| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When trying to map an alias of a ram region, where the alias starts at
address A and we map it into address B, and A > B, we had an arithmetic
underflow. Because we use unsigned arithmetic, the underflow converted
into a large number which failed addrrange_intersects() tests.
The concrete example which triggered this was cirrus vga mapping
the framebuffer at offsets 0xc0000-0xc7fff (relative to the start of
the framebuffer) into offsets 0xa0000 (relative to system addres space
start).
With our favorite analogy of a windowing system, this is equivalent to
dragging a subwindow off the left edge of the screen, and failing to clip
it into its parent window which is on screen.
Fix by switching to signed arithmetic.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
When a range is being unmapped, ask accelerators (e.g. kvm) to synchronize the
dirty bitmap to avoid losing information forever.
Fixes grub2 screen update.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Replace width/height globals with the identical values from real_screen,
refactor the function according to our coding style.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
No functional changes.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Allow to enlarge or shrink the screen via CTRL-ALT-+/-. In contrast to
scaling the window, these controls always preserve the aspect ratio of
the current console.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Not grabbing the input means that special keys like ALT+TAB are still
handled by the host. Improve the usability by grabbing input once the
mouse is inside the guest screen, provided the SDL window has the input
focus. Release it again when the mouse is moved to any border. Also grab
the input when we gain the input focus and the mouse is within the
screen limits.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Restore the cursor when switching from graphic to text console while the
mouse is in absolute mode. Disable it again when returning.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
It's confusing to suddenly find two mice in full screen mode when
switching consoles or accidentally hitting the grab hot keys.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
There were some preexisting bits that released the input when switching
to text console. This patch spreads this logic consistently and also
avoids grabbing the input while a text console is active.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This ensures that we actually enter full screen on startup when e.g.
'-vga none -full-screen' was specified.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
There must be no difference between initial -full-screen and switching
to this mode via the hot key.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Save the scaling mode and its geometry when going full screen, restore
it when returning to windowed mode.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
When switching to full screen mode from a scaled window, we need to
resize to DisplayState's dimension, not the scaled "real" screen size.
Moreover, scaling mode may have manipulated the bpp. So we need to
restore it from the DisplayState as well.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Prevents screen flickering.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This prevents continuous resizing events and improper screen setups when
going full screen.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Just like the monitor does, we need to clear no_shutdown before calling
qemu_system_shutdown_request on quit requests. Otherwise, QEMU just
stops the VM.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
When compiling with gcc 4.6, some code in fw_cfg.c complains that fop_ret
is assigned but not used (which is true). However, it looks like the
meaningless assignments to fop_ret were done to suppress other gcc warnings
due to the fact that fread() is labelled as warn_unused_result in glibc.
This patch avoids both errors, by actually checking the fread() result code
and dropping out with an error message if it fails.
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
When loading an internal snapshot whose L1 table is smaller than the current L1
table, the size of the current L1 would be shrunk to the snapshot's L1 size in
memory, but not on disk. This lead to incorrect refcount updates and eventuelly
to image corruption.
Instead of writing the new L1 size to disk, this simply retains the bigger L1
size that is currently in use and makes sure that the unused part is zeroed.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Tested-by: Philipp Hahn <hahn@univention.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
QAPI will require glib/python, but for now the guest agent is the only
user. For now, make these dependencies an explicit guest agent one, and
give users the option to disable it if need be.
Once QAPI is adopted in core QEMU code, we would basically revert this
patch.
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
The system emulation code was not merged before the branch.
Let's leave that work for the next release.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
With vhost_net="" (most non-Linux hosts), configure prints an
error message:
test: 2551: =: unexpected operator
Fix this and similar code by adding the missing "".
Cc: Wolfgang Mauerer <wolfgang.mauerer@siemens.com>
Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Migrating after unplugging a virtio-balloon device resulted in an error
message on the destination:
Unknown savevm section or instance '0000:00:04.0/virtio-balloon' 0
load of migration failed
Fix this by unregistering the section on device unplug.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
|
|
Add an exit handler that will free up RAM after a virtio-balloon device
is unplugged.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
|
|
Negative balloon values don't make sense, reject them and throw a qerror
with QERR_INVALID_PARAMETER_VALUE.
Reported-by: Mike Cao <bcao@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
|
|
Multiple balloon registrations are not allowed; check if the
registration with the qemu balloon api succeeded. If not, fail the
device init.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
|
|
Multiple balloon devices don't make sense; disallow more than one
registration attempt to register handlers.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
|
|
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
Signed-off-by: Amit Shah <amit.shah@redhat.com>
|
|
Passing on '0' as ballooning target to indicate retrieval of stats is
bad API. It also makes 'balloon 0' in the monitor cause a segfault.
Have two different functions handle the different functionality instead.
Detailed explanation from Markus's review:
1. do_info_balloon() is an info_async() method. It receives a callback
with argument, to be called exactly once (callback frees the
argument). It passes the callback via qemu_balloon_status() and
indirectly through qemu_balloon_event to virtio_balloon_to_target().
virtio_balloon_to_target() executes its balloon stats half. It
stores the callback in the device state.
If it can't send a stats request, it resets stats and calls the
callback right away.
Else, it sends a stats request. The device model runs the callback
when it receives the answer.
Works.
2. do_balloon() is a cmd_async() method. It receives a callback with
argument, to be called when the command completes. do_balloon()
calls it right before it succeeds. Odd, but should work.
Nevertheless, it passes the callback on via qemu_ballon() and
indirectly through qemu_balloon_event to virtio_balloon_to_target().
a. If the argument is non-zero, virtio_balloon_to_target() executes
its balloon half, which doesn't use the callback in any way.
Odd, but works.
b. If the argument is zero, virtio_balloon_to_target() executes its
balloon stats half, just like in 1. It either calls the callback
right away, or arranges for it to be called later.
Thus, the callback runs twice: use after free and double free.
Test case: start with -S -device virtio-balloon, execute "balloon 0" in
human monitor. Runs the callback first from virtio_balloon_to_target(),
then again from do_balloon().
Reported-by: Mike Cao <bcao@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
|
|
Separate out the code to retrieve balloon info from the code that sets
balloon values.
This will be used to separate the two callbacks from balloon.c and help
cope with 'balloon 0' on the monitor. Currently, 'balloon 0' causes a
segfault in monitor_resume().
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
|
|
Replace:
if (foo) {
...
} else {
return 0;
}
by
if (!foo) {
return 0;
}
...
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
|
|
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
|
|
balloon.h had function declarations for a couple of functions that are
local to balloon.c. Make them static.
Drop the 'qemu_' prefix for balloon.c-local variables, and make them
static.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Almost pure code motion. Unstatic hid interface functions and add
them to the header file. Some renames. Some code style cleanups.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Add hid_has_events function, use it to figure whenever there are pending
events instead of checking and updating USBHIDState->changed.
Setting ->changed to 1 on init is removed, that should have absolutely
no effect as the initial state of ->idle is 0 so we report hid state
anyway until the guest configures some idle time. Also should clear
->idle on reset.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Add callback for event notification, which allows to un-usbify more
functions. Also split separate hid_* functions for reset and release.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
First step in separating out the HID emulation code from usb-hid, so it
can be reused without creating a dummy usb device like bluetooth does.
This creates a HIDState struct, moves the non-usbish fields from
USBHIDStruct there. Renames non-usbish structs, defines and functions
from usb* to hid*. Adapts the code to that.
Also cleans up a bunch of code style issues along the way.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Map guest memory and pass on a direct pointer instead of copying
the bits to a indirect buffer. EHCI transfer descriptors can
reference multiple (physical guest) pages so we'll actually start
seeing usb packets wich carry iovec with more than one element.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
