The following changes since commit f4abdf32714d1845b7c01ec136dd2b04c2f7db47:

Merge remote-tracking branch 'remotes/stsquad/tags/pull-testing-docs-xen-updates-100321-2' into staging (2021-03-11 16:20:58 +0000)

for you to fetch changes up to 9bdb56367679e68e5e71a1c29a1087bda6414b25:

pvrdma: wean code off pvrdma_ring.h kernel header (2021-03-12 14:08:31 +0800)

Alexander Bulekov (4):

rtl8139: switch to use qemu_receive_packet() for loopback

pcnet: switch to use qemu_receive_packet() for loopback

cadence_gem: switch to use qemu_receive_packet() for loopback

lan9118: switch to use qemu_receive_packet() for loopback

Bin Meng (1):

net: Fix build error when DEBUG_NET is on

Cornelia Huck (1):

pvrdma: wean code off pvrdma_ring.h kernel header

Jason Wang (9):

virtio-net: calculating proper msix vectors on init

net: unbreak well-form id check for "-nic"

e1000: fail early for evil descriptor

net: introduce qemu_receive_packet()

e1000: switch to use qemu_receive_packet() for loopback

dp8393x: switch to use qemu_receive_packet() for loopback packet

msf2-mac: switch to use qemu_receive_packet() for loopback

sungem: switch to use qemu_receive_packet() for loopback

tx_pkt: switch to use qemu_receive_packet_iov() for loopback

Paolo Bonzini (1):

net: validate that ids are well formed

hw/core/machine.c | 1 +

hw/net/cadence_gem.c | 4 +-

hw/net/dp8393x.c | 2 +-

hw/net/e1000.c | 6 +-

hw/net/lan9118.c | 2 +-

hw/net/msf2-emac.c | 2 +-

hw/net/net_tx_pkt.c | 2 +-

hw/net/pcnet.c | 2 +-

hw/net/rtl8139.c | 2 +-

hw/net/sungem.c | 2 +-

hw/rdma/vmw/pvrdma.h | 5 +-

hw/rdma/vmw/pvrdma_cmd.c | 6 +-

hw/rdma/vmw/pvrdma_dev_ring.c | 41 ++++----

hw/rdma/vmw/pvrdma_dev_ring.h | 9 +-

hw/rdma/vmw/pvrdma_main.c | 4 +-

hw/virtio/virtio-net-pci.c | 10 +-

include/net/net.h | 5 +

include/net/queue.h | 8 ++

.../drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h | 114 ---------------------

net/net.c | 53 ++++++++--

net/queue.c | 22 ++++

scripts/update-linux-headers.sh | 3 +-

22 files changed, 142 insertions(+), 163 deletions(-)

delete mode 100644 include/standard-headers/drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h

From: Alexander Bulekov <alxndr@bu.edu>

This patch switches to use qemu_receive_packet() which can detect

reentrancy and return early.

This is intended to address CVE-2021-3416.

Cc: Prasad J Pandit <ppandit@redhat.com>

Cc: qemu-stable@nongnu.org

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>

hw/net/lan9118.c | 2 +-

1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/net/lan9118.c b/hw/net/lan9118.c

--- a/hw/net/lan9118.c

+++ b/hw/net/lan9118.c

@@ -XXX,XX +XXX,XX @@ static void do_tx_packet(lan9118_state *s)

/* FIXME: Honor TX disable, and allow queueing of packets. */

if (s->phy_control & 0x4000) {

/* This assumes the receive routine doesn't touch the VLANClient. */

- lan9118_receive(qemu_get_queue(s->nic), s->txp->data, s->txp->len);

+ qemu_receive_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len);

} else {

qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len);

2.7.4

From: Alexander Bulekov <alxndr@bu.edu>

This patch switches to use qemu_receive_packet() which can detect

reentrancy and return early.

This is intended to address CVE-2021-3416.

Cc: Prasad J Pandit <ppandit@redhat.com>

Cc: qemu-stable@nongnu.org

Buglink: https://bugs.launchpad.net/qemu/+bug/1910826

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>

hw/net/rtl8139.c | 2 +-

1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c

--- a/hw/net/rtl8139.c

+++ b/hw/net/rtl8139.c

@@ -XXX,XX +XXX,XX @@ static void rtl8139_transfer_frame(RTL8139State *s, uint8_t *buf, int size,

DPRINTF("+++ transmit loopback mode\n");

- rtl8139_do_receive(qemu_get_queue(s->nic), buf, size, do_interrupt);

+ qemu_receive_packet(qemu_get_queue(s->nic), buf, size);

if (iov) {

g_free(buf2);

2.7.4

From: Cornelia Huck <cohuck@redhat.com>

The pvrdma code relies on the pvrdma_ring.h kernel header for some

basic ring buffer handling. The content of that header isn't very

exciting, but contains some (q)atomic_*() invocations that (a)

cause manual massaging when doing a headers update, and (b) are

an indication that we probably should not be importing that header

at all.

Let's reimplement the ring buffer handling directly in the pvrdma

code instead. This arguably also improves readability of the code.

Importing the header can now be dropped.

Signed-off-by: Cornelia Huck <cohuck@redhat.com>

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>

Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>

Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>

hw/rdma/vmw/pvrdma.h | 5 +-

hw/rdma/vmw/pvrdma_cmd.c | 6 +-

hw/rdma/vmw/pvrdma_dev_ring.c | 41 ++++----

hw/rdma/vmw/pvrdma_dev_ring.h | 9 +-

hw/rdma/vmw/pvrdma_main.c | 4 +-

.../drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h | 114 ---------------------

scripts/update-linux-headers.sh | 3 +-

7 files changed, 38 insertions(+), 144 deletions(-)

delete mode 100644 include/standard-headers/drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h

diff --git a/hw/rdma/vmw/pvrdma.h b/hw/rdma/vmw/pvrdma.h

--- a/hw/rdma/vmw/pvrdma.h

+++ b/hw/rdma/vmw/pvrdma.h

@@ -XXX,XX +XXX,XX @@

#include "../rdma_backend_defs.h"

#include "../rdma_rm_defs.h"

-#include "standard-headers/drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h"

#include "standard-headers/drivers/infiniband/hw/vmw_pvrdma/pvrdma_dev_api.h"

#include "pvrdma_dev_ring.h"

#include "qom/object.h"

@@ -XXX,XX +XXX,XX @@ typedef struct DSRInfo {

union pvrdma_cmd_req *req;

union pvrdma_cmd_resp *rsp;

- struct pvrdma_ring *async_ring_state;

+ PvrdmaRingState *async_ring_state;

PvrdmaRing async;

- struct pvrdma_ring *cq_ring_state;

+ PvrdmaRingState *cq_ring_state;

PvrdmaRing cq;

} DSRInfo;

diff --git a/hw/rdma/vmw/pvrdma_cmd.c b/hw/rdma/vmw/pvrdma_cmd.c

index XXXXXXX..XXXXXXX 100644

--- a/hw/rdma/vmw/pvrdma_cmd.c

+++ b/hw/rdma/vmw/pvrdma_cmd.c

@@ -XXX,XX +XXX,XX @@ static int create_cq_ring(PCIDevice *pci_dev , PvrdmaRing **ring,

r = g_malloc(sizeof(*r));

*ring = r;

- r->ring_state = (struct pvrdma_ring *)

+ r->ring_state = (PvrdmaRingState *)

rdma_pci_dma_map(pci_dev, tbl[0], TARGET_PAGE_SIZE);

if (!r->ring_state) {

@@ -XXX,XX +XXX,XX @@ static int create_qp_rings(PCIDevice *pci_dev, uint64_t pdir_dma,

*rings = sr;

/* Create send ring */

- sr->ring_state = (struct pvrdma_ring *)

+ sr->ring_state = (PvrdmaRingState *)

rdma_pci_dma_map(pci_dev, tbl[0], TARGET_PAGE_SIZE);

if (!sr->ring_state) {

rdma_error_report("Failed to map to QP ring state");

@@ -XXX,XX +XXX,XX @@ static int create_srq_ring(PCIDevice *pci_dev, PvrdmaRing **ring,

r = g_malloc(sizeof(*r));

*ring = r;

- r->ring_state = (struct pvrdma_ring *)

+ r->ring_state = (PvrdmaRingState *)

rdma_pci_dma_map(pci_dev, tbl[0], TARGET_PAGE_SIZE);

if (!r->ring_state) {

rdma_error_report("Failed to map tp SRQ ring state");

diff --git a/hw/rdma/vmw/pvrdma_dev_ring.c b/hw/rdma/vmw/pvrdma_dev_ring.c

index XXXXXXX..XXXXXXX 100644

--- a/hw/rdma/vmw/pvrdma_dev_ring.c

+++ b/hw/rdma/vmw/pvrdma_dev_ring.c

@@ -XXX,XX +XXX,XX @@

#include "trace.h"

#include "../rdma_utils.h"

-#include "standard-headers/drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h"

#include "pvrdma_dev_ring.h"

int pvrdma_ring_init(PvrdmaRing *ring, const char *name, PCIDevice *dev,

- struct pvrdma_ring *ring_state, uint32_t max_elems,

+ PvrdmaRingState *ring_state, uint32_t max_elems,

size_t elem_sz, dma_addr_t *tbl, uint32_t npages)

{

int i;

@@ -XXX,XX +XXX,XX @@ out:

void *pvrdma_ring_next_elem_read(PvrdmaRing *ring)

{

- int e;

- unsigned int idx = 0, offset;

+ unsigned int idx, offset;

+ const uint32_t tail = qatomic_read(&ring->ring_state->prod_tail);

+ const uint32_t head = qatomic_read(&ring->ring_state->cons_head);

- e = pvrdma_idx_ring_has_data(ring->ring_state, ring->max_elems, &idx);

- if (e <= 0) {

+ if (tail & ~((ring->max_elems << 1) - 1) ||

+ head & ~((ring->max_elems << 1) - 1) ||

+ tail == head) {

trace_pvrdma_ring_next_elem_read_no_data(ring->name);

return NULL;

}

+ idx = head & (ring->max_elems - 1);

offset = idx * ring->elem_sz;

return ring->pages[offset / TARGET_PAGE_SIZE] + (offset % TARGET_PAGE_SIZE);

void pvrdma_ring_read_inc(PvrdmaRing *ring)

{

- pvrdma_idx_ring_inc(&ring->ring_state->cons_head, ring->max_elems);

+ uint32_t idx = qatomic_read(&ring->ring_state->cons_head);

+

+ idx = (idx + 1) & ((ring->max_elems << 1) - 1);

+ qatomic_set(&ring->ring_state->cons_head, idx);

}

void *pvrdma_ring_next_elem_write(PvrdmaRing *ring)

{

- int idx;

- unsigned int offset, tail;

+ unsigned int idx, offset;

+ const uint32_t tail = qatomic_read(&ring->ring_state->prod_tail);

+ const uint32_t head = qatomic_read(&ring->ring_state->cons_head);

- idx = pvrdma_idx_ring_has_space(ring->ring_state, ring->max_elems, &tail);

- if (idx <= 0) {

+ if (tail & ~((ring->max_elems << 1) - 1) ||

+ head & ~((ring->max_elems << 1) - 1) ||

+ tail == (head ^ ring->max_elems)) {

rdma_error_report("CQ is full");

return NULL;

}

- idx = pvrdma_idx(&ring->ring_state->prod_tail, ring->max_elems);

- if (idx < 0 || tail != idx) {

- rdma_error_report("Invalid idx %d", idx);

- return NULL;

+ idx = tail & (ring->max_elems - 1);

offset = idx * ring->elem_sz;

return ring->pages[offset / TARGET_PAGE_SIZE] + (offset % TARGET_PAGE_SIZE);

}

void pvrdma_ring_write_inc(PvrdmaRing *ring)

{

- pvrdma_idx_ring_inc(&ring->ring_state->prod_tail, ring->max_elems);

+ uint32_t idx = qatomic_read(&ring->ring_state->prod_tail);

+

+ idx = (idx + 1) & ((ring->max_elems << 1) - 1);

+ qatomic_set(&ring->ring_state->prod_tail, idx);

}

void pvrdma_ring_free(PvrdmaRing *ring)

diff --git a/hw/rdma/vmw/pvrdma_dev_ring.h b/hw/rdma/vmw/pvrdma_dev_ring.h

index XXXXXXX..XXXXXXX 100644

--- a/hw/rdma/vmw/pvrdma_dev_ring.h

+++ b/hw/rdma/vmw/pvrdma_dev_ring.h

@@ -XXX,XX +XXX,XX @@

#define MAX_RING_NAME_SZ 32

+typedef struct PvrdmaRingState {

+ int prod_tail; /* producer tail */

+ int cons_head; /* consumer head */

+} PvrdmaRingState;

+

typedef struct PvrdmaRing {

char name[MAX_RING_NAME_SZ];

PCIDevice *dev;

uint32_t max_elems;

size_t elem_sz;

- struct pvrdma_ring *ring_state; /* used only for unmap */

+ PvrdmaRingState *ring_state; /* used only for unmap */

int npages;

void **pages;

} PvrdmaRing;

int pvrdma_ring_init(PvrdmaRing *ring, const char *name, PCIDevice *dev,

- struct pvrdma_ring *ring_state, uint32_t max_elems,

+ PvrdmaRingState *ring_state, uint32_t max_elems,

size_t elem_sz, dma_addr_t *tbl, uint32_t npages);

void *pvrdma_ring_next_elem_read(PvrdmaRing *ring);

void pvrdma_ring_read_inc(PvrdmaRing *ring);

diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c

index XXXXXXX..XXXXXXX 100644

--- a/hw/rdma/vmw/pvrdma_main.c

+++ b/hw/rdma/vmw/pvrdma_main.c

@@ -XXX,XX +XXX,XX @@ static void free_dev_ring(PCIDevice *pci_dev, PvrdmaRing *ring,

rdma_pci_dma_unmap(pci_dev, ring_state, TARGET_PAGE_SIZE);

}

-static int init_dev_ring(PvrdmaRing *ring, struct pvrdma_ring **ring_state,

+static int init_dev_ring(PvrdmaRing *ring, PvrdmaRingState **ring_state,

const char *name, PCIDevice *pci_dev,

dma_addr_t dir_addr, uint32_t num_pages)

{

@@ -XXX,XX +XXX,XX @@ static int init_dev_ring(PvrdmaRing *ring, struct pvrdma_ring **ring_state,

/* RX ring is the second */

(*ring_state)++;

rc = pvrdma_ring_init(ring, name, pci_dev,

- (struct pvrdma_ring *)*ring_state,

+ (PvrdmaRingState *)*ring_state,

(num_pages - 1) * TARGET_PAGE_SIZE /

sizeof(struct pvrdma_cqne),

sizeof(struct pvrdma_cqne),

diff --git a/include/standard-headers/drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h b/include/standard-headers/drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h

deleted file mode 100644

index XXXXXXX..XXXXXXX

--- a/include/standard-headers/drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h

+++ /dev/null

@@ -XXX,XX +XXX,XX @@

-/*

- * Copyright (c) 2012-2016 VMware, Inc. All rights reserved.

- *

- * This program is free software; you can redistribute it and/or

- * modify it under the terms of EITHER the GNU General Public License

- * version 2 as published by the Free Software Foundation or the BSD

- * 2-Clause License. This program is distributed in the hope that it

- * will be useful, but WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED

- * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

- * See the GNU General Public License version 2 for more details at

- * http://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html.

- *

- * You should have received a copy of the GNU General Public License

- * along with this program available in the file COPYING in the main

- * directory of this source tree.

- *

- * The BSD 2-Clause License

- *

- * Redistribution and use in source and binary forms, with or

- * without modification, are permitted provided that the following

- * conditions are met:

- *

- * - Redistributions of source code must retain the above

- * copyright notice, this list of conditions and the following

- * disclaimer.

- *

- * - Redistributions in binary form must reproduce the above

- * copyright notice, this list of conditions and the following

- * disclaimer in the documentation and/or other materials

- * provided with the distribution.

- *

- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,

- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

- * OF THE POSSIBILITY OF SUCH DAMAGE.

- */

-#ifndef __PVRDMA_RING_H__

-#define __PVRDMA_RING_H__

-#include "standard-headers/linux/types.h"

-#define PVRDMA_INVALID_IDX    -1    /* Invalid index. */

-struct pvrdma_ring {

-    int prod_tail;    /* Producer tail. */

-    int cons_head;    /* Consumer head. */

-};

-

-struct pvrdma_ring_state {

-    struct pvrdma_ring tx;    /* Tx ring. */

-    struct pvrdma_ring rx;    /* Rx ring. */

-};

-

-static inline int pvrdma_idx_valid(uint32_t idx, uint32_t max_elems)

-{

-    /* Generates fewer instructions than a less-than. */

-    return (idx & ~((max_elems << 1) - 1)) == 0;

-static inline int32_t pvrdma_idx(int *var, uint32_t max_elems)

-{

-    const unsigned int idx = qatomic_read(var);

-

-    if (pvrdma_idx_valid(idx, max_elems))

-        return idx & (max_elems - 1);

-    return PVRDMA_INVALID_IDX;

-}

-

-static inline void pvrdma_idx_ring_inc(int *var, uint32_t max_elems)

-{

-    uint32_t idx = qatomic_read(var) + 1;    /* Increment. */

-

-    idx &= (max_elems << 1) - 1;        /* Modulo size, flip gen. */

-    qatomic_set(var, idx);

-}

-

-static inline int32_t pvrdma_idx_ring_has_space(const struct pvrdma_ring *r,

-                     uint32_t max_elems, uint32_t *out_tail)

-{

-    const uint32_t tail = qatomic_read(&r->prod_tail);

-    const uint32_t head = qatomic_read(&r->cons_head);

-

-    if (pvrdma_idx_valid(tail, max_elems) &&

-     pvrdma_idx_valid(head, max_elems)) {

-        *out_tail = tail & (max_elems - 1);

-        return tail != (head ^ max_elems);

-    }

-    return PVRDMA_INVALID_IDX;

-}

-

-static inline int32_t pvrdma_idx_ring_has_data(const struct pvrdma_ring *r,

-                     uint32_t max_elems, uint32_t *out_head)

-{

-    const uint32_t tail = qatomic_read(&r->prod_tail);

-    const uint32_t head = qatomic_read(&r->cons_head);

-

-    if (pvrdma_idx_valid(tail, max_elems) &&

-     pvrdma_idx_valid(head, max_elems)) {

-        *out_head = head & (max_elems - 1);

-        return tail != head;

-    }

-    return PVRDMA_INVALID_IDX;

-}

-

-#endif /* __PVRDMA_RING_H__ */

diff --git a/scripts/update-linux-headers.sh b/scripts/update-linux-headers.sh

index XXXXXXX..XXXXXXX 100755

--- a/scripts/update-linux-headers.sh

+++ b/scripts/update-linux-headers.sh

@@ -XXX,XX +XXX,XX @@ sed -e '1h;2,$H;$!d;g' -e 's/[^};]*pvrdma[^(| ]*([^)]*);//g' \

"$linux/drivers/infiniband/hw/vmw_pvrdma/pvrdma_verbs.h" > \

"$tmp_pvrdma_verbs";

-for i in "$linux/drivers/infiniband/hw/vmw_pvrdma/pvrdma_ring.h" \

- "$linux/drivers/infiniband/hw/vmw_pvrdma/pvrdma_dev_api.h" \

+for i in "$linux/drivers/infiniband/hw/vmw_pvrdma/pvrdma_dev_api.h" \

"$tmp_pvrdma_verbs"; do \

cp_portable "$i" \

"$output/include/standard-headers/drivers/infiniband/hw/vmw_pvrdma/"

2.7.4

From: Alexander Bulekov <alxndr@bu.edu>

This patch switches to use qemu_receive_packet() which can detect

reentrancy and return early.

This is intended to address CVE-2021-3416.

Cc: Prasad J Pandit <ppandit@redhat.com>

Cc: qemu-stable@nongnu.org

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>

hw/net/cadence_gem.c | 4 ++--

1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c

--- a/hw/net/cadence_gem.c

+++ b/hw/net/cadence_gem.c

@@ -XXX,XX +XXX,XX @@ static void gem_transmit(CadenceGEMState *s)

/* Send the packet somewhere */

if (s->phy_loop || (s->regs[GEM_NWCTRL] &

GEM_NWCTRL_LOCALLOOP)) {

- gem_receive(qemu_get_queue(s->nic), s->tx_packet,

- total_bytes);

+ qemu_receive_packet(qemu_get_queue(s->nic), s->tx_packet,

+ total_bytes);

} else {

qemu_send_packet(qemu_get_queue(s->nic), s->tx_packet,

total_bytes);

2.7.4

From: Alexander Bulekov <alxndr@bu.edu>

This patch switches to use qemu_receive_packet() which can detect

reentrancy and return early.

This is intended to address CVE-2021-3416.

Cc: Prasad J Pandit <ppandit@redhat.com>

Cc: qemu-stable@nongnu.org

Buglink: https://bugs.launchpad.net/qemu/+bug/1917085

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>

hw/net/pcnet.c | 2 +-

1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c

index XXXXXXX..XXXXXXX 100644

--- a/hw/net/pcnet.c

+++ b/hw/net/pcnet.c

@@ -XXX,XX +XXX,XX @@ txagain:

if (BCR_SWSTYLE(s) == 1)

add_crc = !GET_FIELD(tmd.status, TMDS, NOFCS);

s->looptest = add_crc ? PCNET_LOOPTEST_CRC : PCNET_LOOPTEST_NOCRC;

- pcnet_receive(qemu_get_queue(s->nic), s->buffer, s->xmit_pos);

+ qemu_receive_packet(qemu_get_queue(s->nic), s->buffer, s->xmit_pos);

s->looptest = 0;

} else {

if (s->nic) {

2.7.4

From: Bin Meng <bin.meng@windriver.com>

"qemu-common.h" should be included to provide the forward declaration

of qemu_hexdump() when DEBUG_NET is on.

Signed-off-by: Bin Meng <bin.meng@windriver.com>

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

net/net.c | 1 +

1 file changed, 1 insertion(+)

diff --git a/net/net.c b/net/net.c

--- a/net/net.c

+++ b/net/net.c

#include "qemu/osdep.h"

+#include "qemu-common.h"

#include "net/net.h"

#include "clients.h"