Probing isn't insecure there, but
Nikunj A Dadhania nik...@linux.vnet.ibm.com writes:
The PCI MMIO might be disabled or the device in the reset state.
Make sure we do not dump these memory regions.
Signed-off-by: Nikunj A Dadhania nik...@linux.vnet.ibm.com
Acked-by: Alex Williamson alex.william...@redhat.com
CC: Paolo
These two small patches add a VHOST_VRING_F_BYTESWAP flag to the
vring which will be used by the kernel to byteswap the different
vring indexes.
The kernel patchset can be found on the kvm@ and kvm-ppc@ mailing
lists.
Cédric Le Goater (2):
vhost: add VHOST_VRING_F_BYTESWAP flag
vhost_net:
When the guest and the host have a different endian order, the data
being accessed in the vring queues needs to be byteswapped.
This patch adds a VHOST_VRING_F_BYTESWAP flag to inform the vhost
kernel backend to byteswap vring data.
Signed-off-by: Cédric Le Goater c...@fr.ibm.com
---
revert 371df9f5e0f1 vhost-net: disable when cross-endian
Signed-off-by: Cédric Le Goater c...@fr.ibm.com
---
hw/net/vhost_net.c | 19 ---
1 file changed, 19 deletions(-)
diff --git a/hw/net/vhost_net.c b/hw/net/vhost_net.c
index 4e3a06162291..721fb2da52f8 100644
---
On 2014-10-29 at 06:04, Fam Zheng wrote:
Similar to bdrv_next, this traverses through graph_bdrv_states. Will be
useful to enumerate all the named nodes.
Signed-off-by: Fam Zheng f...@redhat.com
---
block.c | 8
include/block/block.h | 1 +
2 files changed, 9
On 2014-10-29 at 06:04, Fam Zheng wrote:
This returns the node name of a BDS. Remove the TODO comment and expect
the callers to be explicit.
Signed-off-by: Fam Zheng f...@redhat.com
---
block.c | 6 +-
include/block/block.h | 1 +
2 files changed, 6 insertions(+), 1
On 2014-10-29 at 06:04, Fam Zheng wrote:
Node name is a better identifier of BDS.
We will want to query statistics of a BDS node buried in the BDS graph,
so reporting the node's name if there is one will do the good.
Signed-off-by: Fam Zheng f...@redhat.com
---
block/qapi.c | 5 +
On 10/29/2014 02:28 AM, John Snow wrote:
(1) Update the prepare_buf callback (including the AHCI and BMDMA
implementations) to return, simply, the number of bytes prepared. For
AHCI, the largest this can ever be is something like
(2) Update uses of the callback or implementations to use
On 10/29/2014 08:53 AM, Hannes Reinecke wrote:
All scsi functions take a scsi device as argument, which has
a LUN assigned to it. So we can get rid of specifying the 'lun'
as separate argument.
... except if you are sending a command to a non-existent LUN, in which
case scsi_req_new detects
On 10/29/2014 08:53 AM, Hannes Reinecke wrote:
All scsi functions take a scsi device as argument, which has
a LUN assigned to it. So we can get rid of specifying the 'lun'
as separate argument.
... except if you are sending a command to a non-existent LUN, in which
case scsi_req_new detects
On 2014-10-29 at 06:04, Fam Zheng wrote:
This bool option will allow query all the node names. It iterates all
the BDSes that are assigned a name, also in this case don't query up the
backing chain.
Signed-off-by: Fam Zheng f...@redhat.com
---
block/qapi.c | 20 +---
On 10/29/2014 08:53 AM, Hannes Reinecke wrote:
+
+/*
+ * The EFI firmware doesn't handle UA,
+ * so we need to clear the Power On/Reset UA
+ * after the initial reset.
+ */
+QTAILQ_FOREACH(kid, s-bus.qbus.children, sibling) {
+
On 10/29/2014 08:53 AM, Hannes Reinecke wrote:
6 byte CDBs do not have a dedicated area for LBAs, and even if
it certainly won't be at byte 0.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/scsi-bus.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/hw/scsi/scsi-bus.c
On 10/29/2014 08:53 AM, Hannes Reinecke wrote:
Hi all,
here is an update to the megasas emulation. It adds a new emulation
type (called 'megasas-gen2'), which emulates a newer (PCIe-based)
version of the MegaRAID HBA. As this hardware does MSI-X I've also
fixed up MSI-X support for the
I am so sorry for my abrupt mail. I am newbie to open source communities.My
study is to add a new encrypt module to PowerPC boards. But I think the ways
to add HW device are same between ARM or PowerPC. So I found out some similar
implementation like your commit. But the contents about
* Wen Congyang (we...@cn.fujitsu.com) wrote:
snip
Hi all:
I will start to implement disk replication. Before doing this, I think we
should decide
how to implement it.
I have two ideas about it:
1. implement it in qemu
Advantage: very easy, and don't take too much time
On Wed, 22 Oct 2014 18:00:02 +0800
Tang Chen tangc...@cn.fujitsu.com wrote:
This patch-set implements memory hot-remove for QEmu.
Rebased on Igor's asynchronize hotplug framework (qemu v2.1.2, the
latest).
Approach: QEmu sets GPE status bit, then triggers SCI to notify guest
os. Guest
On 10/29/2014 05:37 PM, Igor Mammedov wrote:
On Wed, 22 Oct 2014 18:00:02 +0800
Tang Chen tangc...@cn.fujitsu.com wrote:
This patch-set implements memory hot-remove for QEmu.
Rebased on Igor's asynchronize hotplug framework (qemu v2.1.2, the
latest).
Approach: QEmu sets GPE status bit, then
On Wed, Oct 29, 2014 at 2:08 AM, Gonglei arei.gong...@huawei.com wrote:
On 2014/10/28 22:29, Stefan Hajnoczi wrote:
On Mon, Oct 06, 2014 at 03:32:10PM +0100, Richard W.M. Jones wrote:
qemu_opt_get_number returns a uint64_t, and curl_easy_setopt expects a
long (not an int).
Store the timeout
On 10/29/2014 05:34 PM, Dr. David Alan Gilbert wrote:
* Wen Congyang (we...@cn.fujitsu.com) wrote:
snip
Hi all:
I will start to implement disk replication. Before doing this, I think we
should decide
how to implement it.
I have two ideas about it:
1. implement it in qemu
On 10/29/2014 10:14 AM, Paolo Bonzini wrote:
On 10/29/2014 08:53 AM, Hannes Reinecke wrote:
+
+/*
+ * The EFI firmware doesn't handle UA,
+ * so we need to clear the Power On/Reset UA
+ * after the initial reset.
+ */
+QTAILQ_FOREACH(kid,
On Wed, Oct 29, 2014 at 01:41:50AM +, Yongbok Kim wrote:
add MSA exceptions
Signed-off-by: Yongbok Kim yongbok@imgtec.com
Reviewed-by: James Hogan james.ho...@imgtec.com
Cheers
James
---
target-mips/helper.c | 10 ++
1 files changed, 10 insertions(+), 0 deletions(-)
On Sun, Oct 26, 2014 at 11:05:26AM +, Richard W.M. Jones wrote:
v2:
- Define the maximum timeout in a macro.
- Reduce the maximum timeout to 1 s (instead of 10 s).
Thanks, applied to my block tree:
https://github.com/stefanha/qemu/commits/block
Stefan
pgp6z6qwKQR5R.pgp
On Fri, Oct 24, 2014 at 12:57:57PM +0200, Max Reitz wrote:
raw_co_get_block_status() should return 0 and set *pnum to 0 after the
EOF; currently it does this merely by accident, so implement it
directly. Also, nb_sectors should be clamped against the image end.
While doing that, centralize
On Wed, Oct 29, 2014 at 01:41:51AM +, Yongbok Kim wrote:
Signed-off-by: Yongbok Kim yongbok@imgtec.com
A more verbose commit message wouldn't hurt. I.e. this patch does two
things, it removes the duplicate ieee_rm in gdbstub.c, but it also makes
ieee_ex_to_mips() available to
On 10/29/2014 10:52 AM, Hannes Reinecke wrote:
Because without this patch we end up with having a (basically random)
value in cmd.lba, and we're ending up here:
if (cmd.lba != -1) {
trace_scsi_req_parsed_lba(d-id, d-lun, tag, buf[0], cmd.lba); }
Yeah, this is ugly but not fatal.
and
Am 28.10.2014 um 17:03 hat Markus Armbruster geschrieben:
If the user neglects to specify the image format, QEMU probes the
image to guess it automatically, for convenience.
Relying on format probing is insecure for raw images (CVE-2008-2004).
If the guest writes a suitable header to the
The virtio-rng backend is currently linked twice, once in the proxy
device (e.g. virtio-rng-pci) and once in virtio-rng-device. This causes
a double unref of the backend when the parent device is unplugged.
To fix this, make the proxy device use an alias, similar to what is
already being done
Hi Dave,
在 10/29/2014 05:34 PM, Dr. David Alan Gilbert 写道:
* Wen Congyang (we...@cn.fujitsu.com) wrote:
snip
Hi all:
I will start to implement disk replication. Before doing this, I think we
should decide
how to implement it.
I have two ideas about it:
1. implement it in qemu
On Wed, Oct 29, 2014 at 01:41:52AM +, Yongbok Kim wrote:
Signed-off-by: Yongbok Kim yongbok@imgtec.com
You seem to have lost the commit message compared to v1.
Patch looks fine to me, but IMO it's worth squashing this into patch 18,
since that's the only place they're used.
Cheers
On Fri, Oct 24, 2014 at 03:57:29PM +0200, Max Reitz wrote:
qemu-img should use QMP commands whenever possible in order to ensure
feature completeness of both online and offline image operations. For
the commit command, this is relatively easy, so implement it first
(in the hope that indeed
On Sat, Oct 25, 2014 at 05:05:37PM +0200, Peter Lieven wrote:
As discussed during review a follow up for Max's fix.
Signed-off-by: Peter Lieven p...@kamp.de
---
tests/qemu-iotests/107 |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Thanks, applied to my block tree:
On Wed, Oct 29, 2014 at 01:41:53AM +, Yongbok Kim wrote:
stop translation as ctc1 instruction can change hflags
Signed-off-by: Yongbok Kim yongbok@imgtec.com
Reviewed-by: James Hogan james.ho...@imgtec.com
Cheers
James
---
target-mips/translate.c |6 ++
1 files changed,
From: Gonglei arei.gong...@huawei.com
After commit 4c7e251a (), when dump memory completed,
the s-fd will be closed twice. We should return
directly when dump completed.
Signed-off-by: Gonglei arei.gong...@huawei.com
---
dump.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/dump.c b/dump.c
On 2014/10/29 18:17, Paolo Bonzini wrote:
The virtio-rng backend is currently linked twice, once in the proxy
device (e.g. virtio-rng-pci) and once in virtio-rng-device. This causes
a double unref of the backend when the parent device is unplugged.
To fix this, make the proxy device use an
On 29 October 2014 07:03, Liviu Ionescu i...@livius.net wrote:
On 28 Oct 2014, at 16:18, Peter Maydell peter.mayd...@linaro.org wrote:
(There's also flash at address zero.)
if this is wrong, can you suggest a fix?
No, it's correct, because it's what the board has.
some time ago when I
On Wed, Oct 29, 2014 at 01:41:55AM +, Yongbok Kim wrote:
add msa_reset() and global msa register (d type only)
Signed-off-by: Yongbok Kim yongbok@imgtec.com
Reviewed-by: James Hogan james.ho...@imgtec.com
Cheers
James
---
target-mips/translate.c | 56
On Mon, Oct 27, 2014 at 11:12:49AM +0100, Max Reitz wrote:
The main purpose of this series is to add a progress report to
qemu-img amend. This is achieved by adding a callback function to
bdrv_amend_options() - the reasons for this choice are explained in
patch 1.
While adapting qcow2's
On Mon, Oct 27, 2014 at 01:30:07PM +0100, Max Reitz wrote:
Currently, when trying to create a backed image without specifying its
size, when the backing file does not exist or is not accessible, an
appropriate error message will be generated which is then (in
bdrv_img_create()) prefixed with
On Wed, Oct 29, 2014 at 01:41:56AM +, Yongbok Kim wrote:
add msa_helper.c
Signed-off-by: Yongbok Kim yongbok@imgtec.com
Reviewed-by: James Hogan james.ho...@imgtec.com
Cheers
James
---
target-mips/Makefile.objs |2 +-
target-mips/msa_helper.c | 49
From: Gonglei arei.gong...@huawei.com
If connect() return false, the sockfd will leak,
meanwhile proxy_init() can't check the return value
of connect_namedsocket(), maybe cause unpredictable
results.
Let's move the sock_id check logic out, which can
check both if and else statements.
* Hongyang Yang (yan...@cn.fujitsu.com) wrote:
Hi Dave,
For the COLO disk replication; are you talking here about 'local storage'
and treating it as 'internal state' or 'external state' (as described in the
first half of 4.4 in the original COLO paper)?
'local storage' and 'internal
On 24/10/2014 13:42, Leon Alrae wrote:
In Release 6 not all the values are allowed to be written to a register.
If the value is not valid or unsupported then it should stay unchanged.
For pre-R6 the existing behaviour has been changed only for CP0_Index register
as the current implementation
* Wen Congyang (we...@cn.fujitsu.com) wrote:
On 10/29/2014 05:34 PM, Dr. David Alan Gilbert wrote:
* Wen Congyang (we...@cn.fujitsu.com) wrote:
snip
Hi all:
I will start to implement disk replication. Before doing this, I think we
should decide
how to implement it.
I have
On 10/29/2014 10:18 AM, Paolo Bonzini wrote:
On 10/29/2014 08:53 AM, Hannes Reinecke wrote:
Hi all,
here is an update to the megasas emulation. It adds a new emulation
type (called 'megasas-gen2'), which emulates a newer (PCIe-based)
version of the MegaRAID HBA. As this hardware does MSI-X
On 10/29/2014 10:07 AM, Paolo Bonzini wrote:
On 10/29/2014 08:53 AM, Hannes Reinecke wrote:
All scsi functions take a scsi device as argument, which has
a LUN assigned to it. So we can get rid of specifying the 'lun'
as separate argument.
... except if you are sending a command to a
On Wed, Oct 29, 2014 at 01:41:57AM +, Yongbok Kim wrote:
add MSA branch instructions
Signed-off-by: Yongbok Kim yongbok@imgtec.com
Reviewed-by: James Hogan james.ho...@imgtec.com
Cheers
James
---
target-mips/translate.c | 333
+++
1
On 10/29/2014 12:13 PM, Hannes Reinecke wrote:
Passing a
NULL SCSIDevice is hard though.
But still can happen even with the current code.
Look at eg hw/scsi/esp.c:
current_lun = scsi_device_find(s-bus, 0, s-current_dev-id, lun);
s-current_req = scsi_req_new(current_lun, 0,
On Wed, Oct 29, 2014 at 01:41:58AM +, Yongbok Kim wrote:
add MSA I8 format instructions
Reviewed-by: James Hogan james.ho...@imgtec.com
The patch has changed quite a lot, so probably worth dropping
Reviewed-by in those cases in future.
Signed-off-by: Yongbok Kim yongbok@imgtec.com
Switch vmsvga_update_rect over to use vmsvga_verify_rect. Slight change
in behavior: We don't try to automatically fixup rectangles any more.
In case we find invalid update requests we'll do a full-screen update
instead.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Gerd Hoffmann kra...@redhat.com
Add verification function for rectangles, returning
true if verification passes and false otherwise.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Gerd Hoffmann kra...@redhat.com
Reviewed-by: Don Koch dk...@verizon.com
---
hw/display/vmware_vga.c | 53
Add verification to vmsvga_fill_rect, re-enable HW_FILL_ACCEL.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Gerd Hoffmann kra...@redhat.com
Reviewed-by: Don Koch dk...@verizon.com
---
hw/display/vmware_vga.c | 17 ++---
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git
Quick easy stopgap for CVE-2014-3689: We just compile out the
hardware acceleration functions which lack sanity checks. Thankfully
we have capability bits for them (SVGA_CAP_RECT_COPY and
SVGA_CAP_RECT_FILL), so guests should deal just fine, in theory.
Subsequent patches will add the missing
in the git repository at:
git://git.kraxel.org/qemu tags/pull-cve-2014-3689-20141029-1
for you to fetch changes up to bd9ccd8517e83b7c33a9167815dbfffb30d70b13:
vmware-vga: use vmsvga_verify_rect in vmsvga_fill_rect (2014-10-29 12:01:30
+0100
Add verification to vmsvga_copy_rect, re-enable HW_RECT_ACCEL.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Gerd Hoffmann kra...@redhat.com
Reviewed-by: Don Koch dk...@verizon.com
---
hw/display/vmware_vga.c | 20 ++--
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git
The check for a valid command buffer size was inverted.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 190a0bd..6933b56 100644
--- a/hw/scsi/megasas.c
+++
Logical drives can only be addressed with the 'target_id' number;
LUN numbers cannot be selected.
Physical drives can be selected with both, target and LUN id.
So we should disallow LUN numbers not equal to 0 when in
RAID mode.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c |
The trace events already contain the function name, so the actual
message doesn't need to contain any of these informations.
Signed-off-by: Hannes Reinecke h...@suse.de
---
trace-events | 38 +++---
1 file changed, 19 insertions(+), 19 deletions(-)
diff --git
scsi_cdb_length() does not return the length of the cdb, but
the transfersize encoded in the cdb. So rename it to scsi_xfer_length()
and add a new scsi_cdb_length() which actually does return the
length of the cdb.
With that DEBUG_SCSI can now display the correct CDB buffer.
Signed-off-by: Hannes
Hi all,
here is an update to the megasas emulation. It adds a new emulation
type (called 'megasas-gen2'), which emulates a newer (PCIe-based)
version of the MegaRAID HBA. As this hardware does MSI-X I've also
fixed up MSI-X support for the megasas emulation.
With these patches Win7 and Linux boot
Some implementations use DCMD_CLUSTER_RESET_LD to simulate
a device reset.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 16 +++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index a240cf1..4be4e88 100644
The 2108 chip supports MSI and MSI-X, so update the emulation
to support both chips.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c| 218 +--
hw/scsi/mfi.h| 7 ++
include/hw/pci/pci_ids.h | 1 +
3 files
The MFI_DCMD_LD_LIST_QUERY function is using a different format than
MFI_DCMD_LD_LIST, so we need to implement it differently.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 37 ++---
hw/scsi/mfi.h | 7 +++
2 files changed, 41
The windows driver is sending several init_firmware commands
when in MSI-X mode. It is, however, using only the first
queue. So disregard any additional init_firmware commands
until the HBA is reset.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 9 ++---
trace-events
Windows requires the frames to be unmapped, otherwise we run
into a race condition where the updated frame data is not
visible to the guest.
With that we can simplify the queue algorithm and use a bitmap
for tracking free frames.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c
To ease debugging we should be decoding
the register names.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 23 ---
trace-events | 4 ++--
2 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index
The EFI firmware doesn't handle unit attentions properly,
so we need to clear the Power On/Reset unit attention upon
initial reset.
Signed-off-by: Hannes Reinecke h...@suse.de
---
hw/scsi/megasas.c | 18 +-
hw/scsi/scsi-bus.c | 2 +-
include/hw/scsi/scsi.h | 1 +
MSI-X works slightly different than INTx; the doorbell
registers are not necessarily used as MSI-X interrupts
are directed anyway. So the head pointer on the
reply queue needs to be updated as soon as a frame
is completed, and we can set the doorbell only
when in INTx mode.
Signed-off-by: Hannes
On 29 Oct 2014, at 12:31, Peter Maydell peter.mayd...@linaro.org wrote:
I think I'd call that a bug; I suspect there's an
unfortunate interaction between the gdbstub and
semihosting ...
should we open a ticket for this?
regards,
Liviu
On Wed, Oct 22, 2014 at 01:10:45PM +0200, Max Reitz wrote:
On 2014-10-21 at 13:03, Stefan Hajnoczi wrote:
Make sure that query-block-jobs acquires the BlockDriverState
AioContext so that the blockjob isn't running in another thread while we
access its state.
Signed-off-by: Stefan Hajnoczi
On Tue, Oct 21, 2014 at 12:03:49PM +0100, Stefan Hajnoczi wrote:
v2:
* Protect block_job_defer_to_main_loop_bh() against AioContext change [Max]
* Drop unnecessary if (buf) around qemu_vfree(buf) [Max]
Almost all the infrastructure is in place to make blockjobs safe for use with
1 - 100 of 192 matches
Mail list logo