From c56651312b98a6bb9b87659ebeac810a48d159ab Mon Sep 17 00:00:00 2001 From: "Michael S. Tsirkin" Date: Wed, 9 Dec 2009 22:35:37 +0200 Subject: e1000: fix init values for command register Command register for e1000 was initialized to values out of spec: all of bus master, io, memory and interrupt disable bits were set. This breaks the device now that we actually respect the interrupt disable bit, unless the guest happens to clear it. Fix, and make the device more spec compliant, by not touching the default. There are implications for migration from old qemu as well, will be addressed separately. Reported-by: Luiz Capitulino Tested-by: Luiz Capitulino Signed-off-by: Michael S. Tsirkin --- hw/e1000.c | 1 - 1 file changed, 1 deletion(-) diff --git a/hw/e1000.c b/hw/e1000.c index 8566fe327..ad7a26796 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -1089,7 +1089,6 @@ static int pci_e1000_init(PCIDevice *pci_dev) pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL); pci_config_set_device_id(pci_conf, E1000_DEVID); - *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407); *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010); pci_conf[0x08] = 0x03; pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET); -- cgit v1.2.3-65-gdbad From 644f5de21b18fcfc4554a7049199fd0a60ac4831 Mon Sep 17 00:00:00 2001 From: Michael Tokarev Date: Thu, 24 Dec 2009 12:15:47 +0300 Subject: Add missing newline at the end of options list In qemu-kvm this place looks even more "interesting": -runas user Change to user id user just before starting the VM. -readconfig -writeconfig read/write config file-no-kvm disable KVM hardware virtualization -no-kvm-irqchip disable KVM kernel mode PIC/IOAPIC/LAPIC -no-kvm-pit disable KVM kernel mode PIT Signed-off-by: Michael Tokarev Signed-off-by: Aurelien Jarno (cherry picked from commit 19e65b47f60c68d7e8c96aa0a36223c5a0d3422b) --- qemu-options.hx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qemu-options.hx b/qemu-options.hx index b8cc3750c..ecd50ebe6 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -1936,4 +1936,4 @@ DEF("readconfig", HAS_ARG, QEMU_OPTION_readconfig, "-readconfig \n") DEF("writeconfig", HAS_ARG, QEMU_OPTION_writeconfig, "-writeconfig \n" - " read/write config file") + " read/write config file\n") -- cgit v1.2.3-65-gdbad From 76ba04832b5b27e67c5f4d58b9937d810108d0b6 Mon Sep 17 00:00:00 2001 From: Aurelien Jarno Date: Sun, 3 Jan 2010 03:08:19 +0100 Subject: target-i386: Fix "call im" on x86_64 when executing 32-bit code Similarly to what is done in 32938e127f50a40844a0fb9c5abb8691aeeccf7e for "jmp im", trunc the immediate to 32-bit when not running in 64-bit mode. Reported-by: Kevin O'Connor Signed-off-by: Aurelien Jarno --- target-i386/translate.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/target-i386/translate.c b/target-i386/translate.c index 64bc0a3f3..511a4eae9 100644 --- a/target-i386/translate.c +++ b/target-i386/translate.c @@ -6259,6 +6259,8 @@ static target_ulong disas_insn(DisasContext *s, target_ulong pc_start) tval += next_eip; if (s->dflag == 0) tval &= 0xffff; + else if(!CODE64(s)) + tval &= 0xffffffff; gen_movtl_T0_im(next_eip); gen_push_T0(s); gen_jmp(s, tval); -- cgit v1.2.3-65-gdbad From 57fa5ca551486e6fe7a3101a336a875cb6d6ba1f Mon Sep 17 00:00:00 2001 From: Anthony Liguori Date: Thu, 7 Jan 2010 07:55:34 -0600 Subject: vnc: Fix artifacts in hextile decoding 02c2b87 introduced a regression whereas the foreground color in a hextile update was not being properly invalidated leading to artifacts. It's still necessary to explicitly invalidate the foreground color with a SubrectColoured tile even though we no longer send a foreground color as part of the tile. Reported-by: Mark Cave-Ayland Signed-off-by: Anthony Liguori (cherry picked from commit 18cb1d85578e03b16570d9380309cca673f9fff8) --- vnchextile.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vnchextile.h b/vnchextile.h index 432ed89af..78ed8c4e9 100644 --- a/vnchextile.h +++ b/vnchextile.h @@ -165,6 +165,8 @@ static void CONCAT(send_hextile_tile_, NAME)(VncState *vs, irow += ds_get_linesize(vs->ds) / sizeof(pixel_t); } + /* A SubrectsColoured subtile invalidates the foreground color */ + *has_fg = 0; if (n_data > (w * h * sizeof(pixel_t))) { n_colors = 4; flags = 0x01; -- cgit v1.2.3-65-gdbad From d68bf60838ece340f63adff103eece21d350fdc1 Mon Sep 17 00:00:00 2001 From: Luiz Capitulino Date: Tue, 22 Dec 2009 01:09:06 -0200 Subject: QMP: Drop wrong assert() Some commands return a QList of QDicts, which is valid, but will trig the assert(). Just drop it. Reported-by: Nathan Baum Signed-off-by: Luiz Capitulino Signed-off-by: Anthony Liguori (cherry picked from commit 810f49b56a5d0cd6848856af51d3093ae9adc7b1) --- monitor.c | 1 - 1 file changed, 1 deletion(-) diff --git a/monitor.c b/monitor.c index c0dc48ea0..3af1d5c78 100644 --- a/monitor.c +++ b/monitor.c @@ -283,7 +283,6 @@ static void monitor_protocol_emitter(Monitor *mon, QObject *data) if (!monitor_has_error(mon)) { /* success response */ if (data) { - assert(qobject_type(data) == QTYPE_QDICT); qobject_incref(data); qdict_put_obj(qmp, "return", data); } else { -- cgit v1.2.3-65-gdbad From 4713c69fa2319fceb5dd939d72a35e8b97c26878 Mon Sep 17 00:00:00 2001 From: Avi Kivity Date: Thu, 24 Dec 2009 15:38:50 +0200 Subject: linuxboot: fix gdt address calculation The gdt address calculation in linuxboot.bin is broken in two ways: first it loads %cs into %eax, but that instruction leaves the high bits of %eax undefined and we did not clear them. Secondly, we completely ignore the incorrect %eax, and use the undefined %ebx instead. With these issues fixed, linuxboot works again. Signed-off-by: Avi Kivity Signed-off-by: Anthony Liguori (cherry picked from commit d0652aa8ac8d82e077acf8e781557f4c4367dcf5) --- pc-bios/optionrom/linuxboot.S | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pc-bios/optionrom/linuxboot.S b/pc-bios/optionrom/linuxboot.S index c4c9109b6..8aebe51ee 100644 --- a/pc-bios/optionrom/linuxboot.S +++ b/pc-bios/optionrom/linuxboot.S @@ -86,9 +86,10 @@ copy_kernel: /* Now create the GDT descriptor */ movw $((3 * 8) - 1), -16(%bp) mov %cs, %eax + movzwl %ax, %eax shl $4, %eax - addl $gdt, %ebx - movl %ebx, -14(%bp) + addl $gdt, %eax + movl %eax, -14(%bp) /* And load the GDT */ data32 lgdt -16(%bp) -- cgit v1.2.3-65-gdbad From 8033c42abdfa7b583b3a42c8877f35164e5f776b Mon Sep 17 00:00:00 2001 From: Huang Ying Date: Tue, 5 Jan 2010 16:32:24 +0800 Subject: MCE: Fix bug of IA32_MCG_STATUS after system reset Now, if we inject a fatal MCE into guest OS, for example Linux, Linux will go panic and then reboot. But if we inject another MCE now, system will reset directly instead of go panic firstly, because MCG_STATUS.MCIP is set to 1 and not cleared after reboot. This is does not follow the behavior in real hardware. This patch fixes this via set env->mcg_status to 0 during system reset. Signed-off-by: Huang Ying Signed-off-by: Anthony Liguori (cherry picked from commit af364b418cc57c53275c76ee5e0e0645908605b9) --- target-i386/helper.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/target-i386/helper.c b/target-i386/helper.c index 730e396a6..9d7fec3c7 100644 --- a/target-i386/helper.c +++ b/target-i386/helper.c @@ -617,6 +617,8 @@ void cpu_reset(CPUX86State *env) env->dr[7] = DR7_FIXED_1; cpu_breakpoint_remove_all(env, BP_CPU); cpu_watchpoint_remove_all(env, BP_CPU); + + env->mcg_status = 0; } void cpu_x86_close(CPUX86State *env) -- cgit v1.2.3-65-gdbad From fe46a160ce16a394395fa9d9a46680416f41e85a Mon Sep 17 00:00:00 2001 From: Jiri Denemark Date: Tue, 5 Jan 2010 17:26:34 +0100 Subject: Fix CPU topology initialization Late initialization of CPU topology in CPUState prevents KVM guests to actually see the topology. Signed-off-by: Jiri Denemark Signed-off-by: Anthony Liguori (cherry picked from commit 3f7638ec4093100a63b18cbacd45dcd847f7c06b) --- vl.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vl.c b/vl.c index ee9c3f947..007709aaf 100644 --- a/vl.c +++ b/vl.c @@ -3484,10 +3484,10 @@ void qemu_init_vcpu(void *_env) { CPUState *env = _env; - if (kvm_enabled()) - kvm_init_vcpu(env); env->nr_cores = smp_cores; env->nr_threads = smp_threads; + if (kvm_enabled()) + kvm_init_vcpu(env); return; } @@ -3813,12 +3813,12 @@ void qemu_init_vcpu(void *_env) { CPUState *env = _env; + env->nr_cores = smp_cores; + env->nr_threads = smp_threads; if (kvm_enabled()) kvm_start_vcpu(env); else tcg_init_vcpu(env); - env->nr_cores = smp_cores; - env->nr_threads = smp_threads; } void qemu_notify_event(void) -- cgit v1.2.3-65-gdbad From de3ea06d59a110eb401c543b992dd85779ed8362 Mon Sep 17 00:00:00 2001 From: Gleb Natapov Date: Wed, 6 Jan 2010 16:30:10 +0200 Subject: remove pending exception on vcpu reset. Without this qemu can even start on kvm modules with events support since default value of exception_injected in zero and this is #DE exception. Signed-off-by: Gleb Natapov Signed-off-by: Anthony Liguori (cherry picked from commit e73223a5849d9e695b5f3b5a4a2a812e68e3735d) --- target-i386/kvm.c | 1 + 1 file changed, 1 insertion(+) diff --git a/target-i386/kvm.c b/target-i386/kvm.c index de79eb760..408450361 100644 --- a/target-i386/kvm.c +++ b/target-i386/kvm.c @@ -227,6 +227,7 @@ int kvm_arch_init_vcpu(CPUState *env) void kvm_arch_reset_vcpu(CPUState *env) { + env->exception_injected = -1; env->interrupt_injected = -1; env->nmi_injected = 0; env->nmi_pending = 0; -- cgit v1.2.3-65-gdbad From e1daf40e3e61537da1509236dadc23ca8c4bc0e6 Mon Sep 17 00:00:00 2001 From: Roland Dreier Date: Tue, 5 Jan 2010 20:43:34 -0800 Subject: vmware_vga: Check cursor dimensions passed from guest to avoid buffer overflow Check that the cursor dimensions passed from the guest for the DEFINE_CURSOR command don't overflow the available space in the cursor.image[] or cursor.mask[] arrays before copying data from the guest into those arrays. Signed-off-by: Roland Dreier Signed-off-by: Anthony Liguori (cherry picked from commit f2d928d44ebc918750c94f3605c1417f1f653ec9) --- hw/vmware_vga.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hw/vmware_vga.c b/hw/vmware_vga.c index 7ab1c7910..5e969aedb 100644 --- a/hw/vmware_vga.c +++ b/hw/vmware_vga.c @@ -562,6 +562,13 @@ static void vmsvga_fifo_run(struct vmsvga_state_s *s) cursor.height = y = vmsvga_fifo_read(s); vmsvga_fifo_read(s); cursor.bpp = vmsvga_fifo_read(s); + + if (SVGA_BITMAP_SIZE(x, y) > sizeof cursor.mask || + SVGA_PIXMAP_SIZE(x, y, cursor.bpp) > sizeof cursor.image) { + args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp); + goto badcmd; + } + for (args = 0; args < SVGA_BITMAP_SIZE(x, y); args ++) cursor.mask[args] = vmsvga_fifo_read_raw(s); for (args = 0; args < SVGA_PIXMAP_SIZE(x, y, cursor.bpp); args ++) -- cgit v1.2.3-65-gdbad From 09866b9baa1ff30c67ef79b6045578894812446e Mon Sep 17 00:00:00 2001 From: Stefan Weil Date: Thu, 7 Jan 2010 19:27:49 +0100 Subject: pc-bios: Update README (SeaBIOS) The PC BIOS no longer comes from Bochs. This patch updates the related entry. V2 - Modify SeaBIOS description and URL (Thanks to Gleb Natapov for the hint). Signed-off-by: Stefan Weil Signed-off-by: Anthony Liguori (cherry picked from commit c0ced0f3a76c9f3ad680141f751dd1a20c91bbbf) --- pc-bios/README | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pc-bios/README b/pc-bios/README index 9eaa52262..5be01f829 100644 --- a/pc-bios/README +++ b/pc-bios/README @@ -1,4 +1,5 @@ -- The PC BIOS comes from the Bochs project (http://bochs.sourceforge.net/). +- SeaBIOS (bios.bin) is the successor of pc bios. + See http://www.seabios.org/ for more information. - The VGA BIOS and the Cirrus VGA BIOS come from the LGPL VGA bios project (http://www.nongnu.org/vgabios/). -- cgit v1.2.3-65-gdbad From 348af56faea99631c4326ac389945799b6539295 Mon Sep 17 00:00:00 2001 From: "Michael S. Tsirkin" Date: Mon, 11 Jan 2010 17:57:41 +0200 Subject: virtio-pci: thinko fix Since patch ed757e140c0ada220f213036e4497315d24ca8bct, virtio will sometimes clear all status registers on bus master disable, which loses information such as VIRTIO_CONFIG_S_FAILED bit. This is a result of a patch being misapplied: code uses ! instead of ~ for bit operations as in Yan's original patch. This obviously does not make sense. Signed-off-by: Michael S. Tsirkin Signed-off-by: Anthony Liguori (cherry picked from commit 49e75cf38848e6da70c0e9ddb4d994e9d71a9625) --- hw/virtio-pci.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c index 62b46bd48..359415226 100644 --- a/hw/virtio-pci.c +++ b/hw/virtio-pci.c @@ -372,7 +372,7 @@ static void virtio_write_config(PCIDevice *pci_dev, uint32_t address, if (PCI_COMMAND == address) { if (!(val & PCI_COMMAND_MASTER)) { - proxy->vdev->status &= !VIRTIO_CONFIG_S_DRIVER_OK; + proxy->vdev->status &= ~VIRTIO_CONFIG_S_DRIVER_OK; } } -- cgit v1.2.3-65-gdbad From d47d251286994f25336b8c9220fa8ffe5866feec Mon Sep 17 00:00:00 2001 From: Christoph Hellwig Date: Mon, 11 Jan 2010 14:06:54 +0100 Subject: dmg: fix ->open failure Currently the dmg image format driver simply opens the images as raw if any kind of failure happens. This is contrarty to the behaviour of all other image formats which just return an error and let the block core deal with it. Signed-off-by: Christoph Hellwig Signed-off-by: Anthony Liguori (cherry picked from commit 1559ca00bc90ce6917c2798ed81098e4be67f58e) --- block/dmg.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/block/dmg.c b/block/dmg.c index 262560ffd..f4c01c76b 100644 --- a/block/dmg.c +++ b/block/dmg.c @@ -90,24 +90,21 @@ static int dmg_open(BlockDriverState *bs, const char *filename, int flags) /* read offset of info blocks */ if(lseek(s->fd,-0x1d8,SEEK_END)<0) { -dmg_close: - close(s->fd); - /* open raw instead */ - bs->drv=bdrv_find_format("raw"); - return bs->drv->bdrv_open(bs, filename, flags); + goto fail; } + info_begin=read_off(s->fd); if(info_begin==0) - goto dmg_close; + goto fail; if(lseek(s->fd,info_begin,SEEK_SET)<0) - goto dmg_close; + goto fail; if(read_uint32(s->fd)!=0x100) - goto dmg_close; + goto fail; if((count = read_uint32(s->fd))==0) - goto dmg_close; + goto fail; info_end = info_begin+count; if(lseek(s->fd,0xf8,SEEK_CUR)<0) - goto dmg_close; + goto fail; /* read offsets */ last_in_offset = last_out_offset = 0; @@ -116,14 +113,14 @@ dmg_close: count = read_uint32(s->fd); if(count==0) - goto dmg_close; + goto fail; type = read_uint32(s->fd); if(type!=0x6d697368 || count<244) lseek(s->fd,count-4,SEEK_CUR); else { int new_size, chunk_count; if(lseek(s->fd,200,SEEK_CUR)<0) - goto dmg_close; + goto fail; chunk_count = (count-204)/40; new_size = sizeof(uint64_t) * (s->n_chunks + chunk_count); s->types = qemu_realloc(s->types, new_size/2); @@ -142,7 +139,7 @@ dmg_close: chunk_count--; i--; if(lseek(s->fd,36,SEEK_CUR)<0) - goto dmg_close; + goto fail; continue; } read_uint32(s->fd); @@ -163,11 +160,14 @@ dmg_close: s->compressed_chunk = qemu_malloc(max_compressed_size+1); s->uncompressed_chunk = qemu_malloc(512*max_sectors_per_chunk); if(inflateInit(&s->zstream) != Z_OK) - goto dmg_close; + goto fail; s->current_chunk = s->n_chunks; return 0; +fail: + close(s->fd); + return -1; } static inline int is_sector_in_chunk(BDRVDMGState* s, -- cgit v1.2.3-65-gdbad From 66dbb62824845e91808171a675998706ce359c71 Mon Sep 17 00:00:00 2001 From: Thomas Horsten Date: Thu, 7 Jan 2010 17:01:28 +0000 Subject: Handle TFTP ERROR from client If a PXE client only wants to find out the size of a file, it will open the file and then abort the transfer by sending a TFTP ERROR packet. The ERROR packet should cause qemu to terminate the session. If not, the sessions will soon run out and cause timeouts in the client. Also, if a TFTP session already exists with same IP/UDP port, it should be terminated when a new RRQ is received, instead of creating a duplicate (which will never be used). A patch for gPXE to send the ERROR packet is also being submitted to gPXE. Together they resolve slowness/hanging when booting pxegrub from qemu's internal TFTP server. The patch from Milan Plzik to return after sending OACK is also required for a complete fix. Signed-off-by: Thomas Horsten Signed-off-by: Milan Plzik Signed-off-by: Anthony Liguori (cherry picked from commit bfe4e172421d711d1d5b049f90be0961451c8259) --- slirp/tftp.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/slirp/tftp.c b/slirp/tftp.c index 082f5d040..12dd3444f 100644 --- a/slirp/tftp.c +++ b/slirp/tftp.c @@ -264,6 +264,12 @@ static void tftp_handle_rrq(Slirp *slirp, struct tftp_t *tp, int pktlen) size_t prefix_len; char *req_fname; + /* check if a session already exists and if so terminate it */ + s = tftp_session_find(slirp, tp); + if (s >= 0) { + tftp_session_terminate(&slirp->tftp_sessions[s]); + } + s = tftp_session_allocate(slirp, tp); if (s < 0) { @@ -385,6 +391,19 @@ static void tftp_handle_ack(Slirp *slirp, struct tftp_t *tp, int pktlen) } } +static void tftp_handle_error(Slirp *slirp, struct tftp_t *tp, int pktlen) +{ + int s; + + s = tftp_session_find(slirp, tp); + + if (s < 0) { + return; + } + + tftp_session_terminate(&slirp->tftp_sessions[s]); +} + void tftp_input(struct mbuf *m) { struct tftp_t *tp = (struct tftp_t *)m->m_data; @@ -397,5 +416,9 @@ void tftp_input(struct mbuf *m) case TFTP_ACK: tftp_handle_ack(m->slirp, tp, m->m_len); break; + + case TFTP_ERROR: + tftp_handle_error(m->slirp, tp, m->m_len); + break; } } -- cgit v1.2.3-65-gdbad From eacad66dbe7dadb47f66b3d19ebf8887064f9159 Mon Sep 17 00:00:00 2001 From: Luiz Capitulino Date: Fri, 8 Jan 2010 16:45:53 -0200 Subject: QMP: Don't free async event's 'data' The monitor_protocol_event() function will free the event's data, this is wrong as 'data' management is up to the caller. Signed-off-by: Luiz Capitulino Signed-off-by: Anthony Liguori (cherry picked from commit 3d72f9a2be640f368229d579e80ce4ef2a823e49) --- monitor.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/monitor.c b/monitor.c index 3af1d5c78..2403a979e 100644 --- a/monitor.c +++ b/monitor.c @@ -365,8 +365,10 @@ void monitor_protocol_event(MonitorEvent event, QObject *data) qmp = qdict_new(); timestamp_put(qmp); qdict_put(qmp, "event", qstring_from_str(event_name)); - if (data) + if (data) { + qobject_incref(data); qdict_put_obj(qmp, "data", data); + } monitor_json_emitter(mon, QOBJECT(qmp)); QDECREF(qmp); -- cgit v1.2.3-65-gdbad From be59ce1f48720b385c124f7567aedd5829f96540 Mon Sep 17 00:00:00 2001 From: Stefano Stabellini Date: Mon, 11 Jan 2010 17:30:50 +0000 Subject: vnc_refresh: return if vd->timer is NULL Hi all, calling vnc_update_client in vnc_refresh might have the unlikely side effect of setting vd->timer = NULL, if the last vnc client disconnected. In this case we have to return from vnc_refresh without updating the timer, otherwise we cause a segfault. Signed-off-by: Stefano Stabellini Signed-off-by: Anthony Liguori (cherry picked from commit 83755c173f4608764e3ee92428247d1c5e962e6a) --- vnc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/vnc.c b/vnc.c index c54c6e070..58eac73f9 100644 --- a/vnc.c +++ b/vnc.c @@ -2305,6 +2305,10 @@ static void vnc_refresh(void *opaque) rects += vnc_update_client(vs, has_dirty); vs = vs->next; } + /* vd->timer could be NULL now if the last client disconnected, + * in this case don't update the timer */ + if (vd->timer == NULL) + return; if (has_dirty && rects) { vd->timer_interval /= 2; -- cgit v1.2.3-65-gdbad From be7398ec06d69f04b2ba303cb525e6e40ef134c2 Mon Sep 17 00:00:00 2001 From: Aurelien Jarno Date: Thu, 24 Dec 2009 19:30:25 +0100 Subject: loader: more ignores for rom intended to be loaded by the bios Similarly to what has been done in e405a2ba91b68817cae2a428de55fe9616a4cf37, ignore rom intended to be loaded by the bios in find_rom() and rom_copy(). Signed-off-by: Aurelien Jarno (cherry picked from commit f21a59c224a6fdf7b30c3fe551fd93043e537f6c) --- hw/loader.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hw/loader.c b/hw/loader.c index eef385eb5..3aba47c6a 100644 --- a/hw/loader.c +++ b/hw/loader.c @@ -695,6 +695,9 @@ static Rom *find_rom(target_phys_addr_t addr) Rom *rom; QTAILQ_FOREACH(rom, &roms, next) { + if (rom->fw_file) { + continue; + } if (rom->addr > addr) continue; if (rom->addr + rom->romsize < addr) @@ -717,6 +720,9 @@ int rom_copy(uint8_t *dest, target_phys_addr_t addr, size_t size) Rom *rom; QTAILQ_FOREACH(rom, &roms, next) { + if (rom->fw_file) { + continue; + } if (rom->addr + rom->romsize < addr) continue; if (rom->addr > end) -- cgit v1.2.3-65-gdbad From 431c829f3318d62a8e0a39f64337b5d5ff64d922 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Fri, 8 Jan 2010 15:25:37 +0100 Subject: pc: add machine type for 0.12 Add a new machine type for qemu 0.12. Also fixup the 0.11 machine type: msi for virtio-blk-pci was enabled after the 0.11 release, so turn it off in the 0.11 machine type. Signed-off-by: Gerd Hoffmann Signed-off-by: Anthony Liguori (cherry picked from commit 2cae6f5e34d85fe44ec2329a7fbc22dc8cfb079f) --- hw/pc.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/hw/pc.c b/hw/pc.c index db7d58efe..6588d7006 100644 --- a/hw/pc.c +++ b/hw/pc.c @@ -1289,7 +1289,7 @@ void cmos_set_s3_resume(void) } static QEMUMachine pc_machine = { - .name = "pc-0.11", + .name = "pc-0.12", .alias = "pc", .desc = "Standard PC", .init = pc_init_pci, @@ -1297,6 +1297,21 @@ static QEMUMachine pc_machine = { .is_default = 1, }; +static QEMUMachine pc_machine_v0_11 = { + .name = "pc-0.11", + .desc = "Standard PC, qemu 0.11", + .init = pc_init_pci, + .max_cpus = 255, + .compat_props = (GlobalProperty[]) { + { + .driver = "virtio-blk-pci", + .property = "vectors", + .value = stringify(0), + }, + { /* end of list */ } + } +}; + static QEMUMachine pc_machine_v0_10 = { .name = "pc-0.10", .desc = "Standard PC, qemu 0.10", @@ -1334,6 +1349,7 @@ static QEMUMachine isapc_machine = { static void pc_machine_init(void) { qemu_register_machine(&pc_machine); + qemu_register_machine(&pc_machine_v0_11); qemu_register_machine(&pc_machine_v0_10); qemu_register_machine(&isapc_machine); } -- cgit v1.2.3-65-gdbad From 0c4b9aef7bca62834f3fdb8995e73c0517dbf304 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Fri, 8 Jan 2010 15:25:38 +0100 Subject: roms: minor fixes and cleanups. Changes: - Drop extra file argument from rom_add_file(). - Drop fw_dir check in do_info_roms, we allways have a dir name. - code style fixes. Signed-off-by: Gerd Hoffmann Signed-off-by: Anthony Liguori (cherry picked from commit bdb5ee3064d5ae786b0bcb6cf6ff4e3554a72990) --- hw/loader.c | 38 +++++++++++++++++++++++--------------- hw/loader.h | 5 +++-- 2 files changed, 26 insertions(+), 17 deletions(-) diff --git a/hw/loader.c b/hw/loader.c index 3aba47c6a..38ee2daf2 100644 --- a/hw/loader.c +++ b/hw/loader.c @@ -556,7 +556,7 @@ static void rom_insert(Rom *rom) QTAILQ_INSERT_TAIL(&roms, rom, next); } -int rom_add_file(const char *file, const char *fw_dir, const char *fw_file, +int rom_add_file(const char *file, const char *fw_dir, target_phys_addr_t addr) { Rom *rom; @@ -576,8 +576,10 @@ int rom_add_file(const char *file, const char *fw_dir, const char *fw_file, goto err; } - rom->fw_dir = fw_dir ? qemu_strdup(fw_dir) : NULL; - rom->fw_file = fw_file ? qemu_strdup(fw_file) : NULL; + if (fw_dir) { + rom->fw_dir = qemu_strdup(fw_dir); + rom->fw_file = qemu_strdup(file); + } rom->addr = addr; rom->romsize = lseek(fd, 0, SEEK_END); rom->data = qemu_mallocz(rom->romsize); @@ -621,14 +623,14 @@ int rom_add_vga(const char *file) { if (!rom_enable_driver_roms) return 0; - return rom_add_file(file, "vgaroms", file, 0); + return rom_add_file(file, "vgaroms", 0); } int rom_add_option(const char *file) { if (!rom_enable_driver_roms) return 0; - return rom_add_file(file, "genroms", file, 0); + return rom_add_file(file, "genroms", 0); } static void rom_reset(void *unused) @@ -639,8 +641,9 @@ static void rom_reset(void *unused) if (rom->fw_file) { continue; } - if (rom->data == NULL) + if (rom->data == NULL) { continue; + } cpu_physical_memory_write_rom(rom->addr, rom->data, rom->romsize); if (rom->isrom) { /* rom needs to be written only once */ @@ -683,8 +686,9 @@ int rom_load_fw(void *fw_cfg) Rom *rom; QTAILQ_FOREACH(rom, &roms, next) { - if (!rom->fw_file) + if (!rom->fw_file) { continue; + } fw_cfg_add_file(fw_cfg, rom->fw_dir, rom->fw_file, rom->data, rom->romsize); } return 0; @@ -698,10 +702,12 @@ static Rom *find_rom(target_phys_addr_t addr) if (rom->fw_file) { continue; } - if (rom->addr > addr) + if (rom->addr > addr) { continue; - if (rom->addr + rom->romsize < addr) + } + if (rom->addr + rom->romsize < addr) { continue; + } return rom; } return NULL; @@ -723,12 +729,15 @@ int rom_copy(uint8_t *dest, target_phys_addr_t addr, size_t size) if (rom->fw_file) { continue; } - if (rom->addr + rom->romsize < addr) + if (rom->addr + rom->romsize < addr) { continue; - if (rom->addr > end) + } + if (rom->addr > end) { break; - if (!rom->data) + } + if (!rom->data) { continue; + } d = dest + (rom->addr - addr); s = rom->data; @@ -771,10 +780,9 @@ void do_info_roms(Monitor *mon) rom->isrom ? "rom" : "ram", rom->name); } else { - monitor_printf(mon, "fw=%s%s%s" + monitor_printf(mon, "fw=%s/%s" " size=0x%06zx name=\"%s\" \n", - rom->fw_dir ? rom->fw_dir : "", - rom->fw_dir ? "/" : "", + rom->fw_dir, rom->fw_file, rom->romsize, rom->name); diff --git a/hw/loader.h b/hw/loader.h index 77beb0e93..698160b82 100644 --- a/hw/loader.h +++ b/hw/loader.h @@ -19,7 +19,8 @@ void pstrcpy_targphys(const char *name, target_phys_addr_t dest, int buf_size, const char *source); -int rom_add_file(const char *file, const char *fw_dir, const char *fw_file, + +int rom_add_file(const char *file, const char *fw_dir, target_phys_addr_t addr); int rom_add_blob(const char *name, const void *blob, size_t len, target_phys_addr_t addr); @@ -30,7 +31,7 @@ void *rom_ptr(target_phys_addr_t addr); void do_info_roms(Monitor *mon); #define rom_add_file_fixed(_f, _a) \ - rom_add_file(_f, NULL, NULL, _a) + rom_add_file(_f, NULL, _a) #define rom_add_blob_fixed(_f, _b, _l, _a) \ rom_add_blob(_f, _b, _l, _a) -- cgit v1.2.3-65-gdbad From d2b8117310eeed4cebb6f5fb685e57bf22fa6031 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Fri, 8 Jan 2010 15:25:39 +0100 Subject: fw_cfg: rom loader tweaks. Changes: - make dir argument mandatory, we allways have one anyway (vgaroms or genroms). - check for duplicates, skip loading if found. Signed-off-by: Gerd Hoffmann Signed-off-by: Anthony Liguori (cherry picked from commit de9352bcaed2452af1d2b06b829748676c691794) --- hw/fw_cfg.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/hw/fw_cfg.c b/hw/fw_cfg.c index fe9c52758..ea120ba55 100644 --- a/hw/fw_cfg.c +++ b/hw/fw_cfg.c @@ -278,7 +278,7 @@ int fw_cfg_add_file(FWCfgState *s, const char *dir, const char *filename, uint8_t *data, uint32_t len) { const char *basename; - int index; + int i, index; if (!s->files) { int dsize = sizeof(uint32_t) + sizeof(FWCfgFile) * FW_CFG_FILE_SLOTS; @@ -300,13 +300,17 @@ int fw_cfg_add_file(FWCfgState *s, const char *dir, const char *filename, } else { basename = filename; } - if (dir) { - snprintf(s->files->f[index].name, sizeof(s->files->f[index].name), - "%s/%s", dir, basename); - } else { - snprintf(s->files->f[index].name, sizeof(s->files->f[index].name), - "%s", basename); + + snprintf(s->files->f[index].name, sizeof(s->files->f[index].name), + "%s/%s", dir, basename); + for (i = 0; i < index; i++) { + if (strcmp(s->files->f[index].name, s->files->f[i].name) == 0) { + FW_CFG_DPRINTF("%s: skip duplicate: %s\n", __FUNCTION__, + s->files->f[index].name); + return 1; + } } + s->files->f[index].size = cpu_to_be32(len); s->files->f[index].select = cpu_to_be16(FW_CFG_FILE_FIRST + index); FW_CFG_DPRINTF("%s: #%d: %s (%d bytes)\n", __FUNCTION__, -- cgit v1.2.3-65-gdbad From 04babf6c6f8ccf69f1219db5fea233d679702e90 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Fri, 8 Jan 2010 15:25:40 +0100 Subject: roms: rework rom loading via fw This patch changes the way rom loading via fw_cfg is handled. Instead of having pc_init1() call a function which passed all roms to the firmware config we simply pass a pointer to fw_cfg to the rom loader. Advantage: loading roms via firmware works also for devices which are initialized after pc_init1(), i.e. everyting added via -device. Signed-off-by: Gerd Hoffmann Signed-off-by: Anthony Liguori (cherry picked from commit 8832cb805dcb65009b979cd8e17d75ac4b03c7e4) --- hw/loader.c | 15 +++++---------- hw/loader.h | 2 +- hw/pc.c | 3 +-- 3 files changed, 7 insertions(+), 13 deletions(-) diff --git a/hw/loader.c b/hw/loader.c index 38ee2daf2..b3bbd77d1 100644 --- a/hw/loader.c +++ b/hw/loader.c @@ -535,6 +535,7 @@ struct Rom { QTAILQ_ENTRY(Rom) next; }; +static FWCfgState *fw_cfg; static QTAILQ_HEAD(, Rom) roms = QTAILQ_HEAD_INITIALIZER(roms); int rom_enable_driver_roms; @@ -592,6 +593,8 @@ int rom_add_file(const char *file, const char *fw_dir, } close(fd); rom_insert(rom); + if (rom->fw_file && fw_cfg) + fw_cfg_add_file(fw_cfg, rom->fw_dir, rom->fw_file, rom->data, rom->romsize); return 0; err: @@ -681,17 +684,9 @@ int rom_load_all(void) return 0; } -int rom_load_fw(void *fw_cfg) +void rom_set_fw(void *f) { - Rom *rom; - - QTAILQ_FOREACH(rom, &roms, next) { - if (!rom->fw_file) { - continue; - } - fw_cfg_add_file(fw_cfg, rom->fw_dir, rom->fw_file, rom->data, rom->romsize); - } - return 0; + fw_cfg = f; } static Rom *find_rom(target_phys_addr_t addr) diff --git a/hw/loader.h b/hw/loader.h index 698160b82..8ff3c9445 100644 --- a/hw/loader.h +++ b/hw/loader.h @@ -25,7 +25,7 @@ int rom_add_file(const char *file, const char *fw_dir, int rom_add_blob(const char *name, const void *blob, size_t len, target_phys_addr_t addr); int rom_load_all(void); -int rom_load_fw(void *fw_cfg); +void rom_set_fw(void *f); int rom_copy(uint8_t *dest, target_phys_addr_t addr, size_t size); void *rom_ptr(target_phys_addr_t addr); void do_info_roms(Monitor *mon); diff --git a/hw/pc.c b/hw/pc.c index 6588d7006..2aef0da41 100644 --- a/hw/pc.c +++ b/hw/pc.c @@ -1090,6 +1090,7 @@ static void pc_init1(ram_addr_t ram_size, bios_size, bios_offset | IO_MEM_ROM); fw_cfg = bochs_bios_init(); + rom_set_fw(fw_cfg); if (linux_boot) { load_linux(fw_cfg, kernel_filename, initrd_filename, kernel_cmdline, below_4g_mem_size); @@ -1250,8 +1251,6 @@ static void pc_init1(ram_addr_t ram_size, } } } - - rom_load_fw(fw_cfg); } static void pc_init_pci(ram_addr_t ram_size, -- cgit v1.2.3-65-gdbad From 027866ce23606b2aa4851efe4060d41354261582 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Fri, 8 Jan 2010 15:25:41 +0100 Subject: pci: allow loading roms via fw_cfg. This patch adds a pci bus property 'rombar' which specifies whenever the pci rom should be loaded via pci rom bar (default) or via fw_cfg. The later can be used for compatibility with older qemu versions where no pci rom bar is present. Signed-off-by: Gerd Hoffmann Signed-off-by: Anthony Liguori (cherry picked from commit 88169ddf82853ca892ce7bee279579c8a0ac03e5) --- hw/pci.c | 15 +++++++++++++++ hw/pci.h | 1 + 2 files changed, 16 insertions(+) diff --git a/hw/pci.c b/hw/pci.c index 9cc5a6a3e..8f30f73b7 100644 --- a/hw/pci.c +++ b/hw/pci.c @@ -64,6 +64,7 @@ static struct BusInfo pci_bus_info = { .props = (Property[]) { DEFINE_PROP_PCI_DEVFN("addr", PCIDevice, devfn, -1), DEFINE_PROP_STRING("romfile", PCIDevice, romfile), + DEFINE_PROP_UINT32("rombar", PCIDevice, rom_bar, 1), DEFINE_PROP_END_OF_LIST() } }; @@ -1464,6 +1465,20 @@ static int pci_add_option_rom(PCIDevice *pdev) if (strlen(pdev->romfile) == 0) return 0; + if (!pdev->rom_bar) { + /* + * Load rom via fw_cfg instead of creating a rom bar, + * for 0.11 compatibility. + */ + int class = pci_get_word(pdev->config + PCI_CLASS_DEVICE); + if (class == 0x0300) { + rom_add_vga(pdev->romfile); + } else { + rom_add_option(pdev->romfile); + } + return 0; + } + path = qemu_find_file(QEMU_FILE_TYPE_BIOS, pdev->romfile); if (path == NULL) { path = qemu_strdup(pdev->romfile); diff --git a/hw/pci.h b/hw/pci.h index e52e63238..dba66ef66 100644 --- a/hw/pci.h +++ b/hw/pci.h @@ -246,6 +246,7 @@ struct PCIDevice { /* Location of option rom */ char *romfile; ram_addr_t rom_offset; + uint32_t rom_bar; }; PCIDevice *pci_register_device(PCIBus *bus, const char *name, -- cgit v1.2.3-65-gdbad From 49a3aaac4aa13102a7d1706213c0caff769cd142 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Fri, 8 Jan 2010 15:25:42 +0100 Subject: pc: add rombar to compat properties for pc-0.10 and pc-0.11 So '-M pc-0.10' and '-M pc-0.11' will use the fw_cfg rom load method by default. Signed-off-by: Gerd Hoffmann Signed-off-by: Anthony Liguori (cherry picked from commit 20a86364c9e421c4f9ce457251fa8df031cd5078) --- hw/pc.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/hw/pc.c b/hw/pc.c index 2aef0da41..86c2ba01e 100644 --- a/hw/pc.c +++ b/hw/pc.c @@ -1306,6 +1306,10 @@ static QEMUMachine pc_machine_v0_11 = { .driver = "virtio-blk-pci", .property = "vectors", .value = stringify(0), + },{ + .driver = "PCI", + .property = "rombar", + .value = stringify(0), }, { /* end of list */ } } @@ -1333,6 +1337,10 @@ static QEMUMachine pc_machine_v0_10 = { .driver = "virtio-blk-pci", .property = "vectors", .value = stringify(0), + },{ + .driver = "PCI", + .property = "rombar", + .value = stringify(0), }, { /* end of list */ } }, -- cgit v1.2.3-65-gdbad From a3441a43a668c0dc31ca4c8b2d236e053d29b8da Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Wed, 13 Jan 2010 16:20:56 +0100 Subject: osdep.c: Fix accept4 fallback Commit 3a03bfa5 added a fallback in case the Linux kernel running qemu is older than the kernel of the build system. Unfortunately, v1 was committed instead of v2, so the code has a bug that was revealed in the review (checking for the wrong error code). Signed-off-by: Kevin Wolf Signed-off-by: Anthony Liguori (cherry picked from commit 347ed55cd109864b02dd29bb7e6cda1622e8019e) --- osdep.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/osdep.c b/osdep.c index 9949606bb..60469eda8 100644 --- a/osdep.c +++ b/osdep.c @@ -306,7 +306,7 @@ int qemu_accept(int s, struct sockaddr *addr, socklen_t *addrlen) #ifdef CONFIG_ACCEPT4 ret = accept4(s, addr, addrlen, SOCK_CLOEXEC); - if (ret != -1 || errno != EINVAL) { + if (ret != -1 || errno != ENOSYS) { return ret; } #endif -- cgit v1.2.3-65-gdbad From 3999bf32440c1ea2ceb85eef008cc56a069af13f Mon Sep 17 00:00:00 2001 From: Milan Plzik Date: Thu, 7 Jan 2010 13:39:43 +0100 Subject: Qemu's internal TFTP server breaks lock-step-iness of TFTP According to RFC 1350 and RFC 2347, TFTP server should answer RRQ by either OACK or DATA packet. Qemu's internal TFTP server answers RRQ with additional options by sending both OACK and DATA packet, thus breaking the "lock-step" feature of the protocol, and also confuses client. Proposed solution would be to, in case of OACK packet, wait for ACK from client and just then start sending data. Attached patch implements this. Signed-off-by: Thomas Horsten Signed-off-by: Milan Plzik Signed-off-by: Anthony Liguori (cherry picked from commit 1cb1a66aed921060fa34d161b52e95d05de18ec1) --- slirp/tftp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/slirp/tftp.c b/slirp/tftp.c index 12dd3444f..96c0e0c67 100644 --- a/slirp/tftp.c +++ b/slirp/tftp.c @@ -368,6 +368,7 @@ static void tftp_handle_rrq(Slirp *slirp, struct tftp_t *tp, int pktlen) } tftp_send_oack(spt, "tsize", tsize, tp); + return; } } -- cgit v1.2.3-65-gdbad From 73b48d914f90613c541c239652ab7c9044a98a29 Mon Sep 17 00:00:00 2001 From: Anthony Liguori Date: Wed, 13 Jan 2010 17:58:50 -0600 Subject: Update SeaBIOS to 0.5.1 - 5da6833 Update version to 0.5.1 - 669c991 Fix sign error preventing incorrect memory over 4gig calculation. - 7e6bd3e Minor - better indent assembler in int1587. - 48cf232 Add comment explaining why mptable is in low memory. - 643062f Add int1589 support. - 085debd Set FDPT in irq table even for small drives. - 7c1b186 Reduce #ifs by weeding out some cross-chunk function definitions. - f9b25d3 Fix vgahook sign issue; add warning to build to catch future cases. - 3862b2d vgabios: Fix compile error due to fixed prototypes. - 1ca05b0 Be sure to add "void" to all function prototypes that take no args. - b5bb9db mptable: Reset pinmask on new bus or device. - 8918989 Detect latest FC12 gcc -combine breakage. - c9d3c2d Minor vga binary cleanups. - 9a8609f Make MTRR region 0xc0000-0x100000 be cached. - fdca418 Force a link error if a function is used from the wrong code chunk. - dad41d9 Add __noreturn define for __attribute__((noreturn)). - c003148 Implement native 32bit APM support. - 5c99b6c Commit compiled dsdt file; misc comment updates. - 29f4b91 prevent acpi from rerouting SCI interrupt - 4c94b7e enumerate all PCI buses in mptable - 871e0a0 Add support for 32bit PCI BIOS entry. - eda2c83 Only add "addr32" to memory accesses that require them. - 52a300f Introduce MODESEGMENT define; rename VISIBLE32 to VISIBLE32FLAT. - fe2c3ee Allocate smbios in temp space and copy into final location. - b164d2c Clear user reserved interrupts (0x60-0x66). - d9104ff Remove pci_bios_bigmem_addr; set pci_bios_mem_addr=0xe0000000 - 14021f2 Add initial support for ATA DMA. - 8362699 Allocate mptable in temp space and copy into final location. - 979862e Also report memory over 4G during init. - 928d4df provide correct pci routing information in mptable - afc02da Add symbolic definitions for MTRR code. - fb214dc Fix yield() so it works from boot code. - 2ceeec9 Fix potential build failure due to text16 section being too large. - a2195e4 Increase version in preparation for next release. Signed-off-by: Anthony Liguori --- pc-bios/bios.bin | Bin 131072 -> 131072 bytes roms/seabios | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/pc-bios/bios.bin b/pc-bios/bios.bin index 827327db9..1741eeced 100644 Binary files a/pc-bios/bios.bin and b/pc-bios/bios.bin differ diff --git a/roms/seabios b/roms/seabios index 494302fe1..5da68339e 160000 --- a/roms/seabios +++ b/roms/seabios @@ -1 +1 @@ -Subproject commit 494302fe196f7016d56814f0adc83ba1d54c0518 +Subproject commit 5da68339ecf44677b8f4f115cdf3cb1da46a9f6c -- cgit v1.2.3-65-gdbad From e389e937a7b94186449e0590bdc8f04ecbb1ab0b Mon Sep 17 00:00:00 2001 From: Anthony Liguori Date: Wed, 13 Jan 2010 17:49:55 -0600 Subject: Update version and changelog for release Signed-off-by: Anthony Liguori --- Changelog | 36 +++++++++++++++++++++++++++++++++++- VERSION | 2 +- 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/Changelog b/Changelog index ee2af7303..dede703d3 100644 --- a/Changelog +++ b/Changelog @@ -1,7 +1,41 @@ +version 0.12.2: + - Qemu's internal TFTP server breaks lock-step-iness of TFTP (Milan Plzik) + - osdep.c: Fix accept4 fallback (Kevin Wolf) + - pc: add rombar to compat properties for pc-0.10 and pc-0.11 (Gerd Hoffmann) + - pci: allow loading roms via fw_cfg. (Gerd Hoffmann) + - roms: rework rom loading via fw (Gerd Hoffmann) + - fw_cfg: rom loader tweaks. (Gerd Hoffmann) + - roms: minor fixes and cleanups. (Gerd Hoffmann) + - pc: add machine type for 0.12 (Gerd Hoffmann) + - loader: more ignores for rom intended to be loaded by the bios (Aurelien Jarno) + - vnc_refresh: return if vd->timer is NULL (Stefano Stabellini) + - QMP: Don't free async event's 'data' (Luiz Capitulino) + - Handle TFTP ERROR from client (Thomas Horsten) + - dmg: fix ->open failure (Christoph Hellwig) + - virtio-pci: thinko fix (Michael S. Tsirkin) + - pc-bios: Update README (SeaBIOS) (Stefan Weil) + - vmware_vga: Check cursor dimensions passed from guest to avoid buffer overflow (Roland Dreier) + - remove pending exception on vcpu reset. (Gleb Natapov) + - Fix CPU topology initialization (Jiri Denemark) + - MCE: Fix bug of IA32_MCG_STATUS after system reset (Huang Ying) + - linuxboot: fix gdt address calculation (Avi Kivity) + - QMP: Drop wrong assert() (Luiz Capitulino) + - vnc: Fix artifacts in hextile decoding (Anthony Liguori) + - target-i386: Fix "call im" on x86_64 when executing 32-bit code (Aurelien Jarno) + - Add missing newline at the end of options list (Michael Tokarev) + - Don't load options roms intended to be loaded by the bios in qemu (Avi Kivity) + - USB: Improve usbdevice error messages (Scott Tsai) + - cpu-all.h: fix cpu_get_real_ticks() #ifdef (Aurelien Jarno) + - alpha: fix compile (Blue Swirl) + - user_only: compile everything with -fpie (Kirill A. Shutemov) + - fdc/sparc32: don't hang on detection under OBP (Artyom Tarasenko) + - scsi-disk: Inquiry with allocation length of CDB < 36 (v4) (Artyom Tarasenko) + - e1000: fix init values for command register (Michael S. Tsirkin) + version 0.12.1: - loader: fix rom loading at address 0 (fixes target-arm) (Aurelien Jarno) - loader: fix rom_copy (fixes multiboot) (Kevin Wolf) - + version 0.12.0: - Update to SeaBIOS 0.5.0 diff --git a/VERSION b/VERSION index 34a83616b..26acbf080 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.12.1 +0.12.2 -- cgit v1.2.3-65-gdbad