Commit Graph

71265 Commits

Author SHA1 Message Date
Prasad J Pandit
389abe1dd1 net: tap: replace snprintf with g_strdup_printf calls
When invoking qemu-bridge-helper in 'net_bridge_run_helper',
instead of using fixed sized buffers, use dynamically allocated
ones initialised and returned by g_strdup_printf().

Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-07-29 16:29:30 +08:00
Prasad J Pandit
3283dde4b5 qemu-bridge-helper: move repeating code in parse_acl_file
Move repeating error handling sequence in parse_acl_file routine
to an 'err' label.

Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-07-29 16:29:30 +08:00
Prasad J Pandit
6f5d867122 qemu-bridge-helper: restrict interface name to IFNAMSIZ
The network interface name in Linux is defined to be of size
IFNAMSIZ(=16), including the terminating null('\0') byte.
The same is applied to interface names read from 'bridge.conf'
file to form ACL rules. If user supplied '--br=bridge' name
is not restricted to the same length, it could lead to ACL bypass
issue. Restrict interface name to IFNAMSIZ, including null byte.

Reported-by: Riccardo Schirone <rschiron@redhat.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-07-29 16:29:30 +08:00
Jason Wang
f46efa9b08 e1000: don't raise interrupt in pre_save()
We should not raise any interrupt after VM has been stopped but this
is what e1000 currently did when mit timer is active in
pre_save(). Fixing this by scheduling a timer in post_load() which can
make sure the interrupt was raised when VM is running.

Reported-and-tested-by: Longpeng <longpeng2@huawei.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-07-29 16:29:30 +08:00
Greg Kurz
8d216d8c53 xics/kvm: Fix fallback to emulated XICS
Commit 4812f26152 tried to fix rollback path of xics_kvm_connect() but
it isn't enough. If we fail to create the KVM device, the guest fails
to boot later on with:

[    0.010817] pci 0000:00:00.0: Adding to iommu group 0
[    0.010863] irq: unknown-1 didn't like hwirq-0x1200 to VIRQ17 mapping (rc=-22)
[    0.010923] pci 0000:00:01.0: Adding to iommu group 0
[    0.010968] irq: unknown-1 didn't like hwirq-0x1201 to VIRQ17 mapping (rc=-22)
[    0.011543] EEH: No capable adapters found
[    0.011597] irq: unknown-1 didn't like hwirq-0x1000 to VIRQ17 mapping (rc=-22)
[    0.011651] audit: type=2000 audit(1563977526.000:1): state=initialized audit_enabled=0 res=1
[    0.011703] ------------[ cut here ]------------
[    0.011729] event-sources: Unable to allocate interrupt number for /event-sources/epow-events
[    0.011776] WARNING: CPU: 0 PID: 1 at arch/powerpc/platforms/pseries/event_sources.c:34 request_event_sources_irqs+0xbc/0x150
[    0.011828] Modules linked in:
[    0.011850] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.1.17-300.fc30.ppc64le #1
[    0.011886] NIP:  c0000000000d4fac LR: c0000000000d4fa8 CTR: c0000000018f0000
[    0.011923] REGS: c00000001e4c38d0 TRAP: 0700   Not tainted  (5.1.17-300.fc30.ppc64le)
[    0.011966] MSR:  8000000002029033 <SF,VEC,EE,ME,IR,DR,RI,LE>  CR: 28000284  XER: 20040000
[    0.012012] CFAR: c00000000011b42c IRQMASK: 0
[    0.012012] GPR00: c0000000000d4fa8 c00000001e4c3b60 c0000000015fc400 0000000000000051
[    0.012012] GPR04: 0000000000000001 0000000000000000 0000000000000081 772d6576656e7473
[    0.012012] GPR08: 000000001edf0000 c0000000014d4830 c0000000014d4830 6e6576652f20726f
[    0.012012] GPR12: 0000000000000000 c0000000018f0000 c000000000010bf0 0000000000000000
[    0.012012] GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
[    0.012012] GPR20: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
[    0.012012] GPR24: 0000000000000000 0000000000000000 c000000000ebbf00 c0000000000d5570
[    0.012012] GPR28: c000000000ebc008 c00000001fff8248 0000000000000000 0000000000000000
[    0.012372] NIP [c0000000000d4fac] request_event_sources_irqs+0xbc/0x150
[    0.012409] LR [c0000000000d4fa8] request_event_sources_irqs+0xb8/0x150
[    0.012445] Call Trace:
[    0.012462] [c00000001e4c3b60] [c0000000000d4fa8] request_event_sources_irqs+0xb8/0x150 (unreliable)
[    0.012513] [c00000001e4c3bf0] [c000000001042848] __machine_initcall_pseries_init_ras_IRQ+0xc8/0xf8
[    0.012563] [c00000001e4c3c20] [c000000000010810] do_one_initcall+0x60/0x254
[    0.012611] [c00000001e4c3cf0] [c000000001024538] kernel_init_freeable+0x35c/0x444
[    0.012655] [c00000001e4c3db0] [c000000000010c14] kernel_init+0x2c/0x148
[    0.012693] [c00000001e4c3e20] [c00000000000bdc4] ret_from_kernel_thread+0x5c/0x78
[    0.012736] Instruction dump:
[    0.012759] 38a00000 7c7f1b78 7f64db78 2c1f0000 2fbf0000 78630020 4180002c 409effa8
[    0.012805] 7fa4eb78 7f43d378 48046421 60000000 <0fe00000> 3bde0001 2c1e0010 7fde07b4
[    0.012851] ---[ end trace aa5785707323fad3 ]---

This happens because QEMU fell back on XICS emulation but didn't unregister
the RTAS calls from KVM. The emulated RTAS calls are hence never called and
the KVM ones return an error to the guest since the KVM device is absent.

The sanity checks in xics_kvm_disconnect() are abusive since we're freeing
the KVM device. Simply drop them.

Fixes: 4812f26152 "xics/kvm: Add proper rollback to xics_kvm_init()"
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <156398744035.546975.7029414194633598474.stgit@bahia.lan>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-07-28 11:50:26 +10:00
Greg Kurz
f5bda01066 spapr/irq: Inform the user when falling back to emulated IC
Just to give an indication to the user that the error condition is
handled and how.

Reported-by: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <156398743479.546975.14566809803480887488.stgit@bahia.lan>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-07-28 11:50:26 +10:00
Alistair Francis
75ea2529cf
riscv/boot: Fixup the RISC-V firmware warning
Fix a typo in the warning message displayed to users, don't print the
message when running inside qtest and don't mention a specific QEMU
version for the deprecation.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-07-26 16:03:48 -07:00
Peter Maydell
0c6f3e948c Fix multi-threaded go runtime crash
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAl07OYgSHGxhdXJlbnRA
 dml2aWVyLmV1AAoJEPMMOL0/L748pj0P/R7v5AhooXuIMfbOfXR1pn2c3P7lxyEV
 uPZD+Q+VRHqATQoSOdFlX8Ky4B4vC8VMl/1ruABhwNOJtTbRdpdQtw4mG05qSyt6
 MZLq2diNgYRlc91Mt8gPrNc4jW7keeOONWXDCUXcJG22uLaoV+h4AHXiu/Y29whu
 3ESkr9fgcg4JgPggN8+IpBdfsEjiKZTvmKi4d0/61J9Umbv8MMeHpC1g84P6K17L
 xEjw7JlEnl65SwfAx96iEQuBonCzMexItlVcl6k+QBuJLXcss3m9P8tq6FGQMqN0
 cDgcTq3oEykaiY6ZLIQSwah73ldFmwmQcZSicAdDxlPqQQeDm31Vj4RFL6lydZDa
 rkR2DXqeBSrimput6/amQJI2NBFRq0b/zle1MOZG4ygHiXmoxrIcsFYM2O0UJhw/
 s3AmmLV7J9cMLDv4TUh5AH/JQhJjRSK28KgZSkEvbV+S9a5MaLCp9B8gF02KAoJE
 M6MFUKk69MG3m/5WuxnIhDxSMpWkAUTBwQP65slrXy3rXvr2ryQ3DbP1IzH/kfDO
 kNvoryfDvaPeqQx8xt8kdKWc3b8Qd9TVNSO+ZBtPaDpfVHmyOXDkkm2fkFEwSj+0
 jbW8RtSTgyZrxWpK6bsPFoIYR/XImWQjBvPhYH0UV+SNCp5sDUabhBvPai2ZyjRt
 TsvKvvBthZPi
 =KSrK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-4.1-pull-request' into staging

Fix multi-threaded go runtime crash

# gpg: Signature made Fri 26 Jul 2019 18:34:00 BST
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-4.1-pull-request:
  linux-user: Make sigaltstack stacks per-thread

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-26 18:36:05 +01:00
Peter Maydell
5bfce0b74f linux-user: Make sigaltstack stacks per-thread
The alternate signal stack set up by the sigaltstack syscall is
supposed to be per-thread.  We were incorrectly implementing it as
process-wide.  This causes problems for guest binaries that rely on
this.  Notably the Go runtime does, and so we were seeing crashes
caused by races where two guest threads might incorrectly both
execute on the same stack simultaneously.

Replace the global target_sigaltstack_used with a field
sigaltstack_used in the TaskState, and make all the references to the
old global instead get a pointer to the TaskState and use the field.

Fixes: https://bugs.launchpad.net/qemu/+bug/1696773
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20190725131645.19501-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-07-26 19:24:33 +02:00
Peter Maydell
fff3159900 target-arm queue:
* Fix broken migration on pl330 device
  * Fix broken migration on stellaris-input device
  * Add type checks to vmstate varry macros to avoid this class of bugs
  * hw/arm/boot: Fix some remaining cases where we would put the
    initrd on top of the kernel image
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAl07GfUZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3lCNEACw3dTka4tHyObmf3a5KYcO
 tbPJPGXKexYW+Zx681qtqDN1pe4/2U42rSHjYYeOFoKMXrDc1Jr30upPxVsek8yk
 nUmYIZo89G4nP5G0EYWhwYZbIT7qsrT8mtx4KezS1l6pi8w+UVDb9N9TmcdcjvBP
 fxqofNczeoNKZz2T3229G2ENyhbU9Pq0h5LpvT7zNHAS5IE7Du2eb0PWQ1AH7cJN
 c8NY/24vNSzbxf0Zj9jFaKSc1LbxBgvqqb2KRTcVMl1pcIgY+Ljc+lN+bJVHPSZ/
 fx9zBbUh5OF3YNipYIRcjPOGTfKeGu9OyeDhAcI38QT00NfnjAWXcxjITijQBWnW
 IMsAbmLsamx/BvqW3D+F0kbRpJu4c+2Ge465PnvX7xduivm1kWoJM4Q8YvZWI5Y7
 TVLfvjNtg9sjOB5tmSNzlhRj7PrsyELhR2p9YWCqZKQmc0jRaQjYtRRduRKREfdT
 Vv/qTbQmiNMAxyP3v6C1jhk/t+NZ5l8PBwr1mYFYSUj4uhz09ckVatimJsd11hiZ
 TZRfBFIjKDFGO6/FeVBgN5lirlmlWF/HIbijGqh5A25eUsBMhitrkHIoDZxqnneG
 cdLpYB1SAT+oY97KYFynrhW9OErSrKHs5Of5c443CgWoZb7Q9rOhyJUqAdDf4MaZ
 LzcRBfrNoD4042GihD9XCg==
 =OwrX
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190726' into staging

target-arm queue:
 * Fix broken migration on pl330 device
 * Fix broken migration on stellaris-input device
 * Add type checks to vmstate varry macros to avoid this class of bugs
 * hw/arm/boot: Fix some remaining cases where we would put the
   initrd on top of the kernel image

# gpg: Signature made Fri 26 Jul 2019 16:19:17 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20190726:
  hw/arm/boot: Further improve initrd positioning code
  hw/arm/boot: Rename elf_{low, high}_addr to image_{low, high}_addr
  vmstate.h: Type check VMSTATE_STRUCT_VARRAY macros
  stellaris_input: Fix vmstate description of buttons field
  pl330: fix vmstate description

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-26 16:23:07 +01:00
Peter Maydell
67505c114e hw/arm/boot: Further improve initrd positioning code
In commit e6b2b20d97 we made the boot loader code try to avoid
putting the initrd on top of the kernel.  However the expression used
to calculate the start of the initrd:

    info->initrd_start = info->loader_start +
        MAX(MIN(info->ram_size / 2, 128 * 1024 * 1024), kernel_size);

incorrectly uses 'kernel_size' as the offset within RAM of the
highest address to avoid.  This is incorrect because the kernel
doesn't start at address 0, but slightly higher than that.  This
means that we can still incorrectly end up overlaying the initrd on
the kernel in some cases, for example:

* The kernel's image_size is 0x0a7a8000
* The kernel was loaded at   0x40080000
* The end of the kernel is   0x4A828000
* The DTB was loaded at      0x4a800000

To get this right we need to track the actual highest address used
by the kernel and use that rather than kernel_size. We already
set image_low_addr and image_high_addr for ELF images; set them
also for the various other image types we support, and then use
image_high_addr as the lowest allowed address for the initrd.
(We don't use image_low_addr, but we set it for consistency
with the existing code path for ELF files.)

Fixes: e6b2b20d97
Reported-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Mark Rutland <mark.rutland@arm.com>
Message-id: 20190722151804.25467-3-peter.maydell@linaro.org
2019-07-26 16:17:56 +01:00
Peter Maydell
d5fef92f6a hw/arm/boot: Rename elf_{low, high}_addr to image_{low, high}_addr
Rename the elf_low_addr and elf_high_addr variables to image_low_addr
and image_high_addr -- in the next commit we will extend them to
be set for other kinds of image file and not just ELF files.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Mark Rutland <mark.rutland@arm.com>
Message-id: 20190722151804.25467-2-peter.maydell@linaro.org
2019-07-26 16:17:56 +01:00
Peter Maydell
0c413ba0d8 vmstate.h: Type check VMSTATE_STRUCT_VARRAY macros
The VMSTATE_STRUCT_VARRAY_UINT32 macro is intended to handle
migrating a field which is an array of structs, but where instead of
migrating the entire array we only migrate a variable number of
elements of it.

The VMSTATE_STRUCT_VARRAY_POINTER_UINT32 macro is intended to handle
migrating a field which is of pointer type, and points to a
dynamically allocated array of structs of variable size.

We weren't actually checking that the field passed to
VMSTATE_STRUCT_VARRAY_UINT32 really is an array, with the result that
accidentally using it where the _POINTER_ macro was intended would
compile but silently corrupt memory on migration.

Add type-checking that enforces that the field passed in is
really of the right array type. This applies to all the VMSTATE
macros which use flags including VMS_VARRAY_* but not VMS_POINTER.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Damien Hedde <damien.hedde@greensocs.com>
Tested-by: Damien Hedde <damien.hedde@greensocs.com>
Message-id: 20190725163710.11703-3-peter.maydell@linaro.org
2019-07-26 16:17:56 +01:00
Peter Maydell
372e458ebc stellaris_input: Fix vmstate description of buttons field
gamepad_state::buttons is a pointer to an array of structs,
not an array of structs, so should be declared in the vmstate
with VMSTATE_STRUCT_VARRAY_POINTER_INT32; otherwise we
corrupt memory on incoming migration.

We bump the vmstate version field as the easiest way to
deal with the migration break, since migration wouldn't have
worked reliably before anyway.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Damien Hedde <damien.hedde@greensocs.com>
Message-id: 20190725163710.11703-2-peter.maydell@linaro.org
2019-07-26 16:17:56 +01:00
Damien Hedde
830fc739d0 pl330: fix vmstate description
Fix the pl330 main and queue vmstate description.
There were missing POINTER flags causing crashes during
incoming migration because:
+ PL330State chan field is a pointer to an array
+ PL330Queue queue field is a pointer to an array

Also bump corresponding vmsd version numbers.

Signed-off-by: Damien Hedde <damien.hedde@greensocs.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 20190724143553.21557-1-damien.hedde@greensocs.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-26 15:40:27 +01:00
Peter Maydell
c985266ea5 MAINTAINERS update for vfio-ccw
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAl064oISHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vPZUQAJFhqtkAFXCChUeNlNoCFAERQ82YEgEj
 WMPM6IFUseTxf3prVq5lB5qoMv6e9yvMpyuG+orUJEFI3qkGaNcqy2FA+qb+xfza
 F3lZeD90N59UfVyff9ZN0M8xPtjzGlD0YN+vmgpYcv3zUjZNdwvBEmPN2U8+yL7o
 tkikAQDK/0RpYTvb5BFKM4d1cFy+7eiQvf3eDCf8JcHX9RaR2KrSsN09uxemyXmd
 iZl7Ijr7uRSzNQrHgDrf8AG92ydIwfDGdj0KPO7ZY4FOVB7FzONBlVbwRgnLjEUp
 AhwJ7WpQURJ5mHSCuq2+kb/qqUD9DB+6nfxG9846a+5lT/U/G3J0E7yRq3lcox7X
 vliKs1Hnbur7wfFyBDZX3hir1Ipda19eFfgqRZVddzbwZh77ngVBwtNY2/L8YEKL
 ArDJACp3M1qS+FiyHr3SBsZU7I/1LtLBHSJ8IYI0CBecDavMbv8RZYIeiqXXOrr5
 O9BXUFhwJvKJJzfwrP5sn6Erg0LFHjlvd1tuDNu0lb5nBZ6q7B43s0fMVvr6HbeL
 OQOxixRuQ9+RNFmc+i01Wvtgn7iwFARe+HtsPjzCDdUCX3+Rgp+oW+zBSWcbbcYl
 yze/1kZ/Pm+jZ846XB7kwB4/kyb4/ja0RFRzc3PpBfqOer+QR7ZVmH1i+XPcQK2T
 5hs84IOWFE7h
 =NxUf
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20190726' into staging

MAINTAINERS update for vfio-ccw

# gpg: Signature made Fri 26 Jul 2019 12:22:42 BST
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20190726:
  MAINTAINERS: vfio-ccw: Remove myself as the maintainer

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-26 13:52:06 +01:00
Peter Maydell
9246fade39 Merge tpm 2019/07/25 v1
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJdOc2GAAoJEHWtZYAqC0IRYw4IAMnwlPSQKe7LvVA3ye4FYFRM
 5g2PPZbveQVHGGEIuCfPkDRRGdiXPIxEdX+Z5pUGYZhYbk9ZBw/iBjCtVsyEJn1r
 b1/gwQYytZ/oSk2ENLtOmYN0grZ27J2LmAjBEH4Acal3NT/Pk89FtnVVLydxY9/h
 Fl5een8lT7c5bi4dayEXuVz88TOqsTxEUm84IexBNMh0wi9n/yGdib0Jr48HTunw
 WNB0vGzK/aeFApEqEsJVrL/SRW3F4xzFkArwHgMMyLhgVps3RnyAqsNPIq9Opln/
 7QMv7xd7DRf3lwqDHW5Uo8BdPx5Z5b3rb/jvU2SYxkvb8hrSsg7NiRMoyH8uoVY=
 =hU9e
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanberger/tags/pull-tpm-2019-07-25-1' into staging

Merge tpm 2019/07/25 v1

# gpg: Signature made Thu 25 Jul 2019 16:40:54 BST
# gpg:                using RSA key 75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* remotes/stefanberger/tags/pull-tpm-2019-07-25-1:
  tpm_emulator: Translate TPM error codes to strings
  tpm: Exit in reset when backend indicates failure

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-26 10:53:20 +01:00
Peter Maydell
61c1e6a97d virtio, pc: fixes, cleanups
A bunch of fixes all over the place.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJdOciFAAoJECgfDbjSjVRp/FwH/jNag2BkBfyvTNibuZi0V4uH
 1nXmZQI9gQye6eDmkg0T0fl+8zpMNO7OIGRjhOemMOpfJ1yAYrkFI4OrbTV40lOe
 UvH/6s8m5DlWPXrVvkv52esLPrV9cV4kULpS0yDfngfJ7CuQTMc/er9ZBav38iSG
 kDH92LTWqIoZq08JUkdOxqjl5me8vnvQHieo/SgFNhuJon+RkGZvcN7j4zj/l1cg
 ozeXoyBve27TnirGfgjY7/z3kTDTAKW8wWFj/gV2TllmPx4ReH6a6IYwPWrZaOXA
 m4ZhTK0D8C2UPtbseHrfriYHkuL4eBK95OJvXc3vC/w14ZmP4tuaipOL7If9oRk=
 =oU7D
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio, pc: fixes, cleanups

A bunch of fixes all over the place.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Thu 25 Jul 2019 16:19:33 BST
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  virtio-balloon: free pbp more aggressively
  virtio-balloon: don't track subpages for the PBP
  virtio-balloon: Use temporary PBP only
  virtio-balloon: Rework pbp tracking data
  virtio-balloon: Better names for offset variables in inflate/deflate code
  virtio-balloon: Simplify deflate with pbp
  virtio-balloon: Fix QEMU crashes on pagesize > BALLOON_PAGE_SIZE
  virtio-balloon: Fix wrong sign extension of PFNs
  i386/acpi: show PCI Express bus on pxb-pcie expanders
  ioapic: kvm: Skip route updates for masked pins
  i386/acpi: fix gint overflow in crs_range_compare
  docs: clarify multiqueue vs multiple virtqueues

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-25 16:38:24 +01:00
Stefan Berger
7e095e84ba tpm_emulator: Translate TPM error codes to strings
Implement a function to translate TPM error codes to strings so that
at least the most common error codes can be translated to human
readable strings.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-07-25 11:37:10 -04:00
Michael S. Tsirkin
1b47b37c33 virtio-balloon: free pbp more aggressively
Previous patches switched to a temporary pbp but that does not go far
enough: after device uses a buffer, guest is free to reuse it, so
tracking the page and freeing it later is wrong.

Free and reset the pbp after we push each element.

Fixes: ed48c59875 ("virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size")
Cc: qemu-stable@nongnu.org #v4.0.0
Cc: David Hildenbrand <david@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-07-25 11:19:25 -04:00
Stefan Berger
bcfd16fe26 tpm: Exit in reset when backend indicates failure
Exit() in the frontend reset function when the backend indicates
intialization failure.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-07-25 11:04:54 -04:00
David Hildenbrand
9a7ca8a7c9 virtio-balloon: don't track subpages for the PBP
As ramblocks cannot get removed/readded while we are processing a bulk
of inflation requests, there is no more need to track the page size
in form of the number of subpages.

Suggested-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190725113638.4702-8-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-07-25 07:58:10 -04:00
David Hildenbrand
a8cd64d488 virtio-balloon: Use temporary PBP only
We still have multiple issues in the current code
- The PBP is not freed during unrealize()
- The PBP is not reset on device resets: After a reset, the PBP is stale.
- We are not indicating VIRTIO_BALLOON_F_MUST_TELL_HOST, therefore
  guests (esp. legacy guests) will reuse pages without deflating,
  turning the PBP stale. Adding that would require compat handling.

Instead, let's use the PBP only temporarily, when processing one bulk of
inflation requests. This will keep guest_page_size > 4k working (with
Linux guests). There is nothing to do for deflation requests anymore.
The pbp is only used for a limited amount of time.

Fixes: ed48c59875 ("virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size")
Cc: qemu-stable@nongnu.org #v4.0.0
Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190722134108.22151-7-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
2019-07-25 07:58:03 -04:00
David Hildenbrand
1c5cfc2b71 virtio-balloon: Rework pbp tracking data
Using the address of a RAMBlock to test for a matching pbp is not really
safe. Instead, let's use the guest physical address of the base page
along with the page size (via the number of subpages).

Also, let's allocate the bitmap separately. This makes the code
easier to read and maintain - we can reuse bitmap_new().

Prepare the code to move the PBP out of the device.

Fixes: ed48c59875 ("virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size")
Fixes: b27b323914 ("virtio-balloon: Fix possible guest memory corruption with inflates & deflates")
Cc: qemu-stable@nongnu.org #v4.0.0
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190722134108.22151-6-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-07-25 07:57:59 -04:00
David Hildenbrand
e6129b271b virtio-balloon: Better names for offset variables in inflate/deflate code
"host_page_base" is really confusing, let's make this clearer, also
rename the other offsets to indicate to which base they apply.

offset -> mr_offset
ram_offset -> rb_offset
host_page_base -> rb_aligned_offset

While at it, use QEMU_ALIGN_DOWN() instead of a handcrafted computation
and move the computation to the place where it is needed.

Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190722134108.22151-5-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-07-25 07:57:57 -04:00
David Hildenbrand
2ffc49eea1 virtio-balloon: Simplify deflate with pbp
Let's simplify this - the case we are optimizing for is very hard to
trigger and not worth the effort. If we're switching from inflation to
deflation, let's reset the pbp.

Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190722134108.22151-4-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-07-25 07:57:56 -04:00
David Hildenbrand
483f13524b virtio-balloon: Fix QEMU crashes on pagesize > BALLOON_PAGE_SIZE
We are using the wrong functions to set/clear bits, effectively touching
multiple bits, writing out of range of the bitmap, resulting in memory
corruptions. We have to use set_bit()/clear_bit() instead.

Can easily be reproduced by starting a qemu guest on hugetlbfs memory,
inflating the balloon. QEMU crashes. This never could have worked
properly - especially, also pages would have been discarded when the
first sub-page would be inflated (the whole bitmap would be set).

While testing I realized, that on hugetlbfs it is pretty much impossible
to discard a page - the guest just frees the 4k sub-pages in random order
most of the time. I was only able to discard a hugepage a handful of
times - so I hope that now works correctly.

Fixes: ed48c59875 ("virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size")
Fixes: b27b323914 ("virtio-balloon: Fix possible guest memory corruption with inflates & deflates")
Cc: qemu-stable@nongnu.org #v4.0.0
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190722134108.22151-3-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-07-25 07:57:52 -04:00
David Hildenbrand
ffa207d082 virtio-balloon: Fix wrong sign extension of PFNs
If we directly cast from int to uint64_t, we will first sign-extend to
an int64_t, which is wrong. We actually want to treat the PFNs like
unsigned values.

As far as I can see, this dates back to the initial virtio-balloon
commit, but wasn't triggered as fairly big guests would be required.

Cc: qemu-stable@nongnu.org
Reported-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190722134108.22151-2-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2019-07-25 07:57:49 -04:00
Peter Maydell
b43bea01b8 Migration pull request
This series fixes problems with migration-cancel while using multifd.
 In some cases it can hang waiting in a semaphore.
 
 Please apply.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEGJn/jt6/WMzuA0uC9IfvGFhy1yMFAl05ivkACgkQ9IfvGFhy
 1yMg7RAAvcTI2BX4npX2++vBHI8UBx++5SAKpKC8cwvo40jygBbQCdOr4SLkGaR1
 wJItPPagF6dGyQ3WXmGbGzfhlVrPyJXGntXrYZ0BNJVOJbMV7M+PxsIWQvUGfYA8
 XSnK0izVPFzdCIlhkbGYrK8mJnQ1sVXlNNQ2w3IW/MzS8QLAsfb8HcWXXowyqwDH
 yU/95ZdRbPeloinuxQD5ivojzpkpyuJMDEVtqgELSPIc/vTFc2chLUNn3zq+6o7e
 RTXylkHHta8BuLhMQGzDU0dzs5oaOVSsuApy5ELnbarpNxKNGAWLd6Uf87No4DoM
 BzKBEvdSQx5VxMkm0dYU02ybXkqVtLRPh/QZUEmUj3GezMKU45Ub38hLoyMzeXEK
 +m6BRdHQ8M5XGlRDCgMWuUjwmqqpyEk9HuW5Xw/WkSfBA3D7glHp72PRMGER0QeH
 JDUy9Ld9KXL+0kNiaT9uq7Ci+wXNIm4H483Xl6+HxTTKI6J6E8OlrO37o8w1lI5E
 JOlF8QsTVn2F+ItHFy/W2OLCTwz4VtiS/+NnISebRO/1AmX3oX+CkNNxXfmuzQHy
 FQX2eFIGIa/BIzVqjjeqr7NPusQSZ/TMnP7cdVTJU1G0ZBf3TGGeEcAGuVydddql
 Rwvh9fmkJZniaqZ0Z+ELtJ7A3vMyEyb0QFvupO7n8SWbAYDV5BE=
 =O166
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration-pull-request' into staging

Migration pull request

This series fixes problems with migration-cancel while using multifd.
In some cases it can hang waiting in a semaphore.

Please apply.

# gpg: Signature made Thu 25 Jul 2019 11:56:57 BST
# gpg:                using RSA key 1899FF8EDEBF58CCEE034B82F487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>" [full]
# gpg:                 aka "Juan Quintela <quintela@trasno.org>" [full]
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03  4B82 F487 EF18 5872 D723

* remotes/juanquintela/tags/migration-pull-request:
  migration: fix migrate_cancel multifd migration leads destination hung forever
  migration: Make explicit that we are quitting multifd
  migration: fix migrate_cancel leads live_migration thread hung forever
  migration: fix migrate_cancel leads live_migration thread endless loop

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-25 12:09:12 +01:00
Peter Maydell
7ea5324533 Two more bugfix patches + 1 doc fix.
-----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAl04Iz4UHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroOPrQf/bOjR0xjeOY2RCPYd7zhrE6kQmGdC
 IrjbA2PUVb3pXzIkd2xW7s3XAcJYKB+051hX/EDxkc6AcDtdnq6E6Ro09q3xfPHT
 OI6ZeSphfAjK7z+k19SCkhsPsDeVGi3DbtKyzGpvIcGB+KL51zKBlvcD6k4l3zHZ
 CAh4fcsBcBOT7XEBeXUr0uBZ982U8DiZBd6n07Wkz/FGWq6srV6vS+Wcz6hdkloh
 mFN0q2etWkjJ5Dn7YjduWpQqKZF7FDh6DHjJo1LxEqlQKssvDteBLlgQQ/sEALcE
 jqEHQ5w53Jvjro4nU0rn4dLz0jne92NqoyY2XyAPEZx+dNVQdBMKPvsikw==
 =WVAq
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

Two more bugfix patches + 1 doc fix.

# gpg: Signature made Wed 24 Jul 2019 10:22:06 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  docs: correct kconfig option
  i386/kvm: Do not sync nested state during runtime
  virtio-scsi: fixed virtio_scsi_ctx_check failed when detaching scsi disk

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-25 09:59:00 +01:00
Evgeny Yakovlev
ee4b0c8686 i386/acpi: show PCI Express bus on pxb-pcie expanders
Show PCIe host bridge PNP id with PCI host bridge as a compatible id
when expanding a pcie bus.

Cc: qemu-stable@nongnu.org
Signed-off-by: Evgeny Yakovlev <wrfsh@yandex-team.ru>
Message-Id: <1563526469-15588-1-git-send-email-wrfsh@yandex-team.ru>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-07-25 04:17:35 -04:00
Jan Kiszka
be1927c97e ioapic: kvm: Skip route updates for masked pins
Masked entries will not generate interrupt messages, thus do no need to
be routed by KVM. This is a cosmetic cleanup, just avoiding warnings of
the kind

qemu-system-x86_64: vtd_irte_get: detected non-present IRTE (index=0, high=0xff00, low=0x100)

if the masked entry happens to reference a non-present IRTE.

Cc: qemu-stable@nongnu.org
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Message-Id: <a84b7e03-f9a8-b577-be27-4d93d1caa1c9@siemens.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
2019-07-25 04:17:35 -04:00
Evgeny Yakovlev
21e2acd583 i386/acpi: fix gint overflow in crs_range_compare
When very large regions (32GB sized in our case, PCI pass-through of GPUs)
are compared substraction result does not fit into gint.

As a result crs_replace_with_free_ranges does not get sorted ranges and
incorrectly computes PCI64 free space regions. Which then makes linux
guest complain about device and PCI64 hole intersection and device
becomes unusable.

Fix that by returning exactly fitting ranges.

Also fix indentation of an entire crs_replace_with_free_ranges to make
checkpatch happy.

Cc: qemu-stable@nongnu.org
Signed-off-by: Evgeny Yakovlev <wrfsh@yandex-team.ru>
Message-Id: <1563466463-26012-1-git-send-email-wrfsh@yandex-team.ru>
Signed-off-by: Evgeny Yakovlev <wrfsh@yandex-team.ru>
2019-07-25 04:17:35 -04:00
Stefan Hajnoczi
df98d7ccc2 docs: clarify multiqueue vs multiple virtqueues
The vhost-user specification does not explain when
VHOST_USER_PROTOCOL_F_MQ must be implemented.  This may lead
implementors of vhost-user masters to believe that this protocol feature
is required for any device that has multiple virtqueues.  That would be
a mistake since existing vhost-user slaves offer multiple virtqueues but
do not advertise VHOST_USER_PROTOCOL_F_MQ.

For example, a vhost-net device with one rx/tx queue pair is not
multiqueue.  The slave does not need to advertise
VHOST_USER_PROTOCOL_F_MQ.  Therefore the master must assume it has these
virtqueues and cannot rely on askingt the slave how many virtqueues
exist.

Extend the specification to explain the different between true
multiqueue and regular devices with a fixed virtqueue layout.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20190624091304.666-1-stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-07-25 04:17:34 -04:00
Farhan Ali
6ef2d01abf MAINTAINERS: vfio-ccw: Remove myself as the maintainer
I will not be able to continue with my maintainership responsibilities
going forward, so remove myself as the maintainer.

Signed-off-by: Farhan Ali <alifm@linux.ibm.com>
Message-Id: <355a4ac2923ff3dcf2171cb23d477440bd010b34.1564003698.git.alifm@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-07-25 09:36:14 +02:00
Ivan Ren
f193bc0c53 migration: fix migrate_cancel multifd migration leads destination hung forever
When migrate_cancel a multifd migration, if run sequence like this:

        [source]                              [destination]

multifd_send_sync_main[finish]
                                    multifd_recv_thread wait &p->sem_sync
shutdown to_dst_file
                                    detect error from_src_file
send  RAM_SAVE_FLAG_EOS[fail]       [no chance to run multifd_recv_sync_main]
                                    multifd_load_cleanup
                                    join multifd receive thread forever

will lead destination qemu hung at following stack:

pthread_join
qemu_thread_join
multifd_load_cleanup
process_incoming_migration_co
coroutine_trampoline

Signed-off-by: Ivan Ren <ivanren@tencent.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Message-Id: <1561468699-9819-4-git-send-email-ivanren@tencent.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2019-07-24 14:47:21 +02:00
Juan Quintela
3c3ca25d1f migration: Make explicit that we are quitting multifd
We add a bool to indicate that.

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2019-07-24 14:47:12 +02:00
Ivan Ren
a3ec6b7d23 migration: fix migrate_cancel leads live_migration thread hung forever
When we 'migrate_cancel' a multifd migration, live_migration thread may
hung forever at some points, because of multifd_send_thread has already
exit for socket error:
1. multifd_send_pages may hung at qemu_sem_wait(&multifd_send_state->
   channels_ready)
2. multifd_send_sync_main my hung at qemu_sem_wait(&multifd_send_state->
   sem_sync)

Signed-off-by: Ivan Ren <ivanren@tencent.com>
Message-Id: <1561468699-9819-3-git-send-email-ivanren@tencent.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

---

Remove spurious not needed bits
2019-07-24 14:47:02 +02:00
Ivan Ren
713f762a31 migration: fix migrate_cancel leads live_migration thread endless loop
When we 'migrate_cancel' a multifd migration, live_migration thread may
go into endless loop in multifd_send_pages functions.

Reproduce steps:

(qemu) migrate_set_capability multifd on
(qemu) migrate -d url
(qemu) [wait a while]
(qemu) migrate_cancel

Then may get live_migration 100% cpu usage in following stack:

pthread_mutex_lock
qemu_mutex_lock_impl
multifd_send_pages
multifd_queue_page
ram_save_multifd_page
ram_save_target_page
ram_save_host_page
ram_find_and_save_block
ram_find_and_save_block
ram_save_iterate
qemu_savevm_state_iterate
migration_iteration_run
migration_thread
qemu_thread_start
start_thread
clone

Signed-off-by: Ivan Ren <ivanren@tencent.com>
Message-Id: <1561468699-9819-2-git-send-email-ivanren@tencent.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2019-07-24 14:46:51 +02:00
Marc-André Lureau
6baabe5cf8 docs: correct kconfig option
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190723120804.29565-1-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-24 11:21:59 +02:00
Jan Kiszka
bec7156a45 i386/kvm: Do not sync nested state during runtime
Writing the nested state e.g. after a vmport access can invalidate
important parts of the kernel-internal state, and it is not needed as
well. So leave this out from KVM_PUT_RUNTIME_STATE.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Message-Id: <bdd53f40-4e60-f3ae-7ec6-162198214953@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-24 11:21:59 +02:00
Zhengui li
9c5aad84da virtio-scsi: fixed virtio_scsi_ctx_check failed when detaching scsi disk
commit a6f230c move blockbackend back to main AioContext on unplug. It set the AioContext of
SCSIDevice to the main AioContex, but s->ctx is still the iothread AioContex(if the scsi controller
is configure with iothread). So if there are having in-flight requests during unplug, a failing assertion
happend. The bt is below:
(gdb) bt
#0  0x0000ffff86aacbd0 in raise () from /lib64/libc.so.6
#1  0x0000ffff86aadf7c in abort () from /lib64/libc.so.6
#2  0x0000ffff86aa6124 in __assert_fail_base () from /lib64/libc.so.6
#3  0x0000ffff86aa61a4 in __assert_fail () from /lib64/libc.so.6
#4  0x0000000000529118 in virtio_scsi_ctx_check (d=<optimized out>, s=<optimized out>, s=<optimized out>) at /home/qemu-4.0.0/hw/scsi/virtio-scsi.c:246
#5  0x0000000000529ec4 in virtio_scsi_handle_cmd_req_prepare (s=0x2779ec00, req=0xffff740397d0) at /home/qemu-4.0.0/hw/scsi/virtio-scsi.c:559
#6  0x000000000052a228 in virtio_scsi_handle_cmd_vq (s=0x2779ec00, vq=0xffff7c6d7110) at /home/qemu-4.0.0/hw/scsi/virtio-scsi.c:603
#7  0x000000000052afa8 in virtio_scsi_data_plane_handle_cmd (vdev=<optimized out>, vq=0xffff7c6d7110) at /home/qemu-4.0.0/hw/scsi/virtio-scsi-dataplane.c:59
#8  0x000000000054d94c in virtio_queue_host_notifier_aio_poll (opaque=<optimized out>) at /home/qemu-4.0.0/hw/virtio/virtio.c:2452

assert(blk_get_aio_context(d->conf.blk) == s->ctx) failed.

To avoid assertion failed,  moving the "if" after qdev_simple_device_unplug_cb.

In addition, to avoid another qemu crash below, add aio_disable_external before
qdev_simple_device_unplug_cb, which disable the further processing of external clients
when doing qdev_simple_device_unplug_cb.
(gdb) bt
#0  scsi_req_unref (req=0xffff6802c6f0) at hw/scsi/scsi-bus.c:1283
#1  0x00000000005294a4 in virtio_scsi_handle_cmd_req_submit (req=<optimized out>,
    s=<optimized out>) at /home/qemu-4.0.0/hw/scsi/virtio-scsi.c:589
#2  0x000000000052a2a8 in virtio_scsi_handle_cmd_vq (s=s@entry=0x9c90e90,
    vq=vq@entry=0xffff7c05f110) at /home/qemu-4.0.0/hw/scsi/virtio-scsi.c:625
#3  0x000000000052afd8 in virtio_scsi_data_plane_handle_cmd (vdev=<optimized out>,
    vq=0xffff7c05f110) at /home/qemu-4.0.0/hw/scsi/virtio-scsi-dataplane.c:60
#4  0x000000000054d97c in virtio_queue_host_notifier_aio_poll (opaque=<optimized out>)
    at /home/qemu-4.0.0/hw/virtio/virtio.c:2447
#5  0x00000000009b204c in run_poll_handlers_once (ctx=ctx@entry=0x6efea40,
    timeout=timeout@entry=0xffff7d7f7308) at util/aio-posix.c:521
#6  0x00000000009b2b64 in run_poll_handlers (ctx=ctx@entry=0x6efea40,
    max_ns=max_ns@entry=4000, timeout=timeout@entry=0xffff7d7f7308) at util/aio-posix.c:559
#7  0x00000000009b2ca0 in try_poll_mode (ctx=ctx@entry=0x6efea40, timeout=0xffff7d7f7308,
    timeout@entry=0xffff7d7f7348) at util/aio-posix.c:594
#8  0x00000000009b31b8 in aio_poll (ctx=0x6efea40, blocking=blocking@entry=true)
    at util/aio-posix.c:636
#9  0x00000000006973cc in iothread_run (opaque=0x6ebd800) at iothread.c:75
#10 0x00000000009b592c in qemu_thread_start (args=0x6efef60) at util/qemu-thread-posix.c:502
#11 0x0000ffff8057f8bc in start_thread () from /lib64/libpthread.so.0
#12 0x0000ffff804e5f8c in thread_start () from /lib64/libc.so.6
(gdb) p bus
$1 = (SCSIBus *) 0x0

Signed-off-by: Zhengui li <lizhengui@huawei.com>
Message-Id: <1563696502-7972-1-git-send-email-lizhengui@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1563829520-17525-1-git-send-email-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-24 11:21:53 +02:00
Peter Maydell
bf8b024372 Update version for v4.1.0-rc2 release
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-23 18:28:08 +01:00
Peter Maydell
b1f0a72370 Final testing updates:
- docker sphinx updates
   - windows build re-enabled in CI
   - travis_retry for make check
   - build fixes
   - docker cache fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAl03M8AACgkQ+9DbCVqe
 KkSmFwf/X5SSwUBxyncNuIoDLwUw9Q8XWIni1UxfQnxH/vWZvUh9H62ORuPuADyy
 E6GJALc/9vfDxpTFymRpikVK/uVZbR3vnlQEf9iggX7B7wHTRMgdwHRSmd8Vokpy
 zSK50k8FOF6azhRP67U/geVMpwVDVOq9V7J1rI9GkPqjMMBxR+lLiDv5/34EeVPh
 Va1aDl1ptoQIEuR5apMzN608IeCW0yiqJ0EEskgIdMyE3lCo0DnC2oar4aQam6dJ
 kmHOeuLQHUsV6kOsYf5hxumxrK9USRg5GE3U8LGWEz3mS80Q18LuZLVc4m9oUxL+
 jiSoOaK9d/EEuBujbtU7/WkQ755EBA==
 =ETuE
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stsquad/tags/pull-testing-230719-4' into staging

Final testing updates:

  - docker sphinx updates
  - windows build re-enabled in CI
  - travis_retry for make check
  - build fixes
  - docker cache fixes

# gpg: Signature made Tue 23 Jul 2019 17:20:16 BST
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8  DF35 FBD0 DB09 5A9E 2A44

* remotes/stsquad/tags/pull-testing-230719-4: (23 commits)
  tests/docker: Refresh APT cache before installing new packages on Debian
  tests/qemu-iotests: Don't use 'seq' in the iotests
  tests/qemu-iotests/group: Remove some more tests from the "auto" group
  tests/qemu-iotests/check: Allow tests without groups
  tests/docker: invoke the DEBUG shell with --noprofile/--norc
  travis: enable travis_retry for check phase
  hw/i386: also turn off VMMOUSE is VMPORT is disabled
  NSIS: Add missing firmware blobs
  tests/docker: Let the test-mingw test generate a NSIS installer
  buildsys: The NSIS Windows build requires qemu-nsis.bmp installed
  buildsys: The NSIS Windows build requires the documentation installed
  tests/docker: Install texinfo in the Fedora image
  tests/docker: Set the correct cross-PKG_CONFIG_PATH in the MXE images
  tests/docker: Install the NSIS tools in the MinGW capable images
  tests/docker: Install Sphinx in the Debian images
  shippable: re-enable the windows cross builds
  tests/dockerfiles: update the win cross builds to stretch
  tests/migration-test: don't spam the logs when we fail
  tests/docker: Install Ubuntu images noninteractively
  tests/docker: Install Sphinx in the Fedora image
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-23 17:39:07 +01:00
Philippe Mathieu-Daudé
98808c3d0c tests/docker: Refresh APT cache before installing new packages on Debian
Since docker caches the different layers, updating the package
list does not invalidate the previous "apt-get update" layer,
and it is likely "apt-get install" hits an outdated repository.

See commit beac6a98f6 and
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#apt-get

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190723141528.18023-1-philmd@redhat.com>
[AJB: manually applies and fixed up]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2019-07-23 17:19:11 +01:00
Thomas Huth
30edd9fa50 tests/qemu-iotests: Don't use 'seq' in the iotests
The 'seq' command is not available by default on OpenBSD, so these
iotests are currently failing there. It could be installed as 'gseq'
from the coreutils package - but since it is using a different name
there and we are running the iotests with the "bash" shell anyway,
let's simply use the built-in double parentheses for the for-loops
instead.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190723111201.1926-1-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2019-07-23 15:53:25 +01:00
Thomas Huth
4f01046172 tests/qemu-iotests/group: Remove some more tests from the "auto" group
Remove some more tests from the "auto" group that either have issues
in certain environments (like macOS or FreeBSD, or on certain file systems
like ZFS or tmpfs), do not work with the qcow2 format, or that are simply
taking too much time.

Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190717111947.30356-3-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2019-07-23 15:53:25 +01:00
Thomas Huth
bf75d75275 tests/qemu-iotests/check: Allow tests without groups
The regular expressions in the "check" script currently expect that there
is always a space after the test number in the group file, so you can't
have a test in there without a group unless the line still ends with a
space - which is quite error prone since some editors might remove spaces
at the end of lines automatically.
Thus let's fix the regular expressions so that it is also possible to
have lines with one test number only in the group file.

Suggested-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190717111947.30356-2-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2019-07-23 15:53:25 +01:00
Alex Bennée
2b0c4fa13f tests/docker: invoke the DEBUG shell with --noprofile/--norc
It's very confusing when things work in the debug shell because the
environment is different from what the test is running. Fix this by
ensuring we only have the inherited environment from the run shell.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-07-23 15:53:25 +01:00
Alex Bennée
3a37c13f8c travis: enable travis_retry for check phase
We have some flaky tests and usually the test passes on a retry.
Enable travis_retry for the test phase and see if that helps keep
things green.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-07-23 15:53:25 +01:00