On Fri, Nov 30, 2018 at 04:03:29PM -0600, Eric Blake wrote:
> I note that upstream NBD has 'nbd-client -l $host' for querying
> just export names (with no quoting, so you have to know that
> a blank line means the default export), but it wasn't powerful
> enough, so I implemented 'qemu-nbd -L' to
Hi everybody!
Starting today, on December 1st, the first door of the QEMU Advent
Calendar 2018 can now be opened! The advent calendar reveals a new disk
image for download on each of the first 24 days in December 2018, to
create a fun experience for the QEMU community, to celebrate the
15th
Hi, Gerd.
Thank you very match! It's work for me.
Now, I need to contact with libvirt developers. Libvirt isn't work
with egl-headless. I'm trying last version (4.9.0)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
Change the default speed and width for new machine types to the
fastest and widest currently supported. This should be compatible to
the PCIe 4.0 spec. Pre-QEMU-3.2 machine types remain at 2.5GT/s, x1
width.
Cc: Michael S. Tsirkin
Cc: Marcel Apfelbaum
Signed-off-by: Alex Williamson
---
Including all machine types that might have a pcie-root-port.
Cc: Peter Maydell
Cc: Michael S. Tsirkin
Cc: Marcel Apfelbaum
Cc: Paolo Bonzini
Cc: Richard Henderson
Cc: Eduardo Habkost
Cc: David Gibson
Signed-off-by: Alex Williamson
---
hw/arm/virt.c| 19 +--
Make use of the PCIESlot speed and width fields to update link
information beyond those configured in pcie_cap_v1_fill(). This is
only called for devices supporting a version 2 capability and
automatically skips any non-PCIESlot devices. Only devices with
increased link values generate any
Now that the downstream port will virtually negotiate itself to the
link status of the downstream devie, we can remove this emulation.
It's not clear that it was every terribly useful anyway.
Tested-by: Geoffrey McRae
Signed-off-by: Alex Williamson
---
hw/vfio/pci.c |6 --
1 file
The PCIe link speed and width between a downstream device and its
upstream port is negotiated on real hardware and susceptible to
dynamic changes due to signal issues and power management. In the
emulated device case there is no real hardware link, but we still
might wish to have some consistency
Allow users to specify speed and width values for the generic PCIe
root port. Defaults remain at 2.5GT/s & x1 for compatiblity.
Note for libvirt testing that pcie-root-port controllers are given
default names like "pci.7" which don't play well with using the
"-set device.$name.$prop=$value"
In preparation for reporting higher virtual link speeds and widths,
create enums and macros to help us manage them.
Cc: Michael S. Tsirkin
Cc: Marcel Apfelbaum
Tested-by: Geoffrey McRae
Signed-off-by: Alex Williamson
---
hw/pci/pcie.c |7 ---
hw/vfio/pci.c |
Add fields allowing the PCIe link speed and width of a PCIESlot to
be configured, with an instance_post_init callback on the root port
parent class to set defaults. This allows child classes to set these
via properties or via their own instance_init callback, without
requiring all implementions
Create properties to be able to define speeds and widths for PCIe
links. The only tricky bit here is that our get and set callbacks
translate from the fixed QAPI automagic enums to those we define
in PCI code to represent the actual register segment value.
Cc: Eric Blake
Cc: Markus Armbruster
RFC->v1:
- Add Cc reported by get_maintainer
- Fixup some commit logs (no code changes in patches 1-7)
- Add Geoffrey's Tested-by
- Add patches 8 & 9 which define a QEMU 3.2 machine type and cranking
up the link speed and width for that machine type while maintaining
compatibile speeds
On 11/30/18 4:30 PM, Richard W.M. Jones wrote:
On Fri, Nov 30, 2018 at 04:03:34PM -0600, Eric Blake wrote:
There's no need to read into a temporary buffer (oversized
since commit 7d3123e1) followed by a byteswap into a uint64_t
to check for a magic number via memcmp(), when the code
immediately
On 11/30/18 4:26 PM, Richard W.M. Jones wrote:
On Fri, Nov 30, 2018 at 04:03:33PM -0600, Eric Blake wrote:
Our open-coding of strtol handling forgot to handle overflow
conditions. What's more, since we insiste on a user-supplied
"insist"
(Ever wonder if I stick in a typo on purpose, just to
On Fri, Nov 30, 2018 at 04:03:38PM -0600, Eric Blake wrote:
> The function could only ever return 0 or -EINVAL; make this
> clearer by dropping a useless 'fail:' label.
>
> Signed-off-by: Eric Blake
> ---
> nbd/client.c | 51 +++
> 1 file changed,
On Fri, Nov 30, 2018 at 04:03:35PM -0600, Eric Blake wrote:
> Refactor the 'name' parameter of nbd_receive_negotiate() from
> being a separate parameter into being part of the in-out 'info'.
> This also spills over to a simplification of nbd_opt_go().
>
> The main driver for this refactoring is
On Fri, Nov 30, 2018 at 04:03:34PM -0600, Eric Blake wrote:
> There's no need to read into a temporary buffer (oversized
> since commit 7d3123e1) followed by a byteswap into a uint64_t
> to check for a magic number via memcmp(), when the code
> immediately below demonstrates reading into the
On Fri, Nov 30, 2018 at 04:03:33PM -0600, Eric Blake wrote:
> Our open-coding of strtol handling forgot to handle overflow
> conditions. What's more, since we insiste on a user-supplied
"insist"
> partition to be non-zero, we can use 0 rather than -1 for our
> initial value to distinguish when a
On Fri, Nov 30, 2018 at 04:03:32PM -0600, Eric Blake wrote:
> Connecting to a /dev/nbdN device is a Linux-specific action.
> We were already masking -c and -d from 'qemu-nbd --help' on
> non-linux. However, while -d fails with a sensible error
> message, it took hunting through a couple of files
On Fri, Nov 30, 2018 at 04:03:31PM -0600, Eric Blake wrote:
> Consolidate on using decimal (not hex) and on outputting the
> option reply name (not just value) when the client reports
> protocol discrepancies from the server. While it won't affect
> normal operation, it makes debugging additions
On Fri, Nov 30, 2018 at 04:03:30PM -0600, Eric Blake wrote:
> This changes output from:
>
> $ qemu-nbd nosuch
> Failed to blk_new_open 'nosuch': Could not open 'nosuch': No such file or
> directory
>
> to something more consistent with qemu-img and qemu:
>
> $ qemu-nbd nosuch
> qemu-nbd:
We want to be able to detect whether a given qemu NBD server is
exposing the right export(s) and dirty bitmaps, at least for
regression testing. We could use 'nbd-client -l' from the upstream
NBD project to list exports, but it's annoying to rely on
out-of-tree binaries; furthermore, nbd-client
We want to be able to detect whether a given qemu NBD server is
exposing the right export(s) and dirty bitmaps, at least for
regression testing. We could use 'nbd-client -l' from the upstream
NBD project to list exports, but it's annoying to rely on
out-of-tree binaries; furthermore, nbd-client
Change the signature to make it easier for a future patch to
reuse this function for calling NBD_OPT_LIST_META_CONTEXT with
0 or 1 queries. Also, always allocate space for the received
name, even if it doesn't match expected lengths (no point
trying to optimize the unlikely error case, and
The function could only ever return 0 or -EINVAL; make this
clearer by dropping a useless 'fail:' label.
Signed-off-by: Eric Blake
---
nbd/client.c | 51 +++
1 file changed, 23 insertions(+), 28 deletions(-)
diff --git a/nbd/client.c
Any good new feature deserves some regression testing :)
Coverage includes:
- 223: what happens when there are 0 or more than 1 export,
proof that we can see multiple contexts including qemu:dirty-bitmap
- 233: proof that we can list over TLS, and that mix-and-match of
plain/TLS listings sanely
There's no need to read into a temporary buffer (oversized
since commit 7d3123e1) followed by a byteswap into a uint64_t
to check for a magic number via memcmp(), when the code
immediately below demonstrates reading into the uint64_t then
byteswapping in place and checking for a magic number via
Refactor the 'name' parameter of nbd_receive_negotiate() from
being a separate parameter into being part of the in-out 'info'.
This also spills over to a simplification of nbd_opt_go().
The main driver for this refactoring is that an upcoming patch
would like to add support to qemu-nbd to list
An upcoming patch will add the ability for qemu-nbd to list
the services provided by an NBD server. Share the common
code of the TLS handshake by splitting the initial exchange
into a separate function, leaving only the export handling
in the original function. Functionally, there should be no
Connecting to a /dev/nbdN device is a Linux-specific action.
We were already masking -c and -d from 'qemu-nbd --help' on
non-linux. However, while -d fails with a sensible error
message, it took hunting through a couple of files to prove
that. What's more, the code for -c doesn't fail until
Commit 3d068aff forgot to advertise available qemu: contexts
when the client requests a list with 0 queries. Furthermore,
3.0 shipped with a qemu-img hack of x-dirty-bitmap (commit
216ee365) that _silently_ acts as though the entire image is
clean if a requested bitmap is not present. Both bugs
Add some parameters to make this function reusable in upcoming
export listing, where we will want to capture the name and
description rather than compare against a user-supplied name.
No change in semantics to the existing caller.
Signed-off-by: Eric Blake
---
nbd/client.c | 66
I got tired of debugging whether a server was advertising the
correct things during negotiation by inspecting the trace
logs of qemu-io as client - not to mention that without SOME
sort of client tracing particular commands, we can't easily
regression test the server for correct behavior. The
Consolidate on using decimal (not hex) and on outputting the
option reply name (not just value) when the client reports
protocol discrepancies from the server. While it won't affect
normal operation, it makes debugging additions easier.
Signed-off-by: Eric Blake
---
nbd/client.c | 21
This does require an extra two checks within the slow paths
to replace the assert that we're moving.
Signed-off-by: Richard Henderson
---
tcg/aarch64/tcg-target.inc.c | 35 ---
1 file changed, 20 insertions(+), 15 deletions(-)
diff --git
Our open-coding of strtol handling forgot to handle overflow
conditions. What's more, since we insiste on a user-supplied
partition to be non-zero, we can use 0 rather than -1 for our
initial value to distinguish when a partition is not being
served, for slightly more optimal code.
Signed-off-by:
This changes output from:
$ qemu-nbd nosuch
Failed to blk_new_open 'nosuch': Could not open 'nosuch': No such file or
directory
to something more consistent with qemu-img and qemu:
$ qemu-nbd nosuch
qemu-nbd: Failed to blk_new_open 'nosuch': Could not open 'nosuch': No such
file or directory
There is no longer a need for preserving branch offset operands,
as we no longer re-translate.
Signed-off-by: Richard Henderson
---
tcg/mips/tcg-target.inc.c | 7 +--
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/tcg/mips/tcg-target.inc.c b/tcg/mips/tcg-target.inc.c
index
This will move the assert for success from within (subroutines of)
patch_reloc into the callers. It will also let new code do something
different when a relocation is out of range.
For the moment, all backends are trivially converted to return true.
Signed-off-by: Richard Henderson
---
There are one use apiece for these. There is no longer a need for
preserving branch offset operands, as we no longer re-translate.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.inc.c | 22 +++---
1 file changed, 3 insertions(+), 19 deletions(-)
diff --git
There is no longer a need for preserving branch offset operands,
as we no longer re-translate.
Signed-off-by: Richard Henderson
---
tcg/s390/tcg-target.inc.c | 10 ++
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/tcg/s390/tcg-target.inc.c b/tcg/s390/tcg-target.inc.c
The reloc_pc{14,24}_val routines retain their asserts.
Use these directly within the slow paths.
Signed-off-by: Richard Henderson
---
tcg/ppc/tcg-target.inc.c | 32 +---
1 file changed, 21 insertions(+), 11 deletions(-)
diff --git a/tcg/ppc/tcg-target.inc.c
This does require an extra two checks within the slow paths
to replace the assert that we're moving. Also add two checks
within existing functions that lacked any kind of assert for
out of range branch.
Signed-off-by: Richard Henderson
---
tcg/s390/tcg-target.inc.c | 34
It is unused since 3fb53fb4d12f2e7833bd1659e6013237b130ef20.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.inc.c | 8
1 file changed, 8 deletions(-)
diff --git a/tcg/arm/tcg-target.inc.c b/tcg/arm/tcg-target.inc.c
index e1fbf465cb..1142eb13ad 100644
---
There are one use apiece for these. There is no longer a need for
preserving branch offset operands, as we no longer re-translate.
Signed-off-by: Richard Henderson
---
tcg/aarch64/tcg-target.inc.c | 21 ++---
1 file changed, 2 insertions(+), 19 deletions(-)
diff --git
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.inc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tcg/i386/tcg-target.inc.c b/tcg/i386/tcg-target.inc.c
index 5c88f1f36b..28192f4608 100644
--- a/tcg/i386/tcg-target.inc.c
+++ b/tcg/i386/tcg-target.inc.c
@@
It is unused since b68686bd4bfeb70040b4099df993dfa0b4f37b03.
Signed-off-by: Richard Henderson
---
tcg/aarch64/tcg-target.inc.c | 12
1 file changed, 12 deletions(-)
diff --git a/tcg/aarch64/tcg-target.inc.c b/tcg/aarch64/tcg-target.inc.c
index 083592a4d7..a41b633960 100644
---
This does require an extra two checks within the slow paths
to replace the assert that we're moving.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.inc.c | 22 --
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/tcg/arm/tcg-target.inc.c
Reviewed-by: Alex Bennée
Reviewed-by: Emilio G. Cota
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tcg/i386/tcg-target.h b/tcg/i386/tcg-target.h
index 7488c3d869..2441658865 100644
--- a/tcg/i386/tcg-target.h
+++
There is no longer a need for preserving branch offset operands,
as we no longer re-translate.
Signed-off-by: Richard Henderson
---
tcg/sparc/tcg-target.inc.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/tcg/sparc/tcg-target.inc.c b/tcg/sparc/tcg-target.inc.c
In review of v2, Alex asked for patch 3 to be broken apart.
Here, patches 3-16 are that breakup. I've omitted the rest
of the v2 patchset for now; I have yet to make substantive
changes to those.
r~
Richard Henderson (16):
tcg/i386: Always use %ebp for TCG_AREG0
tcg/i386: Move
There is no longer a need for preserving branch offset operands,
as we no longer re-translate.
Signed-off-by: Richard Henderson
---
tcg/ppc/tcg-target.inc.c | 25 +++--
1 file changed, 7 insertions(+), 18 deletions(-)
diff --git a/tcg/ppc/tcg-target.inc.c
For x86_64, this can remove a REX prefix resulting in smaller code
when manipulating globals of type i32, as we move them between backing
store via cpu_env, aka TCG_AREG0.
Reviewed-by: Alex Bennée
Reviewed-by: Emilio G. Cota
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.h | 8
On 11/30/2018 03:52 PM, Eric Blake wrote:
On 11/30/18 2:37 PM, Farhan Ali wrote:
Test 232 creates image files with read-only permission and
expects an error message when trying to access the image
files with read-only and auto-read-only turned off.
Don't run as root user, since root can
This function is only needed when Q35 is in use. Moving it to
the same file that uses it lets you disable the entire USB
subsystem in x86_64-softmmu.mak; of course doing that will
cause -usb to break horribly, but one thing at a time.
Signed-off-by: Paolo Bonzini
---
hw/i386/pc_q35.c | 55
Public bug reported:
I'm developing a game bootable from a floppy disk, written in i386
assembly. I found out it doesn't work on newer QEMU versions. I managed
to isolate the issue and it seems that there's a problem with handling
of BIOS interrupt 13h when it comes to reading disk sectors
On 11/30/18 12:13 PM, Peter Maydell wrote:
On Mon, 26 Nov 2018 at 20:04, wrote:
From: Corey Minyard
The SMBus slave code had an unneeded state, unnecessary function
pointers and incorrectly handled quick commands. Rewrite it
to simplify the code and make it work correctly.
smbus_eeprom is
On 11/30/18 2:37 PM, Farhan Ali wrote:
Test 232 creates image files with read-only permission and
expects an error message when trying to access the image
files with read-only and auto-read-only turned off.
Don't run as root user, since root can open files with read/write
access for read-only
On 11/30/18 9:17 AM, Alberto Garcia wrote:
This command allows reopening an arbitrary BlockDriverState with a
new set of options. Some options (e.g node-name) cannot be changed
and some block drivers don't allow reopening, but otherwise this
command is modelled after 'blockdev-add' and the state
On 11/30/18 11:39 AM, Peter Maydell wrote:
On Mon, 26 Nov 2018 at 20:04, wrote:
From: Philippe Mathieu-Daudé
Calling smbus_eeprom_init() with more than 8 EEPROMs would lead to a
heap overflow.
Replace the '8' magic number by a definition, and check no more than
this number are created.
David Gibson writes:
>> --- a/target/ppc/kvm.c
>> +++ b/target/ppc/kvm.c
>> @@ -94,6 +94,7 @@ static int cap_ppc_safe_indirect_branch;
>> static int cap_ppc_nested_kvm_hv;
>>
>> static uint32_t debug_inst_opcode;
>> +static target_ulong trace_handler_addr;
>>
>> /* XXX We have a race
On 11/30/18 11:57 AM, Aaron Lindsay wrote:
>> Eh? But we've set overflow_mask based on PMCR.LC, so what you say here
>> doesn't
>> make sense.
>
> Sorry, I had an off-by-one-bit think-o I couldn't get past until I
> started typing a concrete example to explain myself. I'll change this
> line to
Test 232 creates image files with read-only permission and
expects an error message when trying to access the image
files with read-only and auto-read-only turned off.
Don't run as root user, since root can open files with read/write
access for read-only files.
Signed-off-by: Farhan Ali
---
On 11/30/18 9:17 AM, Peter Maydell wrote:
Add a documentation comment for load_image_size().
Signed-off-by: Peter Maydell
---
include/hw/loader.h | 16
1 file changed, 16 insertions(+)
Reviewed-by: Eric Blake
--
Eric Blake, Principal Software Engineer
Red Hat, Inc.
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is now no longer used anywhere, so
we can remove it completely. (Use load_image_size() or
g_file_get_contents() instead.)
Signed-off-by: Peter Maydell
---
include/hw/loader.h | 1 -
hw/core/loader.c| 25
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Instead use load_image_size().
Signed-off-by: Peter Maydell
---
device_tree.c | 2 +-
1 file changed, 1 insertion(+), 1
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Instead use load_image_size().
Signed-off-by: Peter Maydell
---
hw/block/tc58128.c | 3 ++-
1 file changed, 2
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Instead use load_image_size().
Commit message should mention the added error checking.
Signed-off-by: Peter Maydell
---
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Use the glib g_file_get_contents() function instead, which does
the whole "allocate memory for the file and read it in"
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Instead use load_image_size().
Commit message should mention the addition of error checking.
Signed-off-by: Peter Maydell
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Instead use load_image_size().
Signed-off-by: Peter Maydell
---
hw/smbios/smbios.c | 2 +-
1 file changed, 1 insertion(+),
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Instead use load_image_size().
Signed-off-by: Peter Maydell
---
hw/ppc/ppc405_boards.c | 12
1 file changed, 8
* Marc-André Lureau (marcandre.lur...@redhat.com) wrote:
> Signed-off-by: Marc-André Lureau
Reviewed-by: Dr. David Alan Gilbert
> ---
> include/migration/register.h | 2 +-
> migration/savevm.c | 4 ++--
> 2 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git
On 11/30/18 9:17 AM, Peter Maydell wrote:
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Use the glib g_file_get_contents() function instead, which does
the whole "allocate memory for the file and read it in"
Gerd Hoffmann writes:
> Slash is unix directory separator, so they are not allowed in filenames.
> Note this also stops the classic escape via "../".
>
> Fixes: CVE-2018-16867
> Reported-by: Michael Hanselmann (hansmi.ch)
> Signed-off-by: Gerd Hoffmann
> ---
> hw/usb/dev-mtp.c | 6 ++
> 1
On Nov 30 10:19, Richard Henderson wrote:
> On 11/30/18 9:56 AM, Aaron Lindsay wrote:
> > On Nov 30 09:13, Richard Henderson wrote:
> >> On 11/20/18 1:26 PM, Aaron Lindsay wrote:
> >>> Setup a QEMUTimer to get a callback when we expect counters to next
> >>> overflow and trigger an interrupt at
On 11/30/18 1:08 PM, Philippe Mathieu-Daudé wrote:
On 30/11/18 12:12, Gerd Hoffmann wrote:
Slash is unix directory separator, so they are not allowed in filenames.
Note this also stops the classic escape via "../".
Fixes: CVE-2018-16867
Reported-by: Michael Hanselmann (hansmi.ch)
It's common
Markus Armbruster writes:
> Gerd Hoffmann writes:
>
>> Make utf16_to_str return an allocated string. Remove the assumtion that
>> the number of string bytes equals the number of utf16 chars (which is
>> only true for ascii chars). Instead call wcstombs twice, once to figure
>> the storage
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Subject: [Qemu-devel] [PATCH for-4.0 0/4] Small checkpatch fixes and
improvements
Message-id: 20181129090120.28828-1-pbonz...@redhat.com
=== TEST SCRIPT BEGIN ===
#!/bin/bash
On 11/30/2018 12:50 PM, Eric Blake wrote:
Adding qemu-devel - all patches should go there, especially if you want
to get Peter's attention that this might be a 3.1 candidate if we have
other reasons to spin -rc4.
On 11/30/18 10:04 AM, Farhan Ali wrote:
Test 232 creates image files with
30.11.2018 15:58, Laurent Vivier wrote:
-for (i = 0; i < 6; i++) {
+for (i = 0; i < ARRAY_SIZE(s->bar_region_info); i++) {
I'm wondering if adding a #define to define the size of the array and
then using it with the for() loop wouldn't be better?
On the other side, it doesn't
This is a non-privileged instruction that was only implemented
for system mode. However, the stck instruction is used by glibc,
so this was causing SIGILL for programs run under debian stretch.
r~
Richard Henderson (2):
target/s390x: Move TOD_UNIX_EPOCH to cpu.h
target/s390x: Implement
This is a non-privileged instruction that was only implemented
for system mode. However, the stck instruction is used by glibc,
so this was causing SIGILL for programs run under debian stretch.
Signed-off-by: Richard Henderson
---
target/s390x/helper.h | 2 +-
target/s390x/misc_helper.c
We will need this from CONFIG_USER_ONLY as well,
which cannot access include/hw/.
Signed-off-by: Richard Henderson
---
include/hw/s390x/tod.h | 3 ---
target/s390x/cpu.h | 3 +++
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/include/hw/s390x/tod.h b/include/hw/s390x/tod.h
On 30/11/18 12:12, Gerd Hoffmann wrote:
> Slash is unix directory separator, so they are not allowed in filenames.
> Note this also stops the classic escape via "../".
>
> Fixes: CVE-2018-16867
> Reported-by: Michael Hanselmann (hansmi.ch)
It's common for scripts to match '', can you write this
On 11/30/18 11:25 AM, Peter Maydell wrote:
On Mon, 26 Nov 2018 at 20:04, wrote:
From: Corey Minyard
i2c_recv() cannot fail, so there is no need to check the return
value. It also returns unt8_t, so comparing with < 0 is not
meaningful.
Fix up various I2C controllers to remove the unneeded
Hi,
the kernel you are using should not have nested virtualization enabled
by default. Are you by chance using nested virtualization of some other
virtual machines? If so, it's enough to add "-vmx" at the end of "-cpu
host,-hypervisor,kvm=off".
If you are not sure of the answer, please check
On Thu, Nov 29, 2018 at 12:51:55PM +0100, Vitaly Kuznetsov wrote:
> Paolo Bonzini writes:
>
> > On 26/11/18 14:59, Vitaly Kuznetsov wrote:
> >> It was found that QMP users of QEMU (e.g. libvirt) may need
> >> HV_CPUID_ENLIGHTMENT_INFO.EAX/HV_CPUID_NESTED_FEATURES.EAX information. In
> >>
On Fri, Nov 30, 2018 at 06:55:39PM +0100, Markus Armbruster wrote:
> Eric Blake writes:
>
> > On 11/30/18 6:28 AM, Eduardo Habkost wrote:
> >> host_memory_backend_set_host_nodes() was not validating
> >> host-nodes before writing to backend->host_nodes, making QEMU
> >> write beyond the end of
On 11/30/18 9:56 AM, Aaron Lindsay wrote:
> On Nov 30 09:13, Richard Henderson wrote:
>> On 11/20/18 1:26 PM, Aaron Lindsay wrote:
>>> Setup a QEMUTimer to get a callback when we expect counters to next
>>> overflow and trigger an interrupt at that time.
>>>
>>> Signed-off-by: Aaron Lindsay
>>>
On Fri, Nov 30, 2018 at 04:52:31PM +, Peter Maydell wrote:
> On Mon, 26 Nov 2018 at 13:27, Eduardo Habkost wrote:
> >
> > On Sun, Nov 25, 2018 at 10:27:04PM +0100, Philippe Mathieu-Daudé wrote:
> > > Hi Eduardo,
> > >
> > > On 23/11/18 19:10, Eduardo Habkost wrote:
> > > > If you really want
On Mon, 26 Nov 2018 at 20:04, wrote:
>
> From: Corey Minyard
>
> The SMBus slave code had an unneeded state, unnecessary function
> pointers and incorrectly handled quick commands. Rewrite it
> to simplify the code and make it work correctly.
>
> smbus_eeprom is the only user, so no other
On Nov 30 09:13, Richard Henderson wrote:
> On 11/20/18 1:26 PM, Aaron Lindsay wrote:
> > Setup a QEMUTimer to get a callback when we expect counters to next
> > overflow and trigger an interrupt at that time.
> >
> > Signed-off-by: Aaron Lindsay
> > Signed-off-by: Aaron Lindsay
> > ---
> >
Eric Blake writes:
> On 11/30/18 6:28 AM, Eduardo Habkost wrote:
>> host_memory_backend_set_host_nodes() was not validating
>> host-nodes before writing to backend->host_nodes, making QEMU
>> write beyond the end of the bitmap.
>>
>> Fix the crash and add a simple regression test for the fix.
>>
Richard Henderson writes:
> On 11/30/18 9:22 AM, Alex Bennée wrote:
>>
>> Richard Henderson writes:
>>
>>> Move the entire memory operation out of line.
>>
>> Given Emilio's numbers is it likely we will want to support both options
>> given the variability on x86?
>
> No, I don't want to
Adding qemu-devel - all patches should go there, especially if you want
to get Peter's attention that this might be a 3.1 candidate if we have
other reasons to spin -rc4.
On 11/30/18 10:04 AM, Farhan Ali wrote:
Test 232 creates image files with read-only permission and
expects an error
Richard Henderson writes:
> When moving the qemu_ld/st arguments to the right place for
> a function call, we'll need to move the temps out of the way.
>
> Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
> ---
> tcg/aarch64/tcg-target.inc.c | 74
On Mon, 26 Nov 2018 at 20:04, wrote:
>
> From: Philippe Mathieu-Daudé
>
> Calling smbus_eeprom_init() with more than 8 EEPROMs would lead to a
> heap overflow.
> Replace the '8' magic number by a definition, and check no more than
> this number are created.
>
> Signed-off-by: Philippe
On Thu, Nov 29, 2018 at 8:39 AM Edgar E. Iglesias
wrote:
>
> From: "Edgar E. Iglesias"
>
> Use IRQs 111 - 118 for virtio-mmio. The interrupts we're currently
> using 160+ are not available in the Versal GIC.
>
> Signed-off-by: Edgar E. Iglesias
Reviewed-by: Alistair Francis
Alistair
> ---
>
1 - 100 of 358 matches
Mail list logo