Ian Jackson [Tue, 4 Aug 2009 14:35:46 +0000 (15:35 +0100)]
fix vnc screen corruption bugs and viewer exits
I have been having problems with display corruption using raw
encoding.
I have also been having issues with the vncviewer client exiting with
"rect too big".
These problems appear when there are rapid changes to the framebuffer
contents. [I've been using "find /" in my tests to generate a lot of text
output.]
The root cause of both problems appears to be the changing of
the underlying framebuffer data during the creation of the update.
[Hextile makes multiple passes over the data and gets badly
confused if the data changes..]
The attached patch pulls the pixel data from the "stable" old_data
buffer rather than directly from the (changing) display surface.
Submitted-by: Andrew Thomas <andrew.thomas@oracle.com> Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
(cherry picked from commit 99a5a9155284ab47eda2be738be0115aa97ce0ff)
Ian Jackson [Tue, 4 Aug 2009 14:23:43 +0000 (15:23 +0100)]
add two missing cirrus_update_memory_access
the cirrus emulation code misses two calls to
cirrus_update_memory_access; this fact together with the condition on the
call to cirrus_update_memory_access in cirrus_bitblt_reset can cause
segfaults in qemu.
Ian Jackson [Wed, 8 Jul 2009 14:52:31 +0000 (15:52 +0100)]
Always treat floppy images as raw
The fix for the image format guessing vulnerability breaks raw floppy
images. In our environment it is difficult to apply the same
configuration change as envisaged upstream, so instead we arrange to
always treat a floppy image as raw.
Two-line patch supplied by James Harper <james.harper@bendigoit.com.au> Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
(cherry picked from commit f2ce5c35f60bb606bd3ddb55c361bb8a9aad5c5c)
Ian Jackson [Thu, 28 May 2009 17:24:49 +0000 (18:24 +0100)]
replace stat("/etc/disable-guest-log-throttle") in xen_platform.c
currently xen_platform reads /etc/disable-guest-log-throttle at boot to
decide whether is going to throttle guest logging or not.
When using stubdom this is the only code in qemu that rely on
fs-backend, apart from saving and loading the statefile for migration.
This patch removes the read from /etc and adds a read from xenstore
instead.
Ian Jackson [Fri, 8 May 2009 16:26:01 +0000 (17:26 +0100)]
Fix DMA emualtion for ia64.
For DMA in native system, operating system depends on platform
flushes icache of memory touched by DMA operations.
But as to virtual DMA of virtual machine, dma emulation code has to
use explicit instructions to flush icahce,otherwise,
guest may use old icache and leads to guest's crash.
Signed-off-by: Xiantao Zhang <xiantao.zhang@intel.com> Signed-off-by: Yang Zhang <yang.zhang@intel.com>
Ian Jackson [Fri, 8 May 2009 16:15:39 +0000 (17:15 +0100)]
passthrough: pt_bar_mapping: use a better way to get the CMD value
The pt_pci_read_config(&ptdev->dev, PCI_COMMAND, 2) in 5d767b7b3fac52336f59e5b40d8befa6b1909937 is not proper as Yuji Shimada
points out: "pt_pci_read_config emulates access to read the registers
from guest software. Many functions which are not relevant are
executed in pt_pci_read_config. So side effects may occur"; instead,
we can "remove emu_mask from writable_mask in pt_cmd_reg_write and
then we can get the proper value from reg_entry->data". Thanks for
Yuji's review and Simon Horman's test.
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com> Tested-by: Simon Horman <horms@verge.net.au> Reviewed-by: Yuji Shimada <shimada-yxb@necst.nec.co.jp>
Ian Jackson [Tue, 5 May 2009 14:22:17 +0000 (15:22 +0100)]
passthrough: pt_bar_mapping etc.: use correct CMD for PCI BAR mapping etc.
dbb8aafa702b8b4f5568e08641d98471fd04e0f8 has a bug:
The virtual CMD value we get from reg_entry->data is not the proper
value because reg_entry->data only holds the emulated bits and the
PCI_COMMAND_IO/PCI_COMMAND_MEMORY bits are not in it. Instead, we can
use pt_pci_read_config(&ptdev->dev, PCI_COMMAND, 2) to get the proper
value.
We should only update the mapping of the related BAR, NOT the mappings
of ALL BARs.
In pt_exp_rom_bar_reg_write(), we should also update the mapping. And
for PCI_ROM_SLOT, when the PCI_ROM_ADDRESS_ENABLE bit is 0, we should
not have the mapping.
Ian Jackson [Tue, 5 May 2009 14:20:50 +0000 (15:20 +0100)]
qemu-img-xen: Fix cow creation with raw image backing files
Previously
dd if=/dev/zero of=raw_image count=100
./qemu-img-xen create -b raw_image -f qcow2 cow_image
would fail because it would attempt to autodetect the format of
base_image. With this change, it works. However,
./qemu-img-xen create -b cow_image -f qcow2 cow_image_2
will now fail because we now always expect the backing file to be raw.
Thanks to Xin Li and Dongxiao Xu for the bug report.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Ian Jackson [Thu, 23 Apr 2009 15:35:09 +0000 (16:35 +0100)]
drop lwip network support in stubdoms
in order to simplify network support in ioemu stubdoms, I am dropping
lwip based networking.
Network support is still provided the same way: using the tap
interface, created in qemu using netfront.
The lwip stack is still available to avoid additional compilation
issues.
However the stubdom is not going to have its own vif anymore,
this means that the only vnc server supported is the one in dom0.
You can still enable the vnc server in a stubdom at compile time, if
you want so.
Probably the most important change caused by this patch to xen users is
that you don't have to specify two vif in the stubdom config file
anymore, but just one:
Mark Hemment [Thu, 23 Apr 2009 13:40:47 +0000 (14:40 +0100)]
Initial check-in for PS/2 pass-through support.
This driver supports vanilla keyboard and aux devices, along with Synaptic
touchpads. Currently, no support for ALPS touchpads. Disabled by default.
Add;
extra-hvm = ps2-passthrough=
to config (both PVM and SVM) to enable.
Ian Jackson [Wed, 22 Apr 2009 15:16:40 +0000 (16:16 +0100)]
passthrough: Fix older kernel assigned device resume failure problem
We found when do S3 resume, some older kernel(such as rh5.1)
cmd register might be restored before BAR registers, Since
pt_bar_mapping is done when writing cmd register, it will cause
mapping incorrect address.
It's the root_cause of when doing RH5.1 HVM S3, assigned e1000e
network card fails to resume back. (set pci_power_mgmt=1 in guest
config file, let PM support device enter D3 hot state during guest S3)
we should call pt_bar_mapping in pt_bar_reg_write to avoid this problem
for supporting older kernels.
Ian Jackson [Tue, 21 Apr 2009 14:45:18 +0000 (15:45 +0100)]
Fix hvm guest cirrus_vga hvm s3 resume failure
This patch is for fixing hvm guest cirrus_vga hvm s3 resume failure.
We found latest Qemu (after Mar 3.10) will cause HVM guest vga fails
to resume back from S3. It's because vga_bios_init is not only needed
during init, but also needed after cirrus_vga reset (hvm s3 will do
qemu_reset).
Also, we found the outdated s->vram_ptr reset will cause s3 resume
screen black, so we remove it. (win2000 boot up does not need it now)
We verified the fix with the latest cs/qemu.
[ Patch modified slightly by Ian Jackson to reduce code motion. ]
Signed-off-by: Liping Ke<liping.ke@intel.com> Signed-off-by: Ke Yu<ke.yu@intel.com> Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Jean Guyader [Sun, 19 Apr 2009 17:45:15 +0000 (18:45 +0100)]
Imporved intel driver:
- Now work if only surface B is enabled.
- Be a bit more carefull when we setup the linesize.
The vga doesn't like weird linesize (0 or -1).
this patch fixes network support in ioemu stubdoms.
At the moment in order to provide a working network interface to the
guest you still need to specify a vif in both the guest and stubdom
config files.
Ian Jackson [Fri, 17 Apr 2009 16:40:32 +0000 (17:40 +0100)]
fix sdl mode
When I use "sdl=1 vnc=0" in hvm guest config file, qemu-dm would exit
due to a de-reference to a NULL pointer. The regression is introduced
by 3793d85f111a0dfe055ca8ac17a9d1881af43240. The attached patch fixes
the issue.
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Ian Jackson [Thu, 16 Apr 2009 10:47:04 +0000 (11:47 +0100)]
passthrough: guest MSI config on disable
It's possible for a guest to change the MSI vector or flags
when MSI is disabled, after it's first initialized. This patch
handles the address and data update when it's disabled.
The vga screen dump function updates last_width and last_height,
but does not change the DisplaySurface that these variables describe.
A consequent vga_draw_graphic() will therefore fail to resize the
surface and crash.
Fix by invalidating the display state after a screen dump, forcing
vga_draw_graphic() to reallocate the DisplaySurface.
Signed-off-by: Avi Kivity <avi@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7069 c046a42c-6fe2-441c-8c8c-71466251a162
For Non-MAPCACHE case, to get the virtual address corresponding to
guest physical address, only an offset value is added to guest
physical address. With this patch, ia64 HVM boot failure bug can be
fixed.
[ This reverts part of 2ed2ee1704a4ef956ecc61848c84d12aaa4419d5,
once again removing the bounce buffer in the non-MAPCACHE
version of cpu_physical_memory_map. -iwj ]
Ian Jackson [Wed, 8 Apr 2009 16:32:57 +0000 (17:32 +0100)]
sync DisplayAllocator interface
this simple patch sync's the DisplayAllocator interface with upstream
qemu. The only non trivial change, is the new ability for sdl to support
the DisplayAllocator interface, hence improving performances (avoid a
memcpy) when the guest is in text mode or uses a color depth of 8bpp or
24bpp (no DisplayState surface sharing allowed).
We now enforce that you cannot write beyond the end of a non-growable file.
qcow2 files are not growable but we rely on them being growable to do
savevm/loadvm. Temporarily allow them to be growable by introducing a new
API specifically for savevm read/write operations.
Reported-by: malc Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7005 c046a42c-6fe2-441c-8c8c-71466251a162
stop dirty tracking just at the end of migration (Glauber Costa)
If there is still work to do, it is not safe to assume we
can end the dirty tracking. Specifically, kvm can update the dirty
tracking log inside ram_save_block(), leaving pages still out of sync
if we go with the current code.
Based on a patch by Yaniv Kamay
Signed-off-by: Glauber Costa <glommer@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7002 c046a42c-6fe2-441c-8c8c-71466251a162
This is mainly for consistency, since we don't want
anything outside of savevm setting it explicitly. There
are current no users of that in qemu tree, but there
are potential candidates on kvm-userspace. And avi
is a nice guy, let's be nice with him.
Based on a patch by Yaniv Kamay
Signed-off-by: Glauber Costa <glommer@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7001 c046a42c-6fe2-441c-8c8c-71466251a162
When creating large disk images w/ qcow2 format, qcow2_create is hard
coded to creating a single refcount block. This is insufficient for
large images, and will cause qemu-img to segfault as it walks off the
end of the refcount block. Keep track of the space needed during image
create and create proper number of refcount blocks accordingly.
pci_add storage: fix error handling for 'if' parameter (Eduardo Habkost)
This fixes:
- The error message to show the actual if= argument value. It was showing
the filename instead, because 'buf' is reaused on the filename parsing.
- A bug that makes a block device to be created even when an unsupported if= arg
is passed to pci_add.
Fix (at least one cause of) qcow2 corruption. (Nolan Leake)
qcow2's get_cluster_offset() scans forward in the l2 table to find other
clusters that have the same allocation status as the first cluster.
This is used by (among others) qcow_is_allocated().
Unfortunately, it was not checking to be sure that it didn't fall off
the end of the l2 table. This patch adds that check.
The symptom that motivated me to look into this was that
bdrv_is_allocated() was returning false when there was in fact data
there. This is one of many ways this bug could lead to data corruption.
I checked the other place that scans for consecutive unallocated blocks
(alloc_cluster_offset()) and it appears to be OK:
nb_clusters = MIN(nb_clusters, s->l2_size - l2_index);
appears to prevent the same problem from occurring.
Ian Jackson [Fri, 3 Apr 2009 15:17:22 +0000 (16:17 +0100)]
Reinstate bounce-buffer-based cpu_physical_memory_[un]map for ia64
This patch fixes the compilation error caused by the change set
of 191158d4c289d1bf7c154ad6b51f776f680982d5.
ia64 doesn't support mapcache yet, so not-mapcache version
of cpu_physical_memory_map/unmap are still necessary.
Ian Jackson [Tue, 31 Mar 2009 16:19:49 +0000 (17:19 +0100)]
block-vbd: implement support for splitting requests
the main issue with stubdoms at the moment is that the new dma api does
not support an upper limit for the number of sectors in a single dma
transfer.
This means that block-vbd can issue blkfront_aio transfers that exceed
the blktap limit BLKIF_MAX_SEGMENTS_PER_REQUEST.
The attached qemu patch makes block-vbd split any request bigger than
the limit above.
The small xen patch is also needed to change struct blkfront_aiocb.
[ The corresponding changeset in xen-unstable is 19463:f2cf89a4e762 -iwj ]
Ian Jackson [Tue, 31 Mar 2009 15:54:56 +0000 (16:54 +0100)]
xen: use mapcache for cpu_physical_memory_map
this patch improves qemu-xen's mapcache to be able to guarantee that
certain mappings are going to last until explicitly unmapped.
This capability is necessary to implement cpu_physical_memory_map and
cpu_physical_memory_unmap that are part of the new dma api.
This patch also provides the implementation of these two functions,
removing the one based on bounce buffers that we are currently using.
Current DMA throughput: ~10MB/s
DMA throughput with this patch: ~27MB/s
Ian Jackson [Tue, 31 Mar 2009 15:52:24 +0000 (16:52 +0100)]
passthrough: Allow slots 1e and 1f to be used
This fixes an oversight in my recent patch "Allow any unused PCI device to
be used for pass-through" whereby attempts to use slots 1e and 1f for
pass-through would silently fail.
* This affects both static and manual selection of slots
* This affects both hot-plug and static pass-through
Ian Jackson [Tue, 31 Mar 2009 14:37:58 +0000 (15:37 +0100)]
Fixes from Christoph Egger
- xen-vl-exra.c: Only compile pci_emulation_add() w/ CONFIG_PASSTHROUGH
- Fix compiler confusion with tokens after #endif
- qemu-common.h: Fix merge botch with upstream
- qemu-xen.h: remove redundant declaration of pci_xen_platform_init
- xen_platform.c: take declaration of pci_xen_platform_init from
xen_platform.h
- xen_platform.c: Make platform_fixed_ioport_save and
platform_fixed_ioport_load static. They have no prototypes and aren't
used elsewhere
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Ian Jackson [Tue, 31 Mar 2009 10:45:38 +0000 (11:45 +0100)]
passthrough: Fix duplicated MAC addr when multi-port NIC assigned to HVM domain
This patch fixes duplicated MAC address when multi-port NIC is
assigned to HVM domain.
Currently multi-function device is shown as two single function
devices. e1000e driver and igb driver for linux add 1 to MAC address of
second port of multi-port NIC. But they don't add 1 to MAC address of
second port if NIC is single-function device. Because of this, the MAC
addresses of the first port and the second port are duplicated.
The patch make Header Type register passthrough-type. This means a
multi-function device is shown as two multi-function devices which
implement only one function. So e1000e driver and igb driver add 1 to
MAC address of second port.
When we use windows guest, the same issue occurs, the patch fix it.
Ian Jackson [Tue, 31 Mar 2009 10:40:30 +0000 (11:40 +0100)]
ioemu: allow xend to specify the slot for pass-through devices
Currently a slot may be specified for a hot-plug device,
but not for a pass-through device that is inserted at boot time.
This patch adds support for the latter.
The syntax is:
BUS:DEV.FUNC[@VSLOT]
e.g: 0000:00:1d:0@7
This may be important as recent changes that allow any free PCI
slot to be used for pass-through (and hotplug) may case pass-through
devices to be assigned in different locations to before. Amongst
other things, specifying the slot will allow users to move them
back, if there is a need.
There is also a xend portion of this patch, which will be posted separately.
Ian Jackson [Tue, 31 Mar 2009 10:38:55 +0000 (11:38 +0100)]
ioemu: Do slot parsing inside of next_bdf
Currently only hotplug provides vslot information from xend.
A subsequent patch will have xend provide this information
for boot-time inserted pass-through devices too.
With this in mind, this patch makes some infrastructure
to parse bdf + slot information.
aliguori [Sat, 28 Mar 2009 18:01:29 +0000 (18:01 +0000)]
char: Fix closing of various char devices (Jan Kiszka)
This patch fixes several issues around closing char devices. Affected
were pty (timer was left behind, even running), udp (no close handling
at all) and tcp (missing async IO handler cleanup). The bugs either
caused segfaults or stalled the qemu process. So far, hot-unplugging USB
serial adapters suffered from this.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@6912 c046a42c-6fe2-441c-8c8c-71466251a162
aliguori [Sat, 28 Mar 2009 15:51:46 +0000 (15:51 +0000)]
host_device_remove: remove incorrect check for device name (Eduardo Habkost)
There is no need to check for valid prefixes on the the device name
when removing it. If the device name is found on the vlan client list,
it can be removed, regardless of the prefix used on its name.
To reproduce the bug, just run this on the monitor:
Ian Jackson [Wed, 25 Mar 2009 11:38:29 +0000 (11:38 +0000)]
passthrough: fix buffer overflow of vslots
Assuming we assign n devices, strlen(direct_pci) can be 13n and the
length of the old 'vslots' is 13n/3 which is smaller than 5n+1 (1
slot_str takes 5 bytes). So we have to malloc a bigger buffer for
vslots.
Ian Jackson [Wed, 25 Mar 2009 11:35:42 +0000 (11:35 +0000)]
passthrough: Register dpci_infos.php_devs.pt_dev in a common location
Currently power_on_php_slot() sets dpci_infos.php_devs[i].pt_dev itself
after the call to register_real_device(). While pt_init relies on
power_on_php_slot() to set this pointer.
It seems sensible to use the same behaviour for both callers.
There are no other callers of register_real_device()
Ian Jackson [Tue, 24 Mar 2009 18:23:29 +0000 (18:23 +0000)]
passthrough: fix pt_chk_bar_overlap
This patch fixes pt_chk_bar_overlap.
Current pt_chk_bar_overlap does not distinguish memory resources and
io resources. They are placed in different address space. So
pt_chk_bar_overlap should distinguish them.
This patch fixes MSI/MSI-X capability structure virtualization code.
Currently, xen does not support multiple message (multiple vector).
So multiple message capable field should be emulated and fixed to 0
(single vector).
With the patch, my FC-HBA works when I assign it to guest domain where
windows 2008 runs.
In addition to this, initial values of emulated registers should be
the same with initial values defined in PCI spec. If initial values
are not defined, they should be 0. The emulated field mask and
read-only field mask are also fixed.
Ian Jackson [Tue, 24 Mar 2009 18:12:39 +0000 (18:12 +0000)]
cirrus: Do not clear vram area to 0xff when not yet allocated.
When restoring, the vram data pointer is not valid until (depending on
the version of the savefile) the guest has informed us what memory to
use. Thus vram_ptr may be NULL. In this patch we avoid attempting to
clear the video ram in this case.
Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Ian Jackson [Tue, 24 Mar 2009 13:30:10 +0000 (13:30 +0000)]
ioemu: emulate No_Soft_Reset in PMCSR
When pci_power_mgmt=0, the No_Soft_Reset field in power
management control/status register of a PCI device needs to be
emulated and fixed to 1. This bit indicates that devices
transitioning from D3 to D0 because of PowerState commands do not
perform an internal reset.
Ian Jackson [Mon, 23 Mar 2009 17:15:12 +0000 (17:15 +0000)]
fix stubdomain after DisplayState changes
this patch fixes few stubdom issues arised after the recent DisplayState
changes (not yet pushed to qemu-xen-unstable).
The main problem is that we need to touch the newly allocated pages
before sharing them, because minios allocates on first write.
Ian Jackson [Mon, 23 Mar 2009 17:00:50 +0000 (17:00 +0000)]
Fix passthrough regression
pt_init() iterates through the PHP slots independantly of
the assignment that occurs inside __insert_to_pci_slot
which is called by register_real_device(). It assumes
that vslots are assigned in order sarting at PHP_SLOT_START.
This was valid before my change, although why it didn't take the
simpler option of just checking what value had been assigned to
pt_dev->dev.devfn in register_real_device() is a mystery to
me [Simon]. Its also a mystery to what valid circumstance could lead
to pt_init() using 0 (a.k.a. unknown?) as the vslot.
My patch made one the assumptions that pt_init() made about slot numbers
invalid. That is, they don't start at PHP_SLOT_START, they start
wherever there is a free device.
A simple solution seems to be to use the value assigned to
pt_dev->dev.devfn in register_real_device().
Ian Jackson [Mon, 23 Mar 2009 16:47:35 +0000 (16:47 +0000)]
Fixes for git ioemu tree from Christoph Egger
Make ioemu build w/o CONFIG_PASSTHROUGH
- Make ioemu build w/ TAPGIFNAME defined
- Make pci_emulation_add non-static as it is used in different files
- remove redundant variable re-declarations/re-definitions
- Make xenstore functions static. They have no prototypes and aren't used
elsewhere
- Initialize xenpv_machine correctly (xen_init_pv didn't match what
QEMUmachine expected)
- Misc compiler warning fixes
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Ian Jackson [Mon, 23 Mar 2009 16:35:27 +0000 (16:35 +0000)]
Correct compilation error in bdf_to_slow
This commit:
commit 3fcc8c62058a60a31d762da627d4325137eea813
make __insert_to_pci_slot idempotent Signed-off-by: Simon Horman <horms@verge.net.au>
has a trivial compilation error which I now fix.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Ian Jackson [Mon, 23 Mar 2009 15:58:28 +0000 (15:58 +0000)]
More stubdom build fixes.
* Do not fail to build stubdom if the compiler fails to optimise out
never-called static functions containing undefined references.
* Properly disable stubdom ioemu docs build.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
projects / xenclient / ioemu.git / log