[Qemu-devel] [PULL 0/3] Net patches

[Qemu-devel] [PULL 0/3] Net patches

[Jason Wang]

The following changes since commit 53279c76cf071fed07a336948d37c72e3613e0b7:

  Update version for v2.7.0-rc2 release (2016-08-08 17:26:11 +0100)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to a0d1cbdacff5df4ded16b753b38fdd9da6092968:

  hw/net: Fix a heap overflow in xlnx.xps-ethernetlite (2016-08-09 15:27:18 +0800)

----------------------------------------------------------------

----------------------------------------------------------------
Li Qiang (1):
      net: vmxnet3: check for device_active before write

Prasad J Pandit (1):
      net: check fragment length during fragmentation

chaojianhu (1):
      hw/net: Fix a heap overflow in xlnx.xps-ethernetlite

 hw/net/net_tx_pkt.c     | 2 +-
 hw/net/vmxnet3.c        | 4 ++++
 hw/net/xilinx_ethlite.c | 4 ++++
 3 files changed, 9 insertions(+), 1 deletion(-)

[Qemu-devel] [PULL 1/3] net: check fragment length during fragmentation

[Jason Wang]

From: Prasad J Pandit <pjp@fedoraproject.org>

Network transport abstraction layer supports packet fragmentation.
While fragmenting a packet, it checks for more fragments from
packet length and current fragment length. It is susceptible
to an infinite loop, if the current fragment length is zero.
Add check to avoid it.

Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
CC: qemu-stable@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
 hw/net/net_tx_pkt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c
index efd43b4..53dfaa2 100644
--- a/hw/net/net_tx_pkt.c
+++ b/hw/net/net_tx_pkt.c
@@ -590,7 +590,7 @@ static bool net_tx_pkt_do_sw_fragmentation(struct NetTxPkt *pkt,
 
         fragment_offset += fragment_len;
 
-    } while (more_frags);
+    } while (fragment_len && more_frags);
 
     return true;
 }
-- 
2.7.4

[Qemu-devel] [PULL 2/3] net: vmxnet3: check for device_active before write

[Jason Wang]

From: Li Qiang <liqiang6-s@360.cn>

Vmxnet3 device emulator does not check if the device is active,
before using it for write. It leads to a use after free issue,
if the vmxnet3_io_bar0_write routine is called after the device is
deactivated. Add check to avoid it.

Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Acked-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
 hw/net/vmxnet3.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index bbf44ad..90f6943 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -1167,6 +1167,10 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
 {
     VMXNET3State *s = opaque;
 
+    if (!s->device_active) {
+        return;
+    }
+
     if (VMW_IS_MULTIREG_ADDR(addr, VMXNET3_REG_TXPROD,
                         VMXNET3_DEVICE_MAX_TX_QUEUES, VMXNET3_REG_ALIGN)) {
         int tx_queue_idx =
-- 
2.7.4

[Qemu-devel] [PULL 3/3] hw/net: Fix a heap overflow in xlnx.xps-ethernetlite

[Jason Wang]

From: chaojianhu <chaojianhu@hotmail.com>

The .receive callback of xlnx.xps-ethernetlite doesn't check the length
of data before calling memcpy. As a result, the NetClientState object in
heap will be overflowed. All versions of qemu with xlnx.xps-ethernetlite
will be affected.

Reported-by: chaojianhu <chaojianhu@hotmail.com>
Signed-off-by: chaojianhu <chaojianhu@hotmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
 hw/net/xilinx_ethlite.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hw/net/xilinx_ethlite.c b/hw/net/xilinx_ethlite.c
index 54db2b8..35de353 100644
--- a/hw/net/xilinx_ethlite.c
+++ b/hw/net/xilinx_ethlite.c
@@ -197,6 +197,10 @@ static ssize_t eth_rx(NetClientState *nc, const uint8_t *buf, size_t size)
     }
 
     D(qemu_log("%s %zd rxbase=%x\n", __func__, size, rxbase));
+    if (size > (R_MAX - R_RX_BUF0 - rxbase) * 4) {
+        D(qemu_log("ethlite packet is too big, size=%x\n", size));
+        return -1;
+    }
     memcpy(&s->regs[rxbase + R_RX_BUF0], buf, size);
 
     s->regs[rxbase + R_RX_CTRL0] |= CTRL_S;
-- 
2.7.4

Re: [Qemu-devel] [PULL 0/3] Net patches

[Peter Maydell]

On 9 August 2016 at 08:34, Jason Wang <jasowang@redhat.com> wrote:
> The following changes since commit 53279c76cf071fed07a336948d37c72e3613e0b7:
>
>   Update version for v2.7.0-rc2 release (2016-08-08 17:26:11 +0100)
>
> are available in the git repository at:
>
>   https://github.com/jasowang/qemu.git tags/net-pull-request
>
> for you to fetch changes up to a0d1cbdacff5df4ded16b753b38fdd9da6092968:
>
>   hw/net: Fix a heap overflow in xlnx.xps-ethernetlite (2016-08-09 15:27:18 +0800)
>
> ----------------------------------------------------------------
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

Re: [Qemu-devel] [PULL 3/3] hw/net: Fix a heap overflow in xlnx.xps-ethernetlite

[Alistair Francis]

On Tue, Aug 9, 2016 at 12:34 AM, Jason Wang <jasowang@redhat.com> wrote:
> From: chaojianhu <chaojianhu@hotmail.com>
>
> The .receive callback of xlnx.xps-ethernetlite doesn't check the length
> of data before calling memcpy. As a result, the NetClientState object in
> heap will be overflowed. All versions of qemu with xlnx.xps-ethernetlite
> will be affected.
>
> Reported-by: chaojianhu <chaojianhu@hotmail.com>
> Signed-off-by: chaojianhu <chaojianhu@hotmail.com>
> Signed-off-by: Jason Wang <jasowang@redhat.com>
> ---
>  hw/net/xilinx_ethlite.c | 4 ++++
>  1 file changed, 4 insertions(+)
>
> diff --git a/hw/net/xilinx_ethlite.c b/hw/net/xilinx_ethlite.c
> index 54db2b8..35de353 100644
> --- a/hw/net/xilinx_ethlite.c
> +++ b/hw/net/xilinx_ethlite.c
> @@ -197,6 +197,10 @@ static ssize_t eth_rx(NetClientState *nc, const uint8_t *buf, size_t size)
>      }
>
>      D(qemu_log("%s %zd rxbase=%x\n", __func__, size, rxbase));

This might be too late. A new line would be great here, but no big deal.

Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>

Thanks,

Alistair

> +    if (size > (R_MAX - R_RX_BUF0 - rxbase) * 4) {
> +        D(qemu_log("ethlite packet is too big, size=%x\n", size));
> +        return -1;
> +    }
>      memcpy(&s->regs[rxbase + R_RX_BUF0], buf, size);
>
>      s->regs[rxbase + R_RX_CTRL0] |= CTRL_S;
> --
> 2.7.4
>
>

Re: [Qemu-devel] [PULL 0/3] Net patches

[Peter Maydell]

On 14 March 2017 at 09:02, Jason Wang <jasowang@redhat.com> wrote:
> The following changes since commit 5bac3c39c82e149515c10643acafd1d292433775:
>
>   Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging (2017-03-13 15:08:01 +0000)
>
> are available in the git repository at:
>
>   https://github.com/jasowang/qemu.git tags/net-pull-request
>
> for you to fetch changes up to adb560f7fc92903f52071086a46422be1e3f4640:
>
>   hw/net: implement MIB counters in mcf_fec driver (2017-03-14 15:39:55 +0800)
>
> ----------------------------------------------------------------
> - fix e100e memory regions leaks during cleanup
> - fix fec MIB counters
> - fix COLO trace print
> ----------------------------------------------------------------
> Greg Ungerer (1):
>       hw/net: implement MIB counters in mcf_fec driver
>
> Paolo Bonzini (1):
>       e1000e: correctly tear down MSI-X memory regions
>
> Zhang Chen (1):
>       COLO-compare: Fix trace_event print bug
>
>  hw/net/e1000e.c    |   2 +-
>  hw/net/mcf_fec.c   | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++++
>  net/colo-compare.c |  33 +++++++++++----
>  3 files changed, 141 insertions(+), 9 deletions(-)

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/3] Net patches

[Jason Wang]

The following changes since commit 5bac3c39c82e149515c10643acafd1d292433775:

  Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging (2017-03-13 15:08:01 +0000)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to adb560f7fc92903f52071086a46422be1e3f4640:

  hw/net: implement MIB counters in mcf_fec driver (2017-03-14 15:39:55 +0800)

----------------------------------------------------------------
- fix e100e memory regions leaks during cleanup
- fix fec MIB counters
- fix COLO trace print
----------------------------------------------------------------
Greg Ungerer (1):
      hw/net: implement MIB counters in mcf_fec driver

Paolo Bonzini (1):
      e1000e: correctly tear down MSI-X memory regions

Zhang Chen (1):
      COLO-compare: Fix trace_event print bug

 hw/net/e1000e.c    |   2 +-
 hw/net/mcf_fec.c   | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 net/colo-compare.c |  33 +++++++++++----
 3 files changed, 141 insertions(+), 9 deletions(-)

Re: [Qemu-devel] [PULL 0/3] Net patches

[Peter Maydell]

On 6 January 2017 at 03:32, Jason Wang <jasowang@redhat.com> wrote:
> The following changes since commit e92fbc753df4fab9ee524b5ea07a51bee8b6bae4:
>
>   Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging (2017-01-05 12:44:23 +0000)
>
> are available in the git repository at:
>
>   https://github.com/jasowang/qemu.git tags/net-pull-request
>
> for you to fetch changes up to 7e354ed4df9787ff95cdb189374739e476be4f9a:
>
>   fsl_etsec: Fix Tx BD ring wrapping handling (2017-01-06 10:38:21 +0800)
>
> ----------------------------------------------------------------
>
> - network support for record/replay
>
> ----------------------------------------------------------------
> Andrey Smirnov (1):
>       fsl_etsec: Fix Tx BD ring wrapping handling
>
> Hervé Poussineau (1):
>       rtl8139: correctly handle PHY reset
>
> Pavel Dovgalyuk (1):
>       record/replay: add network support

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/3] Net patches

[Jason Wang]

The following changes since commit e92fbc753df4fab9ee524b5ea07a51bee8b6bae4:

  Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging (2017-01-05 12:44:23 +0000)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to 7e354ed4df9787ff95cdb189374739e476be4f9a:

  fsl_etsec: Fix Tx BD ring wrapping handling (2017-01-06 10:38:21 +0800)

----------------------------------------------------------------

- network support for record/replay

----------------------------------------------------------------
Andrey Smirnov (1):
      fsl_etsec: Fix Tx BD ring wrapping handling

Hervé Poussineau (1):
      rtl8139: correctly handle PHY reset

Pavel Dovgalyuk (1):
      record/replay: add network support

 docs/replay.txt          |  14 +++++++
 hw/net/fsl_etsec/rings.c |  19 +++++----
 hw/net/rtl8139.c         |  34 ++++++++++------
 include/sysemu/replay.h  |  12 ++++++
 net/Makefile.objs        |   1 +
 net/filter-replay.c      |  92 ++++++++++++++++++++++++++++++++++++++++++
 replay/Makefile.objs     |   1 +
 replay/replay-events.c   |  11 +++++
 replay/replay-internal.h |  10 +++++
 replay/replay-net.c      | 102 +++++++++++++++++++++++++++++++++++++++++++++++
 replay/replay.c          |   2 +-
 vl.c                     |   3 +-
 12 files changed, 276 insertions(+), 25 deletions(-)
 create mode 100644 net/filter-replay.c
 create mode 100644 replay/replay-net.c

Re: [Qemu-devel] [PULL 0/3] Net patches

[Jason Wang]

On 2016年12月05日 22:35, Stefan Hajnoczi wrote:
> On Mon, Dec 05, 2016 at 05:52:00PM +0800, Jason Wang wrote:
>> The following changes since commit bd8ef5060dd2124a54578241da9a572faf7658dd:
>>
>>    Merge remote-tracking branch 'dgibson/tags/ppc-for-2.8-20161201' into staging (2016-12-01 13:39:29 +0000)
>>
>> are available in the git repository at:
>>
>>    https://github.com/jasowang/qemu.git tags/net-pull-request
>>
>> for you to fetch changes up to 18766d28848f2a4c309e78c6706b872f2cb32786:
>>
>>    fsl_etsec: Fix various small problems in hexdump code (2016-12-05 17:45:14 +0800)
>>
>> ----------------------------------------------------------------
> Please resend with the coding style violation fixed.  See the patchew
> email for details.

V2 posted.

Thanks

Re: [Qemu-devel] [PULL 0/3] Net patches

[Stefan Hajnoczi]

[-- Attachment #1: Type: text/plain, Size: 707 bytes --]

On Mon, Dec 05, 2016 at 05:52:00PM +0800, Jason Wang wrote:
> The following changes since commit bd8ef5060dd2124a54578241da9a572faf7658dd:
> 
>   Merge remote-tracking branch 'dgibson/tags/ppc-for-2.8-20161201' into staging (2016-12-01 13:39:29 +0000)
> 
> are available in the git repository at:
> 
>   https://github.com/jasowang/qemu.git tags/net-pull-request
> 
> for you to fetch changes up to 18766d28848f2a4c309e78c6706b872f2cb32786:
> 
>   fsl_etsec: Fix various small problems in hexdump code (2016-12-05 17:45:14 +0800)
> 
> ----------------------------------------------------------------

Please resend with the coding style violation fixed.  See the patchew
email for details.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]

Re: [Qemu-devel] [PULL 0/3] Net patches

[no-reply]

Hi,

Your series seems to have some coding style problems. See output below for
more information:

Subject: [Qemu-devel] [PULL 0/3] Net patches
Type: series
Message-id: 1480931523-5769-1-git-send-email-jasowang@redhat.com

=== TEST SCRIPT BEGIN ===
#!/bin/bash

BASE=base
n=1
total=$(git log --oneline $BASE.. | wc -l)
failed=0

# Useful git options
git config --local diff.renamelimit 0
git config --local diff.renames True

commits="$(git log --format=%H --reverse $BASE..)"
for c in $commits; do
    echo "Checking PATCH $n/$total: $(git log -n 1 --format=%s $c)..."
    if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then
        failed=1
        echo
    fi
    n=$((n+1))
done

exit $failed
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
18cd9a6 fsl_etsec: Fix various small problems in hexdump code
947509b fsl_etsec: Pad short payloads with zeros
e2362ab net: mcf: check receive buffer size register value

=== OUTPUT BEGIN ===
Checking PATCH 1/3: net: mcf: check receive buffer size register value...
Checking PATCH 2/3: fsl_etsec: Pad short payloads with zeros...
ERROR: braces {} are necessary for all arms of this statement
#33: FILE: hw/net/fsl_etsec/rings.c:481:
+    if (etsec->rx_buffer_len < 60)
[...]

total: 1 errors, 0 warnings, 13 lines checked

Your patch has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

Checking PATCH 3/3: fsl_etsec: Fix various small problems in hexdump code...
=== OUTPUT END ===

Test command exited with code: 1


---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org

[Qemu-devel] [PULL 0/3] Net patches

[Jason Wang]

The following changes since commit bd8ef5060dd2124a54578241da9a572faf7658dd:

  Merge remote-tracking branch 'dgibson/tags/ppc-for-2.8-20161201' into staging (2016-12-01 13:39:29 +0000)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to 18766d28848f2a4c309e78c6706b872f2cb32786:

  fsl_etsec: Fix various small problems in hexdump code (2016-12-05 17:45:14 +0800)

----------------------------------------------------------------

----------------------------------------------------------------
Andrey Smirnov (2):
      fsl_etsec: Pad short payloads with zeros
      fsl_etsec: Fix various small problems in hexdump code

Prasad J Pandit (1):
      net: mcf: check receive buffer size register value

 hw/net/fsl_etsec/etsec.c | 4 ++--
 hw/net/fsl_etsec/rings.c | 7 +++++++
 hw/net/mcf_fec.c         | 2 +-
 3 files changed, 10 insertions(+), 3 deletions(-)

Re: [Qemu-devel] [PULL 0/3] Net patches

[Peter Maydell]

On 15 September 2015 at 13:02, Stefan Hajnoczi <stefanha@redhat.com> wrote:
> The following changes since commit 2752e5bedb26fa0c7291f810f9f534b688b2f1d2:
>
>   qapi: Fix cgen() for Python older than 2.7 (2015-09-14 18:02:59 +0100)
>
> are available in the git repository at:
>
>   git://github.com/stefanha/qemu.git tags/net-pull-request
>
> for you to fetch changes up to 737d2b3c41d59eb8f94ab7eb419b957938f24943:
>
>   net: avoid infinite loop when receiving packets(CVE-2015-5278) (2015-09-15 12:51:14 +0100)
>
> ----------------------------------------------------------------
> This net pull request contains security fixes for qemu.git/master.  The patches
> should also be applied to stable trees.
>
> The ne2000 NIC model has QEMU memory corruption issue.  Both ne2000 and e1000
> have an infinite loop.
>
> Please see the patches for CVE numbers and details on the bugs.
>
> ----------------------------------------------------------------

Applied to master, thanks.

-- PMM

[Qemu-devel] [PULL 0/3] Net patches

[Stefan Hajnoczi]

The following changes since commit 2752e5bedb26fa0c7291f810f9f534b688b2f1d2:

  qapi: Fix cgen() for Python older than 2.7 (2015-09-14 18:02:59 +0100)

are available in the git repository at:

  git://github.com/stefanha/qemu.git tags/net-pull-request

for you to fetch changes up to 737d2b3c41d59eb8f94ab7eb419b957938f24943:

  net: avoid infinite loop when receiving packets(CVE-2015-5278) (2015-09-15 12:51:14 +0100)

----------------------------------------------------------------
This net pull request contains security fixes for qemu.git/master.  The patches
should also be applied to stable trees.

The ne2000 NIC model has QEMU memory corruption issue.  Both ne2000 and e1000
have an infinite loop.

Please see the patches for CVE numbers and details on the bugs.

----------------------------------------------------------------

P J P (3):
  e1000: Avoid infinite loop in processing transmit descriptor
    (CVE-2015-6815)
  net: add checks to validate ring buffer pointers(CVE-2015-5279)
  net: avoid infinite loop when receiving packets(CVE-2015-5278)

 hw/net/e1000.c  |  3 ++-
 hw/net/ne2000.c | 21 ++++++++++++++++-----
 2 files changed, 18 insertions(+), 6 deletions(-)

-- 
2.4.3

Re: [Qemu-devel] [PULL 0/3] Net patches

[Peter Maydell]

On 14 August 2015 at 16:02, Stefan Hajnoczi <stefanha@redhat.com> wrote:
> The following changes since commit e95edefbd0559e1d0aa09549641b5d9af1f96fac:
>
>   Merge remote-tracking branch 'remotes/sstabellini/tags/xen-migration-2.4-tag' into staging (2015-08-03 17:33:35 +0100)
>
> are available in the git repository at:
>
>   git://github.com/stefanha/qemu.git tags/net-pull-request
>
> for you to fetch changes up to 8887f84c54f6e74124544d1700a205e5b6821b3d:
>
>   tests: test rx recovery from cont (2015-08-04 09:41:28 +0100)
>
> ----------------------------------------------------------------
>

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/3] Net patches

[Stefan Hajnoczi]

The following changes since commit e95edefbd0559e1d0aa09549641b5d9af1f96fac:

  Merge remote-tracking branch 'remotes/sstabellini/tags/xen-migration-2.4-tag' into staging (2015-08-03 17:33:35 +0100)

are available in the git repository at:

  git://github.com/stefanha/qemu.git tags/net-pull-request

for you to fetch changes up to 8887f84c54f6e74124544d1700a205e5b6821b3d:

  tests: test rx recovery from cont (2015-08-04 09:41:28 +0100)

----------------------------------------------------------------

----------------------------------------------------------------

Dana Rubin (1):
  net/vmxnet3: Fix incorrect debug message

Jason Wang (2):
  tests: introduce basic pci test for virtio-net
  tests: test rx recovery from cont

 hw/net/vmxnet3.c        |   4 +-
 tests/Makefile          |   2 +-
 tests/virtio-net-test.c | 237 ++++++++++++++++++++++++++++++++++++++++++++++--
 3 files changed, 233 insertions(+), 10 deletions(-)

-- 
2.4.3

[Qemu-devel] [PULL 0/3] Net patches

[Stefan Hajnoczi]

Note this is my first signed pull request, using the PGP key that I provided at
KVM Forum 2013.

The following changes since commit dd089c0a1e928fb80ba8a37983c1b0e9232d1c8b:

  Merge remote-tracking branch 'pmaydell/tags/pull-cocoa-20140112' into staging (2014-01-12 17:50:52 -0800)

are available in the git repository at:


  git://github.com/stefanha/qemu.git tags/net-for-anthony

for you to fetch changes up to 7a78fa0536db7fe5d95ea598386dbb4eaa9ea7d1:

  Fix lan9118 buffer length handling (2014-01-13 13:44:28 +0800)

----------------------------------------------------------------
Net subsystem patch queue

----------------------------------------------------------------
Hani Benhabiles (1):
      net: Use g_strdup_printf instead of snprintf.

Roy Franz (2):
      Fix lan9118 TX "CMD A" handling
      Fix lan9118 buffer length handling

 hw/net/lan9118.c | 6 +++---
 net/net.c        | 5 +----
 2 files changed, 4 insertions(+), 7 deletions(-)

-- 
1.8.4.2

[Qemu-devel] [PULL 0/3] Net patches

[Stefan Hajnoczi]

Paolo's fixes to resume rx when buffers have been replenished on e1000 and
xen_nic.  virtio-net does not have this bug.

The following changes since commit 3d1d9652978ac5a32a0beb4bdf6065ca39440d89:

  handle device help before accelerator set up (2012-08-09 19:53:01 +0000)

are available in the git repository at:

  git://github.com/stefanha/qemu.git net

for you to fetch changes up to 4247561bbeacb5ece8b90d0d2439efefc0e7283a:

  xen: flush queue when getting an event (2012-08-10 11:43:54 +0100)

----------------------------------------------------------------
Paolo Bonzini (3):
      net: notify iothread after flushing queue
      e1000: flush queue whenever can_receive can go from false to true
      xen: flush queue when getting an event

 hw/e1000.c      |    4 ++++
 hw/virtio-net.c |    4 ----
 hw/xen_nic.c    |    1 +
 net.c           |    7 ++++++-
 net/queue.c     |    5 +++--
 net/queue.h     |    2 +-
 6 files changed, 15 insertions(+), 8 deletions(-)

-- 
1.7.10.4