Current vm_running was not explicitly initialized and its value was changed by
vm state notifier, this may confuse the virtio device being hotplugged such as
virtio-net with vhost backend as it may think the vm was not running. Solve this
by initialize this value explicitly in virtio_common_init().
Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The virtio_queue_notify() function checks that the virtqueue number is
less than the maximum number of virtqueues. A signed comparison is used
but the virtqueue number could be negative if a buggy or malicious guest
is run. This results in memory accesses outside of the virtqueue array.
It is risky doing input validation in common code instead of at the
guest<->host boundary. Note that virtio_queue_set_addr(),
virtio_queue_get_addr(), virtio_queue_get_num(), and many other virtio
functions do *not* validate the virtqueue number argument.
Instead of fixing the comparison in virtio_queue_notify(), move the
comparison to the virtio bindings (just like VIRTIO_PCI_QUEUE_SEL) where
we have a uint32_t value and can avoid ever calling into common virtio
code if the virtqueue number is invalid.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
vender id/device id... in configuration space are read-only registers
which are commonly defined for all pci devices.
So move those initialization into common place.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
When a phys memory client registers and we play catchup by walking
the page tables, we can make a huge improvement in the number of
times the set_memory callback is called by batching contiguous
pages together. With a 4G guest, this reduces the number of callbacks
at registration from 1048866 to 296.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Thanks to agraf_, stefanha and Snader_LB for their IRC assistance.
Thanks to Markus Armbruster and Alexander Graf (again) for their
assistance with the second version of this patch. No patch is too
simple to test...
Signed-off-by: Brad Hards <bradh@frogmouth.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Qemu uses signalfd to figure out, if a signal occured without the need
to actually receive the signal. Instead, it can read from the fd to receive
its news.
Now, we obviously don't always have signalfd around. Especially not on
non-Linux systems. So what we do there is that we create a new thread,
block that thread on all signals and simply call sigwait to wait for a
signal we're interested in to occur.
This all sounds great, but what we're really doing is:
sigset_t all;
sigfillset(&all);
sigprocmask(SIG_BLOCK, &all, NULL);
which - on Darwin - blocks all signals on the current _process_, not only
on the current thread. To block signals on the thread, we can use
pthread_sigmask().
This patch does that, assuming that my above analysis is correct, and thus
renders Qemu useable on Darwin again.
Reported-by: Andreas Färber <andreas.faerber@web.de>
Acked-by: Paolo Bonizni <pbonzini@redhat.com>
CC: Jan Kiszka <jan.kiszka@siemens.com>
CC: Anthony Liguori <anthony@codemonkey.ws>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
* rth/axp-next: (26 commits)
target-alpha: Implement TLB flush primitives.
target-alpha: Use a fixed frequency for the RPCC in system mode.
target-alpha: Trap for unassigned and unaligned addresses.
target-alpha: Remap PIO space for 43-bit KSEG for EV6.
target-alpha: Implement cpu_alpha_handle_mmu_fault for system mode.
target-alpha: Implement more CALL_PAL values inline.
target-alpha: Disable interrupts properly.
target-alpha: All ISA checks to use TB->FLAGS.
target-alpha: Swap shadow registers moving to/from PALmode.
target-alpha: Implement do_interrupt for system mode.
target-alpha: Add IPRs to be used by the emulation PALcode.
target-alpha: Use kernel mmu_idx for pal_mode.
target-alpha: Add various symbolic constants.
target-alpha: Use do_restore_state for arithmetic exceptions.
target-alpha: Tidy up arithmetic exceptions.
target-alpha: Tidy exception constants.
target-alpha: Enable the alpha-softmmu target.
target-alpha: Rationalize internal processor registers.
target-alpha: Merge HW_REI and HW_RET implementations.
target-alpha: Cleanup MMU modes.
...
Jan Kiszka