static int vmdk_open(BlockDriverState *bs, int flags)
{
int ret;
BDRVVmdkState *s = bs->opaque;
if (vmdk_open_sparse(bs, bs->file, flags) == 0) {
s->desc_offset = 0x200;
} else {
ret = vmdk_open_desc_file(bs, flags, 0);
if (ret) {
goto fail;
}
}
/* try to open parent images, if exist */
ret = vmdk_parent_open(bs);
if (ret) {
goto fail;
}
s->parent_cid = vmdk_read_cid(bs, 1);
qemu_co_mutex_init(&s->lock);
/* Disable migration when VMDK images are used */
error_set(&s->migration_blocker,
QERR_BLOCK_FORMAT_FEATURE_NOT_SUPPORTED,
"vmdk", bs->device_name, "live migration");
migrate_add_blocker(s->migration_blocker);
return 0;
fail:
vmdk_free_extents(bs);
return ret;
}
static void vhost_scsi_realize(DeviceState *dev, Error **errp)
{
VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(dev);
VHostSCSI *s = VHOST_SCSI(dev);
Error *err = NULL;
int vhostfd = -1;
int ret;
if (!vs->conf.wwpn) {
error_setg(errp, "vhost-scsi: missing wwpn");
return;
}
if (vs->conf.vhostfd) {
vhostfd = monitor_fd_param(cur_mon, vs->conf.vhostfd, errp);
if (vhostfd == -1) {
error_prepend(errp, "vhost-scsi: unable to parse vhostfd: ");
return;
}
} else {
vhostfd = open("/dev/vhost-scsi", O_RDWR);
if (vhostfd < 0) {
error_setg(errp, "vhost-scsi: open vhost char device failed: %s",
strerror(errno));
return;
}
}
virtio_scsi_common_realize(dev, &err, vhost_dummy_handle_output,
vhost_dummy_handle_output,
vhost_dummy_handle_output);
if (err != NULL) {
error_propagate(errp, err);
close(vhostfd);
return;
}
s->dev.nvqs = VHOST_SCSI_VQ_NUM_FIXED + vs->conf.num_queues;
s->dev.vqs = g_new(struct vhost_virtqueue, s->dev.nvqs);
s->dev.vq_index = 0;
s->dev.backend_features = 0;
ret = vhost_dev_init(&s->dev, (void *)(uintptr_t)vhostfd,
VHOST_BACKEND_TYPE_KERNEL);
if (ret < 0) {
error_setg(errp, "vhost-scsi: vhost initialization failed: %s",
strerror(-ret));
return;
}
/* At present, channel and lun both are 0 for bootable vhost-scsi disk */
s->channel = 0;
s->lun = 0;
/* Note: we can also get the minimum tpgt from kernel */
s->target = vs->conf.boot_tpgt;
error_setg(&s->migration_blocker,
"vhost-scsi does not support migration");
migrate_add_blocker(s->migration_blocker);
}
int whpx_init_vcpu(CPUState *cpu)
{
HRESULT hr;
struct whpx_state *whpx = &whpx_global;
struct whpx_vcpu *vcpu;
Error *local_error = NULL;
/* Add migration blockers for all unsupported features of the
* Windows Hypervisor Platform
*/
if (whpx_migration_blocker == NULL) {
error_setg(&whpx_migration_blocker,
"State blocked due to non-migratable CPUID feature support,"
"dirty memory tracking support, and XSAVE/XRSTOR support");
(void)migrate_add_blocker(whpx_migration_blocker, &local_error);
if (local_error) {
error_report_err(local_error);
error_free(whpx_migration_blocker);
migrate_del_blocker(whpx_migration_blocker);
return -EINVAL;
}
}
vcpu = g_malloc0(sizeof(struct whpx_vcpu));
if (!vcpu) {
error_report("WHPX: Failed to allocte VCPU context.");
return -ENOMEM;
}
hr = WHvEmulatorCreateEmulator(&whpx_emu_callbacks, &vcpu->emulator);
if (FAILED(hr)) {
error_report("WHPX: Failed to setup instruction completion support,"
" hr=%08lx", hr);
g_free(vcpu);
return -EINVAL;
}
hr = WHvCreateVirtualProcessor(whpx->partition, cpu->cpu_index, 0);
if (FAILED(hr)) {
error_report("WHPX: Failed to create a virtual processor,"
" hr=%08lx", hr);
WHvEmulatorDestroyEmulator(vcpu->emulator);
g_free(vcpu);
return -EINVAL;
}
vcpu->interruptable = true;
cpu->vcpu_dirty = true;
cpu->hax_vcpu = (struct hax_vcpu_state *)vcpu;
return 0;
}
static int tpm_emulator_block_migration(TPMEmulator *tpm_emu)
{
Error *err = NULL;
error_setg(&tpm_emu->migration_blocker,
"Migration disabled: TPM emulator not yet migratable");
migrate_add_blocker(tpm_emu->migration_blocker, &err);
if (err) {
error_report_err(err);
error_free(tpm_emu->migration_blocker);
tpm_emu->migration_blocker = NULL;
return -1;
}
return 0;
}
static int vhost_scsi_init(VirtIODevice *vdev)
{
VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(vdev);
VHostSCSI *s = VHOST_SCSI(vdev);
int vhostfd = -1;
int ret;
if (!vs->conf.wwpn) {
error_report("vhost-scsi: missing wwpn\n");
return -EINVAL;
}
if (vs->conf.vhostfd) {
vhostfd = monitor_handle_fd_param(cur_mon, vs->conf.vhostfd);
if (vhostfd == -1) {
error_report("vhost-scsi: unable to parse vhostfd\n");
return -EINVAL;
}
}
ret = virtio_scsi_common_init(vs);
if (ret < 0) {
return ret;
}
s->dev.nvqs = VHOST_SCSI_VQ_NUM_FIXED + vs->conf.num_queues;
s->dev.vqs = g_new(struct vhost_virtqueue, s->dev.nvqs);
s->dev.vq_index = 0;
ret = vhost_dev_init(&s->dev, vhostfd, "/dev/vhost-scsi", true);
if (ret < 0) {
error_report("vhost-scsi: vhost initialization failed: %s\n",
strerror(-ret));
return ret;
}
s->dev.backend_features = 0;
error_setg(&s->migration_blocker,
"vhost-scsi does not support migration");
migrate_add_blocker(s->migration_blocker);
return 0;
}
static void vhost_scsi_realize(DeviceState *dev, Error **errp)
{
VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(dev);
VHostSCSI *s = VHOST_SCSI(dev);
Error *err = NULL;
int vhostfd = -1;
int ret;
if (!vs->conf.wwpn) {
error_setg(errp, "vhost-scsi: missing wwpn");
return;
}
if (vs->conf.vhostfd) {
vhostfd = monitor_handle_fd_param(cur_mon, vs->conf.vhostfd);
if (vhostfd == -1) {
error_setg(errp, "vhost-scsi: unable to parse vhostfd");
return;
}
}
virtio_scsi_common_realize(dev, &err);
if (err != NULL) {
error_propagate(errp, err);
return;
}
s->dev.nvqs = VHOST_SCSI_VQ_NUM_FIXED + vs->conf.num_queues;
s->dev.vqs = g_new(struct vhost_virtqueue, s->dev.nvqs);
s->dev.vq_index = 0;
ret = vhost_dev_init(&s->dev, vhostfd, "/dev/vhost-scsi", true);
if (ret < 0) {
error_setg(errp, "vhost-scsi: vhost initialization failed: %s",
strerror(-ret));
return;
}
s->dev.backend_features = 0;
error_setg(&s->migration_blocker,
"vhost-scsi does not support migration");
migrate_add_blocker(s->migration_blocker);
}
static void kvm_arm_its_realize(DeviceState *dev, Error **errp)
{
GICv3ITSState *s = ARM_GICV3_ITS_COMMON(dev);
Error *local_err = NULL;
s->dev_fd = kvm_create_device(kvm_state, KVM_DEV_TYPE_ARM_VGIC_ITS, false);
if (s->dev_fd < 0) {
error_setg_errno(errp, -s->dev_fd, "error creating in-kernel ITS");
return;
}
/* explicit init of the ITS */
kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_CTRL,
KVM_DEV_ARM_VGIC_CTRL_INIT, NULL, true, &error_abort);
/* register the base address */
kvm_arm_register_device(&s->iomem_its_cntrl, -1, KVM_DEV_ARM_VGIC_GRP_ADDR,
KVM_VGIC_ITS_ADDR_TYPE, s->dev_fd);
gicv3_its_init_mmio(s, NULL);
if (!kvm_device_check_attr(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
GITS_CTLR)) {
error_setg(&s->migration_blocker, "This operating system kernel "
"does not support vITS migration");
migrate_add_blocker(s->migration_blocker, &local_err);
if (local_err) {
error_propagate(errp, local_err);
error_free(s->migration_blocker);
return;
}
} else {
qemu_add_vm_change_state_handler(vm_change_state_handler, s);
}
kvm_msi_use_devid = true;
kvm_gsi_direct_mapping = false;
kvm_msi_via_irqfd_allowed = kvm_irqfds_enabled();
}
static int bdrv_qed_open(BlockDriverState *bs, int flags)
{
BDRVQEDState *s = bs->opaque;
QEDHeader le_header;
int64_t file_size;
int ret;
s->bs = bs;
QSIMPLEQ_INIT(&s->allocating_write_reqs);
ret = bdrv_pread(bs->file, 0, &le_header, sizeof(le_header));
if (ret < 0) {
return ret;
}
qed_header_le_to_cpu(&le_header, &s->header);
if (s->header.magic != QED_MAGIC) {
return -EINVAL;
}
if (s->header.features & ~QED_FEATURE_MASK) {
/* image uses unsupported feature bits */
char buf[64];
snprintf(buf, sizeof(buf), "%" PRIx64,
s->header.features & ~QED_FEATURE_MASK);
qerror_report(QERR_UNKNOWN_BLOCK_FORMAT_FEATURE,
bs->device_name, "QED", buf);
return -ENOTSUP;
}
if (!qed_is_cluster_size_valid(s->header.cluster_size)) {
return -EINVAL;
}
/* Round down file size to the last cluster */
file_size = bdrv_getlength(bs->file);
if (file_size < 0) {
return file_size;
}
s->file_size = qed_start_of_cluster(s, file_size);
if (!qed_is_table_size_valid(s->header.table_size)) {
return -EINVAL;
}
if (!qed_is_image_size_valid(s->header.image_size,
s->header.cluster_size,
s->header.table_size)) {
return -EINVAL;
}
if (!qed_check_table_offset(s, s->header.l1_table_offset)) {
return -EINVAL;
}
s->table_nelems = (s->header.cluster_size * s->header.table_size) /
sizeof(uint64_t);
s->l2_shift = ffs(s->header.cluster_size) - 1;
s->l2_mask = s->table_nelems - 1;
s->l1_shift = s->l2_shift + ffs(s->table_nelems) - 1;
if ((s->header.features & QED_F_BACKING_FILE)) {
if ((uint64_t)s->header.backing_filename_offset +
s->header.backing_filename_size >
s->header.cluster_size * s->header.header_size) {
return -EINVAL;
}
ret = qed_read_string(bs->file, s->header.backing_filename_offset,
s->header.backing_filename_size, bs->backing_file,
sizeof(bs->backing_file));
if (ret < 0) {
return ret;
}
if (s->header.features & QED_F_BACKING_FORMAT_NO_PROBE) {
pstrcpy(bs->backing_format, sizeof(bs->backing_format), "raw");
}
}
/* Reset unknown autoclear feature bits. This is a backwards
* compatibility mechanism that allows images to be opened by older
* programs, which "knock out" unknown feature bits. When an image is
* opened by a newer program again it can detect that the autoclear
* feature is no longer valid.
*/
if ((s->header.autoclear_features & ~QED_AUTOCLEAR_FEATURE_MASK) != 0 &&
!bdrv_is_read_only(bs->file)) {
s->header.autoclear_features &= QED_AUTOCLEAR_FEATURE_MASK;
ret = qed_write_header_sync(s);
if (ret) {
return ret;
}
/* From here on only known autoclear feature bits are valid */
bdrv_flush(bs->file);
}
s->l1_table = qed_alloc_table(s);
qed_init_l2_cache(&s->l2_cache);
ret = qed_read_l1_table_sync(s);
if (ret) {
goto out;
}
/* If image was not closed cleanly, check consistency */
if (s->header.features & QED_F_NEED_CHECK) {
/* Read-only images cannot be fixed. There is no risk of corruption
* since write operations are not possible. Therefore, allow
* potentially inconsistent images to be opened read-only. This can
* aid data recovery from an otherwise inconsistent image.
*/
if (!bdrv_is_read_only(bs->file)) {
BdrvCheckResult result = {0};
ret = qed_check(s, &result, true);
if (ret) {
goto out;
}
if (!result.corruptions && !result.check_errors) {
/* Ensure fixes reach storage before clearing check bit */
bdrv_flush(s->bs);
s->header.features &= ~QED_F_NEED_CHECK;
qed_write_header_sync(s);
}
}
}
s->need_check_timer = qemu_new_timer_ns(vm_clock,
qed_need_check_timer_cb, s);
error_set(&s->migration_blocker,
QERR_BLOCK_FORMAT_FEATURE_NOT_SUPPORTED,
"qed", bs->device_name, "live migration");
migrate_add_blocker(s->migration_blocker);
out:
if (ret) {
qed_free_l2_cache(&s->l2_cache);
qemu_vfree(s->l1_table);
}
return ret;
}
static void ivshmem_common_realize(PCIDevice *dev, Error **errp)
{
IVShmemState *s = IVSHMEM_COMMON(dev);
Error *err = NULL;
uint8_t *pci_conf;
uint8_t attr = PCI_BASE_ADDRESS_SPACE_MEMORY |
PCI_BASE_ADDRESS_MEM_PREFETCH;
/* IRQFD requires MSI */
if (ivshmem_has_feature(s, IVSHMEM_IOEVENTFD) &&
!ivshmem_has_feature(s, IVSHMEM_MSI)) {
error_setg(errp, "ioeventfd/irqfd requires MSI");
return;
}
pci_conf = dev->config;
pci_conf[PCI_COMMAND] = PCI_COMMAND_IO | PCI_COMMAND_MEMORY;
memory_region_init_io(&s->ivshmem_mmio, OBJECT(s), &ivshmem_mmio_ops, s,
"ivshmem-mmio", IVSHMEM_REG_BAR_SIZE);
/* region for registers*/
pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY,
&s->ivshmem_mmio);
if (!s->not_legacy_32bit) {
attr |= PCI_BASE_ADDRESS_MEM_TYPE_64;
}
if (s->hostmem != NULL) {
IVSHMEM_DPRINTF("using hostmem\n");
s->ivshmem_bar2 = host_memory_backend_get_memory(s->hostmem,
&error_abort);
} else {
assert(s->server_chr);
IVSHMEM_DPRINTF("using shared memory server (socket = %s)\n",
s->server_chr->filename);
/* we allocate enough space for 16 peers and grow as needed */
resize_peers(s, 16);
/*
* Receive setup messages from server synchronously.
* Older versions did it asynchronously, but that creates a
* number of entertaining race conditions.
*/
ivshmem_recv_setup(s, &err);
if (err) {
error_propagate(errp, err);
return;
}
if (s->master == ON_OFF_AUTO_ON && s->vm_id != 0) {
error_setg(errp,
"master must connect to the server before any peers");
return;
}
qemu_chr_add_handlers(s->server_chr, ivshmem_can_receive,
ivshmem_read, NULL, s);
if (ivshmem_setup_interrupts(s) < 0) {
error_setg(errp, "failed to initialize interrupts");
return;
}
}
vmstate_register_ram(s->ivshmem_bar2, DEVICE(s));
pci_register_bar(PCI_DEVICE(s), 2, attr, s->ivshmem_bar2);
if (s->master == ON_OFF_AUTO_AUTO) {
s->master = s->vm_id == 0 ? ON_OFF_AUTO_ON : ON_OFF_AUTO_OFF;
}
if (!ivshmem_is_master(s)) {
error_setg(&s->migration_blocker,
"Migration is disabled when using feature 'peer mode' in device 'ivshmem'");
migrate_add_blocker(s->migration_blocker);
}
}
static int pci_ivshmem_init(PCIDevice *dev)
{
IVShmemState *s = DO_UPCAST(IVShmemState, dev, dev);
uint8_t *pci_conf;
if (s->sizearg == NULL)
s->ivshmem_size = 4 << 20; /* 4 MB default */
else {
s->ivshmem_size = ivshmem_get_size(s);
}
register_savevm(&s->dev.qdev, "ivshmem", 0, 0, ivshmem_save, ivshmem_load,
dev);
/* IRQFD requires MSI */
if (ivshmem_has_feature(s, IVSHMEM_IOEVENTFD) &&
!ivshmem_has_feature(s, IVSHMEM_MSI)) {
fprintf(stderr, "ivshmem: ioeventfd/irqfd requires MSI\n");
exit(1);
}
/* check that role is reasonable */
if (s->role) {
if (strncmp(s->role, "peer", 5) == 0) {
s->role_val = IVSHMEM_PEER;
} else if (strncmp(s->role, "master", 7) == 0) {
s->role_val = IVSHMEM_MASTER;
} else {
fprintf(stderr, "ivshmem: 'role' must be 'peer' or 'master'\n");
exit(1);
}
} else {
s->role_val = IVSHMEM_MASTER; /* default */
}
if (s->role_val == IVSHMEM_PEER) {
error_set(&s->migration_blocker, QERR_DEVICE_FEATURE_BLOCKS_MIGRATION,
"peer mode", "ivshmem");
migrate_add_blocker(s->migration_blocker);
}
pci_conf = s->dev.config;
pci_conf[PCI_COMMAND] = PCI_COMMAND_IO | PCI_COMMAND_MEMORY;
pci_config_set_interrupt_pin(pci_conf, 1);
s->shm_fd = 0;
memory_region_init_io(&s->ivshmem_mmio, &ivshmem_mmio_ops, s,
"ivshmem-mmio", IVSHMEM_REG_BAR_SIZE);
/* region for registers*/
pci_register_bar(&s->dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY,
&s->ivshmem_mmio);
memory_region_init(&s->bar, "ivshmem-bar2-container", s->ivshmem_size);
s->ivshmem_attr = PCI_BASE_ADDRESS_SPACE_MEMORY |
PCI_BASE_ADDRESS_MEM_PREFETCH;
if (s->ivshmem_64bit) {
s->ivshmem_attr |= PCI_BASE_ADDRESS_MEM_TYPE_64;
}
if ((s->server_chr != NULL) &&
(strncmp(s->server_chr->filename, "unix:", 5) == 0)) {
/* if we get a UNIX socket as the parameter we will talk
* to the ivshmem server to receive the memory region */
if (s->shmobj != NULL) {
fprintf(stderr, "WARNING: do not specify both 'chardev' "
"and 'shm' with ivshmem\n");
}
IVSHMEM_DPRINTF("using shared memory server (socket = %s)\n",
s->server_chr->filename);
if (ivshmem_has_feature(s, IVSHMEM_MSI)) {
ivshmem_setup_msi(s);
}
/* we allocate enough space for 16 guests and grow as needed */
s->nb_peers = 16;
s->vm_id = -1;
/* allocate/initialize space for interrupt handling */
s->peers = g_malloc0(s->nb_peers * sizeof(Peer));
pci_register_bar(&s->dev, 2, s->ivshmem_attr, &s->bar);
s->eventfd_chr = g_malloc0(s->vectors * sizeof(CharDriverState *));
qemu_chr_add_handlers(s->server_chr, ivshmem_can_receive, ivshmem_read,
ivshmem_event, s);
} else {
/* just map the file immediately, we're not using a server */
int fd;
if (s->shmobj == NULL) {
fprintf(stderr, "Must specify 'chardev' or 'shm' to ivshmem\n");
}
IVSHMEM_DPRINTF("using shm_open (shm object = %s)\n", s->shmobj);
/* try opening with O_EXCL and if it succeeds zero the memory
* by truncating to 0 */
if ((fd = shm_open(s->shmobj, O_CREAT|O_RDWR|O_EXCL,
S_IRWXU|S_IRWXG|S_IRWXO)) > 0) {
/* truncate file to length PCI device's memory */
if (ftruncate(fd, s->ivshmem_size) != 0) {
fprintf(stderr, "ivshmem: could not truncate shared file\n");
}
} else if ((fd = shm_open(s->shmobj, O_CREAT|O_RDWR,
S_IRWXU|S_IRWXG|S_IRWXO)) < 0) {
fprintf(stderr, "ivshmem: could not open shared file\n");
exit(-1);
}
if (check_shm_size(s, fd) == -1) {
exit(-1);
}
create_shared_memory_BAR(s, fd);
}
s->dev.config_write = ivshmem_write_config;
return 0;
}
static int pci_ivshmem_init(PCIDevice *dev)
{
IVShmemState *s = DO_UPCAST(IVShmemState, dev, dev);
uint8_t *pci_conf;
if (s->sizearg == NULL)
s->ivshmem_size = 4 << 20; /* 4 MB default */
else {
s->ivshmem_size = ivshmem_get_size(s);
}
register_savevm(&s->dev.qdev, "ivshmem", 0, 0, ivshmem_save, ivshmem_load,
dev);
/* IRQFD requires MSI */
if (ivshmem_has_feature(s, IVSHMEM_IOEVENTFD) &&
!ivshmem_has_feature(s, IVSHMEM_MSI)) {
fprintf(stderr, "ivshmem: ioeventfd/irqfd requires MSI\n");
exit(1);
}
/* check that role is reasonable */
if (s->role) {
if (strncmp(s->role, "peer", 5) == 0) {
s->role_val = IVSHMEM_PEER;
} else if (strncmp(s->role, "master", 7) == 0) {
s->role_val = IVSHMEM_MASTER;
} else {
fprintf(stderr, "ivshmem: 'role' must be 'peer' or 'master'\n");
exit(1);
}
} else {
s->role_val = IVSHMEM_MASTER; /* default */
}
if (s->role_val == IVSHMEM_PEER) {
error_set(&s->migration_blocker, QERR_DEVICE_FEATURE_BLOCKS_MIGRATION,
"peer mode", "ivshmem");
migrate_add_blocker(s->migration_blocker);
}
pci_conf = s->dev.config;
pci_conf[PCI_COMMAND] = PCI_COMMAND_IO | PCI_COMMAND_MEMORY;
pci_config_set_interrupt_pin(pci_conf, 1);
memset(s->shm_fds, 0, sizeof(s->shm_fds));
memory_region_init_io(&s->ivshmem_mmio, &ivshmem_mmio_ops, s,
"ivshmem-mmio", IVSHMEM_REG_BAR_SIZE);
/* region for registers*/
pci_register_bar(&s->dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY,
&s->ivshmem_mmio);
memory_region_init(&s->bar, "ivshmem-bar2-container", s->ivshmem_size);
s->ivshmem_attr = PCI_BASE_ADDRESS_SPACE_MEMORY |
PCI_BASE_ADDRESS_MEM_PREFETCH;
if (s->ivshmem_64bit) {
s->ivshmem_attr |= PCI_BASE_ADDRESS_MEM_TYPE_64;
}
if ((s->server_chr != NULL) &&
(strncmp(s->server_chr->filename, "unix:", 5) == 0)) {
/* if we get a UNIX socket as the parameter we will talk
* to the ivshmem server to receive the memory region */
if (s->shmobj != NULL) {
fprintf(stderr, "WARNING: do not specify both 'chardev' "
"and 'shm' with ivshmem\n");
}
IVSHMEM_DPRINTF("using shared memory server (socket = %s)\n",
s->server_chr->filename);
if (ivshmem_has_feature(s, IVSHMEM_MSI)) {
ivshmem_setup_msi(s);
}
/* we allocate enough space for 16 guests and grow as needed */
s->nb_peers = 16;
s->vm_id = -1;
/* allocate/initialize space for interrupt handling */
s->peers = g_malloc0(s->nb_peers * sizeof(Peer));
pci_register_bar(&s->dev, 2, s->ivshmem_attr, &s->bar);
s->eventfd_chr = g_malloc0(s->vectors * sizeof(CharDriverState *));
qemu_chr_add_handlers(s->server_chr, ivshmem_can_receive, ivshmem_read,
ivshmem_event, s);
} else {
/* just map the file immediately, we're not using a server */
IVShmemFile f[IVSHMEM_MAX_FILES];
int f_index = 0;
if (s->shmobj == NULL) {
fprintf(stderr, "Must specify 'chardev' or 'shm' to ivshmem\n");
exit(1);
}
IVSHMEM_DPRINTF("using shm_open (shm object = %s)\n", s->shmobj);
memset(f, 0, sizeof(f));
/* check if we are trying to share a regular file */
if (strncmp(s->shmobj, FD_PREFIX, sizeof(FD_PREFIX) - 1) == 0) {
int token_n, n_cols, i;
char * tok;
n_cols = 0;
token_n = -1;
/* find out how many colons do we have */
for (i = 0; i <= strlen(s->shmobj); i++) {
if (s->shmobj[i] == ':')
n_cols++;
}
tok = strtok(s->shmobj, ":");
while (tok != NULL) {
if (f_index == IVSHMEM_MAX_FILES) {
fprintf(stderr, "ivshmem: too many files (maximum is %i)\n",
IVSHMEM_MAX_FILES);
exit(-1);
}
/* skip the first token */
if (token_n == -1) {
tok = strtok(0, ":");
token_n++;
continue;
}
switch (token_n % TOK_NUM) {
case TOK_FILENAME:
if ((f[f_index].fd = open(tok, O_RDWR | O_SYNC)) < 0) {
fprintf(stderr, "ivshmem: error opening file %s: %s\n",
tok, strerror(errno));
exit(-1);
}
/* get true file size, may be changed later */
f[f_index].size = get_file_size(f[f_index].fd);
break;
case TOK_OFFSET:
f[f_index].offset = strtoull(tok, NULL, 16);
break;
case TOK_SIZE:
f[f_index].size = strtoull(tok, NULL, 16);
f_index++;
break;
default:
fprintf(stderr, "ivshmem: invalid parameters\n");
exit(-1);
}
tok = strtok(0, ":");
token_n++;
}
/* check every file descriptor */
for (i = 0; i < IVSHMEM_MAX_FILES; i++) {
if (f[i].fd > 0) {
if (check_shm_size(f[i].fd, f[i].size, f[i].offset) == -1)
exit(-1);
}
}
/* check if we haven't skipped any tokens */
if ((token_n != n_cols) || (n_cols > (IVSHMEM_MAX_FILES * 3))) {
fprintf(stderr, "ivshmem: invalid parameters\n");
exit(-1);
}
}
else {
/* try opening with O_EXCL and if it succeeds zero the memory
* by truncating to 0 */
if ((f[0].fd = shm_open(s->shmobj, O_CREAT|O_RDWR|O_EXCL,
S_IRWXU|S_IRWXG|S_IRWXO)) > 0) {
/* truncate file to length PCI device's memory */
if (ftruncate(f[0].fd, s->ivshmem_size) != 0) {
fprintf(stderr, "ivshmem: could not truncate shared file\n");
}
} else if ((f[0].fd = shm_open(s->shmobj, O_CREAT|O_RDWR,
S_IRWXU|S_IRWXG|S_IRWXO)) < 0) {
fprintf(stderr, "ivshmem: could not open shared file\n");
exit(-1);
}
if (s->ivshmem_size > get_file_size(f[0].fd)) {
fprintf(stderr, "ivshmem: Requested memory size greater"
" than shared object size\n");
exit(-1);
}
f_index = 1;
}
if (check_total_shm_size(s, f, f_index))
exit(-1);
if (create_shared_memory_BAR(s, f, f_index) < 0)
exit(-1);
}
s->dev.config_write = ivshmem_write_config;
return 0;
}
static void kvm_arm_gicv3_realize(DeviceState *dev, Error **errp)
{
GICv3State *s = KVM_ARM_GICV3(dev);
KVMARMGICv3Class *kgc = KVM_ARM_GICV3_GET_CLASS(s);
Error *local_err = NULL;
int i;
DPRINTF("kvm_arm_gicv3_realize\n");
kgc->parent_realize(dev, &local_err);
if (local_err) {
error_propagate(errp, local_err);
return;
}
if (s->security_extn) {
error_setg(errp, "the in-kernel VGICv3 does not implement the "
"security extensions");
return;
}
gicv3_init_irqs_and_mmio(s, kvm_arm_gicv3_set_irq, NULL);
/* Block migration of a KVM GICv3 device: the API for saving and restoring
* the state in the kernel is not yet finalised in the kernel or
* implemented in QEMU.
*/
error_setg(&s->migration_blocker, "vGICv3 migration is not implemented");
migrate_add_blocker(s->migration_blocker, &local_err);
if (local_err) {
error_propagate(errp, local_err);
error_free(s->migration_blocker);
return;
}
/* Try to create the device via the device control API */
s->dev_fd = kvm_create_device(kvm_state, KVM_DEV_TYPE_ARM_VGIC_V3, false);
if (s->dev_fd < 0) {
error_setg_errno(errp, -s->dev_fd, "error creating in-kernel VGIC");
return;
}
kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_NR_IRQS,
0, &s->num_irq, true);
/* Tell the kernel to complete VGIC initialization now */
kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_CTRL,
KVM_DEV_ARM_VGIC_CTRL_INIT, NULL, true);
kvm_arm_register_device(&s->iomem_dist, -1, KVM_DEV_ARM_VGIC_GRP_ADDR,
KVM_VGIC_V3_ADDR_TYPE_DIST, s->dev_fd);
kvm_arm_register_device(&s->iomem_redist, -1, KVM_DEV_ARM_VGIC_GRP_ADDR,
KVM_VGIC_V3_ADDR_TYPE_REDIST, s->dev_fd);
if (kvm_has_gsi_routing()) {
/* set up irq routing */
kvm_init_irq_routing(kvm_state);
for (i = 0; i < s->num_irq - GIC_INTERNAL; ++i) {
kvm_irqchip_add_irq_route(kvm_state, i, 0, i);
}
kvm_gsi_routing_allowed = true;
kvm_irqchip_commit_routes(kvm_state);
}
}
static int vhdx_open(BlockDriverState *bs, QDict *options, int flags,
Error **errp)
{
BDRVVHDXState *s = bs->opaque;
int ret = 0;
uint32_t i;
uint64_t signature;
uint32_t data_blocks_cnt, bitmap_blocks_cnt;
s->bat = NULL;
qemu_co_mutex_init(&s->lock);
/* validate the file signature */
ret = bdrv_pread(bs->file, 0, &signature, sizeof(uint64_t));
if (ret < 0) {
goto fail;
}
if (memcmp(&signature, "vhdxfile", 8)) {
ret = -EINVAL;
goto fail;
}
ret = vhdx_parse_header(bs, s);
if (ret) {
goto fail;
}
ret = vhdx_parse_log(bs, s);
if (ret) {
goto fail;
}
ret = vhdx_open_region_tables(bs, s);
if (ret) {
goto fail;
}
ret = vhdx_parse_metadata(bs, s);
if (ret) {
goto fail;
}
s->block_size = s->params.block_size;
/* the VHDX spec dictates that virtual_disk_size is always a multiple of
* logical_sector_size */
bs->total_sectors = s->virtual_disk_size >> s->logical_sector_size_bits;
data_blocks_cnt = s->virtual_disk_size >> s->block_size_bits;
if (s->virtual_disk_size - (data_blocks_cnt << s->block_size_bits)) {
data_blocks_cnt++;
}
bitmap_blocks_cnt = data_blocks_cnt >> s->chunk_ratio_bits;
if (data_blocks_cnt - (bitmap_blocks_cnt << s->chunk_ratio_bits)) {
bitmap_blocks_cnt++;
}
if (s->parent_entries) {
s->bat_entries = bitmap_blocks_cnt * (s->chunk_ratio + 1);
} else {
s->bat_entries = data_blocks_cnt +
((data_blocks_cnt - 1) >> s->chunk_ratio_bits);
}
s->bat_offset = s->bat_rt.file_offset;
if (s->bat_entries > s->bat_rt.length / sizeof(VHDXBatEntry)) {
/* BAT allocation is not large enough for all entries */
ret = -EINVAL;
goto fail;
}
s->bat = qemu_blockalign(bs, s->bat_rt.length);
ret = bdrv_pread(bs->file, s->bat_offset, s->bat, s->bat_rt.length);
if (ret < 0) {
goto fail;
}
for (i = 0; i < s->bat_entries; i++) {
le64_to_cpus(&s->bat[i]);
}
if (flags & BDRV_O_RDWR) {
ret = -ENOTSUP;
goto fail;
}
/* TODO: differencing files, write */
/* Disable migration when VHDX images are used */
error_set(&s->migration_blocker,
QERR_BLOCK_FORMAT_FEATURE_NOT_SUPPORTED,
"vhdx", bs->device_name, "live migration");
migrate_add_blocker(s->migration_blocker);
return 0;
fail:
qemu_vfree(s->headers[0]);
qemu_vfree(s->headers[1]);
qemu_vfree(s->bat);
qemu_vfree(s->parent_entries);
return ret;
}
static void pci_ivshmem_realize(PCIDevice *dev, Error **errp)
{
IVShmemState *s = IVSHMEM(dev);
uint8_t *pci_conf;
uint8_t attr = PCI_BASE_ADDRESS_SPACE_MEMORY |
PCI_BASE_ADDRESS_MEM_PREFETCH;
if (!!s->server_chr + !!s->shmobj + !!s->hostmem != 1) {
error_setg(errp,
"You must specify either 'shm', 'chardev' or 'x-memdev'");
return;
}
if (s->hostmem) {
MemoryRegion *mr;
if (s->sizearg) {
g_warning("size argument ignored with hostmem");
}
mr = host_memory_backend_get_memory(s->hostmem, errp);
s->ivshmem_size = memory_region_size(mr);
} else if (s->sizearg == NULL) {
s->ivshmem_size = 4 << 20; /* 4 MB default */
} else {
char *end;
int64_t size = qemu_strtosz(s->sizearg, &end);
if (size < 0 || *end != '\0' || !is_power_of_2(size)) {
error_setg(errp, "Invalid size %s", s->sizearg);
return;
}
s->ivshmem_size = size;
}
fifo8_create(&s->incoming_fifo, sizeof(int64_t));
/* IRQFD requires MSI */
if (ivshmem_has_feature(s, IVSHMEM_IOEVENTFD) &&
!ivshmem_has_feature(s, IVSHMEM_MSI)) {
error_setg(errp, "ioeventfd/irqfd requires MSI");
return;
}
/* check that role is reasonable */
if (s->role) {
if (strncmp(s->role, "peer", 5) == 0) {
s->role_val = IVSHMEM_PEER;
} else if (strncmp(s->role, "master", 7) == 0) {
s->role_val = IVSHMEM_MASTER;
} else {
error_setg(errp, "'role' must be 'peer' or 'master'");
return;
}
} else {
s->role_val = IVSHMEM_MASTER; /* default */
}
if (s->role_val == IVSHMEM_PEER) {
error_setg(&s->migration_blocker,
"Migration is disabled when using feature 'peer mode' in device 'ivshmem'");
migrate_add_blocker(s->migration_blocker);
}
pci_conf = dev->config;
pci_conf[PCI_COMMAND] = PCI_COMMAND_IO | PCI_COMMAND_MEMORY;
pci_config_set_interrupt_pin(pci_conf, 1);
memory_region_init_io(&s->ivshmem_mmio, OBJECT(s), &ivshmem_mmio_ops, s,
"ivshmem-mmio", IVSHMEM_REG_BAR_SIZE);
/* region for registers*/
pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY,
&s->ivshmem_mmio);
memory_region_init(&s->bar, OBJECT(s), "ivshmem-bar2-container", s->ivshmem_size);
if (s->ivshmem_64bit) {
attr |= PCI_BASE_ADDRESS_MEM_TYPE_64;
}
if (s->hostmem != NULL) {
MemoryRegion *mr;
IVSHMEM_DPRINTF("using hostmem\n");
mr = host_memory_backend_get_memory(MEMORY_BACKEND(s->hostmem), errp);
vmstate_register_ram(mr, DEVICE(s));
memory_region_add_subregion(&s->bar, 0, mr);
pci_register_bar(PCI_DEVICE(s), 2, attr, &s->bar);
} else if (s->server_chr != NULL) {
/* FIXME do not rely on what chr drivers put into filename */
if (strncmp(s->server_chr->filename, "unix:", 5)) {
error_setg(errp, "chardev is not a unix client socket");
return;
}
/* if we get a UNIX socket as the parameter we will talk
* to the ivshmem server to receive the memory region */
IVSHMEM_DPRINTF("using shared memory server (socket = %s)\n",
s->server_chr->filename);
if (ivshmem_has_feature(s, IVSHMEM_MSI) &&
ivshmem_setup_msi(s)) {
error_setg(errp, "msix initialization failed");
return;
}
/* we allocate enough space for 16 peers and grow as needed */
resize_peers(s, 16);
s->vm_id = -1;
pci_register_bar(dev, 2, attr, &s->bar);
s->eventfd_chr = g_malloc0(s->vectors * sizeof(CharDriverState *));
qemu_chr_add_handlers(s->server_chr, ivshmem_can_receive,
ivshmem_check_version, ivshmem_event, s);
} else {
/* just map the file immediately, we're not using a server */
int fd;
IVSHMEM_DPRINTF("using shm_open (shm object = %s)\n", s->shmobj);
/* try opening with O_EXCL and if it succeeds zero the memory
* by truncating to 0 */
if ((fd = shm_open(s->shmobj, O_CREAT|O_RDWR|O_EXCL,
S_IRWXU|S_IRWXG|S_IRWXO)) > 0) {
/* truncate file to length PCI device's memory */
if (ftruncate(fd, s->ivshmem_size) != 0) {
error_report("could not truncate shared file");
}
} else if ((fd = shm_open(s->shmobj, O_CREAT|O_RDWR,
S_IRWXU|S_IRWXG|S_IRWXO)) < 0) {
error_setg(errp, "could not open shared file");
return;
}
if (check_shm_size(s, fd, errp) == -1) {
return;
}
create_shared_memory_BAR(s, fd, attr, errp);
}
}
static int vpc_open(BlockDriverState *bs, QDict *options, int flags,
Error **errp)
{
BDRVVPCState *s = bs->opaque;
int i;
VHDFooter *footer;
VHDDynDiskHeader *dyndisk_header;
uint8_t buf[HEADER_SIZE];
uint32_t checksum;
uint64_t computed_size;
uint64_t pagetable_size;
int disk_type = VHD_DYNAMIC;
int ret;
ret = bdrv_pread(bs->file->bs, 0, s->footer_buf, HEADER_SIZE);
if (ret < 0) {
goto fail;
}
footer = (VHDFooter *) s->footer_buf;
if (strncmp(footer->creator, "conectix", 8)) {
int64_t offset = bdrv_getlength(bs->file->bs);
if (offset < 0) {
ret = offset;
goto fail;
} else if (offset < HEADER_SIZE) {
ret = -EINVAL;
goto fail;
}
/* If a fixed disk, the footer is found only at the end of the file */
ret = bdrv_pread(bs->file->bs, offset-HEADER_SIZE, s->footer_buf,
HEADER_SIZE);
if (ret < 0) {
goto fail;
}
if (strncmp(footer->creator, "conectix", 8)) {
error_setg(errp, "invalid VPC image");
ret = -EINVAL;
goto fail;
}
disk_type = VHD_FIXED;
}
checksum = be32_to_cpu(footer->checksum);
footer->checksum = 0;
if (vpc_checksum(s->footer_buf, HEADER_SIZE) != checksum)
fprintf(stderr, "block-vpc: The header checksum of '%s' is "
"incorrect.\n", bs->filename);
/* Write 'checksum' back to footer, or else will leave it with zero. */
footer->checksum = cpu_to_be32(checksum);
// The visible size of a image in Virtual PC depends on the geometry
// rather than on the size stored in the footer (the size in the footer
// is too large usually)
bs->total_sectors = (int64_t)
be16_to_cpu(footer->cyls) * footer->heads * footer->secs_per_cyl;
/* Images that have exactly the maximum geometry are probably bigger and
* would be truncated if we adhered to the geometry for them. Rely on
* footer->current_size for them. */
if (bs->total_sectors == VHD_MAX_GEOMETRY) {
bs->total_sectors = be64_to_cpu(footer->current_size) /
BDRV_SECTOR_SIZE;
}
/* Allow a maximum disk size of approximately 2 TB */
if (bs->total_sectors >= VHD_MAX_SECTORS) {
ret = -EFBIG;
goto fail;
}
if (disk_type == VHD_DYNAMIC) {
ret = bdrv_pread(bs->file->bs, be64_to_cpu(footer->data_offset), buf,
HEADER_SIZE);
if (ret < 0) {
goto fail;
}
dyndisk_header = (VHDDynDiskHeader *) buf;
if (strncmp(dyndisk_header->magic, "cxsparse", 8)) {
ret = -EINVAL;
goto fail;
}
s->block_size = be32_to_cpu(dyndisk_header->block_size);
if (!is_power_of_2(s->block_size) || s->block_size < BDRV_SECTOR_SIZE) {
error_setg(errp, "Invalid block size %" PRIu32, s->block_size);
ret = -EINVAL;
goto fail;
}
s->bitmap_size = ((s->block_size / (8 * 512)) + 511) & ~511;
s->max_table_entries = be32_to_cpu(dyndisk_header->max_table_entries);
if ((bs->total_sectors * 512) / s->block_size > 0xffffffffU) {
ret = -EINVAL;
goto fail;
}
if (s->max_table_entries > (VHD_MAX_SECTORS * 512) / s->block_size) {
ret = -EINVAL;
goto fail;
}
computed_size = (uint64_t) s->max_table_entries * s->block_size;
if (computed_size < bs->total_sectors * 512) {
ret = -EINVAL;
goto fail;
}
if (s->max_table_entries > SIZE_MAX / 4 ||
s->max_table_entries > (int) INT_MAX / 4) {
error_setg(errp, "Max Table Entries too large (%" PRId32 ")",
s->max_table_entries);
ret = -EINVAL;
goto fail;
}
pagetable_size = (uint64_t) s->max_table_entries * 4;
s->pagetable = qemu_try_blockalign(bs->file->bs, pagetable_size);
if (s->pagetable == NULL) {
ret = -ENOMEM;
goto fail;
}
s->bat_offset = be64_to_cpu(dyndisk_header->table_offset);
ret = bdrv_pread(bs->file->bs, s->bat_offset, s->pagetable,
pagetable_size);
if (ret < 0) {
goto fail;
}
s->free_data_block_offset =
ROUND_UP(s->bat_offset + pagetable_size, 512);
for (i = 0; i < s->max_table_entries; i++) {
be32_to_cpus(&s->pagetable[i]);
if (s->pagetable[i] != 0xFFFFFFFF) {
int64_t next = (512 * (int64_t) s->pagetable[i]) +
s->bitmap_size + s->block_size;
if (next > s->free_data_block_offset) {
s->free_data_block_offset = next;
}
}
}
if (s->free_data_block_offset > bdrv_getlength(bs->file->bs)) {
error_setg(errp, "block-vpc: free_data_block_offset points after "
"the end of file. The image has been truncated.");
ret = -EINVAL;
goto fail;
}
s->last_bitmap_offset = (int64_t) -1;
#ifdef CACHE
s->pageentry_u8 = g_malloc(512);
s->pageentry_u32 = s->pageentry_u8;
s->pageentry_u16 = s->pageentry_u8;
s->last_pagetable = -1;
#endif
}
qemu_co_mutex_init(&s->lock);
/* Disable migration when VHD images are used */
error_setg(&s->migration_blocker, "The vpc format used by node '%s' "
"does not support live migration",
bdrv_get_device_or_node_name(bs));
migrate_add_blocker(s->migration_blocker);
return 0;
fail:
qemu_vfree(s->pagetable);
#ifdef CACHE
g_free(s->pageentry_u8);
#endif
return ret;
}
static int CVE_2014_0223_qemu1_0_qcow_open(BlockDriverState *bs, int flags)
{
BDRVQcowState *s = bs->opaque;
int len, i, shift;
QCowHeader header;
if (bdrv_pread(bs->file, 0, &header, sizeof(header)) != sizeof(header))
goto fail;
be32_to_cpus(&header.magic);
be32_to_cpus(&header.version);
be64_to_cpus(&header.backing_file_offset);
be32_to_cpus(&header.backing_file_size);
be32_to_cpus(&header.mtime);
be64_to_cpus(&header.size);
be32_to_cpus(&header.crypt_method);
be64_to_cpus(&header.l1_table_offset);
if (header.magic != QCOW_MAGIC || header.version != QCOW_VERSION)
goto fail;
if (header.size <= 1 || header.cluster_bits < 9)
goto fail;
if (header.crypt_method > QCOW_CRYPT_AES)
goto fail;
s->crypt_method_header = header.crypt_method;
if (s->crypt_method_header)
bs->encrypted = 1;
s->cluster_bits = header.cluster_bits;
s->cluster_size = 1 << s->cluster_bits;
s->cluster_sectors = 1 << (s->cluster_bits - 9);
s->l2_bits = header.l2_bits;
s->l2_size = 1 << s->l2_bits;
bs->total_sectors = header.size / 512;
s->cluster_offset_mask = (1LL << (63 - s->cluster_bits)) - 1;
/* read the level 1 table */
shift = s->cluster_bits + s->l2_bits;
s->l1_size = (header.size + (1LL << shift) - 1) >> shift;
s->l1_table_offset = header.l1_table_offset;
s->l1_table = g_malloc(s->l1_size * sizeof(uint64_t));
if (!s->l1_table)
goto fail;
if (bdrv_pread(bs->file, s->l1_table_offset, s->l1_table, s->l1_size * sizeof(uint64_t)) !=
s->l1_size * sizeof(uint64_t))
goto fail;
for(i = 0;i < s->l1_size; i++) {
be64_to_cpus(&s->l1_table[i]);
}
/* alloc L2 cache */
s->l2_cache = g_malloc(s->l2_size * L2_CACHE_SIZE * sizeof(uint64_t));
if (!s->l2_cache)
goto fail;
s->cluster_cache = g_malloc(s->cluster_size);
if (!s->cluster_cache)
goto fail;
s->cluster_data = g_malloc(s->cluster_size);
if (!s->cluster_data)
goto fail;
s->cluster_cache_offset = -1;
/* read the backing file name */
if (header.backing_file_offset != 0) {
len = header.backing_file_size;
if (len > 1023)
len = 1023;
if (bdrv_pread(bs->file, header.backing_file_offset, bs->backing_file, len) != len)
goto fail;
bs->backing_file[len] = '\0';
}
/* Disable migration when qcow images are used */
error_set(&s->migration_blocker,
QERR_BLOCK_FORMAT_FEATURE_NOT_SUPPORTED,
"qcow", bs->device_name, "live migration");
migrate_add_blocker(s->migration_blocker);
qemu_co_mutex_init(&s->lock);
return 0;
fail:
g_free(s->l1_table);
g_free(s->l2_cache);
g_free(s->cluster_cache);
g_free(s->cluster_data);
return -1;
}
