Commit Graph

8625 Commits

Author SHA1 Message Date
Thomas Huth
0019d5c3a1 softfloat: Replace countLeadingZeros32/64 with clz32/64
Our minimum required compiler for compiling QEMU is GCC 4.1 these days,
so we can drop the support for compilers which do not provide the
__builtin_clz*() functions yet. Since the countLeadingZeros32/64 are
then identical to the clz32/64 functions, and we do not have to sync
the softloat 2 codebase with upstream anymore (softloat 3 is a complete
rewrite) we can simply replace the functions with our QEMU versions.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1538118095-7003-1-git-send-email-thuth@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-10-05 12:57:41 -05:00
Emilio G. Cota
c953da8f0b softfloat: remove float64_trunc_to_int
It has not had users since f83311e476 ("target-m68k: use floatx80
internally", 2017-06-21).

Note that no other bit-width has floatX_trunc_to_int.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-10-05 12:57:41 -05:00
Peter Maydell
e2e3436add vga: edid fixes, qxl clang workaround, vga mmio subregion fix.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbt0bsAAoJEEy22O7T6HE44oEP/AisWyCoubdZuUv6U1/5HWJl
 ow/1Hsum9RUz2Y278TRH8wVjJ8RdTpY7mFhFG8bQYreishmGmlVWyl+SSxaOgeaA
 gOoWc3k+Z7jAToZC+l3eiRVoDPPDa7yb8ezmTB+MOlhImDZMCQpCsrorQYgicobc
 xo7BVsXddOBLipZWtO6HK28LR1CdOonp4fOJHsQAqCLNG4xIpjXMqjTkrG5G4wn9
 hsS/PNVr+ZTSsCtTKmqIyvWIJimqXlkcLTkTPuD16SmyedQR/cr0EIUgRZgJoTh9
 0Qg3T7hp6l1ZQDWxTgKhZlhuOkH6uqLAcBDBqKTHn47XYrxNPkK7c769aR/F4ZOi
 oDfj5PeR3lx0vNo2tE2tcGzExjqdRKk2MsUhc+ww+Yypaflzc8lgAdwKH5fTJ7PU
 qayAkkpzSW6rLkMUniscr0a7a7AZlMqGFJ/pZbPx6b6tGTU0pyWMM74Ait09nwxe
 lbg2wW6hC6VRwYyLeYSzFh0khQ856G3/jhKNYDB15/GNeMqbv/4DXcIMycM76+aZ
 RkEpdsb/cR+yTtOCQMzD4pLR/XOPdPco8rF7P0o26rWyRCR6qljd4jg8caogm3bA
 vF7N6H7QwmzICEPkDNqV2luYOEQaiszedYj306j9b1qGYdu6bPbvgJU1bzYMH7oy
 d+RKYhYBaOyX//qs2t9W
 =Uq7Q
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20181005-pull-request' into staging

vga: edid fixes, qxl clang workaround, vga mmio subregion fix.

# gpg: Signature made Fri 05 Oct 2018 12:11:40 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20181005-pull-request:
  edid: fix vendor default
  secondary-vga: delete mmio subregions upon exit
  hw/display/qxl: Suppress clang-7 warning about misaligned atomic operation
  edid: Ignore built binary

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-10-05 18:52:58 +01:00
Peter Maydell
ae7a4c0a46 Various s390x updates:
- fix several struct definitions so that sparc hosts do not trip over
   unaligned accesses
 - fence enabling huge pages for pre-3.1 machines
 - sysbus init -> realize conversion
 - fixes and improvements in tcg (instruction flags and AFP registers)
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAlu2MCwSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+v4dcP/2XM7rY1s67EXgbj441n+Vj4BbXR+SLw
 rmbO6WNrOhK1NvhN96N2GveawgxA7jWU9LqTYJZPdOVZmG3ZJmDF+hnJZ6DY2pKR
 R5x0OknVtkPbkHci/uYtEfUVuvaBzCC2b4/o7Oo+9UMyyRRImxMYjSJj9YhYgtbL
 hnpa1ogLB8wJDQRjOHxvsAVM/68wFpgnh5lGTXgH0bt7tPeShWpxpWaM6e9OlHB1
 i2en+ImKHK3gLKmCvJ7UR0DCxALVDL2I4KPw0c/aqeYWNlf9HtIv7VS+EfcsqMSn
 PO9t77c1HHjXIpELuQqsm1KLxsYXYfjDF3w/iQB4hKFHxLpCIfqDEJ8rQkIIYWY4
 ad7qhu3O0OgQreeFdWJIBGfZSZfmXb89bMX4O0YiyNK0eDZ8S4Y3I2+iZQVhWhZJ
 B74OpdWmMXkzBDjbP8dkCsF045eDmu+d3aLEe0KIjuLdIDBxQgFK73xe4K0JKlvx
 SLk24rXkhCCCFPgyqfgllIHqvUWJvdKXbr/SuD+Wy09geURKxtDC3+mRuL2swGos
 YPueLsfDz282VSdcFhjxTweGEURimSW+EQF18lCHOlei1HCbscV2CNP5L3WKQ8U+
 K45lD8LOs0U6qS0QAos6c96oEBWJXMkNCP6oTreDyAvcEeYNOm2eLx2/JyGSBDJx
 Zi+IRr0kkYFG
 =0e7K
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20181004' into staging

Various s390x updates:
- fix several struct definitions so that sparc hosts do not trip over
  unaligned accesses
- fence enabling huge pages for pre-3.1 machines
- sysbus init -> realize conversion
- fixes and improvements in tcg (instruction flags and AFP registers)

# gpg: Signature made Thu 04 Oct 2018 16:22:20 BST
# gpg:                using RSA key DECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>"
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20181004:
  hw/s390x/s390-pci-bus: Convert sysbus init function to realize function
  s390x/tcg: refactor specification checking
  s390x/tcg: fix FP register pair checks
  s390x/tcg: handle privileged instructions via flags
  s390x/tcg: check for AFP-register, BFP and DFP data exceptions
  s390x/tcg: add instruction flags for floating point instructions
  s390x/tcg: support flags for instructions
  s390x/tcg: store in the TB flags if AFP is enabled
  s390x/tcg: factor out and fix DATA exception injection
  s390x: move tcg_s390_program_interrupt() into TCG code and mark it noreturn
  target/s390x: exception on non-aligned LPSW(E)
  s390x: Fence huge pages prior to 3.1
  hw/s390x/ioinst: Fix alignment problem in struct SubchDev
  hw/s390x/css: Remove QEMU_PACKED from struct SenseId
  hw/s390x/ipl: Fix alignment problems of S390IPLState members

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-10-05 16:05:06 +01:00
Peter Maydell
d21ee59ae5 nbd patches for 2018-10-03
Fix bugs in NBD_CMD_CACHE, drop support for oldstyle NBD server,
 minor build and doc fixes
 
 - Denis V. Lunev: nbd: fix NBD_CMD_CACHE negitiation... [retitled]
 - Vladimir Sementsov-Ogievskiy: 0/2 server: drop old-style negotiation
 - Eric Blake: qemu-nbd: Document --tls-creds
 - Vladimir Sementsov-Ogievskiy: nbd/server: fix NBD_CMD_CACHE
 - Peter Maydell: nbd: Don't take address of fields in packed structs
 -----BEGIN PGP SIGNATURE-----
 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
 
 iQEcBAABCAAGBQJbtiF0AAoJEKeha0olJ0NqqgsH/RKL+SPl8S4xslZ8pTcXL2OW
 AgMZInxKAe3MDX6NiCYFDWU4/32NNzPluWMh7DGu3mqFQiVySz9oAz2csZ4Fd5nm
 NfY6Ewu64HF/REN7dNLfyrbmfzD3PdCUAa2PsasH1wzKArTklyfJH/QeOHbJ60H8
 5AjthM/ksFNSAZXp+R+gzr2zGHN1cXwNBn87tKndPYaiIc95azPSZOnQpLLN9gfH
 YwxCKk+opeEJNMuXf/PdkksbxqNxHsBCYSAL9NzjzS/+T8GIpHQAZvKGSk6FKDp+
 x+KcC2pL7Lmu6iJWGIo5hGSSsBP1aXp0MJ/dUD+jo13LWNwzGFmovNI4pUuEK2A=
 =0s7A
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2018-10-03-v2' into staging

nbd patches for 2018-10-03

Fix bugs in NBD_CMD_CACHE, drop support for oldstyle NBD server,
minor build and doc fixes

- Denis V. Lunev: nbd: fix NBD_CMD_CACHE negitiation... [retitled]
- Vladimir Sementsov-Ogievskiy: 0/2 server: drop old-style negotiation
- Eric Blake: qemu-nbd: Document --tls-creds
- Vladimir Sementsov-Ogievskiy: nbd/server: fix NBD_CMD_CACHE
- Peter Maydell: nbd: Don't take address of fields in packed structs

# gpg: Signature made Thu 04 Oct 2018 15:19:32 BST
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>"
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>"
# gpg:                 aka "[jpeg image of size 6874]"
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2018-10-03-v2:
  nbd: fix NBD_FLAG_SEND_CACHE value
  nbd/server: drop old-style negotiation
  qemu-nbd: drop old-style negotiation
  qemu-nbd: Document --tls-creds
  nbd/server: fix NBD_CMD_CACHE
  nbd: Don't take address of fields in packed structs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-10-05 14:52:54 +01:00
Marc-André Lureau
85e33a2818 cutils: add qemu_pstrcmp0()
A char** variant of g_strcmp0().

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2018-10-05 16:14:22 +04:00
Marc-André Lureau
a95db58f21 qdev-monitor: print help to stdout
qdev_device_help() is used from command line "-device help", or from
HMP "device_add". If used from command line, print help to stdout
(it is only printed on explicit demand).

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-10-05 16:14:22 +04:00
Gerd Hoffmann
edbc4b24bb edid: fix vendor default
"EMU" actually is "Emulex Corporation", so not a good idea to use that
by default.  Lets use the Red Hat vendor id instead, which is in line
with the pci ids which are allocated from Red Hat vendor ids too.

Vendor list is available from http://www.uefi.org/pnp_id_list

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20181005091934.12143-1-kraxel@redhat.com
2018-10-05 11:26:56 +02:00
Peter Maydell
5a358b39f5 hw/display/qxl: Suppress clang-7 warning about misaligned atomic operation
If QEMU is compiled with clang-7 it results in the warning:

hw/display/qxl.c:1884:19: error: misaligned or large atomic operation
may incur significant performance penalty [-Werror,-Watomic-alignment]
    old_pending = atomic_fetch_or(&d->ram->int_pending, le_events);
                  ^

This is because the Spice headers forgot to define the QXLRam struct
with the '__aligned__(4)' attribute.  clang 7 and newer will thus
warn that the access here to int_pending might not be 4-aligned
(because the QXLRam object d->ram points at might start at a
misaligned address).  In fact we set up d->ram in init_qxl_ram() so
it always starts at a 4K boundary, so we know the atomic access here
is OK.

Newer Spice versions (with Spice commit
beda5ec7a6848be20c0cac2a9a8ef2a41e8069c1) will fix the bug;
for older Spice versions, work around it by telling the compiler
explicitly that the alignment is OK using __builtin_assume_aligned().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180927155538.699-1-peter.maydell@linaro.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-10-05 11:21:17 +02:00
Denis V. Lunev
df91328ada nbd: fix NBD_FLAG_SEND_CACHE value
Commit bc37b06a5 added NBD_CMD_CACHE support, but used the wrong value
for NBD_FLAG_SEND_CACHE flag for negotiation. That commit picked bit 8,
which had already been assigned by the NBD specification to mean
NBD_FLAG_CAN_MULTI_CONN, and which was already implemented in the
Linux kernel as a part of stable userspace-kernel API since 4.10:

"bit 8, NBD_FLAG_CAN_MULTI_CONN: Indicates that the server operates
entirely without cache, or that the cache it uses is shared among all
connections to the given device. In particular, if this flag is
present, then the effects of NBD_CMD_FLUSH and NBD_CMD_FLAG_FUA
MUST be visible across all connections when the server sends its reply
to that command to the client. In the absense of this flag, clients
SHOULD NOT multiplex their commands over more than one connection to
the export.
...
bit 10, NBD_FLAG_SEND_CACHE: documents that the server understands
NBD_CMD_CACHE; however, note that server implementations exist
which support the command without advertising this bit, and
conversely that this bit does not guarantee that the command will
succeed or have an impact."

Consequences:
- a client trying to use NBD_CMD_CACHE per the NBD spec will not
see the feature as available from a qemu 3.0 server (not fatal,
clients already have to be prepared for caching to not exist)
- a client accidentally coded to the qemu 3.0 bit value instead
of following the spec may interpret NBD_CMD_CACHE as being available
when it is not (probably not fatal, the spec says the server should
gracefully fail unknown commands, and that clients of NBD_CMD_CACHE
should be prepared for failure even when the feature is advertised);
such clients are unlikely (perhaps only in unreleased Virtuozzo code),
and will disappear over time
- a client prepared to use multiple connections based on
NBD_FLAG_CAN_MULTI_CONN may cause data corruption when it assumes
that caching is consistent when in reality qemu 3.0 did not have
a consistent cache. Partially mitigated by using read-only
connections (where nothing needs to be flushed, so caching is
indeed consistent) or when using qemu-nbd with the default -e 1
(at most one client at a time); visible only when using -e 2 or
more for a writable export.

Thus the commit fixes negotiation flag in QEMU according to the
specification.

Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
CC: Valery Vdovin <valery.vdovin@acronis.com>
CC: Eric Blake <eblake@redhat.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: qemu-stable@nongnu.org
Message-Id: <20181004100313.4253-1-den@openvz.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: enhance commit message, add defines for unimplemented flags]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-10-04 09:08:56 -05:00
Janosch Frank
28221f9c99 s390x: Fence huge pages prior to 3.1
As the kernel has no way of disallowing the start of a huge page
backed VM, we can migrate a running huge backed VM to a host that has
no huge page KVM support.

Let's glue huge page support support to the 3.1 machine, so we do not
migrate to a destination host that doesn't have QEMU huge page support
and can stop migration if KVM doesn't indicate support.

Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Message-Id: <20180928093435.198573-1-frankja@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-10-04 10:32:39 +02:00
Thomas Huth
cb89b34907 hw/s390x/ioinst: Fix alignment problem in struct SubchDev
struct SubchDev embeds several other structures which are marked with
QEMU_PACKED. This causes the compiler to not care for proper alignment
of these structures. When we later pass around pointers to the unaligned
struct members during migration, this causes problems on host architectures
like Sparc that can not do unaligned memory access.

Most of the structs in ioinst.h are naturally aligned, so we can fix
most of the problem by removing the QEMU_PACKED statements (and use
QEMU_BUILD_BUG_MSG() statements instead to make sure that there is no
padding). However, for the struct SCHIB, we have to keep the QEMU_PACKED
since the compiler adds some padding here otherwise. Move this struct
to the beginning of struct SubchDev instead to fix the alignment problem
here, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1538036615-32542-4-git-send-email-thuth@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-10-04 10:32:38 +02:00
Thomas Huth
729315ebca hw/s390x/css: Remove QEMU_PACKED from struct SenseId
The uint16_t member cu_type of struct SenseId is not naturally aligned,
and since the struct is marked with QEMU_PACKED, this can lead to
unaligned memory accesses - which does not work on architectures like
Sparc. Thus remove the QEMU_PACKED here and rather copy the struct
byte by byte when we do copy_sense_id_to_guest().

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1538036615-32542-3-git-send-email-thuth@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-10-04 10:32:38 +02:00
Vladimir Sementsov-Ogievskiy
7f7dfe2a53 nbd/server: drop old-style negotiation
After the previous commit, nbd_client_new's first parameter is always
NULL. Let's drop it with all corresponding old-style negotiation code
path which is unreachable now.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20181003170228.95973-3-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: re-wrap short line]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-10-03 15:52:32 -05:00
Marc-André Lureau
95e30b2a13 chardev: mark the calls that allow an implicit mux monitor
This is mostly for readability of the code. Let's make it clear which
callers can create an implicit monitor when the chardev is muxed.

This will also enforce a safer behaviour, as we don't really support
creating monitor anywhere/anytime at the moment. Add an assert() to
make sure the programmer explicitely wanted that behaviour.

There are documented cases, such as: -serial/-parallel/-virtioconsole
and to less extent -debugcon.

Less obvious and questionable ones are -gdb, SLIRP -guestfwd and Xen
console. Add a FIXME note for those, but keep the support for now.

Other qemu_chr_new() callers either have a fixed parameter/filename
string or do not need it, such as -qtest:

* qtest.c: qtest_init()
  Afaik, only used by tests/libqtest.c, without mux. I don't think we
  support it outside of qemu testing: drop support for implicit mux
  monitor (qemu_chr_new() call: no implicit mux now).

* hw/
  All with literal @filename argument that doesn't enable mux monitor.

* tests/
  All with @filename argument that doesn't enable mux monitor.

On a related note, the list of monitor creation places:

- the chardev creators listed above: all from command line (except
  perhaps Xen console?)

- -gdb & hmp gdbserver will create a "GDB monitor command" chardev
  that is wired to an HMP monitor.

- -mon command line option

From this short study, I would like to think that a monitor may only
be created in the main thread today, though I remain skeptical :)

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2018-10-03 14:45:05 +04:00
Marc-André Lureau
5662576ad0 char.h: fix gtk-doc comment style
Fix up conformance to GTK-Doc function comment style, as documented in
https://developer.gnome.org/gtk-doc-manual/stable/documenting_symbols.html.en

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2018-10-03 14:45:05 +04:00
Peter Maydell
62a0db942d memory: Remove old_mmio accessors
Now that all the users of old_mmio MemoryRegion accessors
have been converted, we can remove the core code support.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180824170422.5783-2-peter.maydell@linaro.org>
Based-on: <20180802174042.29234-1-peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 19:09:14 +02:00
Hikaru Nishida
d5dbde4645 hostmem-file: make available memory-backend-file on POSIX-based hosts
Before this change, memory-backend-file object is valid for Linux hosts
only because hostmem-file.c is compiled only on Linux hosts.
However, other POSIX-based hosts (such as macOS) can support
memory-backend-file object in the same way as on Linux hosts.
This patch makes hostmem-file.c and related functions to be compiled on
all POSIX-based hosts to make available memory-backend-file on them.

Signed-off-by: Hikaru Nishida <hikarupsp@gmail.com>
Message-Id: <20180924123205.29651-1-hikarupsp@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 19:09:13 +02:00
Viktor Prutyanov
a52fbc37a4 dump: move Windows dump structures definitions
This patch moves definitions of Windows dump structures to
include/qemu/win_dump_defs.h to keep create_win_dump() prototype separate.

Signed-off-by: Viktor Prutyanov <viktor.prutyanov@virtuozzo.com>
Message-Id: <1535546488-30208-2-git-send-email-viktor.prutyanov@virtuozzo.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 19:09:12 +02:00
Pavel Dovgalyuk
87f4fe7653 timer: introduce new virtual clock
Slirp and VNC modules use virtual clock for processing some events that
are related to the guest execution speed.
But virtual clock-related events are consideres to be deterministic and
are recorded/replayed by icount mechanism. But slirp and VNC lie outside
the recorded guest core (which includes CPU and peripherals).
Therefore slirp and VNC are external for the guest, but should work at
guest speed.
This patch introduces new virtual clock which can be used for external
subsystems for running timers that are synchronized with the guest.

Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru>
Message-Id: <20180912082002.3228.82417.stgit@pasha-VirtualBox>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 19:08:58 +02:00
Pavel Dovgalyuk
0c08185f8f replay: wake up vCPU when replaying
In record/replay icount mode vCPU thread and iothread synchronize
the execution using the checkpoints.
vCPU thread processes the virtual timers and iothread processes all others.
When iothread wants to wake up sleeping vCPU thread, it sends dummy queued
work. Therefore it could be the following sequence of the events in
record mode:
 - IO: sending dummy work
 - IO: processing timers
 - CPU: wakeup
 - CPU: clearing dummy work
 - CPU: processing virtual timers

But due to the races in replay mode the sequence may change:
 - IO: sending dummy work
 - CPU: wakeup
 - CPU: clearing dummy work
 - CPU: sleeping again because nothing to do
 - IO: Processing timers
 - CPU: zzzz

In this case vCPU will not wake up, because dummy work is not to be set up
again.

This patch tries to wake up the vCPU when it sleeps and the icount warp
checkpoint isn't met. It means that vCPU has something to do, because
there are no other reasons of non-matching warp checkpoint.

Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru>

--

v5: improve checking that vCPU is still sleeping
Message-Id: <20180912081945.3228.19776.stgit@pasha-VirtualBox>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 19:08:51 +02:00
Li Zhijian
f3839fda57 change get_image_size return type to int64_t
Previously, if the size of initrd >=2G, qemu exits with error:
root@haswell-OptiPlex-9020:/home/lizj# /home/lizhijian/lkp/qemu-colo/x86_64-softmmu/qemu-system-x86_64 -kernel ./vmlinuz-4.16.0-rc4 -initrd large.cgz -nographic
qemu: error reading initrd large.cgz: No such file or directory
root@haswell-OptiPlex-9020:/home/lizj# du -sh large.cgz
2.5G	large.cgz

this patch changes the caller side that use this function to calculate
size of initrd file as well.

v2: update error message and int64_t printing format

Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Message-Id: <1536833233-14121-1-git-send-email-lizhijian@cn.fujitsu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 19:08:49 +02:00
Marc-André Lureau
9e6bdef224 util: add qemu_write_pidfile()
There are variants of qemu_create_pidfile() in qemu-pr-helper and
qemu-ga. Let's have a common implementation in libqemuutil.

The code is initially based from pr-helper write_pidfile(), with
various improvements and suggestions from Daniel Berrangé:

  QEMU will leave the pidfile existing on disk when it exits which
  initially made me think it avoids the deletion race. The app
  managing QEMU, however, may well delete the pidfile after it has
  seen QEMU exit, and even if the app locks the pidfile before
  deleting it, there is still a race.

  eg consider the following sequence

        QEMU 1        libvirtd        QEMU 2

  1.    lock(pidfile)

  2.    exit()

  3.                 open(pidfile)

  4.                 lock(pidfile)

  5.                                  open(pidfile)

  6.                 unlink(pidfile)

  7.                 close(pidfile)

  8.                                  lock(pidfile)

  IOW, at step 8 the new QEMU has successfully acquired the lock, but
  the pidfile no longer exists on disk because it was deleted after
  the original QEMU exited.

  While we could just say no external app should ever delete the
  pidfile, I don't think that is satisfactory as people don't read
  docs, and admins don't like stale pidfiles being left around on
  disk.

  To make this robust, I think we might want to copy libvirt's
  approach to pidfile acquisition which runs in a loop and checks that
  the file on disk /after/ acquiring the lock matches the file that
  was locked. Then we could in fact safely let QEMU delete its own
  pidfiles on clean exit..

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180831145314.14736-2-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 18:47:55 +02:00
Marc-André Lureau
3829640049 hostmem-memfd: add checks before adding hostmem-memfd & properties
Run some memfd-related checks before registering hostmem-memfd &
various properties. This will help libvirt to figure out what the host
is supposed to be capable of.

qemu_memfd_check() is changed to a less optimized version, since it is
used with various flags, it no longer caches the result.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180906161415.8543-1-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 18:47:55 +02:00
Emilio G. Cota
782da5b292 util: add atomic64
This introduces read/set accessors for int64_t and uint64_t.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180910232752.31565-3-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 18:47:55 +02:00
Emilio G. Cota
5fe2103429 cacheinfo: add i/d cache_linesize_log
Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180910232752.31565-2-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 18:47:55 +02:00
Emilio G. Cota
119c440c3c atomic: fix comment s/x64_64/x86_64/
Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180903171831.15446-4-cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 18:47:55 +02:00
Paolo Bonzini
07d66672e7 qsp: hide indirect function calls from Coverity
Coverity does not see anymore that qemu_mutex_lock is taking a lock.
Hide all the QSP magic so that static analysis works again.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02 18:47:55 +02:00
Peter Maydell
e32e62f253 Block layer patches:
- qcow2 cache option default changes (Linux: 32 MB maximum, limited by
   whatever cache size can be made use of with the specific image;
   default cache-clean-interval of 10 minutes)
 - reopen: Allow specifying unchanged child node references, and changing
   a few generic options (discard, detect-zeroes)
 - Fix werror/rerror defaults for -device drive=<node-name>
 - Test case fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbslavAAoJEH8JsnLIjy/Wi0kP/jU18AzfISoIhcJ2GBXYU2aV
 /FnUdB/L3mjMZOYkIgjDunw/fgfvelLqNdWb7xlijYeDPAiYKNEmJHX+iznE5ieP
 KnpHOxASSe8w5SFlnF8h30rLK05gcy/rg/QcuMX4KkU46E0C8t0rSLBJE5FdYiRU
 HN00jraTNfzyixuFxRVpqyadbhbCCEVwlwjDg3GMjGEML/WRk6jmhOOF5tVX72om
 gmVrzA1lAlzkFnx32Bloevp72iolWFLkyA86oNgPMwIFG0zj9lnK5B/fvnkVTY2v
 MnXGPwEVZUoZnif4nAXA2+bBqKT4Nbo21N8OylJhmNUi8K/rndiZdHH5Kph+yFod
 RGkBI4Pb5KxiI+YDiRKJmyQd/7IiWLarjP1nV3UjvPLnpmuTA54jRjDVmA6AW8OH
 BFu34+jfA4rll2dorVmQAFES4yvvj/brtTsCZfG5VNl60tigdqeLCZrQkNwR188q
 osKGWBEKy7+2SYj5q+s0BSO+caXmU2XLSdcE1gEHFQ51eU0mRZA0OrooNUuUk30E
 42n8BZ77P8EGb7UQBmKqYwWL4hXQPWL3m3i7Mnz19+iwk/m8SHvj2nriouDoiVtf
 gtUwfr7TKvL9JcPLHrS3/j8boC5S4Rm+wlyyIlta8n2rS4bh1e2bGEZuNxZKyKCg
 Y9WO6KxbztbO9X0ZnxFW
 =ai81
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- qcow2 cache option default changes (Linux: 32 MB maximum, limited by
  whatever cache size can be made use of with the specific image;
  default cache-clean-interval of 10 minutes)
- reopen: Allow specifying unchanged child node references, and changing
  a few generic options (discard, detect-zeroes)
- Fix werror/rerror defaults for -device drive=<node-name>
- Test case fixes

# gpg: Signature made Mon 01 Oct 2018 18:17:35 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (23 commits)
  tests/test-bdrv-drain: Fix too late qemu_event_reset()
  test-replication: Lock AioContext around blk_unref()
  qcow2: Fix cache-clean-interval documentation
  block-backend: Set werror/rerror defaults in blk_new()
  qcow2: Explicit number replaced by a constant
  qcow2: Set the default cache-clean-interval to 10 minutes
  qcow2: Resize the cache upon image resizing
  qcow2: Increase the default upper limit on the L2 cache size
  qcow2: Assign the L2 cache relatively to the image size
  qcow2: Avoid duplication in setting the refcount cache size
  qcow2: Make sizes more humanly readable
  include: Add a lookup table of sizes
  qcow2: Options' documentation fixes
  block: Allow changing 'detect-zeroes' on reopen
  block: Allow changing 'discard' on reopen
  file-posix: Forbid trying to change unsupported options during reopen
  block: Forbid trying to change unsupported options during reopen
  block: Allow child references on reopen
  block: Don't look for child references in append_open_options()
  block: Remove child references from bs->{options,explicit_options}
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-10-01 18:22:55 +01:00
Leonid Bloch
540b849261 include: Add a lookup table of sizes
Adding a lookup table for the powers of two, with the appropriate size
prefixes. This is needed when a size has to be stringified, in which
case something like '(1 * KiB)' would become a literal '(1 * (1L << 10))'
string. Powers of two are used very often for sizes, so such a table
will also make it easier and more intuitive to write them.

This table is generatred using the following AWK script:

BEGIN {
	suffix="KMGTPE";
	for(i=10; i<64; i++) {
		val=2**i;
		s=substr(suffix, int(i/10), 1);
		n=2**(i%10);
		pad=21-int(log(n)/log(10));
		printf("#define S_%d%siB %*d\n", n, s, pad, val);
	}
}

Signed-off-by: Leonid Bloch <lbloch@janustech.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-10-01 12:51:12 +02:00
Alberto Garcia
543770bd2e block: Allow changing 'detect-zeroes' on reopen
'detect-zeroes' is one of the basic BlockdevOptions available for all
drivers, but it's not handled by bdrv_reopen_prepare(), so any attempt
to change it results in an error:

   (qemu) qemu-io virtio0 "reopen -o detect-zeroes=on"
   Cannot change the option 'detect-zeroes'

Since there's no reason why we shouldn't allow changing it and the
implementation is simple let's just do it.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-10-01 12:51:12 +02:00
Peter Maydell
cc28dce2ec vga: add edid support, qxl bugfixes.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbrILgAAoJEEy22O7T6HE4y9UP/isFQYYHjotebzYR8yNX9ukD
 JjtQt2yIMPSb6k/93UK+MvKxrURH/jNXLGYC68YY74YJGx612cEhjiDdUdW6yf1T
 Qs3Y8Qz5EEQ7yO0Sv4uPp3IoZTMCRrnAri8J8r5N1z7Exm6CMlCQwmTuxA+UYOEA
 JJ6Lz4h9zw8eyM+wLUPc4jkbw9juyEhV3yhzXrH3iELanxVxano6umn/SkTTcLXh
 qydCvHyHYnLF6tUJQSssIBjQuUySiA6yCzzM1cinjYqu8Dm37kFPpgWg/uPclqbe
 cQ0CPeyGdFU+ZQpfWRwQiFe498U3QLG/fTdO82XMgoItZa29Vr47fO1WyOly8SGs
 bcGNrzcgToyRasLXHoGQrRpr7PK+0PCUJrPmrpejkviAaX6R4sBZ4xuuirW69UQR
 AgG7BxbpgjCl+A8+sjJgjn1vTR9bT0sb8DG875j58osAVje3ZFf7Ln6I3CTQrrRf
 wrjldNT0/nOV4WK1QAPE085aEihFzO1MHDaoSDT+AkNv0idrJjGxx/HjCpY8mF4u
 YfKBjhxCDmvgVtT+mG9akv7VDfyReD+iqhoDA1hovWamH7E/QMgvl5rNpie7r0Qf
 914mcojOxIKG8OlbBhWVkpvTTCh1Qfzlgb7jffCwU+1RUZ/9lC41aIXmyuUoB2Ld
 G4qtPXaDJzpdZKaUieD9
 =P3hQ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180927-pull-request' into staging

vga: add edid support, qxl bugfixes.

# gpg: Signature made Thu 27 Sep 2018 08:12:32 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20180927-pull-request:
  qxl: support mono cursors with inverted colors
  qxl: use guest_monitor_config for local renderer.
  display/stdvga: add edid support.
  display/edid: add DEFINE_EDID_PROPERTIES
  display/edid: add region helper.
  display/edid: add qemu_edid_size()
  display/edid: add edid generator to qemu.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-10-01 11:33:16 +01:00
Peter Maydell
07f426c35e Queued tcg patches
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbq8+KAAoJEGTfOOivfiFfbiQH/if+cTUAU+Fr2Qez96avYt7t
 jimDOUc7bG+FFrNZYveVNPiP/feKWUIYPJVs9ZoT4jxvT4NOBm/drRkW+BiZO7Tt
 zqceA+/1Hoc7RlSeo/6AbcIXQLjnTnpFlUW24zNGF0QkG6iS92BPcqezgcR3sRS0
 Outf68NxQh7hW/TnHGlL/nxTuHzMfKXZLGiphu6ykzWWXUckrzYmXT4R3tfVVxHV
 S48nASWsZb8Cga/F1KdCHDv8qYAK8qoEA+01tt//zc/l/ivxfy71HenueN6Dj1Xy
 8+HStsh/fRrfq4NSqkXLtBPmeq4bhPsiEx1aCOcnXVIG0hTOe3/QO9Hc+qhkf8Y=
 =cOeh
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20180926' into staging

Queued tcg patches

# gpg: Signature made Wed 26 Sep 2018 19:27:22 BST
# gpg:                using RSA key 64DF38E8AF7E215F
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>"
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-tcg-20180926:
  tcg/i386: fix vector operations on 32-bit hosts
  qht-bench: add -p flag to precompute hash values
  qht: constify arguments to some internal functions
  qht: constify qht_statistics_init
  qht: constify qht_lookup
  qht: fix comment in qht_bucket_remove_entry
  qht: drop ht argument from qht iterators
  test-qht: speed up + test qht_resize
  test-qht: test deletion of the last entry in a bucket
  test-qht: test removal of non-existent entries
  test-qht: test qht_iter_remove
  qht: add qht_iter_remove
  qht: remove unused map param from qht_remove__locked

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-28 18:56:09 +01:00
Gerd Hoffmann
06510b899f display/edid: add DEFINE_EDID_PROPERTIES
Add a define for edid monitor properties.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180925075646.25114-5-kraxel@redhat.com
2018-09-27 08:07:51 +02:00
Gerd Hoffmann
97917e9e02 display/edid: add region helper.
Create a io region for an EDID data block.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180925075646.25114-4-kraxel@redhat.com
2018-09-27 08:07:51 +02:00
Gerd Hoffmann
e7992fc5a0 display/edid: add qemu_edid_size()
Helper function to figure the size of a edid blob, by checking how many
extensions are present.  Both the base edid blob and the extensions are
128 bytes in size.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180925075646.25114-3-kraxel@redhat.com
2018-09-27 08:07:51 +02:00
Gerd Hoffmann
72d277a70e display/edid: add edid generator to qemu.
EDID is a metadata format to describe monitors.  On physical hardware
the monitor has an eeprom with that data block which can be read over
i2c bus.

On a linux system you can usually find the EDID data block in
/sys/class/drm/$card/$connector/edid.  xorg ships a edid-decode utility
which you can use to turn the blob into readable form.

I think it would be a good idea to use EDID for virtual displays too.
Needs changes in both qemu and guest kms drivers.  This patch is the
first step, it adds an generator for EDID blobs to qemu.  Comes with a
qemu-edid test tool included.

With EDID we can pass more information to the guest.  Names and serial
numbers, so the guests display configuration has no boring "Unknown
Monitor".  List of video modes.  Display resolution, pretty important
in case we want add HiDPI support some day.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180925075646.25114-2-kraxel@redhat.com
2018-09-27 08:07:51 +02:00
Emilio G. Cota
6579f10779 qht: constify qht_statistics_init
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-09-26 08:55:54 -07:00
Emilio G. Cota
e6c5829950 qht: constify qht_lookup
seqlock_read_begin takes a const param since c04649eeea
("seqlock: constify seqlock_read_begin", 2018-08-23), so
we can constify the entire lookup.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-09-26 08:55:54 -07:00
Emilio G. Cota
78255ba2cc qht: drop ht argument from qht iterators
Accessing the HT from an iterator results almost always
in a deadlock. Given that only one qht-internal function
uses this argument, drop it from the interface.

Suggested-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-09-26 08:55:54 -07:00
Emilio G. Cota
69d55e9cc2 qht: add qht_iter_remove
This currently has no users, but the use case is so common that I
think we must support it.

Note that without the appended we cannot safely remove a set of
elements; a 2-step approach (i.e. qht_iter first, keep track of
the to-be-deleted elements, and then a bunch of qht_remove calls)
would be racy, since between the iteration and the removals other
threads might insert additional elements.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-09-26 08:55:54 -07:00
Peter Maydell
866ba83854 - Deprecate the usage of a network backend via "name" instead of "id"
- Deprecate the "enforce-config-section" machine parameter
 - Re-enable the wdt_ib700, endianness and vmxnet3 qtests
 - Some trivial fixes and doc update patches that crossed my way
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbqlsyAAoJEC7Z13T+cC21RbAP/3IvGfBxuRm6rBWoghjQgbl8
 KU8nPnlZUtqjxmfUTILO/h+pJ3na5MQ8hh7v8JHi+xlQ2DPkECW21DtnfdxntVjw
 +b+N5Ap6J22GHyEq4HJXPWAk2rDInqkU966DvL40RiMvOTfXdg9EO0TDX0VsVgZv
 BR1r7/t3T0P7hiQ0XWb9U2JchRIC+Zgk34gXZPSTpoIv89fUhzNoK5LvAA6yV1FQ
 TvE8VTKJm4wkqThH1ShtbJCBKjHjW/W8LYZr3YMothcs8vGjEdEcDL4BoJZDn3bF
 h4VTkU+k8lp7W9LmlnPnu1WH/5ezhzdwJTeFaPJt4U10WKJptAS4vbK03DXlds9O
 9d2BOXKrima2kSr1ejSe1f0kcE8fis1XFmSuhF61Nbw6ngT5+pP2JSc1XwFazd2K
 zQwV4GXBLzAGnd4F2Ec+5TKzbGFVfczxeBDiBkkVmG+XdX/UXJpkpPYGAaw7DDiK
 JwKVVYIPk1ll6MAbR6qEGsvE/adHNEm8lUdjXqwgbQlIeUZ2H0hCu9lJ0X81mtoQ
 WZP+nMa/87COnlPX6VPVgxM2TXQOH/UbGz/WmYzZ6/gPKTX+gfwrHQGdp7Tjl33U
 KxFKWioFnoqGuyWasvTtKEK67/IlrY+w1nXuuqKJg8J2/qx1SVtx45FHkRkxkIDx
 4boRpx0XUqpDVdf8VhRB
 =dXgp
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2018-09-25' into staging

- Deprecate the usage of a network backend via "name" instead of "id"
- Deprecate the "enforce-config-section" machine parameter
- Re-enable the wdt_ib700, endianness and vmxnet3 qtests
- Some trivial fixes and doc update patches that crossed my way

# gpg: Signature made Tue 25 Sep 2018 16:58:42 BST
# gpg:                using RSA key 2ED9D774FE702DB5
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>"
# gpg:                 aka "Thomas Huth <thuth@redhat.com>"
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>"
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>"
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2018-09-25:
  Revert "check: Move VMXNET3 test to common"
  Revert "check: Move endianess test to common"
  Revert "check: Move wdt_ib700 test to common"
  tests/migration: Speed up the test on ppc64
  hw/qdev-core: Fix description of instance_init
  qdev: fix a typo in comment
  docs: Fix some typos (most found by codespell)
  trivial: Make bios files and source files non-executable
  memfd: fix possible usage of the uninitialized file descriptor
  hw/core/machine: Officially deprecate the enforce-config-section parameter
  net/slirp: Deprecate the [hub_id name] parameter tuple
  net: Deprecate the "name" parameter of -net
  Makefile: Add missing dependency for qemu-deprecated.texi

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-25 18:09:52 +01:00
Peter Maydell
c5e4e49258 Block layer patches:
- Drain fixes
 - node-name parameters for block-commit
 - Refactor block jobs to use transactional callbacks for exiting
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbqlBsAAoJEPQH2wBh1c9ABCQIAJ4adAAlr65kmcktHrOeQc6A
 7VwSSCUa9B8BJS+/H3V8XF3eX1fa016cRQCHfH/ua3Wqavw00qcuS8Bz/ggc6qls
 S1kNSSGhemvtf6ebTCN++HCxEg8g1RjsdnxaTiNWrYLKadX5kjLGofU1eAM2J/re
 k5YsyB01X4RHS2L0eAUbYGgNFs+UJEU4p0aKGBPHsOj1LIYEzFhDTVNJ8OjNUG9R
 mcMXFiYmQpJTV0hlIqL+pOtRvlR9YOKgkO8dmFkRe+z82f+GA+EZhLfpACxc7ilQ
 HS4V2NMVucZ7G8gGudg9mqvd3u/AV5BiUtIGd0iIQ9pU9fUuPVPl977i5WHewoM=
 =3TQt
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/xanclic/tags/pull-block-2018-09-25' into staging

Block layer patches:
- Drain fixes
- node-name parameters for block-commit
- Refactor block jobs to use transactional callbacks for exiting

# gpg: Signature made Tue 25 Sep 2018 16:12:44 BST
# gpg:                using RSA key F407DB0061D5CF40
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1  1829 F407 DB00 61D5 CF40

* remotes/xanclic/tags/pull-block-2018-09-25: (42 commits)
  test-bdrv-drain: Test draining job source child and parent
  block: Use a single global AioWait
  test-bdrv-drain: Fix outdated comments
  test-bdrv-drain: AIO_WAIT_WHILE() in job .commit/.abort
  job: Avoid deadlocks in job_completed_txn_abort()
  test-bdrv-drain: Test nested poll in bdrv_drain_poll_top_level()
  block: Remove aio_poll() in bdrv_drain_poll variants
  blockjob: Lie better in child_job_drained_poll()
  block-backend: Decrease in_flight only after callback
  block-backend: Fix potential double blk_delete()
  block-backend: Add .drained_poll callback
  block: Add missing locking in bdrv_co_drain_bh_cb()
  test-bdrv-drain: Test AIO_WAIT_WHILE() in completion callback
  job: Use AIO_WAIT_WHILE() in job_finish_sync()
  test-blockjob: Acquire AioContext around job_cancel_sync()
  test-bdrv-drain: Drain with block jobs in an I/O thread
  aio-wait: Increase num_waiters even in home thread
  blockjob: Wake up BDS when job becomes idle
  job: Fix missing locking due to mismerge
  job: Fix nested aio_poll() hanging in job_txn_apply
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-25 16:47:35 +01:00
Thomas Huth
6038f98904 hw/qdev-core: Fix description of instance_init
The part of the documentation of DeviceClass that talks about instance_init
is partly wrong: instance_init() functions must not abort or exit, since
the function is also called during introspection of the device already.
So if a device calls exit() during its instance_init() function, QEMU
terminates unexpectedly if somebody tries to just have a look at the
interfaces from the device with "device_add xyz,help" or with the
"device-list-properties" QOM command. This should never happen.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2018-09-25 17:26:18 +02:00
Cédric Le Goater
fca9ca1b13 hw/arm/aspeed: Add an Aspeed machine class
The code looks better, it removes duplicated lines and it will ease
the introduction of common properties for the Aspeed machines.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180921161939.822-4-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-25 15:13:24 +01:00
Cédric Le Goater
03f1d7201a aspeed/timer: fix compile breakage with clang 3.4.2
In file included from /home/thuth/devel/qemu/hw/timer/aspeed_timer.c:16:
/home/thuth/devel/qemu/include/hw/misc/aspeed_scu.h:37:3: error:
redefinition of typedef 'AspeedSCUState' is a C11 feature
      [-Werror,-Wtypedef-redefinition]
} AspeedSCUState;
  ^
/home/thuth/devel/qemu/include/hw/timer/aspeed_timer.h:27:31: note:
previous definition is here
typedef struct AspeedSCUState AspeedSCUState;

Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180921161939.822-2-clg@kaod.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-25 15:13:24 +01:00
Peter Maydell
48314d8316 hw/intc/arm_gic: Document QEMU interface
The GICv2's QEMU interface (sysbus MMIO regions, IRQs,
etc) is now quite complicated with the addition of the
virtualization extensions. Add a comment in the header
file which documents it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
Message-id: 20180823103818.31189-1-peter.maydell@linaro.org
2018-09-25 15:13:24 +01:00
Kevin Wolf
cfe29d8294 block: Use a single global AioWait
When draining a block node, we recurse to its parent and for subtree
drains also to its children. A single AIO_WAIT_WHILE() is then used to
wait for bdrv_drain_poll() to become true, which depends on all of the
nodes we recursed to. However, if the respective child or parent becomes
quiescent and calls bdrv_wakeup(), only the AioWait of the child/parent
is checked, while AIO_WAIT_WHILE() depends on the AioWait of the
original node.

Fix this by using a single AioWait for all callers of AIO_WAIT_WHILE().

This may mean that the draining thread gets a few more unnecessary
wakeups because an unrelated operation got completed, but we already
wake it up when something _could_ have changed rather than only if it
has certainly changed.

Apart from that, drain is a slow path anyway. In theory it would be
possible to use wakeups more selectively and still correctly, but the
gains are likely not worth the additional complexity. In fact, this
patch is a nice simplification for some places in the code.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-09-25 15:50:15 +02:00
Kevin Wolf
b5a7a05735 blockjob: Lie better in child_job_drained_poll()
Block jobs claim in .drained_poll() that they are in a quiescent state
as soon as job->deferred_to_main_loop is true. This is obviously wrong,
they still have a completion BH to run. We only get away with this
because commit 91af091f92 added an unconditional aio_poll(false) to the
drain functions, but this is bypassing the regular drain mechanisms.

However, just removing this and telling that the job is still active
doesn't work either: The completion callbacks themselves call drain
functions (directly, or indirectly with bdrv_reopen), so they would
deadlock then.

As a better lie, tell that the job is active as long as the BH is
pending, but falsely call it quiescent from the point in the BH when the
completion callback is called. At this point, nested drain calls won't
deadlock because they ignore the job, and outer drains will wait for the
job to really reach a quiescent state because the callback is already
running.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-09-25 15:50:15 +02:00
Kevin Wolf
aa1361d54a block: Add missing locking in bdrv_co_drain_bh_cb()
bdrv_do_drained_begin/end() assume that they are called with the
AioContext lock of bs held. If we call drain functions from a coroutine
with the AioContext lock held, we yield and schedule a BH to move out of
coroutine context. This means that the lock for the home context of the
coroutine is released and must be re-acquired in the bottom half.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-09-25 15:50:15 +02:00
Kevin Wolf
30c070a547 test-blockjob: Acquire AioContext around job_cancel_sync()
All callers in QEMU proper hold the AioContext lock when calling
job_finish_sync(). test-blockjob should do the same when it calls the
function indirectly through job_cancel_sync().

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
2018-09-25 15:50:15 +02:00
Kevin Wolf
486574483a aio-wait: Increase num_waiters even in home thread
Even if AIO_WAIT_WHILE() is called in the home context of the
AioContext, we still want to allow the condition to change depending on
other threads as long as they kick the AioWait. Specfically block jobs
can be running in an I/O thread and should then be able to kick a drain
in the main loop context.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
2018-09-25 15:50:15 +02:00
Kevin Wolf
34dc97b9a0 blockjob: Wake up BDS when job becomes idle
In the context of draining a BDS, the .drained_poll callback of block
jobs is called. If this returns true (i.e. there is still some activity
pending), the drain operation may call aio_poll() with blocking=true to
wait for completion.

As soon as the pending activity is completed and the job finally arrives
in a quiescent state (i.e. its coroutine either yields with busy=false
or terminates), the block job must notify the aio_poll() loop to wake
up, otherwise we get a deadlock if both are running in different
threads.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-09-25 15:50:15 +02:00
John Snow
ccbfb3319a jobs: remove .exit callback
Now that all of the jobs use the component finalization callbacks,
there's no use for the heavy-hammer .exit callback anymore.

job_exit becomes a glorified type shim so that we can call
job_completed from aio_bh_schedule_oneshot.

Move these three functions down into job.c to eliminate a
forward reference.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180906130225.5118-12-jsnow@redhat.com
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-09-25 15:31:15 +02:00
John Snow
cf6320df58 block/stream: add block job creation flags
Add support for taking and passing forward job creation flags.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 20180906130225.5118-4-jsnow@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-09-25 15:31:15 +02:00
John Snow
a1999b3348 block/mirror: add block job creation flags
Add support for taking and passing forward job creation flags.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 20180906130225.5118-3-jsnow@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-09-25 15:31:15 +02:00
John Snow
5360782d08 block/commit: add block job creation flags
Add support for taking and passing forward job creation flags.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 20180906130225.5118-2-jsnow@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-09-25 15:31:15 +02:00
Joel Stanley
673b2d42a8 arm: Add Nordic Semiconductor nRF51 SoC
The nRF51 is a Cortex-M0 microcontroller with an on-board radio module,
plus other common ARM SoC peripherals.

 http://infocenter.nordicsemi.com/pdf/nRF51_RM_v3.0.pdf

This defines a basic model of the CPU and memory, with no peripherals
implemented at this stage.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Message-id: 20180831220920.27113-3-joel@jms.id.au
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: wrapped a few long lines]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-25 14:14:07 +01:00
Peter Maydell
506e4a00de ppc patch queue 2018-09-25
Here are the accumulated ppc target patches for the last several
 weeks. Highlights are:
    * A number of 40p / PReP cleanups
    * Preliminary irq rework on the pseries machine towards the new
      XIVE interrupt controller
 
 There are a few patches which make small changes to generic device and
 arm code as prerequisites to the 40p interrupt routing cleanup.  They
 have acks from the relevant maintainers.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlup3PYACgkQbDjKyiDZ
 s5IcYQ//fp79LhIXUKfJuGasVg1K8X795s3nD8vZ76z7FV2kNyHvOCcTsLn0Ccrp
 WJLdXdZ0ErY87vJPfHckii9pXOX8J38nV5EFCElSLslx6gCndQZdQX2WY3luwIzq
 afiKMERwTkCcqFXXPgweijhhuAU+roay8xdO/ZBO52ogzGaZalTFjG4l9a0DZMSm
 ZceDrLrKw6GOaxntLptcn2+Ncuwpm0WSpLyL+bGNAzSAbqdn1dhHQ9UBrcSMteWj
 df8J7CX63CFL2MwbQE3RyXeKaomdHabG+QgEVMlS4dpXVUx++ciMtrwZTX1mMDlI
 DA9+5u6TcRMz34hN8lWk2O05scOVp8965BcfdeRBYAOTDS4ztiZJ9spKkIV0lHfe
 rkgo7F1OsqoQhs9QrLYp0zZYn1OIhHWrbhk/DQptCJMRHk8mct4v2FcyGecU0e1Z
 7SlJErxHXmar83PCCJXhtYHthDxN+dTHUW0bbrF4IjysfK+poX5hvvFEjyHGPIJL
 duytwgEnnrBOFM7f7mdfH1LKeKzm1ji8nu7g2IsPAXC0xuFaq+d0fZWUWjymSPku
 k5k5UUPs8KLtP9XY2qhO0vxBWl5d+CTam19FWVqHjRAp5WqjmoLxWnkofupcT0Yv
 LcoHH2Ad9K8e0F4nA4UCYdJwfGH3qO+eBzmBR4+HZOuT1gVvRuw=
 =A62f
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.1-20180925' into staging

ppc patch queue 2018-09-25

Here are the accumulated ppc target patches for the last several
weeks. Highlights are:
   * A number of 40p / PReP cleanups
   * Preliminary irq rework on the pseries machine towards the new
     XIVE interrupt controller

There are a few patches which make small changes to generic device and
arm code as prerequisites to the 40p interrupt routing cleanup.  They
have acks from the relevant maintainers.

# gpg: Signature made Tue 25 Sep 2018 08:00:06 BST
# gpg:                using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-3.1-20180925:
  40p: add fixed IRQ routing for LSI SCSI device
  lsi53c895a: add optional external IRQ via qdev
  scsi: remove unused lsi53c895a_create() and lsi53c810_create() functions
  scsi: move lsi53c8xx_create() callers to lsi53c8xx_handle_legacy_cmdline()
  scsi: add lsi53c8xx_handle_legacy_cmdline() function
  sm501: Adjust endianness of pixel value in rectangle fill
  spapr_pci: add an extra 'nr_msis' argument to spapr_populate_pci_dt
  spapr: increase the size of the IRQ number space
  spapr: introduce a spapr_irq class 'nr_msis' attribute
  40p: use OR gate to wire up raven PCI interrupts
  raven: some minor IRQ-related tidy-ups
  hw/ppc: on 40p machine, change default firmware to OpenBIOS
  target/ppc/cpu-models: Re-group the 970 CPUs together again
  Record history of ppcemb target in common.json

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-25 13:30:45 +01:00
Peter Maydell
2f831d0498 Error reporting & miscellaneous patches for 2018-09-24
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbqP/iAAoJEDhwtADrkYZTDTQP/jidzPBq+9SbQTkP3/6DNdyq
 3amvEA0lNlowGz+VQtTPjG1Sw+wr5PRFFjthueX4EXCgTih9db5Rd6Daiqt9uuh4
 ipep7OVTcyMOErHzyosIIwQAte2ERiunpwXOAcahxInJ4XBlxyJAiJTZXHQb1v+u
 zKa3PpKi3fLcqBs3wKn8AJmp5HLTYOM6/LK870S65Rzx20AbifBH/6yQPkdrMAL2
 lw204RasdYCiJo045n6pwZ0mBMT1d33VAmSqPUaeoOWabLCzmbZvcQNwUqtVleh6
 5IoAxjFhrixksdg67+HMyFyJH5Nt8SkTeOpqN4D+dpj7y3BLGSUzvV3mBEBSfinm
 nvyfjVkxX4xRNw4mgm03H2qg5g3FACDQVz+g5uLDAZELlz9POCnOTFJuf/n++u3q
 zcxOqCg2U99KiyF51PMRu9yPH/zDNNFxmrEY7dFkuAycS3EWk+VK63pXnNUkx3xe
 0T8uZA4Cvhn84hLNDFyX/DzILKFb0bRSUw6zAhUYb44oD6roFlp8rgTauNECa9CO
 GcgvJKXyk6mMDEHkSKSWy51doVEn0vqqzEc9w6/QPwxsXNMUWXEQAv/BVaK7To/J
 JlSxC/C/jda4pt6zDFks6grac8AT6LBIFUrp6HpF84gSldEF4OuFbJhg9iuTyarz
 ea5pvvZGJHQvnLATg5kK
 =2oaJ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2018-09-24' into staging

Error reporting & miscellaneous patches for 2018-09-24

# gpg: Signature made Mon 24 Sep 2018 16:16:50 BST
# gpg:                using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-error-2018-09-24:
  MAINTAINERS: Fix F: patterns that don't match anything
  Drop "qemu:" prefix from error_report() arguments
  qemu-error: make use of {error, warn}_report_once_cond
  qemu-error: add {error, warn}_report_once_cond

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-25 11:37:39 +01:00
Mark Cave-Ayland
e090a054a7 scsi: remove unused lsi53c895a_create() and lsi53c810_create() functions
Now that these functions are no longer required they can be removed.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-09-25 11:12:25 +10:00
Mark Cave-Ayland
f74a4f3a59 scsi: add lsi53c8xx_handle_legacy_cmdline() function
This is the function that will soon be used to replace lsi53c895a_create() and
lsi53c810_create().

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-09-25 11:12:25 +10:00
Cédric Le Goater
0976efd51b spapr_pci: add an extra 'nr_msis' argument to spapr_populate_pci_dt
So that we don't have to call qdev_get_machine() to get the machine
class and the sPAPRIrq backend holding the number of MSIs.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-09-25 11:12:25 +10:00
Cédric Le Goater
ae83740237 spapr: increase the size of the IRQ number space
The new layout using static IRQ number does not leave much space to
the dynamic MSI range, only 0x100 IRQ numbers. Increase the total
number of IRQS for newer machines and introduce a legacy XICS backend
for pre-3.1 machines to maintain compatibility.

For the old backend, provide a 'nr_msis' value covering the full IRQ
number space as it does not use the bitmap allocator to allocate MSI
interrupt numbers.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-09-25 11:12:25 +10:00
Cédric Le Goater
e39de895f6 spapr: introduce a spapr_irq class 'nr_msis' attribute
The number of MSI interrupts a sPAPR machine can allocate is in direct
relation with the number of interrupts of the sPAPRIrq backend. Define
statically this value at the sPAPRIrq class level and use it for the
"ibm,pe-total-#msi" property of the sPAPR PHB.

According to the PAPR specs, "ibm,pe-total-#msi" defines the maximum
number of MSIs that are available to the PE. We choose to advertise
the maximum number of MSIs that are available to the machine for
simplicity of the model and to avoid segmenting the MSI interrupt pool
which can be easily shared. If the pool limit is reached, it can be
extended dynamically.

Finally, remove XICS_IRQS_SPAPR which is now unused.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-09-25 11:12:25 +10:00
Peter Maydell
7c823bc581 pci, pc, virtio: fixes, features
pci resource capability + misc fixes everywhere.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbkvKuAAoJECgfDbjSjVRpJ5MIALC60skYR6gyu8NCqma1NNod
 F1xEtlA2lkWOS6C5ohoHLm9EJ6pBT/dIqhZxzhw2eVKYLqJpXQbshkXTZFshFmUt
 RQy7rNlI4N5yzxU6RyYn2zXtSI1HN3YxKrpeB+WEUETi6eqor8ZHijWNJIDwIq+9
 By44CFaEisoqhFDSQp+PAUhzLnRretn6CyRLTKSfYQull2ZAJk1SVYc9FOQkq/M6
 +QlOtTsADVyu7veZabaj+/Noqndc4yCtV3uvyAfmO6j+DNxDo1sN/9DwWq7GROIs
 Y4R/ena+yOsmWDUh5f7Xkhgc1BqIJc0UjEx8Q4lIRBe1AI4VV9kjvvPXwMRlWWw=
 =a+iV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pci, pc, virtio: fixes, features

pci resource capability + misc fixes everywhere.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Fri 07 Sep 2018 22:50:38 BST
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  tests: update acpi expected files
  vhost: fix invalid downcast
  pc: make sure that guest isn't able to unplug the first cpu
  hw/pci: add PCI resource reserve capability to legacy PCI bridge
  hw/pci: factor PCI reserve resources to a separate structure
  virtio: update MemoryRegionCaches when guest negotiates features
  pc: acpi: revert back to 1 SRAT entry for hotpluggable area

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-24 18:49:11 +01:00
Peter Maydell
9c36281bc5 ppc patch queue 2018-09-07
Here's another pull request for qemu-3.1.  No real theme here, just an
 assortment of various fixes.  Probably the most notable thing is the
 removal of the ppcemb target which has been deprecated for some time
 now.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAluSKPoACgkQbDjKyiDZ
 s5JSpRAAhWvxLM6OoTdhAaPKhlKrIzWexWNI8efJNWfXvHnbHBxs8tk+hnJOZVsU
 m00hfFMKMA0/4JMURrbYsCiyaq+r+Ws8oEbLDVKQdng6LNeUrLq7uC0rv41bW3CC
 1BTqTX16lvhPsg1Sz8mh6IGwCIgRiV8zgvQ4iCc3GCJidI2A+3uLvW5hAndvDdjb
 3lq6drg23LXZ6z/ou7hPynKmV6tFTlxSnB957LCnPGFACZeJKbuoRHPP30IrWwY+
 nOQ1GTvenouGvEKI5gsC13qFWYcoNPPfc7NZFtx1fvxiMpkOj7R5hg9oStT2Ya6u
 MVRwcp/XA2MF+2NnJ8TZOkAV7+1JidhRirsKFjcn1JqftWSxJOKA0weWuNQgdQNY
 lJzyZZejEJCHn0NgOq9ZRjOP4U6iIcSlTurfXoronhw1q7yEBkYkS+JpLToLLsid
 9qwxlBAfUfQ8E1wR8RnM6ATygVp2Z2ToL+70Rc7xzq6/R8kYFSzuhyaI1GUUtPGW
 ZPwp3GRYWJE/xOK3z1YAndrN8FlNxqz3Cov3vtH118aBatWAT+PRVlouOB1/aF3T
 KfV8Kme5KQrMGuj/RDLGLOeQi0e8wqBtVIhsESpHdocC6uo28H5gNXxptyLJPA04
 dJwWvaQf/J7eIuChhuFygiTzMnQyJA1f77jlExpKfxKKQwUpHf4=
 =WnE4
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.1-20180907' into staging

ppc patch queue 2018-09-07

Here's another pull request for qemu-3.1.  No real theme here, just an
assortment of various fixes.  Probably the most notable thing is the
removal of the ppcemb target which has been deprecated for some time
now.

# gpg: Signature made Fri 07 Sep 2018 08:30:02 BST
# gpg:                using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-3.1-20180907:
  target-ppc: Extend HWCAP2 bits for ISA 3.0
  target/ppc/kvm: set vcpu as online/offline
  Fix a deadlock case in the CPU hotplug flow
  spapr: Correct reference count on spapr-cpu-core
  mac_newworld: implement custom FWPathProvider
  uninorth: add ofw-addr property to allow correct fw path generation
  mac_oldworld: implement custom FWPathProvider
  grackle: set device fw_name and address for correct fw path generation
  macio: add addr property to macio IDE object
  macio: add macio bus to help with fw path generation
  macio: move MACIOIDEState type declarations to macio.h
  spapr_pci: fix potential NULL pointer dereference
  spapr: fix leak of rev array
  ppc: Remove deprecated ppcemb target

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-24 17:14:10 +01:00
Peter Maydell
ee4402eae1 A misc collection of RISC-V related patches for 3.1.
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAluQU38ACgkQIeENKd+X
 cFRAXQgAlhNcwby+Jsk8sbLajMWXEtww9FIv+XESldPOJHmJyCkNDVZX8MuMM7+f
 8NraD3YGDJvXP/BEcmyE5yPC6mx+OIi8ufzqP0rUML1x4+Tpxp8nZ7sBH197RtGg
 eImPA6oKvg4wyfNOrZ+hGa8HF/iMT03TqeKggUPf3dVAs8LV2iUwBIzrRLB4IhIN
 yFnhbcw8cW04tWUhYg4+viDY2k0q7fMrJZkASD/RjGMBjubJkwWvSYOdMIEWSpcG
 2qLT5SohzUzHyKPONsoBKjSIP+nKgtyYR6IJh40FDd5S5RRMHe/n3q9jChIkHMma
 x1eSNvVd41++QlBKqDeAlA+gbdK/uw==
 =FJn/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-pullreq-20180905' into staging

A misc collection of RISC-V related patches for 3.1.

# gpg: Signature made Wed 05 Sep 2018 23:06:55 BST
# gpg:                using RSA key 21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8  CE8F 21E1 0D29 DF97 7054

* remotes/alistair/tags/pull-riscv-pullreq-20180905:
  riscv: remove define cpu_init()
  hw/riscv/spike: Set the soc device tree node as a simple-bus
  hw/riscv/virtio: Set the soc device tree node as a simple-bus
  target/riscv: call gen_goto_tb on DISAS_TOO_MANY
  target/riscv: optimize indirect branches
  target/riscv: optimize cross-page direct jumps in softmmu
  RISC-V: Simplify riscv_cpu_local_irqs_pending
  RISC-V: Use atomic_cmpxchg to update PLIC bitmaps
  RISC-V: Improve page table walker spec compliance
  RISC-V: Update address bits to support sv39 and sv48

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-24 16:46:43 +01:00
Peter Maydell
d5a515738e vga: virtio reset fix, virtio iommu support.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbjNtcAAoJEEy22O7T6HE4RIUP/1QUZQXm320cBr1Z61U7i7JA
 2D+WCwZLCSNA+vfdx9ltgbpPqH+iT6xWKalrwgvhHARL2GCeqjliQ0pqwl/TB6du
 ek7hVazzVW+GdK1NPvnE0AwAmPp/M/mwHa4CBUGr00ZVIUVFEzBhzSiV6jOOv2vr
 LgOa6QKh0xKUAcu7fFESNl25BmCt+iDkHN7p3rxZE2R9wV3Y4mfukk5dSznqo1WG
 Y4cymZVR2UudwJtDA+Gur2fVukYPZm6FcBm1LoBFjYTzw0iniWW4VEkp5x7EdiQX
 W/N+fosN/Zq0ljCQVfJitf7r9iUjJg5jr5rBssE2mBz6JsqUCTiDCYgOxkybZGWl
 TsWy4NMVSPPnY2ctoTu3R4qL/PVrUChlZqh0zr3mgiDudoQpJ8A0g2DtRX6rn6AT
 LGhH4xjW2jfM5dEGEKkvYesEY+2amfHDxBktG5trVhWfP+ZCxAcI9VpiXxgPFI7H
 ds7tfeArOd2CIxA3L7WElGhawtK7+om/wMjLxj7pFxF7fRnHv7RE3qTN+LOZmdKY
 v/540HdAPefFItmQ0NrBA4FeiRi74S02lIIrILfgBqL+d9HilLnYPCQ9Um59xfEi
 5fiIeQwwSO6RVMsANaJ33yIBYrnldIge0lcQGFZ+h4ME6IeaOH3NcKqJHePbBSBS
 p8NaYjd/iwYTmg+hKieV
 =v8co
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180903-pull-request' into staging

vga: virtio reset fix, virtio iommu support.

# gpg: Signature made Mon 03 Sep 2018 07:57:32 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20180903-pull-request:
  virtio-gpu: add iommu support
  virtio-gpu: pass down VirtIOGPU pointer to a bunch of functions
  use dpy_gfx_update_full
  Revert "virtio-gpu: fix crashes upon warm reboot with vga mode"
  virtio-vga: fix reset

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-24 16:15:26 +01:00
Cornelia Huck
c6c594596e qemu-error: make use of {error, warn}_report_once_cond
{error,warn}_report_once() are a special case of the new functions
and can simply switch to them.

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <20180830145902.27376-3-cohuck@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Dispense with unlikely() to keep the macros as simple as possible]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-09-24 17:13:07 +02:00
Cornelia Huck
c55510b722 qemu-error: add {error, warn}_report_once_cond
Add two functions to print an error/warning report once depending
on a passed-in condition variable and flip it if printed. This is
useful if you want to print a message not once-globally, but e.g.
once-per-device.

Inspired by warn_once() in hw/vfio/ccw.c, which has been replaced
with warn_report_once_cond().

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <20180830145902.27376-2-cohuck@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Function comments reworded]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-09-24 17:13:07 +02:00
Peter Maydell
efd1d5229f Monitor patches for 2018-09-01
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbinLMAAoJEDhwtADrkYZTtBgQAIAa1Z6KUOjWWxzewpowl9E5
 5gaRTAv02LPlOg0Xg0QtYDch+JpeLhdtMQEtLCIiHWRdj84b//NkpbTf72rwn72G
 1BY/3DjLtf3eYuYrdwF3Qb5WTPXAwzVfYt0lQYrFZl/71qpvXPdTh5K0jRAXLfMm
 +NkbA22jhg4mz83fan+AygdoPjidpjYZIpv0Kac9h67TLEP+eKcRBVFadozqskvW
 aFEX/5PGO/tDV7g+0lVx1AYzbPcmCE+ItP+egOKhVxZKZhX1bw3nFLc3I9u4ieI0
 fXDJVY811tQoF2t+01sFVwPX/tDtmOqXBZpivX7OorA5JXdTcqyS8ZgPrmU+OVWI
 58vUKJ4F+EzXYg9/lyMwWRTuqKQpHUuZEUQYr5Yr1lRz+umWyVKHhRgMlvyNRnUL
 DHEmcCBlO0WkhbbfqNPB7H9rPbvsaPKqTMGfAUxOWiaFHxRrCSXJDd0z168yYtw2
 raLk+hqaek3yvbbeo9puTSI93YzmdvywqsVoVQDLlyyICtwK/WRJp50JFQv6tp6E
 TkIevT/E4ba+YGowvm0jCCSxv6WKXMZUQgxzrFCpyhDzf3lEgXJS7dYYvkubsfBZ
 kK3zOWCdMCIHZiqtd10LAUQ9Rj4k42WjYgVs2aWP4caWisoCEIqlNzeMK0OXScbK
 hEgmZfawMd2a0sR7kIdI
 =n9J0
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2018-09-01' into staging

Monitor patches for 2018-09-01

# gpg: Signature made Sat 01 Sep 2018 12:06:52 BST
# gpg:                using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-monitor-2018-09-01:
  monitor: no need to save need_resume
  Revert "qmp: isolate responses into io thread"
  qmp: constify qmp_is_oob()
  monitor: consitify qmp_send_response() QDict argument
  monitor: accept input on resume
  monitor: simplify monitor_qmp_setup_handlers_bh

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-24 15:43:33 +01:00
Peter Maydell
d6f71af654 Block patches:
- (Block) job exit refactoring, part 1
   (removing job_defer_to_main_loop())
 - test-bdrv-drain leak fix
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbiVEJAAoJEPQH2wBh1c9AHb4H/0P6yjozmu8J6cQhfXmFsJQk
 72Y6Lu9w7kNL43dEBkAU3vzDPUkzHRwpO5pLPKqQh0ojCz45KfTMozh/iMoJtuKP
 Hev4ZlRlFpcr0NHLQnysxsgV7FYbDEVS9xdQ6KlgFXyDBLgZVGykjq67kwDtXfnp
 eQof9Nf0T+m3bNJey6C43l4YqPzPIUCfoSgCqkoB1W6QGtfglGx8I4evjjgxv7GT
 s8IzBg7WSi7h8+mouZcXOs8/w7nJNeSSbMb921NXCWXCzIVHLpw5SImDiQfxEvcy
 pnBtVttty6pAmQvOC6GphqHPNIeRYLTIxkEzBxZUAePonsEa9zw33pjBGdWtSPU=
 =60m9
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/xanclic/tags/pull-block-2018-08-31-v2' into staging

Block patches:
- (Block) job exit refactoring, part 1
  (removing job_defer_to_main_loop())
- test-bdrv-drain leak fix

# gpg: Signature made Fri 31 Aug 2018 15:30:33 BST
# gpg:                using RSA key F407DB0061D5CF40
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1  1829 F407 DB00 61D5 CF40

* remotes/xanclic/tags/pull-block-2018-08-31-v2:
  jobs: remove job_defer_to_main_loop
  jobs: remove ret argument to job_completed; privatize it
  block/backup: make function variables consistently named
  jobs: utilize job_exit shim
  block/mirror: utilize job_exit shim
  block/commit: utilize job_exit shim
  jobs: add exit shim
  jobs: canonize Error object
  jobs: change start callback to run callback
  tests: fix bdrv-drain leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-24 14:35:58 +01:00
Peter Maydell
09d8277eb0 Removal of deprecated options and improvements for the qtests
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbiPfvAAoJEC7Z13T+cC21+yUP/ibp2ux3BDXhd7L82YwIu7f2
 VHrXxmJPdyPhYNu96GMrGsbX4uiNKx0J0BGAdIScMv1Pf8XrWVP5C6+vkPuknCbI
 upN5HHZlGYbc2kM/XPBJaH/jqfkmBXX/xzEU1DVwi9V9jYIVv4Yi1rGmWXelHXoc
 eenywK5M0fWWrSIdfA44UC2O78RnF/FIHgavnO6DPpTxtbU3abbZSYMW3H7+hX3k
 VtqKdfuouLjY9KfUaij5BaihYGXnIX6cEY4g+uet34ci+pQITWqOScVQyqU64KKf
 PiDrd8y5bV+5Xf4doCTizVvA89BbAFfuSnLmhb4KPlEtiikvtNV2uRSojCzviqoC
 XYzPA/KkogZ1VM3A9L5/JOJlIxj9483gZffjEqRd/cdasY55X88cdv+tFH83lEaA
 eE7sNep0NBEBKIGE32QmElbv7Z9bv5Rf6UQq5xwkZaFswSLabDQUUEhDiZP9+am1
 cV8vC02FYQxi9tfHr7sr5Jauyrln46UfT9aE1R3S5KiRQj4ggTALidptKzHyxSIz
 6ST07qx6lTEVZXOTtLbziAW2LFXrni0KZUK71PYIIiKTrickNIoIj0xamr/9YUcQ
 kLyPUXL8wJ3MrkR7g1c3d/umgURGw89U6gU7MlIYKcRUBwDVNNnPoogt7p6h+6vg
 PcS9cfVOs97SEbfUPOzY
 =NcP+
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2018-08-31' into staging

Removal of deprecated options and improvements for the qtests

# gpg: Signature made Fri 31 Aug 2018 09:10:23 BST
# gpg:                using RSA key 2ED9D774FE702DB5
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>"
# gpg:                 aka "Thomas Huth <thuth@redhat.com>"
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>"
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>"
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2018-08-31:
  tests: add a qmp success-response test
  tests: add qmp/qom-set-without-value test
  tests: add qmp/object-add-without-props test
  tests: add qmp_assert_error_class()
  tests/libqos: Utilize newer glib spawn check
  net: Remove the deprecated -tftp, -bootp, -redir and -smb options
  Remove the deprecated options -startdate, -localtime and -rtc-td-hack
  Remove the deprecated -nodefconfig option
  Remove the deprecated -balloon option

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-09-24 12:28:37 +01:00
Jing Liu
9e8993991e hw/pci: factor PCI reserve resources to a separate structure
Factor "bus_reserve", "io_reserve", "mem_reserve", "pref32_reserve"
and "pref64_reserve" fields of the "GenPCIERootPort" structure out
to "PCIResReserve" structure, so that other PCI bridges can
reuse it to add resource reserve capability.

Signed-off-by: Jing Liu <jing2.liu@linux.intel.com>
Reviewed-by: Marcel Apfelbaum<marcel.apfelbaum@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-09-07 17:05:18 -04:00
Michael Clark
d78940ec5d RISC-V: Use atomic_cmpxchg to update PLIC bitmaps
The PLIC previously used a mutex to protect against concurrent
access to the claimed and pending bitfields. Instead of using
a mutex, we update the bitfields using atomic_cmpxchg.

Rename sifive_plic_num_irqs_pending to sifive_plic_irqs_pending
and add an early out if any interrupts are pending as the
count of pending interrupts is not used.

Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Palmer Dabbelt <palmer@sifive.com>
Cc: Alistair Francis <Alistair.Francis@wdc.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2018-09-04 13:19:31 -07:00
Gerd Hoffmann
3bb68f798d virtio-gpu: pass down VirtIOGPU pointer to a bunch of functions
No functional change, just preparation for a followup patch
which needs a VirtIOGPU pointer.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20180829122101.29852-2-kraxel@redhat.com>
2018-09-03 08:31:50 +02:00
John Snow
e21a1c9831 jobs: remove job_defer_to_main_loop
Now that the job infrastructure is handling the job_completed call for
all implemented jobs, we can remove the interface that allowed jobs to
schedule their own completion.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180830015734.19765-10-jsnow@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-08-31 16:28:33 +02:00
John Snow
404ff28d6a jobs: remove ret argument to job_completed; privatize it
Jobs are now expected to return their retcode on the stack, from the
.run callback, so we can remove that argument.

job_cancel does not need to set -ECANCELED because job_completed will
update the return code itself if the job was canceled.

While we're here, make job_completed static to job.c and remove it from
job.h; move the documentation of return code to the .run() callback and
to the job->ret property, accordingly.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 20180830015734.19765-9-jsnow@redhat.com
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-08-31 16:28:33 +02:00
John Snow
00359a71d4 jobs: add exit shim
All jobs do the same thing when they leave their running loop:
- Store the return code in a structure
- wait to receive this structure in the main thread
- signal job completion via job_completed

Few jobs do anything beyond exactly this. Consolidate this exit
logic for a net reduction in SLOC.

More seriously, when we utilize job_defer_to_main_loop_bh to call
a function that calls job_completed, job_finalize_single will run
in a context where it has recursively taken the aio_context lock,
which can cause hangs if it puts down a reference that causes a flush.

You can observe this in practice by looking at mirror_exit's careful
placement of job_completed and bdrv_unref calls.

If we centralize job exiting, we can signal job completion from outside
of the aio_context, which should allow for job cleanup code to run with
only one lock, which makes cleanup callbacks less tricky to write.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180830015734.19765-4-jsnow@redhat.com
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-08-31 16:28:33 +02:00
John Snow
3d1f8b07a4 jobs: canonize Error object
Jobs presently use both an Error object in the case of the create job,
and char strings in the case of generic errors elsewhere.

Unify the two paths as just j->err, and remove the extra argument from
job_completed. The integer error code for job_completed is kept for now,
to be removed shortly in a separate patch.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 20180830015734.19765-3-jsnow@redhat.com
[mreitz: Dropped a superfluous g_strdup()]
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-08-31 16:28:33 +02:00
John Snow
f67432a201 jobs: change start callback to run callback
Presently we codify the entry point for a job as the "start" callback,
but a more apt name would be "run" to clarify the idea that when this
function returns we consider the job to have "finished," except for
any cleanup which occurs in separate callbacks later.

As part of this clarification, change the signature to include an error
object and a return code. The error ptr is not yet used, and the return
code while captured, will be overwritten by actions in the job_completed
function.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180830015734.19765-2-jsnow@redhat.com
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-08-31 16:28:33 +02:00
Thomas Huth
d18572dd9a net: Remove the deprecated -tftp, -bootp, -redir and -smb options
These options likely do not work as expected as soon as the user
tries to use more than one network interface at once. The parameters
have been marked as deprecated since QEMU v2.6, so users had plenty
of time to move their scripts to the new syntax. Time to remove the
old parameters now.

Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Acked-by: Peter Krempa <pkrempa@redhat.com>
Acked-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2018-08-31 09:53:03 +02:00
Marc-André Lureau
2aa788f5cb qmp: constify qmp_is_oob()
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180829134043.31706-3-marcandre.lureau@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-08-30 16:08:47 +02:00
Gerd Hoffmann
161f4c4717 Revert "virtio-gpu: fix crashes upon warm reboot with vga mode"
This reverts commit 93f874fe9d.

Now with virtio-vga being resetted properly the
crash workaround is not needed any more.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20180821111313.27792-3-kraxel@redhat.com
2018-08-30 12:52:57 +02:00
Gerd Hoffmann
43e4dbe206 virtio-vga: fix reset
We must call the reset functions for both virtio-gpu
and vga to properly reset the combo device.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20180821111313.27792-2-kraxel@redhat.com
2018-08-30 12:52:57 +02:00
Mark Cave-Ayland
03756c840e uninorth: add ofw-addr property to allow correct fw path generation
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-30 10:42:18 +10:00
Mark Cave-Ayland
5c8e3d17ed macio: add addr property to macio IDE object
This contains the offset of the IDE controller within the macio address space
and is required to allow the address to be included within the fw path.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-30 10:42:18 +10:00
Mark Cave-Ayland
bf31c56f09 macio: add macio bus to help with fw path generation
As the in-built IDE controller is attached to the macio bus then we should also
model this the same in QEMU to aid fw path generation.

Note that all existing macio devices are moved onto the new macio bus so that
the qdev tree accurately reflects the real hardware.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-30 10:42:18 +10:00
Mark Cave-Ayland
9b164a4667 macio: move MACIOIDEState type declarations to macio.h
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-30 10:42:18 +10:00
Peter Xu
3ab72385b2 qapi: Drop qapi_event_send_FOO()'s Error ** argument
The generated qapi_event_send_FOO() take an Error ** argument.  They
can't actually fail, because all they do with the argument is passing it
to functions that can't fail: the QObject output visitor, and the
@qmp_emit callback, which is either monitor_qapi_event_queue() or
event_test_emit().

Drop the argument, and pass &error_abort to the QObject output visitor
and @qmp_emit instead.

Suggested-by: Eric Blake <eblake@redhat.com>
Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180815133747.25032-4-peterx@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Commit message rewritten, update to qapi-code-gen.txt corrected]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-08-28 18:21:38 +02:00
Thomas Huth
a69dc537cc ppc: Remove deprecated ppcemb target
There is no known available OS for ppc around anymore that uses page
sizes below 4k, so it does not make much sense that we keep wasting
our time on building and testing the ppcemb-softmmu target. It has
been deprecated since two releases, and nobody complained, so let's
remove this now.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-28 11:31:23 +10:00
Peter Maydell
19b599f766 Error reporting patches for 2018-08-27
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbg/oXAAoJEDhwtADrkYZT/nIP/1FQmbwvNEhB/oUcd+1H7Mq+
 hRggU9Ool5hjY5c2D/cFS126KOo6LNQhHRqjjMHXubKmWZpZPUc7Kz83zc/jgUvg
 EntekCPYVtBdrygOB9zr+3csVaQJvN1NevpQFl3vYrxsCs0GWN2Gwu2CLhDa6G9/
 uAw6qxiGhfYJJM7ZCOFNY0tQQgiA3nInr0NYWrczCGuDTPk6G6orF44Hn7fqud6v
 QxxCqqIUIDYg7BFzNMgPd9BihTs5u0+z1GCcCow9P9zioBytvFb3ucrbl5npa76c
 Wi5OCSt/WLrFLQkRwKtwijUZI6PAg4rKkPq0EK8LjE72r2huysYB/2avY0stPtaH
 tUeG7aTZ+301/SZwh00Is1s6yDp00FVBwAzx5HFpFf78daEJMGYVi/o9OtoKdJxG
 CnVdBMnKGz4TUUQOtfmoU8K5jkyxu3mibdURtM6qaHipX8uLH1xw1pZVs4MUU/YQ
 Ew2mGTT2Vs6/fCIq4XAS7soksck5vjvmlzon06s666dOXth0SFTgAu05WxQSw2R1
 UJs8tmBwMf8oiyGwcb7LWjXdwDLJtogKTOrjCVOt0hyesSSwTgdJYgUM/Gef0xrz
 ojs96WCq3rjxyOrrow6peNe35Duy6RXmL3JhIUdQh7PxUof1vczNl423IpJFy4vr
 Z9dLKRHF/vfUigpRs7Uv
 =X+fy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2018-08-27-v2' into staging

Error reporting patches for 2018-08-27

# gpg: Signature made Mon 27 Aug 2018 14:18:15 BST
# gpg:                using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-error-2018-08-27-v2:
  intel-iommu: replace more vtd_err_* traces
  intel-iommu: start to use error_report_once
  qemu-error: introduce {error|warn}_report_once

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-27 16:44:20 +01:00
Peter Maydell
025573be71 ui: misc fixes which piled up during 3.0 release freeze
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbg7vzAAoJEEy22O7T6HE4ipQQAJ9KnrLLr23moSW+RwMjNbma
 m0ZK1ySWwRTFLcfvW2mREKW7smeRWRXILrD0KH8OYNf+AIqXzbVo160lV1LnWYLO
 9VtwGUsUpy36hYlBbc1ZwW9d0vZ8suF2j1k5uESUS8ZJg9QczyPGYWaa4Be9pC7y
 tIud4iPcukSnM42bF9EZCmUdi5rxhqBN6rLZtE/Bg+B7JJAxIh3fR4c2Bi27o1d4
 RX4gyoyl7WQmN77ejmZBelEQsUYWLFDrK1RL5Ir8Ib0O0mzSm7fnJQ5WgYv8R8Na
 wTS1t+ue7wa8GGQonUwRl5ttVf0BppvOu5NZLFaQyCVODTgjVO/IjbKpkijBgHsB
 DqOh4bYK8CgnQtre/m10nGrbVzNsX9FmcCLAAqwmWtCZ1sozjT3rOxVgJD8hn7ro
 J0LEYZuQ0TaCzS2Kaf6+BdXNMWJQShPPyi4UJI490RswzTeg4z2weNIPdlFoyJZd
 Wr7GDPkpHkpFnx65XbBvzOpMNIdJESW9WZLkwy95HfgSkty+3DpmvoKhLyzWOCsF
 AbVJOkjbNgKYJpfu8HmZsV/WB9Ll8aKkMieisY0Y2PHyNv853YkJBuRhLRopx7Ke
 NsGa2jZofuWJxpO0v9FqeVJB1B4iHJ5w2obWixcvGTUJD1Bg30WsQudGVO4tO4SD
 nvt+6vsxYFHr9QaOXIyV
 =WC8K
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/ui-20180827-v4-pull-request' into staging

ui: misc fixes which piled up during 3.0 release freeze

# gpg: Signature made Mon 27 Aug 2018 09:53:07 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/ui-20180827-v4-pull-request:
  util: promote qemu_egl_rendernode_open() to libqemuutil
  dmabuf: add y0_top, pass it to spice
  ui/vnc: Remove useless parenthesis around DIV_ROUND_UP macro
  ui/sdl2: Fix broken -full-screen CLI option
  spice-display: fix qemu_spice_cursor_refresh_bh locking
  spice-display: access ptr_x/ptr_y under Mutex
  vnc: remove support for deprecated tls, x509, x509verify options
  doc: switch to modern syntax for VNC TLS setup
  sdl2: redraw correctly when scanout_mode enabled.
  ui: use enum to string helpers
  vnc: fix memleak of the "vnc-worker-output" name
  ui/sdl2: Remove the obsolete SDL_INIT_NOPARACHUTE flag

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-27 12:30:51 +01:00
Marc-André Lureau
b1d380372f util: promote qemu_egl_rendernode_open() to libqemuutil
vhost-user-gpu will share the same code to open a DRM node.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180713130916.4153-20-marcandre.lureau@redhat.com>

[ kraxel: buildfix: util/drm.o must be CONFIG_OPENGL not CONFIG_LINUX ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-08-27 10:51:44 +02:00
Peter Xu
bc6a69dd4b qemu-error: introduce {error|warn}_report_once
There are many error_report()s that can be used in frequently called
functions, especially on IO paths.  That can be unideal in that
malicious guest can try to trigger the error tons of time which might
use up the log space on the host (e.g., libvirt can capture the stderr
of QEMU and put it persistently onto disk).  In VT-d emulation code, we
have trace_vtd_error() tracer.  AFAIU all those places can be replaced
by something like error_report() but trace points are mostly used to
avoid the DDOS attack that mentioned above.  However using trace points
mean that errors are not dumped if trace not enabled.

It's not a big deal in most modern server managements since we have
things like logrotate to maintain the logs and make sure the quota is
expected.  However it'll still be nice that we just provide another way
to restrict message generations.  In most cases, this kind of
error_report()s will only provide valid information on the first message
sent, and all the rest of similar messages will be mostly talking about
the same thing.  This patch introduces *_report_once() helpers to allow
a message to be dumped only once during one QEMU process's life cycle.
It will make sure: (1) it's on by deffault, so we can even get something
without turning the trace on and reproducing, and (2) it won't be
affected by DDOS attack.

To implement it, I stole the printk_once() macro from Linux.

CC: Eric Blake <eblake@redhat.com>
CC: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180815095328.32414-2-peterx@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Whitespace adjusted, comments improved]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-08-27 06:38:45 +02:00
Peter Maydell
cc9821fa9a QObject patches for 2018-08-24
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbgFx1AAoJEDhwtADrkYZTaQQP/24SBzfCVDC4GR4zM2aNYca8
 en8UkIcF/MvgJ5E7b95LvT58g3qvd32G5nG5r8stbSzk1JlWQfH30O1zV+5J2FBY
 kkcJe69oTP+Qe8ZBndQCdxM8sMdlbZBpAKa81j6pYZXwueWvGd9PDxhYMiHuvglz
 EdXE2DsAZ8at7mwNlwC0E6TSYeJiHBmwjOI6YnuE9ZCP4Cr5JYIJojl2loHhJRsd
 7gZdL+6GGm/NPHeuLHdt7XyNEfS7ZJgPn+lV9wljukQbAXjbkOf5ko3VCZwclyOg
 JkzOWot04Fy+Ro0Zj2e2siU+0MJ3JxfCrx5TKRZU5hKimZj6Uo7oA5qkGtCBXG6J
 Vq1Zl4MBKLkfckv7Spxs6j7+xImQXV5PD0nO63KFkqqbhZwWeq2M5GUorSOddh27
 pecChH2fH/y32StStHzM7m2PvRuCIGq1ZfTdG7OdG/qRkwOQG9R9mkAO3hZNq54O
 GxoBs9ghjbttTZCCPm/qofc9EypVD7brjCwDwKWKm4Bf9daqVDFdAZic6n12HLKV
 ysAl2N8d5cCtQyFN6stKNXIZArLuT/MNPps6LC6hRawZaODsDZGPhjI3KcLcHnQs
 Vp9AWAB8vOzyWE0kvIdh004bPwXzH9r4IqTTZmvf1C15TTtZrpQ1r7BudDWKm3De
 wjTE5H4ETy0h/TuHE6yk
 =6BNc
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-qobject-2018-08-24' into staging

QObject patches for 2018-08-24

# gpg: Signature made Fri 24 Aug 2018 20:28:53 BST
# gpg:                using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qobject-2018-08-24: (58 commits)
  json: Update references to RFC 7159 to RFC 8259
  json: Support %% in JSON strings when interpolating
  json: Improve safety of qobject_from_jsonf_nofail() & friends
  json: Keep interpolation state in JSONParserContext
  tests/drive_del-test: Fix harmless JSON interpolation bug
  json: Clean up headers
  qobject: Drop superfluous includes of qemu-common.h
  json: Make JSONToken opaque outside json-parser.c
  json: Unbox tokens queue in JSONMessageParser
  json: Streamline json_message_process_token()
  json: Enforce token count and size limits more tightly
  qjson: Have qobject_from_json() & friends reject empty and blank
  json: Assert json_parser_parse() consumes all tokens on success
  json: Fix streamer not to ignore trailing unterminated structures
  json: Fix latent parser aborts at end of input
  qjson: Fix qobject_from_json() & friends for multiple values
  json: Improve names of lexer states related to numbers
  json: Replace %I64d, %I64u by %PRId64, %PRIu64
  json: Leave rejecting invalid interpolation to parser
  json: Pass lexical errors and limit violations to callback
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-25 10:11:54 +01:00
Peter Maydell
e2e6fa6793 MIPS queue August 2018 v6
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJbgCm7AAoJENSXKoln91plhJYH/jRqbCaUd04nGuyjOaYUajTL
 brz3JD0XN2jD6NnDYUpuiNzawSojNzSklMA0u9AJiG+cpNK+gqW4fX+CYeX7ApjK
 99+SXSejxnK3IJUNblQDD/hdCv9Dc1r12R7c80lm+aqJwi4C8hfULTbfrse/QdyA
 KIHKl+c3uaWTPG2qC3mpPW/QS+IRPgRRwF/7GILuiagNmMcXyuMd2fQuePnf1rvD
 ztTdtNJ0zfdFK1jlLa7D9Xe36RpS1uBinF429dNwXWM/+i1shvxc3Enzb4qEQNYe
 ZeVxTomP/nO1elLZYdVUwdQYr6vmnvb1/mtTT6nq0NvHeLGjMZMqOBWGuAtdXoo=
 =a8Jv
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-aug-2018' into staging

MIPS queue August 2018 v6

# gpg: Signature made Fri 24 Aug 2018 16:52:27 BST
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic/tags/mips-queue-aug-2018: (45 commits)
  target/mips: Add definition of nanoMIPS I7200 CPU
  mips_malta: Fix semihosting argument passing for nanoMIPS bare metal
  mips_malta: Add setting up GT64120 BARs to the nanoMIPS bootloader
  mips_malta: Add basic nanoMIPS boot code for Malta board
  elf: Don't check FCR31_NAN2008 bit for nanoMIPS
  elf: On elf loading, treat both EM_MIPS and EM_NANOMIPS as legal for MIPS
  elf: Relax MIPS' elf_check_arch() to accept EM_NANOMIPS too
  elf: Add EM_NANOMIPS value as a valid one for e_machine field
  target/mips: Fix ERET/ERETNC behavior related to ADEL exception
  target/mips: Add updating BadInstr and BadInstrX for nanoMIPS
  target/mips: Add availability control via bit NMS
  target/mips: Add emulation of DSP ASE for nanoMIPS - part 6
  target/mips: Add emulation of DSP ASE for nanoMIPS - part 5
  target/mips: Add emulation of DSP ASE for nanoMIPS - part 4
  target/mips: Add emulation of DSP ASE for nanoMIPS - part 3
  target/mips: Add emulation of DSP ASE for nanoMIPS - part 2
  target/mips: Add emulation of DSP ASE for nanoMIPS - part 1
  target/mips: Implement MT ASE support for nanoMIPS
  target/mips: Fix pre-nanoMIPS MT ASE instructions availability control
  target/mips: Add emulation of nanoMIPS 32-bit branch instructions
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-24 23:10:15 +01:00
Markus Armbruster
37aded92c2 json: Update references to RFC 7159 to RFC 8259
RFC 8259 (December 2017) obsoletes RFC 7159 (March 2014).

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180823164025.12553-59-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-08-24 20:27:14 +02:00
Markus Armbruster
86cdf9ec8d json: Clean up headers
The JSON parser has three public headers, json-lexer.h, json-parser.h,
json-streamer.h.  They all contain stuff that is of no interest
outside qobject/json-*.c.

Collect the public interface in include/qapi/qmp/json-parser.h, and
everything else in qobject/json-parser-int.h.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-54-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
812ce33ead qobject: Drop superfluous includes of qemu-common.h
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-53-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
abe7c2067c json: Make JSONToken opaque outside json-parser.c
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-52-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
a2731e08ee json: Unbox tokens queue in JSONMessageParser
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-51-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
f9277915ee json: Fix streamer not to ignore trailing unterminated structures
json_message_process_token() accumulates tokens until it got the
sequence of tokens that comprise a single JSON value (it counts curly
braces and square brackets to decide).  It feeds those token sequences
to json_parser_parse().  If a non-empty sequence of tokens remains at
the end of the parse, it's silently ignored.  check-qjson.c cases
unterminated_array(), unterminated_array_comma(), unterminated_dict(),
unterminated_dict_comma() demonstrate this bug.

Fix as follows.  Introduce a JSON_END_OF_INPUT token.  When the
streamer receives it, it feeds the accumulated tokens to
json_parser_parse().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-46-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
84a56f38b2 json: Pass lexical errors and limit violations to callback
The callback to consume JSON values takes QObject *json, Error *err.
If both are null, the callback is supposed to make up an error by
itself.  This sucks.

qjson.c's consume_json() neglects to do so, which makes
qobject_from_json() null instead of failing.  I consider that a bug.

The culprit is json_message_process_token(): it passes two null
pointers when it runs into a lexical error or a limit violation.  Fix
it to pass a proper Error object then.  Update the callbacks:

* monitor.c's handle_qmp_command(): the code to make up an error is
  now dead, drop it.

* qga/main.c's process_event(): lumps the "both null" case together
  with the "not a JSON object" case.  The former is now gone.  The
  error message "Invalid JSON syntax" is misleading for the latter.
  Improve it to "Input must be a JSON object".

* qobject/qjson.c's consume_json(): no update; check-qjson
  demonstrates qobject_from_json() now sets an error on lexical
  errors, but still doesn't on some other errors.

* tests/libqtest.c's qmp_response(): the Error object is now reliable,
  so use it to improve the error message.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-40-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
2cbd15aa6f json: Treat unwanted interpolation as lexical error
The JSON parser optionally supports interpolation.  The lexer
recognizes interpolation tokens unconditionally.  The parser rejects
them when interpolation is disabled, in parse_interpolation().
However, it neglects to set an error then, which can make
json_parser_parse() fail without setting an error.

Move the check for unwanted interpolation from the parser's
parse_interpolation() into the lexer's finite state machine.  When
interpolation is disabled, '%' is now handled like any other
unexpected character.

The next commit will improve how such lexical errors are handled.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-39-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
61030280ca json: Rename token JSON_ESCAPE & friends to JSON_INTERP
The JSON parser optionally supports interpolation.  The code calls it
"escape".  Awkward, because it uses the same term for escape sequences
within strings.  The latter usage is consistent with RFC 8259 "The
JavaScript Object Notation (JSON) Data Interchange Format" and ISO C.
Call the former "interpolation" instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-38-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
62815d85ae json: Redesign the callback to consume JSON values
The classical way to structure parser and lexer is to have the client
call the parser to get an abstract syntax tree, the parser call the
lexer to get the next token, and the lexer call some function to get
input characters.

Another way to structure them would be to have the client feed
characters to the lexer, the lexer feed tokens to the parser, and the
parser feed abstract syntax trees to some callback provided by the
client.  This way is more easily integrated into an event loop that
dispatches input characters as they arrive.

Our JSON parser is kind of between the two.  The lexer feeds tokens to
a "streamer" instead of a real parser.  The streamer accumulates
tokens until it got the sequence of tokens that comprise a single JSON
value (it counts curly braces and square brackets to decide).  It
feeds those token sequences to a callback provided by the client.  The
callback passes each token sequence to the parser, and gets back an
abstract syntax tree.

I figure it was done that way to make a straightforward recursive
descent parser possible.  "Get next token" becomes "pop the first
token off the token sequence".  Drawback: we need to store a complete
token sequence.  Each token eats 13 + input characters + malloc
overhead bytes.

Observations:

1. This is not the only way to use recursive descent.  If we replaced
   "get next token" by a coroutine yield, we could do without a
   streamer.

2. The lexer reports errors by passing a JSON_ERROR token to the
   streamer.  This communicates the offending input characters and
   their location, but no more.

3. The streamer reports errors by passing a null token sequence to the
   callback.  The (already poor) lexical error information is thrown
   away.

4. Having the callback receive a token sequence duplicates the code to
   convert token sequence to abstract syntax tree in every callback.

5. Known bug: the streamer silently drops incomplete token sequences.

This commit rectifies 4. by lifting the call of the parser from the
callbacks into the streamer.  Later commits will address 3. and 5.

The lifting removes a bug from qjson.c's parse_json(): it passed a
pointer to a non-null Error * in certain cases, as demonstrated by
check-qjson.c.

json_parser_parse() is now unused.  It's a stupid wrapper around
json_parser_parse_err().  Drop it, and rename json_parser_parse_err()
to json_parser_parse().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-35-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
037f244088 json: Have lexer call streamer directly
json_lexer_init() takes the function to process a token as an
argument.  It's always json_message_process_token().  Makes the code
harder to understand for no actual gain.  Drop the indirection.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-34-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Marc-André Lureau
7c1e1d5481 json: remove useless return value from lexer/parser
The lexer always returns 0 when char feeding. Furthermore, none of the
caller care about the return value.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180326150916.9602-10-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180823164025.12553-32-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Markus Armbruster
e59f39d403 json: Reject invalid UTF-8 sequences
We reject bytes that can't occur in valid UTF-8 (\xC0..\xC1,
\xF5..\xFF in the lexer.  That's insufficient; there's plenty of
invalid UTF-8 not containing these bytes, as demonstrated by
check-qjson:

* Malformed sequences

  - Unexpected continuation bytes

  - Missing continuation bytes after start bytes other than
    \xC0..\xC1, \xF5..\xFD.

* Overlong sequences with start bytes other than \xC0..\xC1,
  \xF5..\xFD.

* Invalid code points

Fixing this in the lexer would be bothersome.  Fixing it in the parser
is straightforward, so do that.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-23-armbru@redhat.com>
2018-08-24 20:26:37 +02:00
Aleksandar Rikalo
56f26045dc elf: On elf loading, treat both EM_MIPS and EM_NANOMIPS as legal for MIPS
Modify load_elf32()/load_elf64() to treat EM_NANOMIPS as legal as
EM_MIPS is.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Stefan Markovic <smarkovic@wavecomp.com>
2018-08-24 17:51:59 +02:00
Aleksandar Rikalo
2a94de0770 elf: Add EM_NANOMIPS value as a valid one for e_machine field
Value 249 is registered as valid for usage for nanoMIPS executables.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Stefan Markovic <smarkovic@wavecomp.com>
2018-08-24 17:51:59 +02:00
Peter Maydell
54906fe0ce migration/next for 20180822
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbfUQPAAoJEPSH7xhYctcjlRcP/0EVbPvoYzNuHFgDyXFRZO1L
 manVFlVRHgHIFg9Wf0D0f6uB+2iLgdbK9cxG+L7jbzRQeyfqYBjOiCIxV8bXrvQX
 DHxKHhrEYXZMY9Ofx3M0kdM4I1XeoLpP3Sm5nwkkEioShRcnGeSvqibAGT9zJbNN
 a4xWEIJTnlcoeqZQSuo9utVnTt2Igx0hV2Zfs2SHLzh1s3vEi4EttWfGkK/Z/Qu6
 hf0YtB44ykdLIH2Cuu+J/QiWouJLLRY3lX2fpttAMaEFtZFWBU/WdM4eH9+MpuJC
 XrBRBS8JzqS2QHpQGlmPpCicCaBkiKHtSlfQshO78mW0qMKh4I0mNJILFFQBVSp0
 9F4U7vytF73dmJWVRmvWWjZUG0bwXfOUu+CyNKbffQOZIkv80NKKykcm72BxWLL+
 gGBkYoCa2i8IRu2z5u1c01oPi0oN0fs3uNPBwSzDhpfzTm4+024wMXSRE9qg/OxA
 ++JBz2DynkKi2S6c1WKvTe31sez5JA2OiAo2qqzST2sxf1cXMiwarjZ5MQn7DNCf
 XsIUfLlwe5+CXVR/w5rB24CwSYRYPF9iUWAya6Oc3ss9ngux8cReJmYQr1PK433F
 rSpvaFxwozZ6vrbHUWwloa/JDJfBehetq2xSwrSTK3xF28jYi6+lIaXYB2oHZJeU
 nY/mNxvpzOcLUQIgr8kH
 =GExd
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20180822-1' into staging

migration/next for 20180822

# gpg: Signature made Wed 22 Aug 2018 12:07:59 BST
# gpg:                using RSA key F487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03  4B82 F487 EF18 5872 D723

* remotes/juanquintela/tags/migration/20180822-1:
  migration: hold the lock only if it is really needed
  migration: move handle of zero page to the thread
  migration: drop the return value of do_compress_ram_page
  migration: introduce save_zero_page_to_file
  migration: fix counting normal page for compression
  migration: do not wait for free thread
  migration: poll the cm event for destination qemu
  tests/migration-test: Silence the kvm_hv message by default
  migration: implement the shutdown for RDMA QIOChannel
  migration: poll the cm event while wait RDMA work request completion
  migration: invoke qio_channel_yield only when qemu_in_coroutine()
  migration: implement io_set_aio_fd_handler function for RDMA QIOChannel
  migration: Stop rdma yielding during incoming postcopy
  migration: implement bi-directional RDMA QIOChannel
  migration: create a dedicated connection for rdma return path
  migration: disable RDMA WRITE after postcopy started
  migrate/cpu-throttle: Add max-cpu-throttle migration parameter
  docs/migration: Clarify pre_load in subsections
  migration: Correctly handle subsections with no 'needed' function
  qapi/migration.json: fix the description for "query-migrate" output

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-24 16:31:53 +01:00
Peter Maydell
1dfb85a875 check/next for 20180822
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbfRjcAAoJEPSH7xhYctcj6vkP/0CxdFLEJ5zfmQCT9plrcenc
 4CtR3syKimF1CSk9eKPE8V3oiZSBxuM1FJYPhH8d9UbYcWrItGLr/dgh1EAgurAI
 P4oeWqI21CGeCWQGduhmQ51vSw1b8JTdNYWmb3QAsMBUugZYla4lvC3R5h63vmBI
 4U1RzQrZmmN9svnNMx22dCInbPNoayR3Ekr7z/bF6sRG/B+ZwecenVoD9X8T/Ozu
 epx9OOoBfMGDB5wbEEx/RUKrMsGH5D712QeMHUtGYmLRs1Wl4AV7Si+bSd3oi+GI
 aL6ZjuaOofGaESOuH7fTkTGhGgmcPd7+pLPqpEYIJ3wmQOOQP/dp9B+6VXCxTQcA
 y5F9FBEP5nQL+OIusvi+l65PqzstrKtxrSzWPGHgmosdLead15znZ4Z6YdOtHWHr
 ZZOW55M2ZvlZvEWB3hHmT9rjZFP4Uu9XFIW05gzQiqVhcKemtgQ3hBiX+OvxRpPM
 RpGLqGK/oDwadvEsNitYqbRJDe74VSAxOtmvEsDfJLzRoyHM1zHw3au00NdyGhMp
 89Xc5AnkuHJLCFZ9duXErt5GQz/7EzHkLpQ16pqyuetgLc50ytED1tgqiJl6+Td1
 IS4me8wwBpk+IvRD0zsh4p/FHocL684CSP5+AZwcy8RljtbBacbvmAS6484RSx4c
 rWL39dB2uhvHEErmS9/+
 =2bke
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/check/20180822' into staging

check/next for 20180822

# gpg: Signature made Wed 22 Aug 2018 09:03:40 BST
# gpg:                using RSA key F487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03  4B82 F487 EF18 5872 D723

* remotes/juanquintela/tags/check/20180822:
  check: Only test tpm devices when they are compiled in
  check: Only test usb-ehci when it is compiled in
  check: Only test usb-uhci devices when they are compiled in
  check: Only test usb-ohci when it is compiled in
  check: Only test nvme when it is compiled in
  check: Only test pvpanic when it is compiled in
  check: Only test wdt_ib700 when it is compiled in
  check: Only test sdhci when it is compiled in
  check: Only test i82801b11 when it is compiled in
  check: Only test ioh3420 when it is compiled in
  check: Only test ipack when it is compiled in
  check: Only test hda when it is compiled in
  check: Only test ac97 when it is compiled in
  check: Only test es1370 when it is compiled in
  check: Only test rtl8139 when it is compiled in
  check: Only test pcnet when it is compiled in
  check: Only test eepro100 when it is compiled in
  check: Only test ne2000 when it is compiled in
  check: Only test vmxnet3 when it is compiled in

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-24 14:46:31 +01:00
Peter Maydell
f8add62c0c hw/display/bcm2835_fb: Validate config settings
Validate the config settings that the guest tries to set.

The wiki page documentation is not really accurate here:
generally rather than failing requests to set bad parameters,
the hardware will just clip them to something sensible.

Validate the most important parameters: sizes and
the viewport offsets. This prevents the framebuffer
code from trying to read out-of-range memory.

In the property handling code, we validate the new parameters every
time we encounter a tag that sets them. This means we validate the
config multiple times if the request includes multiple config-setting
tags, but the code would require significant restructuring to do a
validation only once but still return the clipped settings for
get-parameter tags and the buffer allocation tag.

Validation of settings made via the older bcm2835_fb_mbox_push()
function will be done in the next commit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814144436.679-8-peter.maydell@linaro.org
2018-08-24 13:17:50 +01:00
Peter Maydell
01f18af98b hw/display/bcm2835_fb: Fix handling of virtual framebuffer
The raspi framebuffir in bcm2835_fb supports the definition
of a virtual "viewport", which is smaller than the full
physical framebuffer size and at an adjustable offset within
it. Only the viewport area is sent to the screen. This allows
the guest to do things like double buffering, or scrolling
by adjusting the viewport origin. Currently QEMU doesn't
implement this at all.

Add support for this feature:
 * the property mailbox code needs to distinguish the
   virtual width/height from the physical width/height
 * the framebuffer code needs to do something with the
   virtual width/height/origin information

Note that the wiki documentation on the semantics of the
virtual and physical height and width has it the wrong way
around -- the virtual size is the size of the allocated
buffer, and the physical size is the size of the display,
so the virtual size is always the same as or larger than
the physical.

If the viewport size is set smaller than the physical
screen size, we ignore the viewport settings completely
and just display the physical screen area.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814144436.679-7-peter.maydell@linaro.org
2018-08-24 13:17:49 +01:00
Peter Maydell
9a1f03f4ee hw/display/bcm2835_fb: Abstract out calculation of pitch, size
Abstract out the calculation of the pitch and size of the
framebuffer into functions that operate on the BCM2835FBConfig
struct -- these are about to get a little more complicated
when we add support for virtual and physical sizes differing.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814144436.679-6-peter.maydell@linaro.org
2018-08-24 13:17:49 +01:00
Peter Maydell
9e2938a0fd hw/display/bcm2835_fb: Reset resolution, etc correctly
The bcm2835_fb's initial resolution and other parameters are set
via QOM properties. We should reset to those initial values on
device reset, which means we need to save the QOM property
values somewhere that they are not overwritten by guest
changes to the framebuffer configuration.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814144436.679-5-peter.maydell@linaro.org
2018-08-24 13:17:49 +01:00
Peter Maydell
ea662f7cc8 hw/display/bcm2835_fb: Drop unused size and pitch fields
The BCM2835FBState struct has a 'pitch' field which is a
cached copy of xres * (bpp >> 3), and a 'size' field which is
a cached copy of pitch * yres. However we don't actually do
anything with these fields; delete them. We retain the
now-unused slots in the VMState struct for migration
compatibility.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814144436.679-4-peter.maydell@linaro.org
2018-08-24 13:17:49 +01:00
Peter Maydell
193100b571 hw/misc/bcm2835_property: Track fb settings using BCM2835FBConfig
Refactor the fb property setting code so that rather than
using a set of pointers to local variables to track
whether a config value has been updated in the current
mbox and if so what its new value is, we just copy
all the current settings of the fb at the start, and
then update that copy as we go along, before asking
the fb to switch to it at the end.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814144436.679-3-peter.maydell@linaro.org
2018-08-24 13:17:48 +01:00
Peter Maydell
a02755ece0 hw/misc/bcm2835_fb: Move config fields to their own struct
The handling of framebuffer properties in the bcm2835_property code
is a bit clumsy, because for each of the many fb related properties
we try to track the value we're about to set and whether we're going
to be setting a value, and then we hand all the new values off
to the framebuffer via a function which takes them all as separate
arguments. It would be simpler if the property code could easily
copy all the framebuffer's current settings, update them with
the new specified values and then ask the framebuffer to switch
to the new set.

As the first part of this refactoring, pull all the fb config
settings fields in BCM2835FBState out into their own struct.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814144436.679-2-peter.maydell@linaro.org
2018-08-24 13:17:48 +01:00
Peter Maydell
1d52866f5a hw/ssi/pl022: Allow use as embedded-struct device
Create a new include file for the pl022's device struct,
type macros, etc, so that it can be instantiated using
the "embedded struct" coding style.

While we're adding the new file to MAINTAINERS, add
also the .c file, which was missing an entry.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180820141116.9118-16-peter.maydell@linaro.org
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2018-08-24 13:17:44 +01:00
Peter Maydell
132b475a73 hw/arm/iotkit: Wire up the lines for MSCs
The IoTKit doesn't have any MSCs itself but it does need
some wiring to connect the external signals from MSCs
in the outer board model up to the registers and the
NVIC IRQ line.

We also need to expose a MemoryRegion corresponding to
the AHB bus, so that MSCs in the outer board model can
use that as their downstream port. (In the FPGA this is
the "AHB Slave Expansion" ports shown in the block
diagram in the AN505 documentation.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180820141116.9118-14-peter.maydell@linaro.org
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2018-08-24 13:17:44 +01:00
Peter Maydell
81a75deb1a hw/misc/iotkit-secctl: Wire up registers for controlling MSCs
The IoTKit does not have any Master Security Contollers itself,
but it does provide registers in the secure privilege control
block which allow control of MSCs in the external system.
Add support for these registers.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180820141116.9118-13-peter.maydell@linaro.org
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2018-08-24 13:17:44 +01:00
Peter Maydell
211e701d66 hw/misc/tz-msc: Model TrustZone Master Security Controller
Implement a model of the TrustZone Master Securtiy Controller,
as documented in the Arm CoreLink SIE-200 System IP for
Embedded TRM  (DDI0571G):
  https://developer.arm.com/products/architecture/m-profile/docs/ddi0571/g

The MSC is intended to sit in front of a device which can
be a bus master (eg a DMA controller) and programmably gate
its transactions. This allows a bus-mastering device to be
controlled by non-secure code but still restricted from
making accesses to addresses which are secure-only.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20180820141116.9118-12-peter.maydell@linaro.org
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2018-08-24 13:17:43 +01:00
Peter Maydell
06e65af39b hw/misc/iotkit: Wire up the sysctl and sysinfo register blocks
Wire up the system control element's register banks
(sysctl and sysinfo).

This is the last of the previously completely unimplemented
components in the IoTKit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-11-peter.maydell@linaro.org
2018-08-24 13:17:43 +01:00
Peter Maydell
c667a25b32 hw/misc/iotkit-sysinfo: Implement IoTKit system information block
Implement the IoTKit system control element's system information
block; this is just a pair of read-only version/config registers,
plus the usual PID/CID ID registers.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-10-peter.maydell@linaro.org
2018-08-24 13:17:43 +01:00
Peter Maydell
75750e4d43 hw/misc/iotkit-sysctl: Implement IoTKit system control element
The Arm IoTKit includes a system control element which
provides a block of read-only ID registers and a block
of read-write control registers. Implement a minimal
version of this.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-9-peter.maydell@linaro.org
2018-08-24 13:17:42 +01:00
Peter Maydell
e2d203baba hw/arm/iotkit: Wire up the S32KTIMER
The IoTKit has a CMSDK timer device that runs on the S32KCLK.
Create this and wire it up.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-8-peter.maydell@linaro.org
2018-08-24 13:17:42 +01:00
Peter Maydell
d61e4e1ff7 hw/arm/iotkit: Wire up the watchdogs
The IoTKit includes three different instances of the
CMSDK APB watchdog; create and wire them up.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-7-peter.maydell@linaro.org
2018-08-24 13:17:42 +01:00
Peter Maydell
017d069d20 hw/arm/iotkit: Wire up the dualtimer
Now we have a model of the CMSDK dual timer, we can wire it
up in the IoTKit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-5-peter.maydell@linaro.org
2018-08-24 13:17:41 +01:00
Peter Maydell
4f4c6206ca hw/timer/cmsdk-apb-dualtimer: Implement CMSDK dual timer module
The Arm Cortex-M System Design Kit includes a "dual-input timer module"
which combines two programmable down-counters. Implement a model
of this device.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-4-peter.maydell@linaro.org
2018-08-24 13:17:41 +01:00
Peter Maydell
93739075d2 hw/misc/mps2-fpgaio: Implement PSCNTR and COUNTER
In the MPS2 FPGAIO, PSCNTR is a free-running downcounter with
a reload value configured via the PRESCALE register, and
COUNTER counts up by 1 every time PSCNTR reaches zero.
Implement these counters.

We can just increment the counters migration subsection's
version ID because we only added it in the previous commit,
so no released QEMU versions will be using it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-3-peter.maydell@linaro.org
2018-08-24 13:17:40 +01:00
Peter Maydell
a1982f90a4 hw/misc/mps2-fpgaio: Implement 1Hz and 100Hz counters
The MPS2 FPGAIO block includes some simple free-running counters.
Implement these.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180820141116.9118-2-peter.maydell@linaro.org
2018-08-24 13:17:40 +01:00
Richard Henderson
2f6c74be59 softfloat: Add scaling float-to-int routines
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814002653.12828-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-24 13:17:30 +01:00
Richard Henderson
2abdfe2440 softfloat: Add scaling int-to-float routines
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180814002653.12828-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-24 13:17:29 +01:00
Marc-André Lureau
242d01336d dmabuf: add y0_top, pass it to spice
Some scanouts during boot are top-down without it.

y0_top is set from VHOST_USER_GPU_DMABUF_SCANOUT code path in the last
patch of this series.

In current QEMU code base, only vfio/display uses dmabuf API. But the
VFIO query interface doesn't provide or need that detail so far.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180713130916.4153-5-marcandre.lureau@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-08-24 08:40:11 +02:00
Peter Maydell
3c825bb7c1 * x86 TCG fixes for 64-bit call gates (Andrew)
* qumu-guest-agent freeze-hook tweak (Christian)
 * pm_smbus improvements (Corey)
 * Move validation to pre_plug for pc-dimm (David)
 * Fix memory leaks (Eduardo, Marc-André)
 * synchronization profiler (Emilio)
 * Convert the CPU list to RCU (Emilio)
 * LSI support for PPR Extended Message (George)
 * vhost-scsi support for protection information (Greg)
 * Mark mptsas as a storage device in the help (Guenter)
 * checkpatch tweak cherry-picked from Linux (me)
 * Typos, cleanups and dead-code removal (Julia, Marc-André)
 * qemu-pr-helper support for old libmultipath (Murilo)
 * Annotate fallthroughs (me)
 * MemoryRegionOps cleanup (me, Peter)
 * Make s390 qtests independent from libqos, which doesn't actually support it (me)
 * Make cpu_get_ticks independent from BQL (me)
 * Introspection fixes (Thomas)
 * Support QEMU_MODULE_DIR environment variable (ryang)
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAlt+5OYUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroPtxwf8CQM/F+0L+EKeYfYcVgVZsDhhOkLj
 Pm61q0bZsWKLby5jCqIDYw7Z/vodJnSS1DO0slIRoXxvQ9DwlkbBnBy/aG/E9U0q
 WF1vbCezibDIt7sGcsu9F5zXU9eqe+E6dZfxFrv8FQSOFVxn34TfeJagWLCtzg0d
 LnVTF/e4zJD8IQiM7w6lJQxua3fz13ssPEg2KnMkguDhACMwvZ/K/cA2AJkHRMhY
 sroPMwLHlrF1NOoeCIrWxYUmSGCRCAy1DmiPGiiSs0yBq/dL0UkAa5Eu6HMQ7rgI
 zUff3JDmzEjixUSIEbpVRN+yPCN0/ACSOpJUrKLDxXbc4nZ+PBQ04YpyPQ==
 =UZiV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* x86 TCG fixes for 64-bit call gates (Andrew)
* qumu-guest-agent freeze-hook tweak (Christian)
* pm_smbus improvements (Corey)
* Move validation to pre_plug for pc-dimm (David)
* Fix memory leaks (Eduardo, Marc-André)
* synchronization profiler (Emilio)
* Convert the CPU list to RCU (Emilio)
* LSI support for PPR Extended Message (George)
* vhost-scsi support for protection information (Greg)
* Mark mptsas as a storage device in the help (Guenter)
* checkpatch tweak cherry-picked from Linux (me)
* Typos, cleanups and dead-code removal (Julia, Marc-André)
* qemu-pr-helper support for old libmultipath (Murilo)
* Annotate fallthroughs (me)
* MemoryRegionOps cleanup (me, Peter)
* Make s390 qtests independent from libqos, which doesn't actually support it (me)
* Make cpu_get_ticks independent from BQL (me)
* Introspection fixes (Thomas)
* Support QEMU_MODULE_DIR environment variable (ryang)

# gpg: Signature made Thu 23 Aug 2018 17:46:30 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (69 commits)
  KVM: cleanup unnecessary #ifdef KVM_CAP_...
  target/i386: update MPX flags when CPL changes
  i2c: pm_smbus: Add the ability to force block transfer enable
  i2c: pm_smbus: Don't delay host status register busy bit when interrupts are enabled
  i2c: pm_smbus: Add interrupt handling
  i2c: pm_smbus: Add block transfer capability
  i2c: pm_smbus: Make the I2C block read command read-only
  i2c: pm_smbus: Fix the semantics of block I2C transfers
  i2c: pm_smbus: Clean up some style issues
  pc-dimm: assign and verify the "addr" property during pre_plug
  pc: drop memory region alignment check for 0
  util/oslib-win32: indicate alignment for qemu_anon_ram_alloc()
  pc-dimm: assign and verify the "slot" property during pre_plug
  ipmi: Use proper struct reference for BT vmstate
  vhost-scsi: expose 't10_pi' property for VIRTIO_SCSI_F_T10_PI
  vhost-scsi: unify vhost-scsi get_features implementations
  vhost-user-scsi: move host_features into VHostSCSICommon
  cpus: allow cpu_get_ticks out of BQL
  cpus: protect TimerState writes with a spinlock
  seqlock: add QemuLockable support
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-23 19:03:54 +01:00
Corey Minyard
45726b6e2c i2c: pm_smbus: Add the ability to force block transfer enable
The PIIX4 hardware has block transfer buffer always enabled in
the hardware, but the i801 does not.  Add a parameter to pm_smbus_init
to force on the block transfer so the PIIX4 handler can enable this
by default, as it was disabled by default before.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-9-git-send-email-minyard@acm.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Corey Minyard
e724385a70 i2c: pm_smbus: Add interrupt handling
Add the necessary code so that interrupts actually work from
the pm_smbus device.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-7-git-send-email-minyard@acm.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Corey Minyard
38ad4fae43 i2c: pm_smbus: Add block transfer capability
There was no block transfer code in pm_smbus.c, and it is needed
for some devices.  So add it.

This adds both byte-by-byte block transfers and buffered block
transfers.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-5-git-send-email-minyard@acm.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Corey Minyard
4b615be540 i2c: pm_smbus: Fix the semantics of block I2C transfers
The I2C block transfer commands was not implemented correctly, it
read a length byte and such like it was an smbus transfer.

So fix the smbus_read_block() and smbus_write_block() functions
so they can properly handle I2C transfers, and normal SMBus
transfers (for upcoming changes).  Pass in a transfer size and
a bool to know whether to use the size byte (like SMBus) or use
the length given (like I2C).

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-3-git-send-email-minyard@acm.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
David Hildenbrand
b0e624435b pc-dimm: assign and verify the "addr" property during pre_plug
We can assign and verify the address before realizing and trying to plug.
reading/writing the address property should never fail for DIMMs, so let's
reduce error handling a bit by using &error_abort. Getting access to the
memory region now might however fail. So forward errors from
get_memory_region() properly.

As all memory devices should use the alignment of the underlying memory
region for guest physical address asignment, do detection of the
alignment in pc_dimm_pre_plug(), but allow pc.c to overwrite the
alignment for compatibility handling.

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180801133444.11269-5-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
David Hildenbrand
8f1ffe5be8 pc-dimm: assign and verify the "slot" property during pre_plug
We can assign and verify the slot before realizing and trying to plug.
reading/writing the slot property should never fail, so let's reduce
error handling a bit by using &error_abort.

To do this during pre_plug, add and use (x86, ppc) pc_dimm_pre_plug().

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180801133444.11269-2-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Greg Edwards
eb5757fcbe vhost-user-scsi: move host_features into VHostSCSICommon
In preparation for having vhost-scsi also make use of host_features,
move it from struct VHostUserSCSI into struct VHostSCSICommon.

Signed-off-by: Greg Edwards <gedwards@ddn.com>
Message-Id: <20180808195235.5843-2-gedwards@ddn.com>
Reviewed-by: Felipe Franciosi <felipe@nutanix.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Paolo Bonzini
988fcafc73 seqlock: add QemuLockable support
A shortcut when the seqlock write is protected by a spinlock or any mutex
other than the BQL.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
068a5ea02f qom: convert the CPU list to RCU
Iterating over the list without using atomics is undefined behaviour,
since the list can be modified concurrently by other threads (e.g.
every time a new thread is created in user-mode).

Fix it by implementing the CPU list as an RCU QTAILQ. This requires
a little bit of extra work to traverse list in reverse order (see
previous patch), but other than that the conversion is trivial.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180819091335.22863-12-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
945d9c7530 rcu_queue: add RCU QTAILQ
Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180819091335.22863-5-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
13d8ef7dda rcu_queue: add RCU QSIMPLEQ
Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180819091335.22863-4-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
735d1af662 rcu_queue: remove barrier from QLIST_EMPTY_RCU
It's unnecessary because the pointer isn't dereferenced.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180819091335.22863-3-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
c177e0bf06 rcu_queue: use atomic_set in QLIST_REMOVE_RCU
To avoid undefined behaviour.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180819091335.22863-2-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Marc-André Lureau
5be5df720e fw_cfg: import & use linux/qemu_fw_cfg.h
Use kernel common header for fw_cfg.

(unfortunately, optionrom.h must have its own define, since it's
actually an assembler header)

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180817155910.5722-2-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
cb764d0665 qsp: track BQL callers explicitly
The BQL is acquired via qemu_mutex_lock_iothread(), which makes
the profiler assign the associated wait time (i.e. most of
BQL wait time) entirely to that function. This loses the original
call site information, which does not help diagnose BQL contention.
Fix it by tracking the callers explicitly.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
d557de4a0e qsp: support call site coalescing
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
996e8d9a45 qsp: add qsp_reset
I first implemented this by deleting all entries in the global
hash table. But doing that safely slows down profiling, since
we'd need to introduce rcu_read_lock/unlock in the fast path.

What's implemented here avoids messing with the thread-local
data in the global hash table. It achieves this by taking a snapshot
of the current state, so that subsequent reports present the delta
wrt to the snapshot.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
0a22777c71 qsp: add sort_by option to qsp_report
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
fe9959a275 qsp: QEMU's Synchronization Profiler
The goal of this module is to profile synchronization primitives (i.e.
mutexes, recursive mutexes and condition variables) so that scalability
issues can be quickly diagnosed.

Sync primitives are profiled by QSP based on the vaddr of the object accessed
as well as the call site (file:line_nr). That means the same object called
from two different call sites will be tracked in separate entries, which
might be reported together or separately (see subsequent commit on
call site coalescing).

Some perf numbers:

Host: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Command: taskset -c 0 tests/atomic_add-bench -d 5 -m

- Before: 54.80 Mops/s
- After:  54.75 Mops/s

That is, a negligible slowdown due to the now indirect call to
qemu_mutex_lock. Note that using a branch instead of an indirect
call introduces a more severe slowdown (53.65 Mops/s, i.e. 2% slowdown).

Enabling the profiler (with -p, added in this series) is more interesting:

- No profiling: 54.75 Mops/s
- W/ profiling: 12.53 Mops/s

That is, a 4.36X slowdown.

We can break down this slowdown by removing the get_clock calls or
the entry lookup:

- No profiling:     54.75 Mops/s
- W/o get_clock:    25.37 Mops/s
- W/o entry lookup: 19.30 Mops/s
- W/ profiling:     12.53 Mops/s

Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Emilio G. Cota
c04649eeea seqlock: constify seqlock_read_begin
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 18:46:25 +02:00
Julia Suvorova
7351681ec2 chardev/char-fe: Fix typos
Fixup some typos in the comments.

Signed-off-by: Julia Suvorova <jusual@mail.ru>
Message-Id: <20180813093402.10852-1-jusual@mail.ru>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-08-23 13:32:50 +02:00
Xiao Guangrong
ae526e32bd migration: hold the lock only if it is really needed
Try to hold src_page_req_mutex only if the queue is not
empty

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Xiao Guangrong <xiaoguangrong@tencent.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2018-08-22 12:36:18 +02:00
Juan Quintela
c0b5be5247 check: Only test pvpanic when it is compiled in
It was not possible to compile out pvpanic.  Use the same trick
than applesmc.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2018-08-21 19:52:16 +02:00
Peter Maydell
ee135aa042 ppc patch queue 2018-08-21
Here's my first ppc & spapr pull request for qemu-3.1.  This contains
 a bunch of things that have accumulated while 3.0 was in freeze.
 Highlights are:
     * SLOF firmware update
     * A number of floating point cleanups from Richard Henderson and
       Yasmin Beatriz
     * A new model for assigning irq numbers on spapr, this is an
       important preliminary step towards implementing the POWER9
       "XIVE" interrupt controller
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlt7lewACgkQbDjKyiDZ
 s5K+TA//QIMtlm59lR1G68Bwj656WEMgi/f+HN3FL419XtOZ/UkgprPmvBzWvoVP
 r7EgyktRw9qSyCsOe5OOST12rkP8s4RwyjxOPak8opRBEgXRFYk9q8micCCOv/94
 X7dtxh7sqDYvWVC4Gky1SvmNbrPtaFqSWAp7ZC/+OYnN5jOg9g+nQloPTko++GKp
 hNEKoS5I/5Q/OvtkaxGy6+G5oShi3in9gpC/nE5vtfJOnZ/ukIJcW5Niate6INpF
 WoKg5LPEF3/f0GGCDxumpoOQ7odVcBIFrtbeoeEDIK91f0l3H7+n75b8xgWE1Y51
 WelLNgdD2n0Z1pxhKwxUljIg5CnJamVSBhd6zELXDc5cx8CcOBLuNBSqtpriyRPn
 0Or3E4xfq3EbD+fNVcqHNVBC8M5mN18iplx+sOjmNTbBtwAiB/IGpVVfJkhc83Ed
 85Rlu4FxDdwBdeeE21PwdLhkRrRrtYpgobiWU2Mw0l20YYflhnQ20XS80AVQiVBa
 H/NflZbkEM93rqt/sKwenlx0bAUKt1HjZpE3mDuhSkLMRL4Sdg4hsulFEMT7QpPW
 QSZs+AntJpC6znRmZfE0Cavq1GNk5j4j9O5MBSKD8fbSNv7UR6Muu4SABIhjEZ0m
 7wG7qfqfLVEO/cnFph4nKgSAPnCE8mNiIyE0VowpkjhUWFSDTGE=
 =viH7
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.1-20180821' into staging

ppc patch queue 2018-08-21

Here's my first ppc & spapr pull request for qemu-3.1.  This contains
a bunch of things that have accumulated while 3.0 was in freeze.
Highlights are:
    * SLOF firmware update
    * A number of floating point cleanups from Richard Henderson and
      Yasmin Beatriz
    * A new model for assigning irq numbers on spapr, this is an
      important preliminary step towards implementing the POWER9
      "XIVE" interrupt controller

# gpg: Signature made Tue 21 Aug 2018 05:32:44 BST
# gpg:                using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-3.1-20180821: (26 commits)
  ppc: add DBCR based debugging
  spapr_pci: factorize the use of SPAPR_MACHINE_GET_CLASS()
  mac_newworld: don't use legacy fw_cfg_init_mem() function
  mac_oldworld: don't use legacy fw_cfg_init_mem() function
  40p: don't use legacy fw_cfg_init_mem() function
  qemu-doc: mark ppc/prep machine as deprecated
  hw/ppc: deprecate the machine type 'prep', replaced by '40p'
  spapr: introduce a IRQ controller backend to the machine
  hw/ppc/ppc405_uc: Convert away from old_mmio
  hw/ppc/ppc_boards: Don't use old_mmio for ref405ep_fpga
  hw/ppc/prep: Remove ifdeffed-out stub of XCSR code
  spapr: introduce a fixed IRQ number space
  spapr: Add a pseries-3.1 machine type
  target/ppc: simplify bcdadd/sub functions
  xics: don't include "target/ppc/cpu-qom.h" in "hw/ppc/xics.h"
  vfio/spapr: Allow backing bigger guest IOMMU pages with smaller physical pages
  target/ppc: bcdsub fix sign when result is zero
  target/ppc: Use non-arithmetic conversions for fp load/store
  target/ppc: Honor fpscr_ze semantics and tidy fre, fresqrt
  target/ppc: Tidy helper_fsqrt
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-21 13:27:11 +01:00
Peter Maydell
659b11e7a7 linux-user fixes:
- netlink fixes (add missing types, fix MSG_TRUNC)
 - sh4 fix (tcg state)
 - sparc32plus fix (truncate address space to 32bit)
 - add x86_64 binfmt data
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbeyOIAAoJEPMMOL0/L74843oQAJCbDedfagKvmhMBFxWqFsp6
 En7UuUjh6MtOgb++5W47RY4LoVi12IGys5qvXLM3+Gar1l5oFgQaG58jnsUgl4uO
 o+QnsM+KqsTnYlrlQOviY8US+9eNoMP/dp/sAwF0NbpQpKUTiiWv/QQ6B8YC/x5O
 yv016xn+9ul7HrS7H57ah4lrm5YJcFh54pnKMzW6f40ekPiXIrbKicgXKUbR9Fg4
 c1Kxqwo+rxGS4tZ6aB+RFvu5dQ8NMxX4DhQUYXL1H8JSMR+fxPY3nzYTNqyFUwu9
 Qb8wkf/sP4hPz3QIay/ha1ThmAJQJqJfrWDD9Kx5JrMF1YLFSR9dfx2lmjlgHjbr
 TsAkpKHSsM0azqnFlJ5khmEjC7aJSxmsd9PQwH0VOnmuszAej9a13E9A1kwdA54N
 JAzRBjuxO5Y2W7MXiqlfNI+XNBLa7BnXIRR1pa8icSHCyFfXxhQSsa80YF0JZ6JE
 j7ACiXkxmcMdJUjxRLL24rCERnanSwIHPjsxdVkJHaMaO+L0eiMH2ZcboQbTcnlK
 L6Pl0sD4kBBGlyN5V0MVLSMMWfm9OXyTSz8bAGUt7MV574oq6vyub37I44l6FXKK
 RPUMaSuFBOD3kaA2HP+bmRumrCHZ/eGhsmkFcquPxML/F+tXDAT6WCd2FuBGmA5c
 UkCSNXY6zdESgnc76G1u
 =wHSV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-3.1-pull-request' into staging

linux-user fixes:
- netlink fixes (add missing types, fix MSG_TRUNC)
- sh4 fix (tcg state)
- sparc32plus fix (truncate address space to 32bit)
- add x86_64 binfmt data

# gpg: Signature made Mon 20 Aug 2018 21:24:40 BST
# gpg:                using RSA key F30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-3.1-pull-request:
  linux-user: add QEMU_IFLA_INFO_KIND nested type for tun
  linux-user: update netlink route types
  linux-user: introduce QEMU_RTA_* to use with rtattr_type_t
  linux-user: fix recvmsg()/recvfrom() with netlink and MSG_TRUNC
  sh4: fix use_icount with linux-user
  linux-user: fix 32bit g2h()/h2g()
  qemu-binfmt-conf.sh: add x86_64 target

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-21 11:36:15 +01:00
Peter Maydell
55f4e79d79 pc: fixes
This includes nvdimm persistence fixes queued before the release.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbepoTAAoJECgfDbjSjVRpLioH/3BPps8FLh4x2gZSq3B+u72O
 RYUA3I3TilEGyc9yf8o7e1Hf+pQAJBEmulcnKxXFVWZIJ1GVLPt4NZCMQGiPDnJL
 +RCT/Q64PUy09hRjddAasikrvXa4YOsRgBgJJToO7v9PSQSaU3fC7O3hNea7KcF/
 C4SSqkUgxyDhCCYHHblpKxFz/wtwy4ZaCGSdozIdmKNPJ6/ye8wOQ1Mq9e1Mwp18
 S6ilJub5IwB6aM2KVMmX4AFomF4u2cn153ts8fI+Dyo4/NE6P4+viDlz3BOBKdzm
 kmd49h6/n4Lenoo4oI1yNHSuIJJTVfvnoLu6rG7mPbQKgxNd1uN4KuUIygU5PCY=
 =Xcaj
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pc: fixes

This includes nvdimm persistence fixes queued before the release.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Mon 20 Aug 2018 11:38:11 BST
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  migration/ram: ensure write persistence on loading all data to PMEM.
  migration/ram: Add check and info message to nvdimm post copy.
  mem/nvdimm: ensure write persistence to PMEM in label emulation
  hostmem-file: add the 'pmem' option
  configure: add libpmem support
  memory, exec: switch file ram allocation functions to 'flags' parameters
  memory, exec: Expose all memory block related flags.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-21 10:23:53 +01:00
Cédric Le Goater
ef01ed9d19 spapr: introduce a IRQ controller backend to the machine
This proposal moves all the related IRQ routines of the sPAPR machine
behind a sPAPR IRQ backend interface 'spapr_irq' to prepare for future
changes. First of which will be to increase the size of the IRQ number
space, then, will follow a new backend for the POWER9 XIVE IRQ controller.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-21 14:28:45 +10:00
Cédric Le Goater
82cffa2eb2 spapr: introduce a fixed IRQ number space
This proposal introduces a new IRQ number space layout using static
numbers for all devices, depending on a device index, and a bitmap
allocator for the MSI IRQ numbers which are negotiated by the guest at
runtime.

As the VIO device model does not have a device index but a "reg"
property, we introduce a formula to compute an IRQ number from a "reg"
value. It should minimize most of the collisions.

The previous layout is kept in pre-3.1 machines raising the
'legacy_irq_allocation' machine class flag.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-21 14:28:45 +10:00
Greg Kurz
71c55a1eef xics: don't include "target/ppc/cpu-qom.h" in "hw/ppc/xics.h"
The last user of the PowerPCCPU typedef in "hw/ppc/xics.h" vanished with
commit b1fd36c363. It isn't necessary to
include "target/ppc/cpu-qom.h" there anymore.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-21 14:28:45 +10:00
Alexey Kardashevskiy
c26bc185b7 vfio/spapr: Allow backing bigger guest IOMMU pages with smaller physical pages
At the moment the PPC64/pseries guest only supports 4K/64K/16M IOMMU
pages and POWER8 CPU supports the exact same set of page size so
so far things worked fine.

However POWER9 supports different set of sizes - 4K/64K/2M/1G and
the last two - 2M and 1G - are not even allowed in the paravirt interface
(RTAS DDW) so we always end up using 64K IOMMU pages, although we could
back guest's 16MB IOMMU pages with 2MB pages on the host.

This stores the supported host IOMMU page sizes in VFIOContainer and uses
this later when creating a new DMA window. This uses the system page size
(64k normally, 2M/16M/1G if hugepages used) as the upper limit of
the IOMMU pagesize.

This changes the type of @pagesize to uint64_t as this is what
memory_region_iommu_get_min_page_size() returns and clz64() takes.

There should be no behavioral changes on platforms other than pseries.
The guest will keep using the IOMMU page size selected by the PHB pagesize
property as this only changes the underlying hardware TCE table
granularity.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-08-21 14:28:45 +10:00
Peter Maydell
d0092d90eb First round of s390x patches for 3.1:
- add compat machine for 3.1
 - remove deprecated 's390-squash-mcss' option
 - cpu models: add "max" cpu model, enhance feature group code
 - kvm: add support for etoken facility and huge page backing
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAlt6uGoSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vFPkP/jD95oIG63Zqgr8QKOxucl2jjTr1lPlt
 F6VXJlAz/GEX8oaViFi8k7+/8c6hrLuGorEhZ/OqQdlqNa1wqA5zDw3bKzfyiXIV
 75rHkbDB4eLPfaj6oziwOf7Eb1k25552Xd/LnU09zj7TlLF+U3ud4LeKwF7KapOt
 1e2/WkyXXSZ8Qdwi54mx4wZGjGNqABjBW/IURhfXUNt6II1dSnDat9bpd30Mquri
 fFobgmOfaJBrS5Yzw4lGvcWwE50FmJndc0T1HKd4ccaOteg+8e2Fls8RotFibbWy
 Yz6FrtVD5Rqmk7nHnkiCgVGvFNADSmY0Yf2XcaGV0DA/LU3FYvbEKEtZgOzOEjFW
 dBhx0s8h0MqPB+Jvyl9jSwOgfdSM+kGT45kNHegVTjAr+rl0/oUOdnwrxc2X2ykn
 ajCd/obXEzZzrp73dS+tsqA+gasN8dNEZy1NNa0CI5zvXlocPrL/ts2S3C1CWuE5
 qa8MT37UNBdc6nydlOiJ4pt5Zf/OgECORogMsaB/y4N1387/RA1rhHciaqJs93Pq
 lLHMttAs4Gr1ACyQqcJ3t5bj+Pa1C30m4QZkevjhJpJXoMMOAGuUCYSNmD3UhvLf
 ViUy+2ep3EE3aU33NmuK7sM4lC2v6xKzxr5p2piuIf4sTginuvvGL9r4FeOVQ5jf
 JX50fXST7vlf
 =71Z2
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20180820' into staging

First round of s390x patches for 3.1:
- add compat machine for 3.1
- remove deprecated 's390-squash-mcss' option
- cpu models: add "max" cpu model, enhance feature group code
- kvm: add support for etoken facility and huge page backing

# gpg: Signature made Mon 20 Aug 2018 13:47:38 BST
# gpg:                using RSA key DECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>"
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20180820:
  s390x: Enable KVM huge page backing support
  s390x/kvm: add etoken facility
  linux-headers: update
  s390x/cpumodel: Add "-cpu max" support
  s390x: remove 's390-squash-mcss' option
  s390x/cpumodel: enum type S390FeatGroup now gets generated
  s390x: introduce 3.1 compat machine

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-20 17:41:18 +01:00
Cornelia Huck
d36f7de829 linux-headers: update
Update to Linux upstream commit 2ad0d5269970
("Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net")

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-08-20 14:18:49 +02:00
Cornelia Huck
36699ab480 s390x: remove 's390-squash-mcss' option
This option has been deprecated for two releases; remove it.

Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Acked-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-08-20 14:18:49 +02:00
Cornelia Huck
9ca056d68f s390x: introduce 3.1 compat machine
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-08-20 14:18:49 +02:00
Peter Maydell
112a829f8f hw/dma/pl080: Don't use CPU address space for DMA accesses
Currently our PL080/PL081 model uses a combination of the CPU's
address space (via cpu_physical_memory_{read,write}()) and the
system address space for performing DMA accesses.

For the PL081s in the MPS FPGA images, their DMA accesses
must go via Master Security Controllers. Switch the
PL080/PL081 model to take a MemoryRegion property which
defines its downstream for making DMA accesses.

Since the PL08x are only used in two board models, we
make provision of the 'downstream' link mandatory and convert
both users at once, rather than having it be optional with
a default to the system address space.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2018-08-20 11:24:33 +01:00
Peter Maydell
6d0ed6ba6c hw/dma/pl080: Support all three interrupt lines
The PL080 and PL081 have three outgoing interrupt lines:
 * DMACINTERR signals DMA errors
 * DMACINTTC is the DMA count interrupt
 * DMACINTR is a combined interrupt, the logical OR of the other two

We currently only implement DMACINTR, because that's all the
realview and versatile boards needed, but the instances of the
PL081 in the MPS2 firmware images use all three interrupt lines.
Implement the missing DMACINTERR and DMACINTTC.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2018-08-20 11:24:33 +01:00
Peter Maydell
aa74e355f1 hw/dma/pl080: Allow use as embedded-struct device
Create a new include file for the pl081's device struct,
type macros, etc, so that it can be instantiated using
the "embedded struct" coding style.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2018-08-20 11:24:33 +01:00
Peter Maydell
050c2ea07b hw/watchdog/cmsdk_apb_watchdog: Implement CMSDK APB watchdog module
The Arm Cortex-M System Design Kit includes a simple watchdog module
based on a 32-bit down-counter. Implement this.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-20 11:24:33 +01:00
Peter Maydell
3eff40dbf4 hw/misc: Remove mmio_interface device
The mmio_interface device was a purely internal artifact
of the implementation of the memory subsystem's request_ptr
APIs. Now that we have removed those APIs, we can remove
the mmio_interface device too.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-id: 20180817114619.22354-4-peter.maydell@linaro.org
2018-08-20 11:24:32 +01:00
Peter Maydell
8c1c245378 memory: Remove MMIO request_ptr APIs
Remove the obsolete MMIO request_ptr APIs; they have no
users now.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-id: 20180817114619.22354-3-peter.maydell@linaro.org
2018-08-20 11:24:32 +01:00
Hans-Erik Floryd
3c54cf7705 imx_serial: Generate interrupt on receive data ready if enabled
Generate an interrupt if USR2_RDR and UCR4_DREN are both set.

Signed-off-by: Hans-Erik Floryd <hans-erik.floryd@rt-labs.com>
Message-id: 1534341354-11956-1-git-send-email-hans-erik.floryd@rt-labs.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-20 11:24:31 +01:00
Peter Maydell
adaec191bf Machine queue, 2018-08-17
* Allow machine classes to specify if boot device suffixes should
   be ignored by get_boot_devices_list()
 * Tiny coding style fixup
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbdxQCAAoJECgHk2+YTcWm6CkQAL78ScW5oGGe4DfDAoyTdru2
 1ozDTQno4VY51ruAheIQgjpkLSjRHsE0LEw6Tpm8qA8h+3gta8vOACb+E5n9Aeew
 ZJ+FrFkvQvbIm8otlypnu7eR4xPojZdnheVmPv/VblMbl4bkYoeteyT/8OEmd1bl
 QOsvf31TTd76e/fwNQFh8o1SF18fBUp/5RpaEEaW5MC+zXHwz6Tt4rZGy9Wc5zGD
 91qzGBC2LYhggDbw5katH5N2407siJquMkoGG8Vm4ThPN92LV6zpkB+NcPuAOgXy
 TypyPXpNvp+Ab757l0BYC0ic235B0EgXf7hO4aDBd1LCdDYJNr5TRarXAymnl2DA
 Vrn22GfniBHGLcitNz7Zhb8/XrTJYZ0vM03i6dsRdHnyy+ebeAvWHBUlP/oKfK6s
 0fLrXKtPj7pwL1a5+J20aG5HlPI7kGhqG3sq9iix3RfZj5aBzZH5CoLtwE7c8fV8
 6U/rOCJpnCr1WwlzLgXaqwFPPhrpLlsnE+A5f3hFEE74pLHhMMYvlJl7nMi+BBV9
 UTQf6Hn+X1BH/bbdX7cK/GGYMelsB4/RzaY9sA1jgNIefa9svvwK+X2odp2IWMZt
 ZoMLCWFEJIx8iOVlkvwzJqxwxNZQ5c9MiWAfPP2xphTJfV9wSCPxfKuG/IKkZNRB
 +bxZxBxgBTxH/BEmn+hf
 =CBMg
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/machine-next-pull-request' into staging

Machine queue, 2018-08-17

* Allow machine classes to specify if boot device suffixes should
  be ignored by get_boot_devices_list()
* Tiny coding style fixup

# gpg: Signature made Fri 17 Aug 2018 19:29:22 BST
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/machine-next-pull-request:
  fw_cfg: ignore suffixes in the bootdevice list dependent on machine class
  sysbus: always allow explicit_ofw_unit_address() to override address generation
  machine: Fix coding style at machine_run_board_init()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-20 09:48:03 +01:00
Alex Williamson
238e917285 vfio/ccw/pci: Allow devices to opt-in for ballooning
If a vfio assigned device makes use of a physical IOMMU, then memory
ballooning is necessarily inhibited due to the page pinning, lack of
page level granularity at the IOMMU, and sufficient notifiers to both
remove the page on balloon inflation and add it back on deflation.
However, not all devices are backed by a physical IOMMU.  In the case
of mediated devices, if a vendor driver is well synchronized with the
guest driver, such that only pages actively used by the guest driver
are pinned by the host mdev vendor driver, then there should be no
overlap between pages available for the balloon driver and pages
actively in use by the device.  Under these conditions, ballooning
should be safe.

vfio-ccw devices are always mediated devices and always operate under
the constraints above.  Therefore we can consider all vfio-ccw devices
as balloon compatible.

The situation is far from straightforward with vfio-pci.  These
devices can be physical devices with physical IOMMU backing or
mediated devices where it is unknown whether a physical IOMMU is in
use or whether the vendor driver is well synchronized to the working
set of the guest driver.  The safest approach is therefore to assume
all vfio-pci devices are incompatible with ballooning, but allow user
opt-in should they have further insight into mediated devices.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-08-17 09:27:16 -06:00
Laurent Vivier
3e23de1523 linux-user: fix 32bit g2h()/h2g()
sparc32plus has 64bit long type but only 32bit virtual address space.

For instance, "apt-get upgrade" failed because of a mmap()/msync()
sequence.

mmap() returned 0xff252000 but msync() used g2h(0xffffffffff252000)
to find the host address. The "(target_ulong)" in g2h() doesn't fix the
address because it is 64bit long.

This patch introduces an "abi_ptr" that is set to uint32_t
if the virtual address space is addressed using 32bit in the linux-user
case. It stays set to target_ulong with softmmu case.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20180814171217.14680-1-laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[lv: added "%" in TARGET_ABI_FMT_ptr "%"PRIx64]
2018-08-17 13:56:33 +02:00
Mark Cave-Ayland
907aac2f6a fw_cfg: ignore suffixes in the bootdevice list dependent on machine class
For the older machines (such as Mac and SPARC) the DT nodes representing
bootdevices for disk nodes are irregular for mainly historical reasons.

Since the majority of bootdevice nodes for these machines either do not have a
separate disk node or require different (custom) names then it is much easier
for processing to just disable all suffixes for a particular machine.

Introduce a new ignore_boot_device_suffixes MachineClass property to control
bootdevice suffix generation, defaulting to false in order to preserve
compatibility.

Suggested-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20180810124027.10698-1-mark.cave-ayland@ilande.co.uk>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-08-16 22:27:43 -03:00
Peter Maydell
b8f7ff1e10 MIPS queue Aug 16, 2018
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJbdbIoAAoJENSXKoln91pl9KwIAJQ0CB4V/eRlvPOj828qLJyt
 FxCETpCKBD1mSRX80E2HdYdaj8KfhhKrd9R2Wrk2VsiTQhLA0+hYsLxuT8VfPjsX
 8WSN7egxzzA8Hzm1+wbwFCDNL13xjuhHWPk9YA1RYS6eQJot/Y27KYfvt/OPTrBO
 jGaTmvXOE9q3qXZczP2TwipYkehg1+Ss5ZJl7dUmHc3Iek5t/H+kumkhBPoJqwAQ
 wcwQuPm2KRGLuq9aB2IVbtfJA5Rme1GMFDWZicitJX2uK+Mx76fgi9IorrW6XAyM
 6LM8DjvrivxW+UgZ+3QdJKkQCbyIrXqDAp1MRd3CWMlB576WWKm6RUTZclSo9gI=
 =m1CJ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-aug-2018' into staging

MIPS queue Aug 16, 2018

# gpg: Signature made Thu 16 Aug 2018 18:19:36 BST
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic/tags/mips-queue-aug-2018:
  qemu-doc: Amend MIPS-related items
  linux-user: Add preprocessor availability control to some syscalls
  linux-user: Update MIPS syscall numbers up to kernel 4.18 headers
  elf: Add ELF flags for MIPS machine variants
  elf: Remove duplicate preprocessor constant definition
  target/mips: Check ELPA flag only in some cases of MFHC0 and MTHC0
  target/mips: Don't update BadVAddr register in Debug Mode
  target/mips: Implement CP0 Config1.WR bit functionality
  target/mips: Add CP0 BadInstrX register
  target/mips: Update some CP0 registers bit definitions
  target/mips: Fix two instances of shadow variables
  target/mips: Mark switch fallthroughs with interpretable comments
  target/mips: Avoid case statements formulated by ranges - part 2
  target/mips: Avoid case statements formulated by ranges - part 1
  MAINTAINERS: Update target/mips maintainer's email addresses

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 19:02:21 +01:00
Aleksandar Markovic
c20eafa197 elf: Add ELF flags for MIPS machine variants
Add MIPS machine variants ELF flags so that the emulation behavior
can be adjusted if needed.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Stefan Markovic <smarkovic@wavecomp.com>
2018-08-16 19:18:45 +02:00
Aleksandar Markovic
c19fd07ee5 elf: Remove duplicate preprocessor constant definition
Remove duplicate preprocessor constant definition for EF_MIPS_ARCH.

The duplicate was introduced in commit 45506bdd. It placed the
constant EF_MIPS_ARCH in a better place, however it did not remove
the original. This patch removes the original occurrence.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-08-16 19:18:45 +02:00
Cédric Le Goater
ebe31c0a8e aspeed: add a max_ram_size property to the memory controller
This will be used to construct a memory region beyond the RAM region
to let firmwares scan the address space with load/store to guess how
much RAM the SoC has.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Joel Stanley <joel@jms.id.au>
Tested-by: Cédric Le Goater <clg@kaod.org>
Message-id: 20180807075757.7242-7-joel@jms.id.au
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 14:29:58 +01:00
Joel Stanley
d131bc28a6 aspeed_sdmc: Fix saved values
This fixes the intended protection of read-only values in the
configuration register. They were being always set to zero by mistake.

The read-only fields depend on the configured memory size of the system,
so they cannot be fixed at compile time. The most straight forward
option was to store them in the state structure.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Message-id: 20180807075757.7242-3-joel@jms.id.au
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 14:29:58 +01:00
Joel Stanley
a40085d2ee aspeed_sdmc: Extend number of valid registers
The SDMC on the ast2500 has 170 registers.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Message-id: 20180807075757.7242-2-joel@jms.id.au
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 14:29:58 +01:00
Su Hang
e4a25ed919 loader: Implement .hex file loader
This patch adds Intel Hexadecimal Object File format support to the
generic loader device.  The file format specification is available here:
http://www.piclist.com/techref/fileext/hex/intel.htm

This file format is often used with microcontrollers such as the
micro:bit, Arduino, STM32, etc.  Users expect to be able to run .hex
files directly with without first converting them to ELF.  Most
micro:bit code is developed in web-based IDEs without direct user access
to binutils so it is important for QEMU to handle this file format
natively.

Signed-off-by: Su Hang <suhang16@mails.ucas.ac.cn>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20180814162739.11814-6-stefanha@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 14:05:28 +01:00
Stefan Hajnoczi
e2336043cc loader: add rom transaction API
Image file loaders may add a series of roms.  If an error occurs partway
through loading there is no easy way to drop previously added roms.

This patch adds a transaction mechanism that works like this:

  rom_transaction_begin();
  ...call rom_add_*()...
  rom_transaction_end(ok);

If ok is false then roms added in this transaction are dropped.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20180814162739.11814-5-stefanha@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 14:05:28 +01:00
Stefan Hajnoczi
a1c5a06224 hw/arm: make bitbanded IO optional on ARMv7-M
Some ARM CPUs have bitbanded IO, a memory region that allows convenient
bit access via 32-bit memory loads/stores.  This eliminates the need for
read-modify-update instruction sequences.

This patch makes this optional feature an ARMv7MState qdev property,
allowing boards to choose whether they want bitbanding or not.

Status of boards:
 * iotkit (Cortex M33), no bitband
 * mps2 (Cortex M3), bitband
 * msf2 (Cortex M3), bitband
 * stellaris (Cortex M3), bitband
 * stm32f205 (Cortex M3), bitband

As a side-effect of this patch, Peter Maydell noted that the Ethernet
controller on mps2 board is now accessible.  Previously they were hidden
by the bitband region (which does not exist on the real board).

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180814162739.11814-2-stefanha@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 14:05:28 +01:00
Jean-Christophe Dubois
31cbf933f0 i.MX6UL: Add i.MX6UL SOC
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 3853ec555d68e7e25d726170833b775796151a07.1532984236.git.jcd@tribudubois.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 14:05:28 +01:00
Jean-Christophe Dubois
781182e10f i.MX6UL: Add i.MX6UL specific CCM device
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 34b6704ceb81b49e35ce1ad162bf758e5141ff87.1532984236.git.jcd@tribudubois.net
[PMM: fixed some comment typos etc]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 14:05:28 +01:00
Peter Maydell
c542a9f979 Testing patches for 2018-08-16
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbdTcjAAoJEDhwtADrkYZTZEYP/ivp0ozEfMeGgc6PFItv3zmx
 QVD+NYJ8bnv/iEoWl/pnQ0/HY3YLHz4G1DTK0dSlJAvAiChpPiR7YCeJRXeTyLHL
 9KCFQV5SV9llstVi0f4ebEK21mUkYWoqtlzxxyqXh0q2N/QLtaVQ85ysE6ufwhNH
 jlunmJLGRRwPR95F4a05uVHNOym1ig9eo5CtQ1Fa8viV9BgWTbpSp1t4feB1OLnt
 Ml9cbFubb1cA7CuhdNHazNOnRZtEW5A9eOo6rX4d5JcH/zgFWdPpKCRn/X/NdvSE
 aRKqk7ll0gxYlacqVpkea23pVKVl7e1oUqkziaL8rq/BYE0SePkRv+SnmsifD8uT
 kWl+eHLyaW1g43omc0uttyAuTkFnvAa+l9TqIrdEYcPJJNaCsZVgJpDvj9+Oxril
 fk3OIHAnzSWwp/AmFLCSOYdaoVuZhppp6rqnu26B0w9Rxkbqe1790LbjDJrLUB+2
 vN7+JmDhUfJk7/2pi+MGZrBtj3zcgbb3Qc5+NG8H1401bA/n8FNnPKgWdmAlmO7i
 pTafa1FXArJGWiBhzg2PUqmZq45MQiheQ1+SWgviIodQX5oHB3kEimcRPg4Wk18c
 fTKJDe7w8NFFNjuH6ou2LI4KzgQeewW+oCjxh2A7kwCqDmq5Eq8nBw/bYO1DgcDr
 bfCnicNJinjCHcgvvCVM
 =DuZ8
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-tests-2018-08-16' into staging

Testing patches for 2018-08-16

# gpg: Signature made Thu 16 Aug 2018 09:34:43 BST
# gpg:                using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-tests-2018-08-16: (25 commits)
  libqtest: Improve error reporting for bad read from QEMU
  tests/libqtest: Improve kill_qemu()
  libqtest: Rename qtest_FOOv() to qtest_vFOO() for consistency
  libqtest: Replace qtest_startf() by qtest_initf()
  libqtest: Enable compile-time format string checking
  migration-test: Clean up string interpolation into QMP, part 3
  migration-test: Clean up string interpolation into QMP, part 2
  migration-test: Clean up string interpolation into QMP, part 1
  migration-test: Make wait_command() cope with '%'
  tests: New helper qtest_qmp_receive_success()
  migration-test: Make wait_command() return the "return" member
  tests: Clean up string interpolation around qtest_qmp_device_add()
  cpu-plug-test: Don't pass integers as strings to device_add
  tests: Clean up string interpolation into QMP input (simple cases)
  tests: Pass literal format strings directly to qmp_FOO()
  qobject: qobject_from_jsonv() is dangerous, hide it away
  test-qobject-input-visitor: Avoid format string ambiguity
  libqtest: Simplify qmp_fd_vsend() a bit
  qobject: New qobject_from_vjsonf_nofail(), qdict_from_vjsonf_nofail()
  qobject: Replace qobject_from_jsonf() by qobject_from_jsonf_nofail()
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-16 09:50:54 +01:00
Markus Armbruster
2d36e84304 qobject: qobject_from_jsonv() is dangerous, hide it away
qobject_from_jsonv() takes ownership of %p arguments.  On failure, we
can't generally know whether we failed before or after %p, so
ownership becomes indeterminate.  To avoid leaks, callers passing %p
must terminate on error, e.g. by passing &error_abort.  Trap for the
unwary; document and give the function internal linkage.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180806065344.7103-11-armbru@redhat.com>
2018-08-16 08:42:06 +02:00
Markus Armbruster
4ff184689b qobject: New qobject_from_vjsonf_nofail(), qdict_from_vjsonf_nofail()
Every printf()-like function sooner or later needs its vprintf()-like
buddy.  The next commit will need qobject_from_jsonf_nofail()'s buddy,
and qdict_from_jsonf_nofail()'s buddy will be used later in this
series.  Add both.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180806065344.7103-8-armbru@redhat.com>
2018-08-16 08:42:06 +02:00
Markus Armbruster
6ce80fd803 qobject: Replace qobject_from_jsonf() by qobject_from_jsonf_nofail()
Commit ab45015a96 "qobject: Let qobject_from_jsonf() fail instead of
abort" fails to accomplish its stated aim: the function can still
abort due to its use of &error_abort.

Its rationale for letting it fail is that all remaining users cope
fine with failure.  Well, they're just fine with aborting, too; it's
what they do on failure.

Simply reverting the broken commit would bring back the unfortunate
asymmetry between qobject_from_jsonf() and qobject_from_jsonv(): one
aborts, the other returns null.  So also rename it to
qobject_from_jsonf_nofail().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180806065344.7103-7-armbru@redhat.com>
2018-08-16 08:42:06 +02:00
Peter Maydell
d3bd57d9f6 Block layer patches:
- Remove deprecated -drive options for geometry/serial/addr
 - luks: Allow shared writers if the parents allow them (share-rw=on)
 - qemu-img: Fix error when trying to convert to encrypted target image
 - mirror: Fail gracefully for source == target
 - I/O throttling: Fix behaviour during drain (always ignore the limits)
 - bdrv_reopen() related fixes for bs->options/explicit_options content
 - Documentation improvements
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbdApvAAoJEH8JsnLIjy/WJB8P/3JX843sJCKXG2GijuEvgblB
 QEJrMowaxWea7LSwc4DoU3Bduj/xri05w3dFvkKzrW+dk7wJB5hb8rfTcROVGP9X
 IByZW/Bqom41kvKCshbaGa7WsaOEu24/nW/pzn69iBpEQdZv5xrM1CAVHwlBgKtf
 Rc/angKQRE4Lm12Jb40R/r/Fnr1JTRDzb6rwk4w3zOeeKVPYxWT1F6Jk8XJC+R0W
 n6fGl6FRiv6kue7UkWrjpASOdKhsZSla0M8nyE/ABuHFXFIcwusPuWkm+qXMWlbH
 uXRTLfnzc3brzn4IYR1VVbHCZUBLpyfeuE5S5a8kHFTjLYnNzZH0Crdh7ofpYTnV
 AsyL1xnAI238XhExV37c7vnIn9UsYBRm8KrFmFYuGQ2PYFNTUrVRmKAUhh4m89jw
 vXhmQckhefyyLRwL/4OQqzbBuDhCewXyBFkj9kq9FonFLmWUo5VzpMUbTYw47QAB
 Y/hDYz854UCxoPU/tqevAcpKBgK3rFIXfHcsxqcnsQrqQwgEjhJnNzNwEl+VQWER
 nYxad9L91BDjYZiW0MKjqF9d6jKKFVO9HYFY62pYSM5lwkHCirs2j39kfEaWK46T
 6WZWSoLNB0uUt9WUn1uM3uo6UWlUWEyEoV9XsKQCzx/XRuLoxMhfTUkMAgMcjqaD
 hXcLbldpvtpXj8YAdn8/
 =aYYo
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Remove deprecated -drive options for geometry/serial/addr
- luks: Allow shared writers if the parents allow them (share-rw=on)
- qemu-img: Fix error when trying to convert to encrypted target image
- mirror: Fail gracefully for source == target
- I/O throttling: Fix behaviour during drain (always ignore the limits)
- bdrv_reopen() related fixes for bs->options/explicit_options content
- Documentation improvements

# gpg: Signature made Wed 15 Aug 2018 12:11:43 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (21 commits)
  qapi: block: Remove mentions of error types which were removed
  block: Simplify append_open_options()
  block: Update bs->options if bdrv_reopen() succeeds
  block: Simplify bdrv_reopen_abort()
  block: Remove children options from bs->{options,explicit_options}
  qdict: Make qdict_extract_subqdict() accept dst = NULL
  block: drop empty .bdrv_close handlers
  block: make .bdrv_close optional
  qemu-img: fix regression copying secrets during convert
  mirror: Fail gracefully for source == target
  qapi/block: Document restrictions for node names
  block: Remove dead deprecation warning code
  block: Remove deprecated -drive option serial
  block: Remove deprecated -drive option addr
  block: Remove deprecated -drive geometry options
  luks: Allow share-rw=on
  throttle-groups: Don't allow timers without throttled requests
  qemu-iotests: Update 093 to improve the draining test
  throttle-groups: Skip the round-robin if a member is being drained
  qemu-iotests: Test removing a throttle group member with a pending timer
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-15 22:11:08 +01:00
Kevin Wolf
572023f7b2 block: Remove deprecated -drive option serial
This reinstates commit b008326744,
which was temporarily reverted for the 3.0 release so that libvirt gets
some extra time to update their command lines.

The -drive option serial was deprecated in QEMU 2.10. It's time to
remove it.

Tests need to be updated to set the serial number with -global instead
of using the -drive option.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
2018-08-15 12:50:39 +02:00
Kevin Wolf
7f8fc97155 block: Remove deprecated -drive option addr
This reinstates commit eae3bd1eb7,
which was temporarily reverted for the 3.0 release so that libvirt gets
some extra time to update their command lines.

The -drive option addr was deprecated in QEMU 2.10. It's time to remove
it.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
2018-08-15 12:50:39 +02:00
Kevin Wolf
b24ec3c462 block: Remove deprecated -drive geometry options
This reinstates commit a7aff6dd10,
which was temporarily reverted for the 3.0 release so that libvirt gets
some extra time to update their command lines.

The -drive options cyls, heads, secs and trans were deprecated in
QEMU 2.10. It's time to remove them.

hd-geo-test tested both the old version with geometry options in -drive
and the new one with -device. Therefore the code using -drive doesn't
have to be replaced there, we just need to remove the -drive test cases.
This in turn allows some simplification of the code.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2018-08-15 12:50:39 +02:00
Luc Michel
55ef323358 arm/virt: Add support for GICv2 virtualization extensions
Add support for GICv2 virtualization extensions by mapping the necessary
I/O regions and connecting the maintenance IRQ lines.

Declare those additions in the device tree and in the ACPI tables.

Signed-off-by: Luc Michel <luc.michel@greensocs.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20180727095421.386-21-luc.michel@greensocs.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-14 17:17:21 +01:00
Luc Michel
75b749af0c xlnx-zynqmp: Improve GIC wiring and MMIO mapping
This commit improve the way the GIC is realized and connected in the
ZynqMP SoC. The security extensions are enabled only if requested in the
machine state. The same goes for the virtualization extensions.

All the GIC to APU CPU(s) IRQ lines are now connected, including FIQ,
vIRQ and vFIQ. The missing CPU to GIC timers IRQ connections are also
added (HYP and SEC timers).

The GIC maintenance IRQs are back-wired to the correct GIC PPIs.

Finally, the MMIO mappings are reworked to take into account the ZynqMP
specifics. The GIC (v)CPU interface is aliased 16 times:
  * for the first 0x1000 bytes from 0xf9010000 to 0xf901f000
  * for the second 0x1000 bytes from 0xf9020000 to 0xf902f000
Mappings of the virtual interface and virtual CPU interface are mapped
only when virtualization extensions are requested. The
XlnxZynqMPGICRegion struct has been enhanced to be able to catch all
this information.

Signed-off-by: Luc Michel <luc.michel@greensocs.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20180727095421.386-20-luc.michel@greensocs.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-14 17:17:21 +01:00
Luc Michel
5773c0494a intc/arm_gic: Add the virtualization extensions to the GIC state
Add the necessary parts of the virtualization extensions state to the
GIC state. We choose to increase the size of the CPU interfaces state to
add space for the vCPU interfaces (the GIC_NCPU_VCPU macro). This way,
we'll be able to reuse most of the CPU interface code for the vCPUs.

The only exception is the APR value, which is stored in h_apr in the
virtual interface state for vCPUs. This is due to some complications
with the GIC VMState, for which we don't want to break backward
compatibility. APRs being stored in 2D arrays, increasing the second
dimension would lead to some ugly VMState description. To avoid
that, we keep it in h_apr for vCPUs.

The vCPUs are numbered from GIC_NCPU to (GIC_NCPU * 2) - 1. The
`gic_is_vcpu` function help to determine if a given CPU id correspond to
a physical CPU or a virtual one.

For the in-kernel KVM VGIC, since the exposed VGIC does not implement
the virtualization extensions, we report an error if the corresponding
property is set to true.

Signed-off-by: Luc Michel <luc.michel@greensocs.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20180727095421.386-6-luc.michel@greensocs.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-14 17:17:20 +01:00
Luc Michel
b77473a0f7 vmstate.h: Provide VMSTATE_UINT16_SUB_ARRAY
Provide a VMSTATE_UINT16_SUB_ARRAY macro to save a uint16_t sub-array in
a VMState.

Signed-off-by: Luc Michel <luc.michel@greensocs.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180727095421.386-5-luc.michel@greensocs.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-14 17:17:20 +01:00
Peter Maydell
55a7cb144d accel/tcg: Check whether TLB entry is RAM consistently with how we set it up
We set up TLB entries in tlb_set_page_with_attrs(), where we have
some logic for determining whether the TLB entry is considered
to be RAM-backed, and thus has a valid addend field. When we
look at the TLB entry in get_page_addr_code(), we use different
logic for determining whether to treat the page as RAM-backed
and use the addend field. This is confusing, and in fact buggy,
because the code in tlb_set_page_with_attrs() correctly decides
that rom_device memory regions not in romd mode are not RAM-backed,
but the code in get_page_addr_code() thinks they are RAM-backed.
This typically results in "Bad ram pointer" assertion if the
guest tries to execute from such a memory region.

Fix this by making get_page_addr_code() just look at the
TLB_MMIO bit in the code_address field of the TLB, which
tlb_set_page_with_attrs() sets if and only if the addend
field is not valid for code execution.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180713150945.12348-1-peter.maydell@linaro.org
2018-08-14 17:17:19 +01:00
Peter Maydell
dbea78a4d6 accel/tcg: Pass read access type through to io_readx()
The io_readx() function needs to know whether the load it is
doing is an MMU_DATA_LOAD or an MMU_INST_FETCH, so that it
can pass the right value to the cpu_transaction_failed()
function. Plumb this information through from the softmmu
code.

This is currently not often going to give the wrong answer,
because usually instruction fetches go via get_page_addr_code().
However once we switch over to handling execution from non-RAM by
creating single-insn TBs, the path for an insn fetch to generate
a bus error will be through cpu_ld*_code() and io_readx(),
so without this change we will generate a d-side fault when we
should generate an i-side fault.

We also have to pass the access type via a CPU struct global
down to unassigned_mem_read(), for the benefit of the targets
which still use the cpu_unassigned_access() hook (m68k, mips,
sparc, xtensa).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Message-id: 20180710160013.26559-2-peter.maydell@linaro.org
2018-08-14 17:17:19 +01:00
Julia Suvorova
c4379b4874 nvic: Change NVIC to support ARMv6-M
The differences from ARMv7-M NVIC are:
  * ARMv6-M only supports up to 32 external interrupts
   (configurable feature already). The ICTR is reserved.
  * Active Bit Register is reserved.
  * ARMv6-M supports 4 priority levels against 256 in ARMv7-M.

Signed-off-by: Julia Suvorova <jusual@mail.ru>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-14 17:17:19 +01:00
Junyan He
56eb90af39 migration/ram: ensure write persistence on loading all data to PMEM.
Because we need to make sure the pmem kind memory data is synced
after migration, we choose to call pmem_persist() when the migration
finish. This will make sure the data of pmem is safe and will not
lose if power is off.

Signed-off-by: Junyan He <junyan.he@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-08-10 13:29:39 +03:00
Junyan He
faf8a13d80 mem/nvdimm: ensure write persistence to PMEM in label emulation
Guest writes to vNVDIMM labels are intercepted and performed on the
backend by QEMU. When the backend is a real persistent memort, QEMU
needs to take proper operations to ensure its write persistence on the
persistent memory. Otherwise, a host power failure may result in the
loss of guest label configurations.

Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2018-08-10 13:29:39 +03:00
Junyan He
a4de8552b2 hostmem-file: add the 'pmem' option
When QEMU emulates vNVDIMM labels and migrates vNVDIMM devices, it
needs to know whether the backend storage is a real persistent memory,
in order to decide whether special operations should be performed to
ensure the data persistence.

This boolean option 'pmem' allows users to specify whether the backend
storage of memory-backend-file is a real persistent memory. If
'pmem=on', QEMU will set the flag RAM_PMEM in the RAM block of the
corresponding memory region. If 'pmem' is set while lack of libpmem
support, a error is generated.

Signed-off-by: Junyan He <junyan.he@intel.com>
Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-08-10 13:29:39 +03:00
Junyan He
cbfc017103 memory, exec: switch file ram allocation functions to 'flags' parameters
As more flag parameters besides the existing 'share' are going to be
added to following functions
memory_region_init_ram_from_file
qemu_ram_alloc_from_fd
qemu_ram_alloc_from_file
let's switch them to use the 'flags' parameters so as to ease future
flag additions.

The existing 'share' flag is converted to the RAM_SHARED bit in ram_flags,
and other flag bits are ignored by above functions right now.

Signed-off-by: Junyan He <junyan.he@intel.com>
Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2018-08-10 13:29:39 +03:00
Junyan He
b0e5de9381 memory, exec: Expose all memory block related flags.
We need to use these flags in other files rather than just in exec.c,
For example, RAM_SHARED should be used when create a ram block from file.
We expose them the exec/memory.h

Signed-off-by: Junyan He <junyan.he@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-08-10 13:29:39 +03:00
Marc-André Lureau
93f874fe9d virtio-gpu: fix crashes upon warm reboot with vga mode
With vga=775 on the Linux command line a first boot of the VM running
Linux works fine. After a warm reboot it crashes during Linux boot.

Before that, valgrind points out bad memory write to console
surface. The VGA code is not aware that virtio-gpu got a message
surface scanout when the display is disabled. Let's reset VGA graphic
mode when it is the case, so that a new display surface is created
when doing further VGA operations.

https://bugs.launchpad.net/qemu/+bug/1784900/

Reported-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Message-id: 20180803153235.4134-1-marcandre.lureau@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-08-07 15:03:58 +01:00
Peter Maydell
45a505d0a4 Bug fixes.
-----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAlte/ecUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroP5Egf+I5rWCZ5p3YGjP1HnSoWEoVNbeZvZ
 aXWtvYYBnL8B/nVJ11CynyZgwqHSDiCODHH29Q3Qiopu/yeEYEBc5NtsheND7cMi
 2cXXT2uxHCenMx2oRBJ7H0580n7V1xC4HRbLsNhuk5G8VL0je/pdBylNWNlyEjlj
 8K+J18IKYqSsrIpcHtnN5Y/hyvMoGTqi3dwUeTL6u8rFzulVVUo2q9G0+k9WybJD
 lK7f1gXJImTFxqAfyMIuJSRKI9PjZMwWT9pCJ4ie52l7EwL+hj0068EMziw7/AMd
 asUGd56PG9K/37h2WC/qcMdZnRHO/8EBvEMEHHmXKMEDFF2XSQXIoO4Qvw==
 =35+O
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

Bug fixes.

# gpg: Signature made Mon 30 Jul 2018 13:00:39 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  backends/cryptodev: remove dead code
  timer: remove replay clock probe in deadline calculation
  i386: implement MSR_SMI_COUNT for TCG
  i386: do not migrate MSR_SMI_COUNT on machine types <2.12

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-31 11:14:53 +01:00
Kevin Wolf
52ebcb2682 block: Fix documentation for BDRV_REQ_MAY_UNMAP
BDRV_REQ_MAY_UNMAP in a write_zeroes request does not only allow the
driver to unmap the blocks, but it actively requests that the blocks be
unmapped afterwards if at all possible.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-30 15:35:37 +02:00
Paolo Bonzini
990e0be260 i386: do not migrate MSR_SMI_COUNT on machine types <2.12
MSR_SMI_COUNT started being migrated in QEMU 2.12.  Do not migrate it
on older machine types, or the subsection causes a load failure for
guests that use SMM.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-30 14:00:11 +02:00
liujunjie
ad63c549ec qstring: Fix qstring_from_substr() not to provoke int overflow
qstring_from_substr() parameters @start and @end are of type int.
blkdebug_parse_filename(), blkverify_parse_filename(), nbd_parse_uri(),
and qstring_from_str() pass @end values of type size_t or ptrdiff_t.
Values exceeding INT_MAX get truncated, with possibly disastrous
results.

Such huge substrings seem unlikely, but we found one in a core dump,
where "info tlb" executed via QMP's human-monitor-command apparently
produced 35 GiB of output.

Fix by changing the parameters size_t.

Signed-off-by: liujunjie <liujunjie23@huawei.com>
Message-Id: <20180724134339.17832-1-liujunjie23@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-07-28 09:09:58 +02:00
Daniel P. Berrangé
dbddad7026 tests: call qcrypto_init instead of gnutls_global_init
Calling qcrypto_init ensures that all relevant initialization is
done. In particular this honours the debugging settings and thread
settings.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-07-24 17:33:39 +01:00
Peter Xu
62aa1d887f monitor: Fix unsafe sharing of @cur_mon among threads
@cur_mon is null unless the main thread is running monitor code, either
HMP code within monitor_read(), or QMP code within
monitor_qmp_dispatch().

Use of @cur_mon outside the main thread is therefore unsafe.

Most of its uses are in monitor command handlers.  These run in the main
thread.

However, there are also uses hiding elsewhere, such as in
error_vprintf(), and thus error_report(), making these functions unsafe
outside the main thread.  No such unsafe uses are known at this time.
Regardless, this is an unnecessary trap.  It's an ancient trap, though.

More recently, commit cf869d5317 "qmp: support out-of-band (oob)
execution" spiced things up: the monitor I/O thread assigns to @cur_mon
when executing commands out-of-band.  Having two threads save, set and
restore @cur_mon without synchronization is definitely unsafe.  We can
end up with @cur_mon null while the main thread runs monitor code, or
non-null while it runs non-monitor code.

We could fix this by making the I/O thread not mess with @cur_mon, but
that would leave the trap armed and ready.

Instead, make @cur_mon thread-local.  It's now reliably null unless the
thread is running monitor code.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[peterx: update subject and commit message written by Markus]
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180720033451.32710-1-peterx@redhat.com>
2018-07-23 14:00:03 +02:00
Peter Maydell
59b5552f02 Bug fixes.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJbTgXfAAoJEL/70l94x66DTbYH/3NutBAkNZKX7EImj/d0I1O8
 nERMVH1R70KBcugdsjhaBfTRoATDXdrBng4MBqloIK9dEMT3g6D4TFZJLU+WAjOc
 8sItx0BrUR7Sl8SnAvWNFoqVtvVancFiLnu11DsFGM0l8mJHRlZSkQZ0Fd0FL2W/
 OPnW7t6F7B2bc1VlPfSs093FVCoD3S+lJmbj64dwNrn8+fOX918V6gSaYQe92aIY
 pSbJjkRDx2iULmzMY8QH4OQiHgnd/Pijj+D628DMrUc0iW1Rsw5V2Yq7SMY6zoa8
 MoI/YDwX6eRMU2mq74BrKlULZrpmQn+6ZCdZTvXzLwc2zpKD4puO4FuMBOA7yx4=
 =GcxI
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

Bug fixes.

# gpg: Signature made Tue 17 Jul 2018 16:06:07 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  Document command line options with single dash
  opts: remove redundant check for NULL parameter
  i386: only parse the initrd_filename once for multiboot modules
  i386: fix regression parsing multiboot initrd modules
  virtio-scsi: fix hotplug ->reset() vs event race
  qdev: add HotplugHandler->post_plug() callback
  hw/char/serial: retry write if EAGAIN
  PC Chipset: Improve serial divisor calculation
  vhost-user-test: added proper TestServer *dest initialization in test_migrate()
  hyperv: ensure VP index equal to QEMU cpu_index
  hyperv: rename vcpu_id to vp_index
  accel: Fix typo and grammar in comment
  dump: add kernel_gs_base to QEMU CPU state

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-17 17:06:32 +01:00
Paolo Bonzini
fe04f0b4a1 hw/display/xlnx_dp: Move problematic code from instance_init to realize
aux_create_slave() calls qdev_init_nofail() which in turn "realizes"
the corresponding object. This is unlike qdev_create(), and it is wrong
because qdev_init_nofail() must not be called from an instance_init
function.  Move qdev_init_nofail() and the subsequent aux_map_slave into
the caller's realize function.

There are two more bugs that needs to be fixed here, too, where the
objects are created but not added as children.  Therefore when
you call object_unparent on them, nothing happens.

In particular dpcd and edid give you an infinite loop in bus_unparent,
because device_unparent is not called and does not remove them from
the list of devices on the bus.

Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1531745974-17187-17-git-send-email-thuth@redhat.com
[thuth: Added Paolo's fixup for the dpcd and edid unparenting]
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-17 13:12:49 +01:00
Thomas Huth
046f370fb4 hw/core/sysbus: Add a function for creating and attaching an object
A lot of functions are initializing an object and attach it immediately
afterwards to the system bus. Provide a common function for this, which
also uses object_initialize_child() to make sure that the reference
counter is correctly initialized to 1 afterwards.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 1531745974-17187-3-git-send-email-thuth@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-17 13:12:49 +01:00
Thomas Huth
0210b39d0e qom/object: Add a new function object_initialize_child()
A lot of code is using the object_initialize() function followed by a call
to object_property_add_child() to add the newly initialized object as a child
of the current object. Both functions increase the reference counter of the
new object, but many spots that call these two functions then forget to drop
one of the superfluous references. So the newly created object is often not
cleaned up correctly when the parent is destroyed. In the worst case, this
can cause crashes, e.g. because device objects are not correctly removed from
their parent_bus.

Since this is a common pattern between many code spots, let's introduce a
new function that takes care of calling all three required initialization
functions, first object_initialize(), then object_property_add_child() and
finally object_unref(). And since the function does a similar job like
object_new_with_props(), also allow to set additional properties via
varargs, and use user_creatable_complete() to make sure that the functions
can be used similarly.

And while we're at object.h, also fix some copy-n-paste errors in the
comments there ("to store the area" --> "to store the error").

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-id: 1531745974-17187-2-git-send-email-thuth@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-17 13:12:49 +01:00
Andrew Jeffery
333b9c8a68 aspeed: Implement write-1-{set, clear} for AST2500 strapping
The AST2500 SoC family changes the runtime behaviour of the hardware
strapping register (SCU70) to write-1-set/write-1-clear, with
write-1-clear implemented on the "read-only" SoC revision register
(SCU7C). For the the AST2400, the hardware strapping is
runtime-configured with read-modify-write semantics.

Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-id: 20180709143524.17480-1-andrew@aj.id.au
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-16 17:18:41 +01:00
Stefan Hajnoczi
25e8978817 qdev: add HotplugHandler->post_plug() callback
The ->pre_plug() callback is invoked before the device is realized.  The
->plug() callback is invoked when the device is being realized but
before it is reset.

This patch adds a ->post_plug() callback which is invoked after the
device has been reset.  This callback is needed by HotplugHandlers that
need to wait until after ->reset().

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20180716083732.3347-2-stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-16 16:58:16 +02:00
Fam Zheng
22931a1533 block: Use uint64_t for BdrvTrackedRequest byte fields
This matches the types used for bytes in the rest parts of block layer.
In the case of bdrv_co_truncate, new_bytes can be the image size which
probably doesn't fit in a 32 bit int.

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 16:01:52 +02:00
Fam Zheng
0b9fd3f467 block: Use BdrvChild to discard
Other I/O functions are already using a BdrvChild pointer in the API, so
make discard do the same. It makes it possible to initiate the same
permission checks before doing I/O, and much easier to share the
helper functions for this, which will be added and used by write,
truncate and copy range paths.

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 16:01:52 +02:00
Cornelia Huck
6703db131f Revert "block: Remove deprecated -drive geometry options"
This reverts commit a7aff6dd10.

Hold off removing this for one more QEMU release (current libvirt
release still uses it.)

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 14:36:12 +02:00
Cornelia Huck
75f4cd2979 Revert "block: Remove deprecated -drive option addr"
This reverts commit eae3bd1eb7.

Reverted to avoid conflicts for geometry options revert.

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 14:36:12 +02:00
Cornelia Huck
44e8b4689c Revert "block: Remove deprecated -drive option serial"
This reverts commit b008326744.

Hold off removing this for one more QEMU release (current libvirt
release still uses it.)

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 14:36:11 +02:00
Vladimir Sementsov-Ogievskiy
09d2f94846 block: add BDRV_REQ_SERIALISING flag
Serialized writes should be used in copy-on-write of backup(sync=none)
for image fleecing scheme.

We need to change an assert in bdrv_aligned_pwritev, added in
28de2dcd88. The assert may fail now, because call to
wait_serialising_requests here may become first call to it for this
request with serializing flag set. It occurs if the request is aligned
(otherwise, we should already set serializing flag before calling
bdrv_aligned_pwritev and correspondingly waited for all intersecting
requests). However, for aligned requests, we should not care about
outdating of previously read data, as there no such data. Therefore,
let's just update an assert to not care about aligned requests.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 13:10:25 +02:00
Vladimir Sementsov-Ogievskiy
67b51fb998 block: split flags in copy_range
Pass read flags and write flags separately. This is needed to handle
coming BDRV_REQ_NO_SERIALISING clearly in following patches.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 13:04:25 +02:00
Vladimir Sementsov-Ogievskiy
999658a05e block/io: fix copy_range
Here two things are fixed:

1. Architecture

On each recursion step, we go to the child of src or dst, only for one
of them. So, it's wrong to create tracked requests for both on each
step. It leads to tracked requests duplication.

2. Wait for serializing requests on write path independently of
   BDRV_REQ_NO_SERIALISING

Before commit 9ded4a0114 "backup: Use copy offloading",
BDRV_REQ_NO_SERIALISING was used for only one case: read in
copy-on-write operation during backup. Also, the flag was handled only
on read path (in bdrv_co_preadv and bdrv_aligned_preadv).

After 9ded4a0114, flag is used for not waiting serializing operations
on backup target (in same case of copy-on-write operation). This
behavior change is unsubstantiated and potentially dangerous, let's
drop it and add additional asserts and documentation.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 13:04:22 +02:00
Kevin Wolf
4be6a6d118 block: Poll after drain on attaching a node
Commit dcf94a23b1 ('block: Don't poll in parent drain callbacks')
removed polling in bdrv_child_cb_drained_begin() on the grounds that the
original bdrv_drain() already will poll and BdrvChildRole.drained_begin
calls must not cause graph changes (and therefore must not call
aio_poll() or the recursion through the graph will break.

This reasoning is correct for calls through bdrv_do_drained_begin().
However, BdrvChildRole.drained_begin is also called when a node that is
already in a drained section (i.e. bdrv_do_drained_begin() has already
returned and therefore can't poll any more) is attached to a new parent.
In this case, we must explicitly poll to have all requests completed
before the drained new child can be attached to the parent.

In bdrv_replace_child_noperm(), we know that we're not inside the
recursion of bdrv_do_drained_begin() because graph changes are not
allowed there, and bdrv_replace_child_noperm() is a graph change. The
call of BdrvChildRole.drained_begin() must therefore be followed by a
BDRV_POLL_WHILE() that waits for the completion of requests.

Reported-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-10 10:36:15 +02:00
Peter Maydell
3379c6cce7 x86 fix for -rc0
* Fix EPYC-IBPB compat code
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbQ5mXAAoJECgHk2+YTcWmGOAP/iMEUcYhiNbucz9LfSZ7TjOB
 OuAxbTE+LW7bxfo7gL19lHwgXBqn+6r4V4chDMVDTfmxEqokmIK/SwG9TCVJmtlE
 xLonnQ1JAgtfFC3+Yk2R6UAifMIIa5Xh7tg/RCB5Tguh/k4EQbkxeVFbodpEfK6M
 ND/mVYfHxnPcgkCHBglqmL5xl0ziISqYYzyk4M+E2NOmSW8jbssEP/0ALiqYExNO
 qr4VQ1nKIFoK01GUblZu2/RkRXqmMwmzOHMXVGBnCVinLtAvRgOObh+dfks6BHza
 6XyrCDAUIk9qQ5I2XGIXHb21merHociIXke9OeybGgcBbdOG3NkTzEprsGBXAS25
 3LXhQ5uPP5W9zidGIwMen2AqhcrNdXTT7OQbsv15JYs+1Kxm4Uowy1JRUON+7be3
 Ks5YZm1X6d9OkWDom7haREAqJaNEYTLWw8LB2HjB9DiLS9AiAbllY6ZNQqhUkFxH
 JIZI3/r/KJ/+mU0sQjx5o2lYZI4BHVczkLR45be3KhMSgBpU/1HYwoMuOWKYr3SF
 W6Tcz6MhFa6mxHyLpU2CCJ3VGUcwQX6NqGXpQxZ8VS4hnnL+bFrweQQ7DfVGamWn
 z14nKuRD6WiKpzpss2ewpJkO/6bKEmAQmVu2HoLAzmYsCSfDIjtem3obT+BLt/iN
 /M5YR+lv3L0wedmSJJ4w
 =qSYY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' into staging

x86 fix for -rc0

* Fix EPYC-IBPB compat code

# gpg: Signature made Mon 09 Jul 2018 18:21:27 BST
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/x86-next-pull-request:
  pc: Fix typo on PC_COMPAT_2_12

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-09 18:29:00 +01:00
Eduardo Habkost
97e50dd013 pc: Fix typo on PC_COMPAT_2_12
I forgot a hyphen when amending the compat code on commit
e0051647 ("i386: Enable TOPOEXT feature on AMD EPYC CPU").

Fixes: e00516475c
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20180703011026.18650-1-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-07-09 14:20:57 -03:00
Peter Maydell
5bd366b467 boards.h: Remove doc comment reference to nonexistent function
commit b08199c6fb accidentally added a reference to a doc
comment to a nonexistent memory_region_allocate_aux_memory().
This was a leftover from a previous version of the patchset
which defined memory_region_allocate_aux_memory() for
"allocate RAM MemoryRegion and register it for migration"
and left "memory_region_init_ram()" with its original semantics
of "allocate RAM MR but do not register for migration". In
the end we decided on the approach of "memory_region_init_ram()
registers the MR for migration, and memory_region_init_ram_nomigrate()
is a new function which does not", but this comment change
got left in by mistake. Revert that part of the commit.

Reported-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20180702130605.13611-1-peter.maydell@linaro.org
2018-07-09 14:51:34 +01:00
Peter Maydell
086ede32af ptimer: Add TRIGGER_ONLY_ON_DECREMENT policy option
The CMSDK timer behaviour is that an interrupt is triggered when the
counter counts down from 1 to 0; however one is not triggered if the
counter is manually set to 0 by a guest write to the counter register.
Currently ptimer can't handle this; add a policy option to allow
a ptimer user to request this behaviour.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20180703171044.9503-2-peter.maydell@linaro.org
2018-07-09 14:51:34 +01:00
Eric Auger
b78aae9bb6 hw/arm/smmu-common: Fix devfn computation in smmu_iommu_mr
smmu_iommu_mr() aims at returning the IOMMUMemoryRegion corresponding
to a given sid. The function extracts both the PCIe bus number and
the devfn to return this data. Current computation of devfn is wrong
as it only returns the PCIe function instead of slot | function.

Fixes 32cfd7f39e ("hw/arm/smmuv3: Cache/invalidate config data")

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Message-id: 1530775623-32399-1-git-send-email-eric.auger@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-09 14:51:34 +01:00
Alistair Francis
5a7f76a3d4 hw/riscv/sifive_u: Connect the Cadence GEM Ethernet device
Connect the Cadence GEM ethernet device. This also requires us to
expose the plic interrupt lines.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Michael Clark <mjc@sifive.com>
2018-07-05 15:24:25 -07:00
Alistair Francis
647a70a10f hw/riscv/sifive_plic: Use gpios instead of irqs
Instead of creating the interrupt in lines with qemu_allocate_irq() use
qdev_init_gpio_in() as this gives us the ability to use the qdev*gpio*()
helpers later on.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Suggested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Michael Clark <mjc@sifive.com>
2018-07-05 15:24:25 -07:00
Alistair Francis
651cd8b7e1 hw/riscv/sifive_e: Create a SiFive E SoC object
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Michael Clark <mjc@sifive.com>
2018-07-05 15:24:25 -07:00
Alistair Francis
2308092b2b hw/riscv/sifive_u: Create a SiFive U SoC object
Create a SiFive Unleashed U54 SoC and use that in the sifive_u machine.

We leave the SoC, RAM, device tree and reset/fdt loading as part of the
machine. All the other device creation has been moved to the SoC.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Michael Clark <mjc@sifive.com>
2018-07-05 15:24:25 -07:00
Peter Maydell
1daf14ec9e Block layer patches:
- qcow2: Use worker threads for compression to improve performance of
   'qemu-img convert -W' and compressed backup jobs
 - blklogwrites: New filter driver to log write requests to an image in
   the dm-log-writes format
 - file-posix: Fix image locking during image creation
 - crypto: Fix memory leak in error path
 - Error out instead of silently truncating node names
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbPfHhAAoJEH8JsnLIjy/Wxp8P/jeEJ/jJ0N2doix5KJSvtkdP
 dYx4cJxHg9tMSnmBfA49qc1ilgbzZqjbF/wH3Ko3zPsmFP0xsxx+9zE4c3iL7HA6
 6E4/r3szznO8DIxdgzAIeHjZc7YPpsY3alrthT55eR/FnDyc8zofi/iUMgvTKPYA
 8TnWqgi2fdaVwNy+lIRJFdhzzQNtPxOEO+0DFHaOZvQ9vlc5DGPC+Hj3Qc11GK8M
 u7orkeYqQPknxy0hJKPxtWHvzCQUJMcSSs6PbuslnzOerYiQLmx+RVIwMhXfVZjV
 lXe2SppAszBujtcIENhZlj1cECs7MrWTmFDcWvBA+Mh/JhFEWwykmlQHYrjCqdvw
 QyWhVLgP/6jQDaBls6LADSZDxX7i0sV27DzVGN4gYUX/KcyVPEDROm90MyE8nxN0
 Y5hhujTkzu94Zvd/OlKZRs4tPxmbRrd2SWy0id8Kj5/gO/+UWECOZCrPrlB5uzec
 bsxHoeXLVe2/56JkCIiOw3hLILMY6gPLJgeaQjz6hu1oZJqYuoof8grVFjUCSH0C
 BBlz8O4upHdPIKNRl4rmdgwasg5YIiJ7SFl4h7KMCD0elkKmo3SyTKosagvqrpVN
 JvW1YuosCedcfYIKNPnZdEGWDKuTaZtcnZnM9IRY6hr8ySMw1LloFsgXsJ3tqTwe
 wb1Wjm4Qlz5BaoB7o/Os
 =z5AC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- qcow2: Use worker threads for compression to improve performance of
  'qemu-img convert -W' and compressed backup jobs
- blklogwrites: New filter driver to log write requests to an image in
  the dm-log-writes format
- file-posix: Fix image locking during image creation
- crypto: Fix memory leak in error path
- Error out instead of silently truncating node names

# gpg: Signature made Thu 05 Jul 2018 11:24:33 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  file-posix: Unlock FD after creation
  file-posix: Fix creation locking
  block/blklogwrites: Add an option for the update interval of the log superblock
  block/blklogwrites: Add an option for appending to an old log
  block/blklogwrites: Change log_sector_size from int64_t to uint64_t
  block/crypto: Fix memory leak in create error path
  block: Don't silently truncate node names
  block: Add blklogwrites
  block: Move two block permission constants to the relevant enum
  qcow2: add compress threads
  qcow2: refactor data compression
  qemu-img: allow compressed not-in-order writes

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-05 15:53:04 +01:00
Peter Maydell
6cf495be0b Pull request
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbPGpGAAoJEH3vgQaq/DkOHJcQAK8S58jlhHVyTb8RMbOHGGsB
 L5xRqGQ5KcR8M4c3iR1L4Qdg+XwR5qDpY+G48/oWKoeu/lR/GFvywz+F2T65+y04
 M4MQuS2aPrXVDCHt6aUXm31OPM7PKpu8QIRnjLXXnxnGFbSsc+ajW1wErRajFD3W
 T5TdKv8pEyPnGCm88ICpzNwo34ucYppGd7/zt70BfZ5W0pgNJ537V71N0NQ8d+aH
 e7t5Qk1IqUX6Vv9L4ld7BmkVP1VDyHVTAQEPds+SuNpCThwqkDNd0AN+0NPe+9pC
 /acBUHupZOj06UebBPEgmOzW6jeYgC7C4ccya0foVh5wjrc/l6oNpKqo80YJDrfb
 /NQV/EIahSyH1sx3kKr1zVCFZO8MHNB4WwxC65g2bNs9IqNet6RNWAxnqtPEDvYr
 uVt5MK+53Te6+Ni7nWnwlVHn2NMUDjrXlfpMby9gGUBn6Wj9SLZP8FrWS/aNMFia
 F4ejU2mLRRNzq4YcetWAXRDH1sLPbGFV1dZP+LPXVVfa2Qrh+CBMpp85eOuXGuro
 iQ79E1vdr4YlbDKnEgK3swiwqdm98SUJV/CQM+BBzL5RtGZRH1vIjdeaJP/4klAd
 dedOEf6+9gBau7aTNO7RryWFp8UGvTYwh4dCmFWfqsFi6KyjyttzFMcT3BTwBzRY
 535nm38CknYvIGCnSnoj
 =48Zh
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jnsnow/tags/bitmaps-pull-request' into staging

Pull request

# gpg: Signature made Wed 04 Jul 2018 07:33:42 BST
# gpg:                using RSA key 7DEF8106AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"
# Primary key fingerprint: FAEB 9711 A12C F475 812F  18F2 88A9 064D 1835 61EB
#      Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76  CBD0 7DEF 8106 AAFC 390E

* remotes/jnsnow/tags/bitmaps-pull-request:
  dirty-bitmap: fix double lock on bitmap enabling
  block/dirty-bitmap: add bdrv_enable_dirty_bitmap_locked

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-05 13:33:52 +01:00
Peter Maydell
4fd1cbaf14 Monitor patches for 2018-07-03
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbO+iNAAoJEDhwtADrkYZTX9gQAJFT0DPtUYQsqbYAhrUIJo/a
 lT5OAnMnMou6Qu0XHjSYrqdZu7Ega00rvyeYgtB54lmLcOVrjAxF0SwcPcoOuz7K
 O9o00ZmwuFPUugJuYBLDRqJryejbZTCGSOg3cp+YlV6naW6Omck97iu7G/MZWLvB
 FJvIIUaPIAGklRhSodhC+yePp1PNbfGVcpDjAxn4e1UQ/2M6gwSFx9iPbNl2WotN
 CXjRHmkB4ZcxwcDtzzFLwkXTDkryZE27sOgFjDG5xFWO/oCS+Px7a0vME8YM+j2r
 eNa93g16ZohNqHb9t6GarlqrqNqbQF2t6JAPpmlIX5qb3Dtb87MQ/ExdN+FJ4btD
 IfBkTnXbs7qkZpConRlrhdd2J01ChnCdcmddUeenlq+8mIMjQJXH2RCwRVKyoZYs
 4Z74XWy2A+xMJgjqY9WO7E4jy4QVDSckKIm6je/O8fXzXWxthi4H1/2EN5nAv1hY
 zNxP/SW0vpqiR/cVQAr2N6VGz2/m9cWQIf0NwFc765gypPBbCL5HLrb+/xC86Bi3
 ylg9YlTw84oXtpSauTYu3oE989iDndu/s9BEUe5fW5g+8azs+h5SHVTwq0Y8dzSZ
 n2FsGxr76BlOIu5i1oIYNUUhAoU3txddueT4SNHE5Iaz1x6fAKnMP2hxoo5DWDzn
 1Rzgq4ATB8H+V6Og942n
 =/2SW
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2018-07-03-v2' into staging

Monitor patches for 2018-07-03

# gpg: Signature made Tue 03 Jul 2018 22:20:13 BST
# gpg:                using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-monitor-2018-07-03-v2: (32 commits)
  qapi: Polish command flags documentation in qapi-code-gen.txt
  monitor: Improve some comments
  qmp: Clean up capability negotiation after commit 02130314d8
  qobject: Let qobject_from_jsonf() fail instead of abort
  qmp: Switch timestamp_put() to qdict_from_jsonf_nofail()
  qmp: Add some comments around null responses
  qmp: Simplify monitor_qmp_respond()
  qmp: Replace get_qmp_greeting() by qmp_greeting()
  qmp: Replace monitor_json_emitter{,raw}() by qmp_{queue,send}_response()
  qmp: Use QDict * instead of QObject * for response objects
  qmp: De-duplicate error response building
  qobject: New qdict_from_jsonf_nofail()
  monitor: Peel off @mon_global wrapper
  monitor: Rename use_io_thr to use_io_thread
  qmp: Don't let JSON errors jump the queue
  qmp: Don't let malformed in-band commands jump the queue
  tests/qmp-test: Demonstrate QMP errors jumping the queue
  qmp: Simplify code around monitor_qmp_dispatch_one()
  qmp: Always free QMPRequest with qmp_request_free()
  qmp: Revert change to handle_qmp_command tracepoint
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-05 11:25:14 +01:00
Ari Sundholm
7ae9f3f61b block: Move two block permission constants to the relevant enum
This allows using the two constants outside of block.c, which will
happen in a subsequent patch.

Signed-off-by: Ari Sundholm <ari@tuxera.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-05 10:29:19 +02:00
Vladimir Sementsov-Ogievskiy
92bcea40d3 block/dirty-bitmap: add bdrv_enable_dirty_bitmap_locked
Add _locked version of bdrv_enable_dirty_bitmap, to fix dirty bitmap
migration in the following patch.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-id: 20180625165745.25259-2-vsementsov@virtuozzo.com
Signed-off-by: John Snow <jsnow@redhat.com>
2018-07-04 02:12:49 -04:00
Peter Maydell
2a018f6e98 Add support for PSK credentials with TLS
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbO2ZjAAoJEL6G67QVEE/fG/0QAKcUheP2waHCef30U+mAjezJ
 tlSIQD3DwbUzJMDaBPuqOhal7qwnKFFlSqhDc1ueck+2QP17wIzeW1MJx1OPFGCU
 hcgRvRWB4hiL+ygpyMpuEs1NfcqE/uc5XXb79st9JdKRGMyO27AW+cVnGUxshBoy
 GJU3YgLE5AN6OCOPiC4zLhTNAtnHmR+Zh+HKdWDA3kYJgZFIYo62cQYMvX8KnYqH
 oqkF5Y2fBvfusXMisthP870ABapl3MhGUL6FkVWvLlkaQR89GJ3l/eiQw6p9t854
 32+mWJ332uhE6sAGBPpnA76zFa1hTAegTH8VjuzNrEYFpvTk1aFR+Gp0nzymKBTN
 Masbw7u2yeaDQYWO8teNSWN6oEOG1erkQELXtmea3fUOsBB1NpTQDN1YKgo4FZaM
 S0nX/C18g1uSm3GQSuTTYLC4FFmxhavLHxZLmiN38vzUHb2JAb/xkGV9If+efQNC
 stXUtOw+PGLSD3FDyGvGscv1kliCfmuASXFyp+fAXXkWiQDqHPom9n7pyFZzT/+5
 f+EecJXx1m4oEM7/wzPEntfa+TDIIYiETBLEg/56Wf45HcFhLHOt/etEdOXpf8bC
 WSCHrBr5iJFadbsFF21Ak0zpYmC7u8uD1V2hbyEUYxzELpZLzmZIrp41CF9erhWn
 oNo0SiPIf1KDBXlIkkkS
 =HpWk
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-next-pull-request' into staging

Add support for PSK credentials with TLS

# gpg: Signature made Tue 03 Jul 2018 13:04:51 BST
# gpg:                using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/qcrypto-next-pull-request:
  crypto: Implement TLS Pre-Shared Keys (PSK).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-03 23:06:18 +01:00
Markus Armbruster
d43b16945a qmp: Use QDict * instead of QObject * for response objects
By using the more specific type, we get fewer downcasts.  The
downcasts are safe, but not obviously so, at least not locally.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180703085358.13941-24-armbru@redhat.com>
2018-07-03 23:18:56 +02:00
Markus Armbruster
cee32796ca qmp: De-duplicate error response building
All callers of qmp_build_error_object() duplicate the code to wrap it
in a response object.  Replace it by qmp_error_response() that
captures the duplicated code, including error_free().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180703085358.13941-23-armbru@redhat.com>
2018-07-03 23:18:56 +02:00
Markus Armbruster
a193352ff9 qobject: New qdict_from_jsonf_nofail()
Many uses of qobject_from_jsonf() convert JSON objects.  Create new
convenience function qdict_from_jsonf_nofail() that includes the
conversion to QDict.  The next few commits will put it to use.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180703085358.13941-22-armbru@redhat.com>
2018-07-03 23:18:56 +02:00
Markus Armbruster
69240fe62d qmp: Don't let malformed in-band commands jump the queue
handle_qmp_command() reports certain errors right away.  This is wrong
when OOB is enabled, because the errors can "jump the queue" then, as
the previous commit demonstrates.

To fix, we need to delay errors until dispatch.  Do that for semantic
errors, mostly by reverting ill-advised parts of commit cf869d5317
"qmp: support out-of-band (oob) execution".  Bonus: doesn't run
qmp_dispatch_check_obj() twice, once in handle_qmp_command(), and
again in do_qmp_dispatch().  That's also due to commit cf869d5317.

The next commit will fix queue jumping for syntax errors.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180703085358.13941-18-armbru@redhat.com>
2018-07-03 23:18:56 +02:00
Markus Armbruster
674ed7228f qmp qemu-ga: Fix qemu-ga not to accept "control"
Commit cf869d5317 "qmp: support out-of-band (oob) execution"
accidentally made qemu-ga accept and ignore "control".  Fix that.

Out-of-band execution in a monitor that doesn't support it now fails
with

    {"error": {"class": "GenericError", "desc": "QMP input member 'control' is unexpected"}}

instead of

    {"error": {"class": "GenericError", "desc": "Please enable out-of-band first for the session during capabilities negotiation"}}

The old description is suboptimal when out-of-band cannot not be
enabled, or the command doesn't support out-of-band execution.

The new description is a bit unspecific, but it'll do.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180703085358.13941-12-armbru@redhat.com>
2018-07-03 23:18:56 +02:00
Peter Maydell
79c2b203a9 vga: disable global_vmstate, virtio-gpu scanout tracking fixes.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbO0WYAAoJEEy22O7T6HE4omoP/R0aKyojHVxWeL4OK5JxfTJP
 VfEu1JCYhyXhn5KQpnSTyuklr2PuM6Wq89fBx2Rcrvi2RlKfxg1t1hMT10Vmev7R
 CIgyZfxBicIInzU8bFB0d7lS9jPPAIJNuZTCEob/+sE72RK8a2TUT+agpgzfBiC8
 z4D8UU766n/BoyeiFeFeM7HIEe4fl75bqzUW+PHLqoW5HDiz05tBEAhOlPJXrJeM
 35tp8aNUcRFCb8K95bBstDbTgCFlChVNN99+5CQ2rCokPXegW1ldCfRCpXVSuigm
 KT4T073b8/pfrGxiNpKDs1zV5N2Om6g25CLBi1KztenOlT7iancAI72uWxFasc/I
 0VNIZQCMYeR6r8OcUBgquxYQG8JAHf8oNcmqU97UE4jFWY/K/O+WLmwzhw9aifib
 An3bsmo76Q0JTPmqMhbEGpjSM8DygKHqMnXy1Tzzi6EKOQMjnRDFT1uexRH/HPo6
 hdaKUfyeMIY9U6n+YA8VrBn/5BnpsucEpKjMB7KxlyL+NwRVdXQ8axz7SnXkJrHY
 vdobSzQs0TBA7oo0mnWR9AF+MG2yr/bb5yFwTVsg82kexmPw90oVyisIpExNZyTg
 vnrsfdSyGvpGLP9ganMSfgA9TQ+xUORrHp9cZM3yHKrmh5C3w65ynbA4LXsYwJ0h
 HlI+MNbhTjw0P4Iws/PX
 =Xwx6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180703-pull-request' into staging

vga: disable global_vmstate, virtio-gpu scanout tracking fixes.

# gpg: Signature made Tue 03 Jul 2018 10:44:56 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20180703-pull-request:
  vga: disable global_vmstate for 3.0+ machine types
  virtio-gpu: disable scanout when backing resource is destroyed
  virtio-gpu: update old resource too.
  virtio-gpu: tweak scanout disable.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	hw/display/qxl.c
#	hw/display/vga-isa-mm.c
2018-07-03 21:09:27 +01:00
Peter Maydell
b07cd3e748 ppc patch queue 2018-07-03
Here's a last minue pull request before today's soft freeze.  Ideally
 I would have sent this earlier, but I was waiting for a couple of
 extra fixes I knew were close.  And the freeze crept up on me, like
 always.
 
 Most of the changes here are bugfixes in any case.  There are some
 cleanups as well, which have been in my staging tree for a little
 while.  There are a couple of truly new features (some extensions to
 the sam460ex platform), but these are low risk, since they only affect
 a new and not really stabilized machine type anyway.
 
 Higlights are:
   * Mac platform improvements from Mark Cave-Ayland
   * Sam460ex improvements from BALATON Zoltan et al.
   * XICS interrupt handler cleanups from Cédric Le Goater
   * TCG improvements for atomic loads and stores from Richard
     Henderson
   * Assorted other bugfixes
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAls7D8oACgkQbDjKyiDZ
 s5Lxmg//YzPfC/nKqTTKkyJPzh/NnSC+kRTMAT3mbxdRIc7yfgMqJtWGGbS1iKgK
 EeJ9hl5Qm0HfscfDuzf0xasU62ZEv3kNdLnWJEIgkqiXrxoO5KCnC0y4D8NN1W03
 mvINNCa8+QDg2OsirGmNUTkriiG3wLIrHTpLZ4+JuC2Bd9H3nTHZgJ0MXON/1VWY
 oRgr6kMZ5+IAzPhvYLFR6l3nPI883fgJOFyRo7YqYrkVBKFrFkfK0Xjw6vpsNxcx
 2dE/YCHhNIriLuBG5noewL7GuqZRtLnl6rjjee5VAKIe1EmFeR+jsXwNjzGOVOJg
 dhjOtsJsQQ3WdEw5uImJzE64kV228WCgmkeXzZd1010JBLr7sUkrd2EuoZ23vvat
 uvZAHVSBrJg5WvzMo1VMEoPU3VeeZQ5HL+MI80iKiU6oUgRK11gVJcebtA0sEKt+
 zhJC4JiUlHtZLTGIpMBmU8DJZ3Tyk1cBEm+Ky+SaPE+dsz16UHI0fazFQXJnXphE
 MLHEGAyQgzWYp7kIcAjUFev0Geq/Uovy4JKIGI6ISop1wRPEQDxkthfkfRyQxQkE
 zuse4EBcEH/Undw9KrmEQa0hCe+8BRkxklVbPesFPPdqH3PKNxtHYuWpSShQF0PW
 XMjw43O2Rbsl8kBUHCpy4pYSugD1hpfgaw/mVUOU1u/M1O6toTw=
 =AHrx
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.0-20180703' into staging

ppc patch queue 2018-07-03

Here's a last minue pull request before today's soft freeze.  Ideally
I would have sent this earlier, but I was waiting for a couple of
extra fixes I knew were close.  And the freeze crept up on me, like
always.

Most of the changes here are bugfixes in any case.  There are some
cleanups as well, which have been in my staging tree for a little
while.  There are a couple of truly new features (some extensions to
the sam460ex platform), but these are low risk, since they only affect
a new and not really stabilized machine type anyway.

Higlights are:
  * Mac platform improvements from Mark Cave-Ayland
  * Sam460ex improvements from BALATON Zoltan et al.
  * XICS interrupt handler cleanups from Cédric Le Goater
  * TCG improvements for atomic loads and stores from Richard
    Henderson
  * Assorted other bugfixes

# gpg: Signature made Tue 03 Jul 2018 06:55:22 BST
# gpg:                using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-3.0-20180703: (35 commits)
  ppc: Include vga cirrus card into the compiling process
  target/ppc: Relax reserved bitmask of indexed store instructions
  target/ppc: set is_jmp on ppc_tr_breakpoint_check
  spapr: compute default value of "hpt-max-page-size" later
  target/ppc/kvm: don't pass cpu to kvm_get_smmu_info()
  target/ppc/kvm: get rid of kvm_get_fallback_smmu_info()
  ppc440_uc: Basic emulation of PPC440 DMA controller
  sam460ex: Add RTC device
  hw/timer: Add basic M41T80 emulation
  ppc4xx_i2c: Rewrite to model hardware more closely
  hw/ppc: Give sam46ex its own config option
  fpu_helper.c: fix setting FPSCR[FI] bit
  target/ppc: Implement the rest of gen_st_atomic
  target/ppc: Implement the rest of gen_ld_atomic
  target/ppc: Use atomic min/max helpers
  target/ppc: Use MO_ALIGN for EXIWX and ECOWX
  target/ppc: Split out gen_st_atomic
  target/ppc: Split out gen_ld_atomic
  target/ppc: Split out gen_load_locked
  target/ppc: Tidy gen_conditional_store
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	hw/ppc/spapr.c
2018-07-03 14:59:27 +01:00
Richard W.M. Jones
e1a6dc91dd crypto: Implement TLS Pre-Shared Keys (PSK).
Pre-Shared Keys (PSK) is a simpler mechanism for enabling TLS
connections than using certificates.  It requires only a simple secret
key:

  $ mkdir -m 0700 /tmp/keys
  $ psktool -u rjones -p /tmp/keys/keys.psk
  $ cat /tmp/keys/keys.psk
  rjones:d543770c15ad93d76443fb56f501a31969235f47e999720ae8d2336f6a13fcbc

The key can be secretly shared between clients and servers.  Clients
must specify the directory containing the "keys.psk" file and a
username (defaults to "qemu").  Servers must specify only the
directory.

Example NBD client:

  $ qemu-img info \
    --object tls-creds-psk,id=tls0,dir=/tmp/keys,username=rjones,endpoint=client \
    --image-opts \
    file.driver=nbd,file.host=localhost,file.port=10809,file.tls-creds=tls0,file.export=/

Example NBD server using qemu-nbd:

  $ qemu-nbd -t -x / \
    --object tls-creds-psk,id=tls0,endpoint=server,dir=/tmp/keys \
    --tls-creds tls0 \
    image.qcow2

Example NBD server using nbdkit:

  $ nbdkit -n -e / -fv \
    --tls=on --tls-psk=/tmp/keys/keys.psk \
    file file=disk.img

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-07-03 13:04:38 +01:00
Peter Maydell
a395717cbd -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJbOvCTAAoJEL2+eyfA3jBX354P/RFVLsozhcb3DeFj5Ocq2kfS
 sRt/82Ke/f/w/8lNd4wNbOsdG/eg2M4RmLWF4ONWWoeO7Z0KIatUOTtw5HxjBxBX
 XfhQy7RZ65luuCHnLDU6c4IdnDvXBVG/kErydhDZjEyeY8qlxrurBB8331cTRFwu
 hisweIwogPOFDA+/Bty0W0EyVQWFAobL3ExYFlOYFuHwsqJfMPQbytw2zDzC4kjn
 8Ecppyt7rfLsEcyf/4OAoHfbbYOiQl7PkXE7/uXDFyL8zPdRpIlDFSZtmy1Zb213
 mcYhPmehUkFHV/BDF/LdnzjlraK8oMaNu0IDld5cX/1xUU4VtbW2YjAt6OdCn7Ll
 7YbNNKYU/mM1QUPshX4qJkbUaCu7JoTDKPiBbJei/MV7zMJBLpNVG/AuJE2gbweI
 2levV76QzS2+fQVKv/9LUliqOYEp5T0/aybb+35Vzhf5WNpSO7s1oaCDAvSgUhS+
 qU1MIAROQQPCmdM8PwqzG9b2TGp/tYcWOju5bqt488Twmo0BbTGjYCFl6StJHibC
 mN5fASP5nQiz1fc3FrBp0h/PCQlGtd2ZgeyeC+lkPVcFovclA2vo/ib1k2LK/0nU
 TzkKIFRJZH58yYjppuBrB6c/aFfVkutE4Hz25i+3nZ91ZEyQKbv1mDxCyRNXNWjt
 Gteul6gUo/AjzMOWFFvH
 =AKR7
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging

# gpg: Signature made Tue 03 Jul 2018 04:42:11 BST
# gpg:                using RSA key BDBE7B27C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg:                 aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg:                 aka "Jeffrey Cody <codyprime@gmail.com>"
# Primary key fingerprint: 9957 4B4D 3474 90E7 9D98  D624 BDBE 7B27 C0DE 3057

* remotes/cody/tags/block-pull-request:
  backup: Use copy offloading
  block: Honour BDRV_REQ_NO_SERIALISING in copy range
  block: Fix parameter checking in bdrv_co_copy_range_internal

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-03 11:49:51 +01:00
Peter Maydell
9b75dcb15f nbd patches for 2018-07-02
Bug fixes and iotest exposure of fleecing via NBD (serving a
 read-only point-in-time view via blockdev-backup sync:none,
 as well as serving dirty bitmaps over NBD), including a new
 x-dirty-bitmap parameter when opening NBD clients as the
 counterpart to x-nbd-server-add-bitmap. Also a random fix
 for iscsi block_status spotted by Coverity that missed other
 miscellaneous trees.
 
 - Eric Blake: nbd/server: Fix dirty bitmap logic regression
 - Eric Blake: iscsi: Avoid potential for get_status overflow
 - John Snow/Vladimir Sementsov-Ogievskiy: 0/2 block: formalize and test fleecing
 - Eric Blake: 0/2 test NBD bitmap export
 -----BEGIN PGP SIGNATURE-----
 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
 
 iQEcBAABCAAGBQJbOtJPAAoJEKeha0olJ0NqEvwH/3FwWnlBdBvdYGgPjzGE1Atm
 ofCKcyxE/2VJtxeWlZQHzs1VqSq81s7am5SdzOrIWnQekvHFcLu6/71RABiauzMd
 neCvVOrXOVdktj1i1Z2Gg4BgjDmqbTDlo5ssVh/oXP0Zebi6OZFfQrB7y3cGBvui
 4XI7lW9qJxt6F1FlKloXnofWRDENyo5vgdz6QjQXfauthw2T5045RIPTfiz03FCp
 fbs+6K0+bKxfPdNLrqxxOZo/loYnEXbDYv6VBAIWBqztXVnMHxCqnh0YN05jwsfF
 TRW0/YT8lpWarOZ1soIC6a/OGXQZbxgRhZ+Zr+Wa2jw0YNHJanU9isxi37aUqQo=
 =Xivx
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2018-07-02' into staging

nbd patches for 2018-07-02

Bug fixes and iotest exposure of fleecing via NBD (serving a
read-only point-in-time view via blockdev-backup sync:none,
as well as serving dirty bitmaps over NBD), including a new
x-dirty-bitmap parameter when opening NBD clients as the
counterpart to x-nbd-server-add-bitmap. Also a random fix
for iscsi block_status spotted by Coverity that missed other
miscellaneous trees.

- Eric Blake: nbd/server: Fix dirty bitmap logic regression
- Eric Blake: iscsi: Avoid potential for get_status overflow
- John Snow/Vladimir Sementsov-Ogievskiy: 0/2 block: formalize and test fleecing
- Eric Blake: 0/2 test NBD bitmap export

# gpg: Signature made Tue 03 Jul 2018 02:33:03 BST
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>"
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>"
# gpg:                 aka "[jpeg image of size 6874]"
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2018-07-02:
  iotests: New test 223 for exporting dirty bitmap over NBD
  nbd/client: Add x-dirty-bitmap to query bitmap from server
  iotests: add 222 to test basic fleecing
  blockdev: enable non-root nodes for backup source
  iscsi: Avoid potential for get_status overflow
  nbd/server: Fix dirty bitmap logic regression

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-03 10:47:02 +01:00
Gerd Hoffmann
1fcfdc435a vga: disable global_vmstate for 3.0+ machine types
Move global_vmstate from vga_common_init() parameter to VGACommonState
field.  Set global_vmstate to true for isa vga devices, so nothing
changes here.  virtio-vga and secondary-vga already set global_vmstate
to false so no change here either.  All other pci vga devices get a new
global-vmstate property, defaulting to false.  A compat property flips
it to true for older machine types.

With this in place you don't get a vmstate section naming conflict any
more when adding multiple pci vga devices to your vm.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20180702163345.17892-1-kraxel@redhat.com>
2018-07-03 11:19:49 +02:00
Fam Zheng
dee12de893 block: Honour BDRV_REQ_NO_SERIALISING in copy range
This semantics is needed by drive-backup so implement it before using
this API there.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 20180703023758.14422-3-famz@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2018-07-02 23:23:45 -04:00
BALATON Zoltan
afb6e20429 ppc4xx_i2c: Rewrite to model hardware more closely
Rewrite to make it closer to how real device works so that guest OS
drivers can access I2C devices. Previously this was only a hack to
allow U-Boot to get past accessing SPD EEPROMs but to support other
I2C devices and allow guests to access them we need to model real
device more properly.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-07-03 09:56:52 +10:00
Cédric Le Goater
eeefd43b3c ppx/xics: introduce a parent_reset in ICSStateClass
Just like for the realize handlers, this makes possible to move the
common ICSState code of the reset handlers in the ics-base class.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-07-03 09:56:51 +10:00
Cédric Le Goater
0a647b76db ppc/xics: introduce a parent_realize in ICSStateClass
This makes possible to move the common ICSState code of the realize
handlers in the ics-base class.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-07-03 09:56:51 +10:00
Cédric Le Goater
a028dd423e ppc/xics: introduce ICP DeviceRealize and DeviceReset handlers
This changes the ICP realize and reset handlers in DeviceRealize and
DeviceReset handlers. parent handlers are now called from the
inheriting classes which is a cleaner object pattern.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-07-03 09:56:51 +10:00
Eric Blake
216ee3657e nbd/client: Add x-dirty-bitmap to query bitmap from server
In order to test that the NBD server is properly advertising
dirty bitmaps, we need a bare minimum client that can request
and read the context.  Since feature freeze for 3.0 is imminent,
this is the smallest workable patch, which replaces the qemu
block status report with the results of the NBD server's dirty
bitmap (making it very easy to use 'qemu-img map --output=json'
to learn where the dirty portions are).  Note that the NBD
protocol defines a dirty section with the same bit but opposite
sense that normal "base:allocation" uses to report an allocated
section; so in qemu-img map output, "data":true corresponds to
clean, "data":false corresponds to dirty.

A more complete solution that allows dirty bitmaps to be queried
at the same time as normal block status will be required before
this addition can lose the x- prefix.  Until then, the fact that
this replaces normal status with dirty status means actions
like 'qemu-img convert' will likely misbehave due to treating
dirty regions of the file as if they are unallocated.

The next patch adds an iotest to exercise this new code.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180702191458.28741-2-eblake@redhat.com>
2018-07-02 15:27:38 -05:00
Peter Maydell
e8c858944e * IEC units series (Philippe)
* Hyper-V PV TLB flush (Vitaly)
 * git archive detection (Daniel)
 * host serial passthrough fix (David)
 * NPT support for SVM emulation (Jan)
 * x86 "info mem" and "info tlb" fix (Doug)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJbOkI9AAoJEL/70l94x66DaA0IAIzJD+3hUdwDCqitlW65x/yX
 D+KAoX4Ytpz7+QOtcXC7BBUW3JwvHTS5sfuvaAqKWnqEXSDrQs4/gG2iEB1UJ3Ko
 hC2LHGKygdcD9k3vuQ2q2USOu08jEUYRvvjgHmD6lsyaAQ+cb2heAYz/SxQqbkkt
 qun6TFaWuTGBQF1qy0xjJitdPokGwFZgprlZyVmMId/yLlsbsFlwmGIJh/l1+zqw
 I4DBzRzuhAg/nLH9qVZ3LWOjH1H0MLPGBUG59w4GbIDpwRh1VZu+GTyAmAYaquHl
 dSHYweXywNTvhi0WLroP8SD0Nqf/ZObuSRtop60gqJuP3YAbPrBMeRTlsqoZIRE=
 =Xzc8
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* IEC units series (Philippe)
* Hyper-V PV TLB flush (Vitaly)
* git archive detection (Daniel)
* host serial passthrough fix (David)
* NPT support for SVM emulation (Jan)
* x86 "info mem" and "info tlb" fix (Doug)

# gpg: Signature made Mon 02 Jul 2018 16:18:21 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (50 commits)
  tcg: simplify !CONFIG_TCG handling of tb_invalidate_*
  i386/monitor.c: make addresses canonical for "info mem" and "info tlb"
  target-i386: Add NPT support
  serial: Open non-block
  bsd-user: Use the IEC binary prefix definitions
  linux-user: Use the IEC binary prefix definitions
  tests/crypto: Use the IEC binary prefix definitions
  vl: Use the IEC binary prefix definitions
  monitor: Use the IEC binary prefix definitions
  cutils: Do not include "qemu/units.h" directly
  hw/rdma: Use the IEC binary prefix definitions
  hw/virtio: Use the IEC binary prefix definitions
  hw/vfio: Use the IEC binary prefix definitions
  hw/sd: Use the IEC binary prefix definitions
  hw/usb: Use the IEC binary prefix definitions
  hw/net: Use the IEC binary prefix definitions
  hw/i386: Use the IEC binary prefix definitions
  hw/ppc: Use the IEC binary prefix definitions
  hw/mips: Use the IEC binary prefix definitions
  hw/mips/r4k: Constify params_size
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-02 19:07:19 +01:00
Peter Maydell
ab08440a4e Assorted tlb and tb caching fixes
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbOky7AAoJEGTfOOivfiFfvYEH/iDRoHaTo+HOClIqrHY+yTr9
 39JrMbvRpJ0+TwhzWHvA8Ukuof2DpUFYNpx9F8zIy4HEVG8Pl9VX4ntK121WIOvb
 Cf7/gR4M6PW9TnV1NDe4cWeVVUlg2WuY81vJBFKaIRbh6/m3OnAxL+ZnKYHO7OLs
 mmxXI76kX9wAicOTsObx19Tb1XOlAqyzxdVb8HrrEK488iigVuJ3W1l+pQEEZMdF
 CICXVglTBCACnBZ1nG7vCY0UVkf4c8rOM+c8f+4ktkYl2GcNgkWLMjbVYf3rsozH
 5iUfCBqNbRQ5xZBVTSD/efTLbxQ7wCMCwfDmwvy/71Pi/vwxaIHEtdWxCofv0p8=
 =XQ94
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20180702' into staging

Assorted tlb and tb caching fixes

# gpg: Signature made Mon 02 Jul 2018 17:03:07 BST
# gpg:                using RSA key 64DF38E8AF7E215F
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>"
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-tcg-20180702:
  cpu: Assert asidx_from_attrs return value in range
  accel/tcg: Avoid caching overwritten tlb entries
  accel/tcg: Don't treat invalid TLB entries as needing recheck
  accel/tcg: Correct "is this a TLB miss" check in get_page_addr_code()
  tcg: Define and use new tlb_hit() and tlb_hit_page() functions
  translate-all: fix locking of TBs whose two pages share the same physical page

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-02 17:57:46 +01:00
Richard Henderson
9c8c334b06 cpu: Assert asidx_from_attrs return value in range
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-07-02 08:09:49 -07:00
Peter Maydell
334692bce7 tcg: Define and use new tlb_hit() and tlb_hit_page() functions
The condition to check whether an address has hit against a particular
TLB entry is not completely trivial. We do this in various places, and
in fact in one place (get_page_addr_code()) we have got the condition
wrong. Abstract it out into new tlb_hit() and tlb_hit_page() inline
functions (one for a known-page-aligned address and one for an
arbitrary address), and use them in all the places where we had the
condition correct.

This is a no-behaviour-change patch; we leave fixing the buggy
code in get_page_addr_code() to a subsequent patch.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180629162122.19376-2-peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-07-02 08:02:20 -07:00
Peter Maydell
7320bb2cb0 s390x updates:
- add bpb/ppa15 features to default cpu model for z196 and later
 - rework TOD handling and fix cpu hotplug under tcg
 - various fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAls6B/QSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vqCIQAII2fFuPicarkERO8DBbn/nzPWMNp20f
 UUkhmS5w7Bng3Fq2hL3aihmRijMM7K4+6M4m0/mEf6Z07dQmC5M/FGNsV22/ToFb
 wjGUZM/SaqJF+gosEvA/pzhc8GmgPCDF3z2Phbdqsa4Ck33sMKyZIGveH8jF9lDf
 8HoljDQ06ckXhaIsX1DZ9I6o6u5CpoCOSLrwuLpVfzFK1fimD04B44GINZg/oJQ0
 e++ac2OwyV7OgjdLiNlVJOI5UV7iVrgZRvtGLqLzRCWLJVDl85I2JwhQwx0mHv4Y
 Of0SyiY3SF5jiV/FCLdd/k9CxMUzBXhZvq5vi7qtejakiVbVA+W5E1hugUUl794a
 gjlsrkKnpFFAW6QU8/4bq88I9e0F4LXLfaK1dCnOsJX3kGIruUjLGfOTM/T2Cuz9
 0oJPYgZs0NAxTh+9wsFOlhS0EBr8jczn+DRRQjUPrzWk2INLtl8kKyjh71UW9yl5
 vYCZevK9KUuZXNGBsqVn2pS1rKbryoJVm3IZudJXBvyj5EPo4q3Tdxm7NZKGPIlu
 e6VXHinhMtk7BZt5J2HNKGFIo5IPCcYQJCgs6+M1wRTHK6VtquVvas0y5aW5Wvl8
 0lHI0fmflDoHbPiyRH9xvOS3r/y9xNYoUUG2GxjQqteW7tJAuhYy/rQIvBbVKufL
 0xFKC4vdhV7c
 =GF+m
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20180702' into staging

s390x updates:
- add bpb/ppa15 features to default cpu model for z196 and later
- rework TOD handling and fix cpu hotplug under tcg
- various fixes

# gpg: Signature made Mon 02 Jul 2018 12:09:40 BST
# gpg:                using RSA key DECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>"
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20180702:
  s390x/tcg: fix locking problem with tcg_s390_tod_updated
  s390x/kvm: indicate alignment in legacy_s390_alloc()
  s390x/kvm: legacy_s390_alloc() only supports one allocation
  s390x/tcg: fix CPU hotplug with single-threaded TCG
  s390x/tcg: rearm the CKC timer during migration
  s390x/tcg: implement SET CLOCK
  s390x/tcg: SET CLOCK COMPARATOR can clear CKC interrupts
  s390x/tcg: properly implement the TOD
  s390x/tcg: drop tod_basetime
  s390x/tod: factor out TOD into separate device
  s390x/kvm: pass values instead of pointers to kvm_s390_set_clock_*()
  s390x/tcg: avoid overflows in time2tod/tod2time
  s390x/cpumodel: default enable bpb and ppa15 for z196 and later
  loader: Check access size when calling rom_ptr() to avoid crashes
  s390/ipl: fix ipl with -no-reboot

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-02 14:57:43 +01:00
Paolo Bonzini
c40d479207 tcg: simplify !CONFIG_TCG handling of tb_invalidate_*
There is no need for a stub, since tb_invalidate_phys_addr can be excised
altogether when TCG is disabled.  This is a bit cleaner since it avoids
using code that is clearly specific to user-mode emulation (it calls
mmap_lock/unlock) for the !CONFIG_TCG case.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:18 +02:00
Philippe Mathieu-Daudé
af5ecb4739 cutils: Do not include "qemu/units.h" directly
All files using "qemu/units.h" definitions already include it directly,
we can now remove it from "qemu/cutils.h".

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Message-Id: <20180625124238.25339-41-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:17 +02:00
Philippe Mathieu-Daudé
c9ad15d71e hw/virtio: Use the IEC binary prefix definitions
It eases code review, unit is explicit.

Patch generated using:

  $ git grep -E '(1024|2048|4096|8192|(<<|>>).?(10|20|30))' hw/ include/hw/

and modified manually.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180625124238.25339-39-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:17 +02:00
Philippe Mathieu-Daudé
872a2b7c4d hw/net: Use the IEC binary prefix definitions
It eases code review, unit is explicit.

Patch generated using:

  $ git grep -E '(1024|2048|4096|8192|(<<|>>).?(10|20|30))' hw/ include/hw/

and modified manually.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Message-Id: <20180625124238.25339-35-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:16 +02:00
Philippe Mathieu-Daudé
ab3dd74924 hw/ppc: Use the IEC binary prefix definitions
It eases code review, unit is explicit.

Patch generated using:

  $ git grep -E '(1024|2048|4096|8192|(<<|>>).?(10|20|30))' hw/ include/hw/

and modified manually.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <20180625124238.25339-33-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:16 +02:00
Philippe Mathieu-Daudé
be01029e5d hw/mips: Use the IEC binary prefix definitions
It eases code review, unit is explicit.

Patch generated using:

  $ git grep -E '(1024|2048|4096|8192|(<<|>>).?(10|20|30))' hw/ include/hw/
  $ git grep -n '[<>][<>]= ?[1-5]0'

and modified manually.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20180625124238.25339-31-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:16 +02:00
Philippe Mathieu-Daudé
f0353b0d10 hw/display: Use the IEC binary prefix definitions
It eases code review, unit is explicit.

Patch generated using:

  $ git grep -E '(1024|2048|4096|8192|(<<|>>).?(10|20|30))' hw/ include/hw/

and modified manually.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20180625124238.25339-15-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:13 +02:00
Philippe Mathieu-Daudé
3d779b93e0 hw/tpm: Use the IEC binary prefix definitions
It eases code review, unit is explicit.

Patch generated using:

  $ git grep -E '(1024|2048|4096|8192|(<<|>>).?(10|20|30))' hw/ include/hw/

and modified manually.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180625124238.25339-13-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:13 +02:00
Philippe Mathieu-Daudé
d23b6caadb hw: Use IEC binary prefix definitions from "qemu/units.h"
Code change produced with:

  $ git ls-files | egrep '\.[ch]$' | \
    xargs sed -i -e 's/\(\W[KMGTPE]\)_BYTE/\1iB/g'

Suggested-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au> (ppc parts)
Message-Id: <20180625124238.25339-6-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 15:41:10 +02:00
Philippe Mathieu-Daudé
7ecdc94c40 include: Add IEC binary prefixes in "qemu/units.h"
Loosely based on 076b35b5a5.

Suggested-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180625124238.25339-2-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-02 14:45:23 +02:00
Philippe Mathieu-Daudé
646f34fa54 tcg: Fix --disable-tcg build breakage
Fix the --disable-tcg breakage introduced by 8bca9a03ec:

    $ configure --disable-tcg
    [...]
    $ make -C i386-softmmu exec.o
    make: Entering directory 'i386-softmmu'
      CC      exec.o
    In file included from source/qemu/exec.c:62:0:
    source/qemu/include/exec/ram_addr.h:96:6: error: conflicting types for ‘tb_invalidate_phys_range’
     void tb_invalidate_phys_range(ram_addr_t start, ram_addr_t end);
          ^~~~~~~~~~~~~~~~~~~~~~~~
    In file included from source/qemu/exec.c:24:0:
    source/qemu/include/exec/exec-all.h:309:6: note: previous declaration of ‘tb_invalidate_phys_range’ was here
     void tb_invalidate_phys_range(target_ulong start, target_ulong end);
          ^~~~~~~~~~~~~~~~~~~~~~~~
    source/qemu/exec.c:1043:6: error: conflicting types for ‘tb_invalidate_phys_addr’
     void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr, MemTxAttrs attrs)
          ^~~~~~~~~~~~~~~~~~~~~~~
    In file included from source/qemu/exec.c:24:0:
    source/qemu/include/exec/exec-all.h:308:6: note: previous declaration of ‘tb_invalidate_phys_addr’ was here
     void tb_invalidate_phys_addr(target_ulong addr);
          ^~~~~~~~~~~~~~~~~~~~~~~
    make: *** [source/qemu/rules.mak:69: exec.o] Error 1
    make: Leaving directory 'i386-softmmu'

Tested to build x86_64-softmmu and i386-softmmu targets.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180629200710.27626-1-f4bug@amsat.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-07-02 13:42:05 +01:00
David Hildenbrand
7de3b1cdc6 s390x/tcg: properly implement the TOD
Right now, each CPU has its own TOD. Especially, the TOD will differ
based on creation time of a CPU - e.g. when hotplugging a CPU the times
will differ quite a lot, resulting in stall warnings in the guest.

Let's use a single TOD by implementing our new TOD device. Prepare it
for TOD-clock epoch extension.

Most importantly, whenever we set the TOD, we have to update the CKC
timer.

Introduce "tcg_s390x.h" just like "kvm_s390x.h" for tcg specific
function declarations that should not go into cpu.h.

Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180627134410.4901-6-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-07-02 10:37:38 +02:00
David Hildenbrand
8046f374a6 s390x/tod: factor out TOD into separate device
Let's treat this like a separate device. TCG will have to store the
actual state/time later on.

Include cpu-qom.h in kvm_s390x.h (due to S390CPU) to compile tod-kvm.c.

Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180627134410.4901-4-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-07-02 10:37:38 +02:00
Thomas Huth
0f0f8b611e loader: Check access size when calling rom_ptr() to avoid crashes
The rom_ptr() function allows direct access to the ROM blobs that we
load during startup. However, there are currently no checks for the
size of the accesses, so it's currently possible to crash QEMU for
example with:

$ echo "Insane in the mainframe" > /tmp/test.txt
$ s390x-softmmu/qemu-system-s390x -kernel /tmp/test.txt -append xyz
Segmentation fault (core dumped)
$ s390x-softmmu/qemu-system-s390x -kernel /tmp/test.txt -initrd /tmp/test.txt
Segmentation fault (core dumped)
$ echo -n HdrS > /tmp/hdr.txt
$ sparc64-softmmu/qemu-system-sparc64 -kernel /tmp/hdr.txt -initrd /tmp/hdr.txt
Segmentation fault (core dumped)

We need a possibility to check the size of the ROM area that we want
to access, thus let's add a size parameter to the rom_ptr() function
to avoid these problems.

Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1530005740-25254-1-git-send-email-thuth@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-07-02 10:37:38 +02:00
Christian Borntraeger
76ed4b18de s390/ipl: fix ipl with -no-reboot
kexec/kdump as well as the bootloader use a subcode of diagnose 308
that is supposed to reset the I/O subsystem but not comprise a full
"reboot". With the latest refactoring this is now broken when
-no-reboot is used or when libvirt acts on a reboot QMP event, for
example a virt-install from iso images.

We need to mark these "subsystem resets" as special.

Fixes: a30fb811cb (s390x: refactor reset/reipl handling)
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180622102928.173420-1-borntraeger@de.ibm.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-07-02 10:37:38 +02:00
Peter Xu
d88610111b chardev: comment details for CLOSED event
It was unclear before on what does the CLOSED event mean.  Meanwhile we
add a TODO to fix up the CLOSED event in the future when the in/out
ports are different for a chardev.

CC: Paolo Bonzini <pbonzini@redhat.com>
CC: "Marc-André Lureau" <marcandre.lureau@redhat.com>
CC: Stefan Hajnoczi <stefanha@redhat.com>
CC: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180620073223.31964-2-peterx@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-06-30 17:50:48 +02:00
Peter Maydell
275845ae65 target-arm queue:
* last of the SVE patches; SVE is now enabled for aarch64 linux-user
  * sd: Don't trace SDRequest crc field (coverity bugfix)
  * target/arm: Mark PMINTENSET accesses as possibly doing IO
  * clean up v7VE feature bit handling
  * i.mx7d: minor cleanups
  * target/arm: support reading of CNT[VCT|FRQ]_EL0 from user-space
  * target/arm: Implement ARMv8.2-DotProd
  * virt: add addresses to dt node names (which stops dtc from
    complaining that they're not correctly named)
  * cleanups: replace error_setg(&error_fatal) by error_report() + exit()
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJbNkelAAoJEDwlJe0UNgzeB/wP/1WLIC2HD6jbYCPm/qW6fpXx
 cUIRjvmodD8gVdJ8m5MVPQl1AdWVdVOGTStMdKNo4nWRuZyRKl3WvnZKoDQqj+fq
 PahPUMEXGC14djhmMQ7XdDHFYFCtKOi/leZSSLw3nI1QVq+SSYOiWhqrUExLeMWb
 xA25kzHhsNrTbwE7WxBz0dhtkX+QBy2CY11e1o3ONC5vJQhuXxLxPyEZZrQpj2yZ
 9twZTcWwJ1FRlTNsGo26wNl65gC7RNAbts+fNa2gxFcwUfN2ioKKdI1iyQVvW7Mz
 CwHoa7ghppyQ6hBT2U2O5nBJx72pdQaLae6mQ+FdIFTaoE05aoAQ+pUKZiv+JwTH
 blZQZld03c80Rt6SBSVS7AU8l3A0T+cePqVMA2lv7NyGSyq4G8RjqtLIe++QGTIj
 Lq9PDVh0evnFQY11RBvJYOit3l/gB6XtfnYo2+ePpCapr/cGmXzerr9kwcCr/D7I
 jCQamPO0oxAIbvmqfc0feppWwFdI9qFbyKIRcQtb7uglN29z95ImNCq1tGYweQvy
 /ApGLMrrcdtgF2Ok13ajM+Ge60QPZ0uB8EJoStZwOwFeIuEThdvS919q0BxmR/d3
 eSwMj7ysf+UqPU9vkjtiXUyXl7r2iCbFoXcXIBsYE1Xpx1YYZKSThzMl7hqDWRGo
 W+wtYk3PvdlAPTH/lg5D
 =KZLT
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180629' into staging

target-arm queue:
 * last of the SVE patches; SVE is now enabled for aarch64 linux-user
 * sd: Don't trace SDRequest crc field (coverity bugfix)
 * target/arm: Mark PMINTENSET accesses as possibly doing IO
 * clean up v7VE feature bit handling
 * i.mx7d: minor cleanups
 * target/arm: support reading of CNT[VCT|FRQ]_EL0 from user-space
 * target/arm: Implement ARMv8.2-DotProd
 * virt: add addresses to dt node names (which stops dtc from
   complaining that they're not correctly named)
 * cleanups: replace error_setg(&error_fatal) by error_report() + exit()

# gpg: Signature made Fri 29 Jun 2018 15:52:21 BST
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20180629: (55 commits)
  target/arm: Add ID_ISAR6
  target/arm: Prune a15 features from max
  target/arm: Prune a57 features from max
  target/arm: Fix SVE system register access checks
  target/arm: Fix SVE signed division vs x86 overflow exception
  sdcard: Use the ldst API
  sd: Don't trace SDRequest crc field
  target/arm: Mark PMINTENSET accesses as possibly doing IO
  target/arm: Remove redundant DIV detection for KVM
  target/arm: Add ARM_FEATURE_V7VE for v7 Virtualization Extensions
  i.mx7d: Change IRQ number type from hwaddr to int
  i.mx7d: Change SRC unimplemented device name from sdma to src
  i.mx7d: Remove unused header files
  target/arm: support reading of CNT[VCT|FRQ]_EL0 from user-space
  target/arm: Implement ARMv8.2-DotProd
  target/arm: Enable SVE for aarch64-linux-user
  target/arm: Implement SVE dot product (indexed)
  target/arm: Implement SVE dot product (vectors)
  target/arm: Implement SVE fp complex multiply add (indexed)
  target/arm: Pass index to AdvSIMD FCMLA (indexed)
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-30 11:55:32 +01:00
Peter Maydell
ce59ecc411 Block layer patches:
- Make truncate operations asynchronous (so that preallocation in
   blockdev-create doesn't block the main loop any more)
 - usb-storage: Add rerror/werror properties
 - nvme: Add num_queues property
 - qemu-img convert: Copy offloading fixes (including data corruption fix)
 - qcow2: Fix cluster leak on temporary write error
 - Use byte-based functions instead of bdrv_co_readv/writev()
 - Various small fixes and cleanups
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbNj1iAAoJEH8JsnLIjy/Wo0kQAIFv9WtDE1Y5bPRxM3lWCVLU
 paEz8XnURl3KtFnSMH6tG4CNz/ZlnjV2bqeDxF2u4bFxsMS39lpah0BdzG7cfjNS
 qSotKTLNg1hxRefyqpvZ291Atb8kSgQdw4vtZWVmwLgfSM1S6VwL+7QLPaCO0nwH
 8OELp44acD/Avpuum3ztXGdzf/bHX6/wRhba6q1avgP6A0o83aQaG39wTd9pOgzy
 ZWCuLhrThaNXckXUFWTkZRmxh7B+XyOGdfM/jGR6uUdvCs3b6HAQmkkwVsmj4d1b
 gau7nH0BGH7wiI+yCkhdMd7IwFxSLVKrBo5oKC9JzqDCjL5gEDIr1FoWmJPqQIog
 E1h9x44t3uNVcS8tpSis2bjKM4IGS4DgSEEynFLOqHJYCcNF6tFNnJZPouzw+Zt5
 HOYS3iUzMRjYvkTnnxZSYyXM5llu5kXGa0pkFA5nbiufYJ530aJX0rtqPSpeIzMC
 D9l4Rkq1iM9oh/zKUenC2beITRPxF7iBFbEuWX58NgTTgaP0OfT3tYT/ki14kTm4
 iROMu+CotBZHkkDB0x7VlNuWeoabw1DvR+Ipu7GUsZsLhk40owuslZeDSl6+C0Wm
 ABouiYgHNo5xch0znomTnAM4NBl3Izs+Tim8wNvFH6zrGaXQ8FnxvW7W0sUQnDMK
 ydQbf7Mmwv/yaG23Bik2
 =fNzf
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Make truncate operations asynchronous (so that preallocation in
  blockdev-create doesn't block the main loop any more)
- usb-storage: Add rerror/werror properties
- nvme: Add num_queues property
- qemu-img convert: Copy offloading fixes (including data corruption fix)
- qcow2: Fix cluster leak on temporary write error
- Use byte-based functions instead of bdrv_co_readv/writev()
- Various small fixes and cleanups

# gpg: Signature made Fri 29 Jun 2018 15:08:34 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (29 commits)
  block: Remove unused sector-based vectored I/O
  vhdx: Switch to byte-based calls
  replication: Switch to byte-based calls
  qcow: Switch to a byte-based driver
  qcow: Switch qcow_co_writev to byte-based calls
  qcow: Switch qcow_co_readv to byte-based calls
  qcow: Switch get_cluster_offset to be byte-based
  parallels: Switch to byte-based calls
  file-posix: Fix EINTR handling
  iscsi: Don't blindly use designator length in response for memcpy
  qcow2: Fix src_offset in copy offloading
  file-posix: Implement co versions of discard/flush
  qemu-iotests: Test qcow2 not leaking clusters on write error
  qcow2: Free allocated clusters on write error
  qemu-iotests: Update 026.out.nocache reference output
  block/crypto: Simplify block_crypto_{open,create}_opts_init()
  block: Move request tracking to children in copy offloading
  qcow2: Remove dead check on !ret
  file-posix: Make .bdrv_co_truncate asynchronous
  block: Use tracked request for truncate
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-29 18:29:15 +01:00
Peter Maydell
b2866c2915 The Darwin host support still needs some more work. It won't make it for
soft-freeze, but I'd like these preparatory patches to be merged anyway.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEtIKLr5QxQM7yo0kQcdTV5YIvc9YFAls2DEgACgkQcdTV5YIv
 c9ZShw/6AuDMeWpzFHAdf4lBuUdDFyAC7QFln8xdb+MDus5whAvtt7vDeY0OKbgo
 w5VDTkstO7h4jQJDHkjzHK91ZdUbgu0Tj7C09x4oQpUueNWsTZGcPBvNGadjjOBt
 70LdwyV2nSER3+QNjTNznrh0faxay4xuSTIY/mW6iudeWGobwXmseEeOE8gGM+w0
 s1GwxMVKIfllKUmW2vx0mGfn02pKtTnan+Si+sp/AnY9xSquFfHWpZhXZlkZrfYd
 mgtJOTY9IpSekr9jBBKgUlZ/QVYiliDzuh3ePDYKtsuHZZ7z2ype3DkXqYOnblOs
 C+2gWUE/TC5BStjRX3RmPv21dpfkEdlxOZpgXbpP1VgKqbtnbnvcgTL89IPv9afl
 Aj+q5uYR494kOL5rSDynVRdWhnUmMnkqHCZpKG+IRMHv6GlrXpxOQWenwCS/vYWK
 swKqRwGj0CFugdt7qVZ+4XjXbbWEI21dHHG7nAXinfakKVOfJYIeGIQC7WfpIrxy
 ApV0mHSceK0AMBJvlf1Zf0Qm0lJ7Ay7MRT/5XWDFV9Bogf+wxtGvf9Ukc2qQhwd8
 mR9iN7rlWz3VSu5vS3bEdsiBXKibxIRfv7HhF5fa+mwkZA9gMbj33vVds1zA4ta1
 Qw4doRq4xWui3uNO9jvtcXtW5Bq7N4p6wVFK76dLVHk5axLCIec=
 =vVJr
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging

The Darwin host support still needs some more work. It won't make it for
soft-freeze, but I'd like these preparatory patches to be merged anyway.

# gpg: Signature made Fri 29 Jun 2018 11:39:04 BST
# gpg:                using RSA key 71D4D5E5822F73D6
# gpg: Good signature from "Greg Kurz <groug@kaod.org>"
# gpg:                 aka "Gregory Kurz <gregory.kurz@free.fr>"
# gpg:                 aka "[jpeg image of size 3330]"
# Primary key fingerprint: B482 8BAF 9431 40CE F2A3  4910 71D4 D5E5 822F 73D6

* remotes/gkurz/tags/for-upstream:
  9p: darwin: Explicitly cast comparisons of mode_t with -1
  cutils: Provide strchrnul

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-29 16:56:45 +01:00
Eric Auger
f963cc26df device_tree: Add qemu_fdt_node_unit_path
This helper allows to retrieve the paths of nodes whose name
match node-name or node-name@unit-address patterns.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Message-id: 1530044492-24921-2-git-send-email-eric.auger@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-29 15:11:01 +01:00
Peter Maydell
75507f1aba glib: update the min required version
This updates the minimum required glib version to 2.40
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbNhcKAAoJEL6G67QVEE/f1gMP+wV4J+V9WJOxcXbNjP9bb1K4
 gsvZrv2pKCVbcJW2o3Mc3POXExX1E2GsrAl639zpDHbNVlVFvQC51GaRO1Fc6lwh
 7NRFHen0Ee6I7TvWlVXMy1YPXPZ/8EJ/1KuZerYUUyKO/R8ojEt/TbELwfl3P1LF
 VZGWgs+GpwUYwiG4ZmYPQ0VsT/munZPlaK1mRQSDbGqX0KG1Vy8Q+mgbGAm+S6xh
 39HtM7ecdfXbVEAnoMsp9+kRi3zXpD5zSAyVBZN2RDktMt/EHxF0pPJCqX7oq0Rn
 DehXDkzaqF2ghzrSAIT3rbKBhzYIY/ny/vxnyQZ/Px0GrBdKwuUJ+pYcF2akS2hV
 s98VWRw/tqt8wQKYLF/wmeL7eE/tKAHSUqFc3Ta0Rvgfq0z9Mp3b73vuswBpfjWL
 +GiASRvg96n/1yqmywtCd7KtF5riOo1iyvfMFCdQ+nBHQok/6K/oWfZPyoZsCAIa
 2GJBfmHzkkc98QeNO0Dp/+ckSyKIBuyTV1bDyq/8Yz7IwEd1PfRWooEgVFSHO7MU
 6ddCECvKVvP0S03r5dlw4Imio39gPpeZBMmSE4ZOh/hRa89T4UqIUvSLwzat7OhA
 DH1NhJsj7G1jaIxENfzBhpggg++rHCVcfc2cv28Tl7i7twyRsb7CveYA6TwD+UIg
 7JT+KswUo7W9MrkKBHC+
 =8tKK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/min-glib-pull-request' into staging

glib: update the min required version

This updates the minimum required glib version to 2.40

# gpg: Signature made Fri 29 Jun 2018 12:24:58 BST
# gpg:                using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/min-glib-pull-request:
  glib: enforce the minimum required version and warn about old APIs
  glib: bump min required glib library version to 2.40
  util: remove redundant include of glib.h and add osdep.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-29 15:04:20 +01:00
Eric Blake
583c99d393 block: Remove unused sector-based vectored I/O
We are gradually moving away from sector-based interfaces, towards
byte-based.  Now that all callers of vectored I/O have been converted
to use our preferred byte-based bdrv_co_p{read,write}v(), we can
delete the unused bdrv_co_{read,write}v().

Furthermore, this gets rid of the signature difference between the
public bdrv_co_writev() and the callback .bdrv_co_writev (the
latter still exists, because some drivers still need more work
before they are fully byte-based).

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-29 14:20:56 +02:00
Kevin Wolf
93f4e2ff4b file-posix: Make .bdrv_co_truncate asynchronous
This moves the code to resize an image file to the thread pool to avoid
blocking.

Creating large images with preallocation with blockdev-create is now
actually a background job instead of blocking the monitor (and most
other things) until the preallocation has completed.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-29 14:20:56 +02:00
Kevin Wolf
1bc5f09f2e block: Use tracked request for truncate
When growing an image, block drivers (especially protocol drivers) may
initialise the newly added area. I/O requests to the same area need to
wait for this initialisation to be completed so that data writes don't
get overwritten and reads don't read uninitialised data.

To avoid overhead in the fast I/O path by adding new locking in the
protocol drivers and to restrict the impact to requests that actually
touch the new area, reuse the existing tracked request infrastructure in
block/io.c and mark all discard requests as serialising.

With this change, it is safe for protocol drivers to make
.bdrv_co_truncate actually asynchronous.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-29 14:20:56 +02:00
Kevin Wolf
3d9f2d2af6 block: Move bdrv_truncate() implementation to io.c
This moves the bdrv_truncate() implementation from block.c to block/io.c
so it can have access to the tracked requests infrastructure.

This involves making refresh_total_sectors() public (in block_int.h).

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-29 14:20:56 +02:00
Kevin Wolf
061ca8a368 block: Convert .bdrv_truncate callback to coroutine_fn
bdrv_truncate() is an operation that can block (even for a quite long
time, depending on the PreallocMode) in I/O paths that shouldn't block.
Convert it to a coroutine_fn so that we have the infrastructure for
drivers to make their .bdrv_co_truncate implementation asynchronous.

This change could potentially introduce new race conditions because
bdrv_truncate() isn't necessarily executed atomically any more. Whether
this is a problem needs to be evaluated for each block driver that
supports truncate:

* file-posix/win32, gluster, iscsi, nfs, rbd, ssh, sheepdog: The
  protocol drivers are trivially safe because they don't actually yield
  yet, so there is no change in behaviour.

* copy-on-read, crypto, raw-format: Essentially just filter drivers that
  pass the request to a child node, no problem.

* qcow2: The implementation modifies metadata, so it needs to hold
  s->lock to be safe with concurrent I/O requests. In order to avoid
  double locking, this requires pulling the locking out into
  preallocate_co() and using qcow2_write_caches() instead of
  bdrv_flush().

* qed: Does a single header update, this is fine without locking.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-29 14:20:56 +02:00
Kevin Wolf
b8efb36b9e usb-storage: Add rerror/werror properties
The error handling policy was traditionally set with -drive, but with
-blockdev it is no longer possible to set frontend options. scsi-disk
(and other block devices) have long supported qdev properties to
configure the error handling policy, so let's add these options to
usb-storage as well and just forward them to the internal scsi-disk
instance.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2018-06-29 14:20:56 +02:00
Peter Maydell
109b25045b * "info mtree" improvements (Alexey)
* fake VPD block limits for SCSI passthrough (Daniel Barboza)
 * chardev and main loop fixes (Daniel Berrangé, Sergio, Stefan)
 * help fixes (Eduardo)
 * pc-dimm refactoring (David)
 * tests improvements and fixes (Emilio, Thomas)
 * SVM emulation fixes (Jan)
 * MemoryRegionCache fix (Eric)
 * WHPX improvements (Justin)
 * ESP cleanup (Mark)
 * -overcommit option (Michael)
 * qemu-pr-helper fixes (me)
 * "info pic" improvements for x86 (Peter)
 * x86 TCG emulation fixes (Richard)
 * KVM slot handling fix (Shannon)
 * Next round of deprecation (Thomas)
 * Windows dump format support (Viktor)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJbNhHpAAoJEL/70l94x66D4ZoH/22cAWj2SOEVbHt1id1noVpI
 VxyS+MWXYG3se1HseFpNVlI32f3XyyABGMtJqzNuusD5s5Him8yZcwPxsu1RmEy2
 uOk+PIo67qbLhJyZ+f3Q+rWRbFV9W+DvrRBM7RCArWUDCDOBaEVoPrRTWC2y3oId
 EdcLDc2tP/DvOmXtbNcELCuS3w6G2Nly0WwRI4VLJ2aJT6jAZoSfOONjuRg1gamw
 7iUwk6UlCHmIMawnlwe1iQHtleX9KNYv0bA9etDrYIpNoZP935pGybchvztcmgMv
 QymjNptqse65emcbZ9rp0tqNyJhvP2wOyjQCWlCsooyRSoPQDY2Qc7623cRthqU=
 =D07Z
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* "info mtree" improvements (Alexey)
* fake VPD block limits for SCSI passthrough (Daniel Barboza)
* chardev and main loop fixes (Daniel Berrangé, Sergio, Stefan)
* help fixes (Eduardo)
* pc-dimm refactoring (David)
* tests improvements and fixes (Emilio, Thomas)
* SVM emulation fixes (Jan)
* MemoryRegionCache fix (Eric)
* WHPX improvements (Justin)
* ESP cleanup (Mark)
* -overcommit option (Michael)
* qemu-pr-helper fixes (me)
* "info pic" improvements for x86 (Peter)
* x86 TCG emulation fixes (Richard)
* KVM slot handling fix (Shannon)
* Next round of deprecation (Thomas)
* Windows dump format support (Viktor)

# gpg: Signature made Fri 29 Jun 2018 12:03:05 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (60 commits)
  tests/boot-serial: Do not delete the output file in case of errors
  hw/scsi: add VPD Block Limits emulation
  hw/scsi: centralize SG_IO calls into single function
  hw/scsi: cleanups before VPD BL emulation
  dump: add Windows live system dump
  dump: add fallback KDBG using in Windows dump
  dump: use system context in Windows dump
  dump: add Windows dump format to dump-guest-memory
  i386/cpu: make -cpu host support monitor/mwait
  kvm: support -overcommit cpu-pm=on|off
  hmp: obsolete "info ioapic"
  ioapic: support "info irq"
  ioapic: some proper indents when dump info
  ioapic: support "info pic"
  doc: another fix to "info pic"
  target-i386: Mark cpu_vmexit noreturn
  target-i386: Allow interrupt injection after STGI
  target-i386: Add NMI interception to SVM
  memory/hmp: Print owners/parents in "info mtree"
  WHPX: register for unrecognized MSR exits
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-29 12:30:29 +01:00
Daniel P. Berrangé
e71e8cc035 glib: enforce the minimum required version and warn about old APIs
There are two useful macros that can be defined before including
glib.h that are related to the min required glib version

 - GLIB_VERSION_MIN_REQUIRED

   When this is defined, if code uses an API that was deprecated
   in this version, or older, a compiler warning will be emitted.
   This alerts maintainers to update their code to whatever new
   replacement API is now recommended best practice.

 - GLIB_VERSION_MAX_ALLOWED

   When this is defined, if code uses an API that was introduced
   in a version that is newer than the declared version, a compiler
   warning will be emitted. This alerts maintainers if new code
   accidentally uses functionality that won't be available on some
   supported platforms.

The GLIB_VERSION_MAX_ALLOWED constant makes it a bit harder to opt
in to using specific new APIs with a GLIB_CHECK_VERSION conditional.
To workaround this Pragmas can be used to temporarily turn off the
-Wdeprecated-declarations compiler warning, while a static inline
compat function is implemented. This workaround is illustrated with the
implementation of the g_strv_contains method to satisfy the test suite.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-06-29 12:22:28 +01:00
Daniel P. Berrangé
e7b3af8159 glib: bump min required glib library version to 2.40
Per supported platforms doc[1], the various min glib on relevant distros is:

  RHEL-7: 2.50.3
  Debian (Stretch): 2.50.3
  Debian (Jessie): 2.42.1
  OpenBSD (Ports): 2.54.3
  FreeBSD (Ports): 2.50.3
  OpenSUSE Leap 15: 2.54.3
  SLE12-SP2: 2.48.2
  Ubuntu (Xenial): 2.48.0
  macOS (Homebrew): 2.56.0

This suggests that a minimum glib of 2.42 is a reasonable target.

The GLibC compile farm, however, uses Ubuntu 14.04 (Trusty) which only
has glib 2.40.0, and this is needed for testing during merge. Thus an
exception is made to the documented platform support policy to allow for
all three current LTS releases to be supported.

Docker jobs that not longer satisfy this new min version are removed.

[1] https://qemu.weilnetz.de/doc/qemu-doc.html#Supported-build-platforms

Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-06-29 12:22:28 +01:00
Daniel P. Berrangé
c5f1d0c493 util: remove redundant include of glib.h and add osdep.h
Code must only ever include glib.h indirectly via the glib-compat.h
header file, because we will need some macros set before glib.h is
pulled in. Adding extra includes of glib.h will (soon) cause compile
failures such as:

In file included from /home/berrange/src/virt/qemu/include/qemu/osdep.h:107,
                 from /home/berrange/src/virt/qemu/include/qemu/iova-tree.h:26,
                 from util/iova-tree.c:13:
/home/berrange/src/virt/qemu/include/glib-compat.h:22: error: "GLIB_VERSION_MIN_REQUIRED" redefined [-Werror]
 #define GLIB_VERSION_MIN_REQUIRED GLIB_VERSION_2_40

In file included from /usr/include/glib-2.0/glib/gtypes.h:34,
                 from /usr/include/glib-2.0/glib/galloca.h:32,
                 from /usr/include/glib-2.0/glib.h:30,
                 from util/iova-tree.c:12:
/usr/include/glib-2.0/glib/gversionmacros.h:237: note: this is the location of the previous definition
 # define GLIB_VERSION_MIN_REQUIRED      (GLIB_VERSION_CUR_STABLE)

Furthermore, the osdep.h include should always be done directly from the
.c file rather than indirectly via any .h file.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-06-29 12:22:28 +01:00
Daniel Henrique Barboza
a71c775b24 hw/scsi: add VPD Block Limits emulation
The VPD Block Limits Inquiry page is optional, allowing SCSI devices
to not implement it. This is the case for devices like the MegaRAID
SAS 9361-8i and Microsemi PM8069.

In case of SCSI passthrough, the response of this request is used by
the QEMU SCSI layer to set the max_io_sectors that the guest
device will support, based on the value of the max_sectors_kb that
the device has set in the host at that time. Without this response,
the guest kernel is free to assume any value of max_io_sectors
for the SCSI device. If this value is greater than the value from
the host, SCSI Sense errors will occur because the guest will send
read/write requests that are larger than the underlying host device
is configured to support. An example of this behavior can be seen
in [1].

A workaround is to set the max_sectors_kb host value back in the guest
kernel (a process that can be automated using rc.local startup scripts
and the like), but this has several drawbacks:

- it can be troublesome if the guest has many passthrough devices that
needs this tuning;

- if a change in max_sectors_kb is made in the host side, manual change
in the guests will also be required;

- during an OS install it is difficult, and sometimes not possible, to
go to a terminal and change the max_sectors_kb prior to the installation.
This means that the disk can't be used during the install process. The
easiest alternative here is to roll back to scsi-hd, install the guest
and then go back to SCSI passthrough when the installation is done and
max_sectors_kb can be set.

An easier way would be to QEMU handle the absence of the Block Limits
VPD device response, setting max_io_sectors accordingly and allowing
the guest to use the device without the hassle.

This patch adds emulation of the Block Limits VPD response for
SCSI passthrough devices of type TYPE_DISK that doesn't support
it. The following changes were made:

- scsi_handle_inquiry_reply will now check the available VPD
pages from the Inquiry EVPD reply. In case the device does not

- a new function called scsi_generic_set_vpd_bl_emulation,
that is called during device realize,  was created to set a
new flag 'needs_vpd_bl_emulation' of the device. This function
retrieves the Inquiry EVPD response of the device to check for
VPD BL support.

- scsi_handle_inquiry_reply will now check the available VPD
pages from the Inquiry EVPD reply in case the device needs
VPD BL emulation, adding the Block Limits page (0xb0) to
the list. This will make the guest kernel aware of the
support that we're now providing by emulation.

- a new function scsi_emulate_block_limits creates the
emulated Block Limits response. This function is called
inside scsi_read_complete in case the device requires
Block Limits VPD emulation and we detected a SCSI Sense
error in the VPD Block Limits reply that was issued
from the guest kernel to the device. This error is
expected: we're reporting support from our side, but
the device isn't aware of it.

With this patch, the guest now queries the Block Limits
page during the device configuration because it is being
advertised in the Supported Pages response. It will either
receive the Block Limits page from the hardware, if it supports
it, or will receive an emulated response from QEMU. At any rate,
the guest now has the information to set the max_sectors_kb
parameter accordingly, sparing the user of SCSI sense errors
that would happen without the emulated response and in the
absence of Block Limits support from the hardware.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1566195

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1566195
Reported-by: Dac Nguyen <dacng@us.ibm.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <20180627172432.11120-4-danielhb413@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-29 13:02:50 +02:00
Daniel Henrique Barboza
a0c7e35b17 hw/scsi: centralize SG_IO calls into single function
For the VPD Block Limits emulation with SCSI passthrough,
we'll issue an Inquiry request with EVPD set to retrieve
the available VPD pages of the device. This would be done in
a way similar of what scsi_generic_read_device_identification
does: create a SCSI command and a reply buffer, fill in the
sg_io_hdr_t structure, call blk_ioctl, check if an error
occurred, process the response.

This same process is done in other 2 functions, get_device_type
and get_stream_blocksize. They differ in the command/reply
buffer and post-processing, everything else is almost a
copy/paste.

Instead of adding a forth copy/pasted-ish code when adding
the passthrough VPD BL emulation, this patch extirpates
this repetition of those 3 functions and put it into
a new one called scsi_SG_IO_FROM_DEV. Any future code that
wants to execute an SG_DXFER_FROM_DEV to the device can
use it, avoiding filling sg_io_hdr_t again and et cetera.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <20180627172432.11120-3-danielhb413@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-29 13:02:50 +02:00
Daniel Henrique Barboza
0a96ca2437 hw/scsi: cleanups before VPD BL emulation
To add support for the emulation of Block Limits VPD page
for passthrough devices, a few adjustments in the current code
base is required to avoid repetition and improve clarity.

In scsi-generic.c, detach the Inquiry handling from
scsi_read_complete and put it into a new function called
scsi_handle_inquiry_reply. This change aims to avoid
cluttering of scsi_read_complete when we more logic in the
Inquiry response handling is added in the next patches,
centralizing the changes in the new function.

In scsi-disk.c, take the build of all emulated VPD pages
from scsi_disk_emulate_inquiry and make it available to
other files into a non-static function called
scsi_disk_emulate_vpd_page. Making it public will allow
the future VPD BL emulation code for passthrough devices
to use it from scsi-generic.c, avoiding copy/pasting this
code solely for that purpose. It also has the advantage of
providing emulation of all VPD pages in case we need to
emulate other pages in other scenarios. As a bonus,
scsi_disk_emulate_inquiry got tidier.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <20180627172432.11120-2-danielhb413@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-29 13:02:50 +02:00
Keno Fischer
5c99fa375d cutils: Provide strchrnul
strchrnul is a GNU extension and thus unavailable on a number of targets.
In the review for a commit removing strchrnul from 9p, I was asked to
create a qemu_strchrnul helper to factor out this functionality.
Do so, and use it in a number of other places in the code base that inlined
the replacement pattern in a place where strchrnul could be used.

Signed-off-by: Keno Fischer <keno@juliacomputing.com>
Acked-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
2018-06-29 12:32:10 +02:00
Michael S. Tsirkin
6f131f13e6 kvm: support -overcommit cpu-pm=on|off
With this flag, kvm allows guest to control host CPU power state.  This
increases latency for other processes using same host CPU in an
unpredictable way, but if decreases idle entry/exit times for the
running VCPU, so to use it QEMU needs a hint about whether host CPU is
overcommitted, hence the flag name.

Follow-up patches will expose this capability to guest
(using mwait leaf).

Based on a patch by Wanpeng Li <kernellwp@gmail.com> .

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20180622192148.178309-2-mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:37 +02:00
Peter Xu
0c8465440d hmp: obsolete "info ioapic"
Let's start to use "info pic" just like other platforms.  For now we
keep the command for a while so that old users can know what is the new
command to use.

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20171229073104.3810-6-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:37 +02:00
Peter Xu
cce5405e0e ioapic: support "info irq"
This include both userspace and in-kernel ioapic.  Note that the numbers
can be inaccurate for kvm-ioapic.  One reason is the same with
kvm-i8259, that when irqfd is used, irqs can be delivered all inside
kernel without our notice.  Meanwhile, kvm-ioapic is specially treated
when irq numbers <ISA_NUM_IRQS, those irqs will be delivered in kernel
too via kvm-i8259 (please refer to kvm_pc_gsi_handler).

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20171229073104.3810-5-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:37 +02:00
Alexey Kardashevskiy
fc051ae6c4 memory/hmp: Print owners/parents in "info mtree"
This adds owners/parents (which are the same, just occasionally
owner==NULL) printing for memory regions; a new '-o' flag
enabled new output.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Message-Id: <20180604032511.6980-1-aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:36 +02:00
Mark Cave-Ayland
e7d99825f0 esp: remove legacy esp_init() function
Remove the legacy esp_init() function now that there are no more remaining
users.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20180613094727.11326-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
2018-06-28 19:05:36 +02:00
Paolo Bonzini
5f64089416 pr-manager: add query-pr-managers QMP command
This command lets you query the connection status of each pr-manager-helper
object.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:35 +02:00
Paolo Bonzini
58b3017f7f pr-manager: put stubs in .c file
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:35 +02:00
Paolo Bonzini
a1a98357e3 osdep: work around Coverity parsing errors
Coverity does not like the new _Float* types that are used by
recent glibc, and croaks on every single file that includes
stdlib.h.  Add dummy typedefs to please it.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:34 +02:00
David Hildenbrand
f0b7bca64d pc-dimm: get_memory_region() will not fail after realize
Let's try to reduce error handling a bit. In the plug/unplug case, the
device was realized and therefore we can assume that getting access to
the memory region will not fail.

For get_vmstate_memory_region() this is already handled that way.
Document both cases.

Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180619134141.29478-13-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:34 +02:00
David Hildenbrand
eb7fd4d0f6 nvdimm: convert nvdimm_mr into a pointer
This way we can easily check if the region has already been inititalized
without having to rely on the size of an uninitialized region being 0.

Free the region in nvdimm_finalize() and not in unrealize() as we will
allow to create the region before realization in following patches.

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180619134141.29478-11-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:34 +02:00
David Hildenbrand
a57d191122 pc-dimm: merge get_(vmstate_)memory_region()
Importantly, get_vmstate_memory_region() should also fail with a proper
error if called before the device is realized. For a PCDIMM, both functions
are to return the same thing, so share the implementation.

All current users are called after the device has been realized, so we
can expect the calls to succeed.

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180619134141.29478-9-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:33 +02:00
David Hildenbrand
7943e97b85 hostmem: drop error variable from host_memory_backend_get_memory()
Unused, so let's remove it.

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180619134141.29478-8-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:33 +02:00
David Hildenbrand
9995c75951 pc-dimm: remove pc_dimm_get_free_slot() from header
Not used outside of pc-dimm.c and there shouldn't be other users. If
other devices (e.g. memory devices) ever have to also use slots, then we
will have to factor this out.

Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180619134141.29478-5-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:33 +02:00
David Hildenbrand
284878ee98 pc-dimm: rename pc_dimm_memory_* to pc_dimm_*
Let's rename it to make it look more consistent.

Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180619134141.29478-4-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:33 +02:00
Paolo Bonzini
ba59fb778e QemuMutex: support --enable-debug-mutex
We have had some tracing tools for mutex but it's not easy to use them
for e.g. dead locks.  Let's provide "--enable-debug-mutex" parameter
when configure to allow QemuMutex to store the last owner that took
specific lock.  It will be easy to use this tool to debug deadlocks
since we can directly know who took the lock then as long as we can have
a debugger attached to the process.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180425025459.5258-4-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:32 +02:00
Shannon Zhao
6c090d4a75 kvm: Delete the slot if and only if the KVM_MEM_READONLY flag is changed
According to KVM commit 75d61fbc, it needs to delete the slot before
changing the KVM_MEM_READONLY flag. But QEMU commit 235e8982 only check
whether KVM_MEM_READONLY flag is set instead of changing. It doesn't
need to delete the slot if the KVM_MEM_READONLY flag is not changed.

This fixes a issue that migrating a VM at the OVMF startup stage and
VM is executing the codes in rom. Between the deleting and adding the
slot in kvm_set_user_memory_region, there is a chance that guest access
rom and trap to KVM, then KVM can't find the corresponding memslot.
While KVM (on ARM) injects an abort to guest due to the broken hva, then
guest will get stuck.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Message-Id: <1526462314-19720-1-git-send-email-zhaoshenglong@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:31 +02:00
Stefan Hajnoczi
d29a8a1b07 main-loop: document IOCanReadHandler
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20180602085259.17853-1-stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2018-06-28 19:05:30 +02:00
Paolo Bonzini
8bca9a03ec move public invalidate APIs out of translate-all.{c,h}, clean up
Place them in exec.c, exec-all.h and ram_addr.h.  This removes
knowledge of translate-all.h (which is an internal header) from
several files outside accel/tcg and removes knowledge of
AddressSpace from translate-all.c (as it only operates on ram_addr_t).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28 19:05:30 +02:00
Peter Maydell
7106a87d96 Pull request
* Gracefully handle Linux AIO init failure
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbM6O8AAoJEJykq7OBq3PIXuUH/1viFUFjKgXnYnAUKYIITRc/
 JwU0FPa+eBxAmD9hj3prx3q1hIVGOTOYO0tDkDMNOB20frqBoKqGCjRFlXtTB/iA
 VEMFzveznz+c0lrvmZWOh63sqGFXFZ+RFlx3a2cHx9V3Mn/KLpXYsqRQyObYvZIR
 cTenlE4NkiifIDRuRxjRLal7rcTKgZfaJfofmpVWiPgiQtNOMOYzd3SPvCXfYP9O
 0YH8cnSkF9j3MgiLxBw/cHokFE2Si3eymcVOPwE9WbZtc1ovb58lbw5RrVvKLTax
 X65+Yw0z8dU40juK+3jvXYpzJC/jB08daiLZJn1LmV+b36Vhx20zq8Jzo5e0Cvg=
 =P5mU
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

 * Gracefully handle Linux AIO init failure

# gpg: Signature made Wed 27 Jun 2018 15:48:28 BST
# gpg:                using RSA key 9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  linux-aio: properly bubble up errors from initialization
  compiler: add a sizeof_field() macro

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-28 16:28:22 +01:00
Peter Maydell
4a83bf2f33 migration/next for 20180627
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbM4jhAAoJEPSH7xhYctcjFkoP/RkE3RhO/3JV+DKYU5KQwcrV
 n6FcXwsMIJ9EsCWLaZl4R+7nlbPYb4xPVG0UJnG1ntqIhJ5gN6RHzfi4l1wGCKUT
 EBRq7C5mEUbUVup7RPO1bEDixydvsvNrSHCL8AzALaag4t5HWrjneLcnJhrSykHx
 WovFn3Zyi/3LzUKHTzSQWLUoEKSBqNVJ1Ar3kIKwNDfS+jOhiZ6/Bm29hLn9UH0X
 b/iFxvCcalL2y/ulacocaS2dMe6Dx3/TvhKde8sZuyez2JeGCFFicrty7TOFhpoV
 INHjOQ3P4KLCWvJw8vs0jQmw2kikFQhqBXbJPVi3/0hV0MH/Uj4cC78/aGTn+Dt3
 bNa63eBi6//2KUzgdA+tlrTsVrkifjIhd69a0keTy1oH0zQHRjKvJrgSu0Mcy1x3
 YLbPnsjdIUrzuhCQwZcBAuzJP73OW0Q/Y+RSulFUjqkO2IBtJSUkx+AeLews5uhz
 +q9xom4FjHZMaRLwz6tWYUXxyfRlRyDTiDxZtL/9I+6XZWRHKqA8+/QZf0l2whTm
 NfJz43J+uL7Dlq9u8aMX3e+qHGwGj6b7o3zB5+xBtiHYFZMg7qPuO42Lstubdexp
 Zngb+EZl1H4SmYnOLhSVSY+Gus3f2xI6JXpuZuy1wo/bgTwFXM2o6z16t9sobKYl
 RPusi0XEBu2/XkomJxYB
 =kc0K
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20180627' into staging

migration/next for 20180627

# gpg: Signature made Wed 27 Jun 2018 13:53:53 BST
# gpg:                using RSA key F487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03  4B82 F487 EF18 5872 D723

* remotes/juanquintela/tags/migration/20180627:
  migration: fix crash in when incoming client channel setup fails
  postcopy: drop ram_pages parameter from postcopy_ram_incoming_init()
  migration: Stop sending whole pages through main channel
  migration: Remove not needed semaphore and quit
  migration: Wait for blocking IO
  migration: Start sending messages
  migration: Create ram_save_multifd_page
  migration: Create multifd_bytes ram_counter
  migration: Synchronize multifd threads with main thread
  migration: Add block where to send/receive packets
  migration: Multifd channels always wait on the sem
  migration: Add multifd traces for start/end thread
  migration: Abstract the number of bytes sent
  migration: Calculate mbps only during transfer time
  migration: Create multifd packet
  migration: Create multipage support

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-28 15:31:42 +01:00
Nishanth Aravamudan
ed6e216171 linux-aio: properly bubble up errors from initialization
laio_init() can fail for a couple of reasons, which will lead to a NULL
pointer dereference in laio_attach_aio_context().

To solve this, add a aio_setup_linux_aio() function which is called
early in raw_open_common. If this fails, propagate the error up. The
signature of aio_get_linux_aio() was not modified, because it seems
preferable to return the actual errno from the possible failing
initialization calls.

Additionally, when the AioContext changes, we need to associate a
LinuxAioState with the new AioContext. Use the bdrv_attach_aio_context
callback and call the new aio_setup_linux_aio(), which will allocate a
new AioContext if needed, and return errors on failures. If it fails for
any reason, fallback to threaded AIO with an error message, as the
device is already in-use by the guest.

Add an assert that aio_get_linux_aio() cannot return NULL.

Signed-off-by: Nishanth Aravamudan <naravamudan@digitalocean.com>
Message-id: 20180622193700.6523-1-naravamudan@digitalocean.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-27 13:06:34 +01:00
Stefan Hajnoczi
f18793b096 compiler: add a sizeof_field() macro
Determining the size of a field is useful when you don't have a struct
variable handy.  Open-coding this is ugly.

This patch adds the sizeof_field() macro, which is similar to
typeof_field().  Existing instances are updated to use the macro.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 20180614164431.29305-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-27 13:01:40 +01:00
David Hildenbrand
c136180c90 postcopy: drop ram_pages parameter from postcopy_ram_incoming_init()
Not needed. Don't expose last_ram_page().

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180620202736.21399-1-david@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2018-06-27 13:28:31 +02:00
Emilio G. Cota
32c072341f trace: fix misreporting of TCG access sizes for user-space
trace_mem_build_info expects a size_shift for its first argument. Fix it.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-id: 1527028012-21888-2-git-send-email-cota@braap.org
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-27 11:09:24 +01:00
Peter Maydell
00928a421d target-arm queue:
* aspeed: set APB clocks correctly (fixes slowdown on palmetto)
  * smmuv3: cache config data and TLB entries
  * v7m/v8m: support read/write from MPU regions smaller than 1K
  * various: clean up logging/debug messages
  * xilinx_spips: Make dma transactions as per dma_burst_size
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJbMnASAAoJEDwlJe0UNgzesJQQAIUYSTN+jrvl7CE+6Eo2LDp4
 XX7Q1oO/wVSWqID2ESm9yhpM8+xNa/IPqHy23qBzNClLxCdqYwr+hIsUp9NhIkBX
 JpHeoJWr8CI4MO5AyQYx72bcASSodR35sp+rw4aX6LL6tqL6UuZ5e8p66vh9W0wI
 umSUB+QfhR8BRpZOk79uA8o3sHwslx3Z9N+Lr4TrprV53hvEs3xe31D7VLTTE1f9
 +yYxtlIW2E0zoy8+Ptstn6wemwTKyEUmJDptBJVDMj89kHsDuKSvOSBcqsiNbfM2
 jniKQXPFvZa8FRFfO258bS+hHNQ7CI4kFR7Mli2hNNZZVUZLyq0TI9xh+kYBORNM
 nC8rTJgNzQz7iqNWtxro0/oQWjPdEOBnZAdN0+ozc3+i1l1mTE/fbPeqAZbpnYj0
 U/bca/MT7KkhVFZumidPoWn6oeByLhSB4duX2OgrkE802r1BGdNFZxkyv1Tx8PMd
 FT5al3md6usytXIeVC1oA3u61VnnfcaBRgjYA57c8ygIA7U7IsCtdMNWZXHtVyBF
 CF+n/lQ+VgqnDF1Ns2bW0cRC9wTIbkKQZA8UNEiK6WIWG8BiiIag7G/3BEIFxb5z
 QjyxU2VmHE4+sk1T25e54O/329E36nmeWCI4cLGUobVe+Kzbo/dHY3lFq/QtkEJo
 xCI2niNzT8PLpWOPNPeH
 =ZiOR
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180626' into staging

target-arm queue:
 * aspeed: set APB clocks correctly (fixes slowdown on palmetto)
 * smmuv3: cache config data and TLB entries
 * v7m/v8m: support read/write from MPU regions smaller than 1K
 * various: clean up logging/debug messages
 * xilinx_spips: Make dma transactions as per dma_burst_size

# gpg: Signature made Tue 26 Jun 2018 17:55:46 BST
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20180626: (32 commits)
  aspeed/timer: use the APB frequency from the SCU
  aspeed: initialize the SCU controller first
  aspeed/scu: introduce clock frequencies
  hw/arm/smmuv3: Add notifications on invalidation
  hw/arm/smmuv3: IOTLB emulation
  hw/arm/smmuv3: Cache/invalidate config data
  hw/arm/smmuv3: Fix translate error handling
  target/arm: Handle small regions in get_phys_addr_pmsav8()
  target/arm: Set page (region) size in get_phys_addr_pmsav7()
  tcg: Support MMU protection regions smaller than TARGET_PAGE_SIZE
  hw/arm/stellaris: Use HWADDR_PRIx to display register address
  hw/arm/stellaris: Fix gptm_write() error message
  hw/net/smc91c111: Use qemu_log_mask(UNIMP) instead of fprintf
  hw/net/smc91c111: Use qemu_log_mask(GUEST_ERROR) instead of hw_error
  hw/net/stellaris_enet: Use qemu_log_mask(GUEST_ERROR) instead of hw_error
  hw/net/stellaris_enet: Fix a typo
  hw/arm/stellaris: Use qemu_log_mask(UNIMP) instead of fprintf
  hw/arm/omap: Use qemu_log_mask(GUEST_ERROR) instead of fprintf
  hw/arm/omap1: Use qemu_log_mask(GUEST_ERROR) instead of fprintf
  hw/i2c/omap_i2c: Use qemu_log_mask(UNIMP) instead of fprintf
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 18:23:49 +01:00
Cédric Le Goater
9b945a9ee3 aspeed/timer: use the APB frequency from the SCU
The timer controller can be driven by either an external 1MHz clock or
by the APB clock. Today, the model makes the assumption that the APB
frequency is always set to 24MHz but this is incorrect.

The AST2400 SoC on the palmetto machines uses a 48MHz input clock
source and the APB can be set to 48MHz. The consequence is a general
system slowdown. The QEMU machines using the AST2500 SoC do not seem
impacted today because the APB frequency is still set to 24MHz.

We fix the timer frequency for all SoCs by linking the Timer model to
the SCU model. The APB frequency driving the timers is now the one
configured for the SoC.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 20180622075700.5923-4-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:50:42 +01:00
Cédric Le Goater
fda9aaa60e aspeed/scu: introduce clock frequencies
All Aspeed SoC clocks are driven by an input source clock which can
have different frequencies : 24MHz or 25MHz, and also, on the Aspeed
AST2400 SoC, 48MHz. The H-PLL (CPU) clock is defined from a
calculation using parameters in the H-PLL Parameter register or from a
predefined set of frequencies if the setting is strapped by hardware
(Aspeed AST2400 SoC). The other clocks of the SoC are then defined
from the H-PLL using dividers.

We introduce first the APB clock because it should be used to drive
the Aspeed timer model.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 20180622075700.5923-2-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:50:42 +01:00
Eric Auger
832e4222c8 hw/arm/smmuv3: Add notifications on invalidation
On TLB invalidation commands, let's call registered
IOMMU notifiers. Those can only be UNMAP notifiers.
SMMUv3 does not support notification on MAP (VFIO).

This patch allows vhost use case where IOTLB API is notified
on each guest IOTLB invalidation.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1529653501-15358-5-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:50:42 +01:00
Eric Auger
cc27ed81cf hw/arm/smmuv3: IOTLB emulation
We emulate a TLB cache of size SMMU_IOTLB_MAX_SIZE=256.
It is implemented as a hash table whose key is a combination
of the 16b asid and 48b IOVA (Jenkins hash).

Entries are invalidated on TLB invalidation commands, either
globally, or per asid, or per asid/iova.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Message-id: 1529653501-15358-4-git-send-email-eric.auger@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:50:42 +01:00
Eric Auger
32cfd7f39e hw/arm/smmuv3: Cache/invalidate config data
Let's cache config data to avoid fetching and parsing STE/CD
structures on each translation. We invalidate them on data structure
invalidation commands.

We put in place a per-smmu mutex to protect the config cache. This
will be useful too to protect the IOTLB cache. The caches can be
accessed without BQL, ie. in IO dataplane. The same kind of mutex was
put in place in the intel viommu.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1529653501-15358-3-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:50:42 +01:00
Peter Maydell
55df6fcf54 tcg: Support MMU protection regions smaller than TARGET_PAGE_SIZE
Add support for MMU protection regions that are smaller than
TARGET_PAGE_SIZE. We do this by marking the TLB entry for those
pages with a flag TLB_RECHECK. This flag causes us to always
take the slow-path for accesses. In the slow path we can then
special case them to always call tlb_fill() again, so we have
the correct information for the exact address being accessed.

This change allows us to handle reading and writing from small
regions; we cannot deal with execution from the small region.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180620130619.11362-2-peter.maydell@linaro.org
2018-06-26 17:50:41 +01:00
Philippe Mathieu-Daudé
84b335c6d0 hw/arm/omap: Use qemu_log_mask(GUEST_ERROR) instead of fprintf
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20180624040609.17572-10-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:50:40 +01:00
Philippe Mathieu-Daudé
415202d4c9 hw/arm/omap1: Use qemu_log_mask(GUEST_ERROR) instead of fprintf
TCMI_VERBOSE is no more used, drop the OMAP_8/16/32B_REG macros.

Suggested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20180624040609.17572-9-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:50:40 +01:00
Sai Pavan Boddu
21d887cde9 xilinx_spips: Make dma transactions as per dma_burst_size
Qspi dma has a burst length of 64 bytes, So limit the transactions w.r.t
dma-burst-size property.

Signed-off-by: Sai Pavan Boddu <saipava@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1529660880-30376-1-git-send-email-sai.pavan.boddu@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:50:39 +01:00
Peter Maydell
7e2d08863b vga: bugfix collection.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbMmlrAAoJEEy22O7T6HE4SoUP/1zN6DmiRpnOz5yiWfUERqbJ
 3NzA6JWjNL7sW413X71YGZPRKyestjld3G11c12KlL6MX6WVtiy0FU14/Pq3IMox
 OQsLfSIrXbIk6t2wC9NPS52Yyd9a1ca8UQzcAJRGhpAXSIxyr1SS009CTVkSysop
 fD9LZ4Cm0dC3pHAsUza9m3biDlgNzqQnseRTN3zNnzMFtnjzTTZPL+Zt2j7CjnCS
 g5FGYlt0FM9IdErYZ4SGTqOT1FEkQt9HyxsKRKUXsqkKuogGOrzE/KnZEVPDOhO6
 3Kdz9saEBWlP30iZpP7TWnpD1w1YwkD2yd7jE71LIPYITx2UeHvwGD8lfADc23Jd
 +XE3H1yPsURKmfx4b/g+fu7JSyHa5pXfwxD1HOV2GgUSb2RNRTu1Yn6aoS32dFj9
 1EzPXdh2iNAlRSxmVnGhrDkKNl2EYj01ZqY1MOSN6SoET0V9DIQpJuCQcB0rgHyz
 9QB2sdht/RymumK2e7M48JskKdP5r9MTGMML554onZ2bu7qIcZGxzbhLelpSy0IV
 XELqyZ7K8rgZY56yikJtEgSVjB2powxz+m64SyK3Nti6vgFIC6k/jBYZSR8wn3cd
 Kl6NFHu2QsnVz+dUlo7E7yUSEP6BoCoZScXCkaWVM+XMgejxtUVUft7bvr3/k9vS
 viQ+ZtKIS/QQp1VanjVE
 =QKlm
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180626-pull-request' into staging

vga: bugfix collection.

# gpg: Signature made Tue 26 Jun 2018 17:27:23 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20180626-pull-request:
  virtio-gpu-3d: Drop workaround for VIRTIO_GPU_CAPSET_VIRGL2 define
  ramfb: fix overflow
  vga: set owner for mmio regions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 17:37:56 +01:00
Peter Maydell
0ab4c574a5 ui: sdl2 fixes, gles support.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbMkX/AAoJEEy22O7T6HE4nsYQAMXS8PeZj4DLHnpU9uPe5B4o
 iJvtU5TUTIv4zTTG8YUjJMzZ3js6jTPUg38jeD/U8dZgvjnxsFuZnZmaO936b8hs
 P3cOgrSamj2cxs9DqyHbdZEBMygajeiSDDk5aHzcN9viM/RV6bLvZrnhgPhN9vm2
 bDCiUDMVMCHtuOcGvoDpjh0NWV2h/hKMpo99rObM4mYvEyU2sU/skLaO8sR3FSLk
 q7x5FrT7NMGXAckYw4nvT0PuOGmC12o+DCCWtQgvPAV4LWPfGlW4egHSVZgSolZ9
 s5QA+zHDJDcYBiT6r1jSBzKXSk1d4yI70C3zPRpZvcakBwrwCoHRWpJvkXyA62d3
 8GK04kejb1reVa3hIFIGiIqsRhKnNjc83Cdpui7STORo+u5lqQP68Z0KQYAMJhoK
 mafLZLDPyhzjeZZzJIDgAeiQ+Wa7FVW2N5yCEK1nez3I5YbsB84/NMBuLxzJPgaD
 eD1FHs1SiD0HF+Iqpv/+DnruCiBBm0B/EMDutECplvRIWC+O5aCjG46Fuo3rftUl
 JELK+aUwfzb8qJ0sGcAMVaV/AAqISDPA84jQ32Ok/8FB54c3rkodSB1//9NK7jLh
 4B6PW5gmBXWNatGrInjXOo0Hr2sXIW69a5UCbIpjJTdEjW2WHnT36ugwzOghdWic
 +jpNr9mQlZlbpOUFsOqN
 =t+1l
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/ui-20180626-pull-request' into staging

ui: sdl2 fixes, gles support.

# gpg: Signature made Tue 26 Jun 2018 14:56:15 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/ui-20180626-pull-request:
  sdl2: add checking for NULL
  sdl2: fix copypaste issues
  Add gles support to egl-helpers, wire up in egl-headless and gtk.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 16:44:57 +01:00
Peter Maydell
fd1cfb875b virtio-gpu-3d: Drop workaround for VIRTIO_GPU_CAPSET_VIRGL2 define
In commit a8bff79e9f we added a definition to hw/virtio/virtio-gpu.h
for VIRTIO_GPU_CAPSET_VIRGL2, as a workaround for it not yet being
in the Linux kernel headers. In commit 77d361b13c we updated our
kernel headers to a version which does define the macro, so we can
now remove our workaround.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20180622173249.29963-1-peter.maydell@linaro.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-06-26 16:04:17 +02:00
Peter Maydell
bd4e4a387a Machine queue, 2018-06-25
* Don't support --daemonize and --preconfig together
 * Deprecate machine types pc-0.10 and pc-0.11
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbMW7HAAoJECgHk2+YTcWmIrAP/0lA/TnT/FBATEdTg3zR75fd
 +eqPN/KD3lvPOIribRntV7GeWVP5qaD6bESZgFuMV3dLuOTmkS0j3IeZuA+YJuvd
 LPsAkIWpeO4O4kR6BqExPyZ1Ry48tWbIHNB62Ej1NAovJh9/UEYw/Vkqo7Su43/f
 B/0BJpQrvoXjul0WEKQ9/Q4pKjVC64Y2x6E+pglq3mHrf7jPoY5ciE+DxDpwtx60
 mdRadHQG5iG8sOtlSLoiNoZr/VSk0fQ+rj/vYpYWVCY/DoJEuAr0alfhmxNSLYfQ
 Fn+F3Arnrisbzz2m6jnZePi/BV7SOmdjz7SipKAd6B/6z7ZSNBBWhVCEQ1L44hbO
 DG1ZTM0qQJUa2T6CrpuFToKCNi5Z4fN/mYTxTiOwEUK2ezr3Pu5Gpc4Emt7LAyRz
 KMPCRTkAXp+NanD/iQtTbFcDgJwYFoKbDBa7Id75G+33g0yCEhEM8iMNLnz/0Vxh
 pIuI3oqWN+9c8Vv12l51fveDHJVT5ECagRvs/3k7/DTl34y/Q8njtjf55vcIv/cl
 35cKrDCP3lKeQjHoYWKi7IKJgq6xdfljcHOLXe7FXx1bf8tXT2XLoG7LydRyZ4Se
 rUJkRCYIaCcLR9eR5k6oZQjCw/1JSm0xzIhoN6NURZTylDF3vgIx6wR5Ge9Ormgh
 vroOTdBYZVDvTFJjp5sE
 =5vMt
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/machine-next-pull-request' into staging

Machine queue, 2018-06-25

* Don't support --daemonize and --preconfig together
* Deprecate machine types pc-0.10 and pc-0.11

# gpg: Signature made Mon 25 Jun 2018 23:37:59 BST
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/machine-next-pull-request:
  hw/i386: Deprecate the machine types pc-0.10 and pc-0.11
  vl.c: do not allow --daemonize in combination with --preconfig CLI option

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-26 12:49:24 +01:00
Gerd Hoffmann
54d208ffda Add gles support to egl-helpers, wire up in egl-headless and gtk.
Add support for OpenGL ES to egl-helpers.  Wire up the new option for
egl-headless and gtk UIs.  egl-headless actually works fine.  gtk hits a
not-yet implemented code path in libEGL when trying to use gles mode:

  libEGL warning: FIXME: egl/x11 doesn't support front buffer rendering.

(This is mesa 17.2.3).

Cc: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Tested-by: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Message-id: 20180618112141.23398-1-kraxel@redhat.com
2018-06-26 13:48:49 +02:00
Eduardo Habkost
0b6e9aa89e Merge branch 'master' of git://git.qemu.org/qemu into x86-next 2018-06-25 14:10:56 -03:00
Thomas Huth
08fe68244e hw/i386: Deprecate the machine types pc-0.10 and pc-0.11
The oldest machine type which is still used in a still maintained distro
is a pc-0.12 based machine type in RHEL6, so everything that is older
than pc-0.12 should not be used anymore. Thus let's deprecate pc-0.10
and pc-0.11 so that we can finally remove them in a future release.

Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1529917512-10528-1-git-send-email-thuth@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-06-25 14:10:01 -03:00
Peter Maydell
35e238c933 audio: new timer code for hda codec, fix audio_get_conf_int
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbMOpJAAoJEEy22O7T6HE46J4QAJFzQjX1trVObx7lqhVMiQiP
 C6IS6/FkqY22fylWQuvl2Sq/TfRpftXWvAIEYNybbYo2uT0oeZQDARP9Atq+WDjk
 yzlVHEsARmiXPnvyae3XsDAdnoEOfQne31kOE1qDbQxPHUHMigWSFw/6/zDqfV3P
 dObk1SJFrUfxVY6puECbtcli5SXsZG9DA7Vmy/LT0xsOAReOKxNNLN4/MipAwR3y
 iss21IGTSx157zF3nK5W7++BQVwI3+ATiTeOT7taCujzoKno0cKKQ/z9ItsFILGM
 eAyODn7X+lMSb2DTGmYi8mtzwBMxu5DsIvF07wevc/jD1zeeFayAj6+WT564MxDD
 t2sZ11q0h3rqm8MpPjje97BFjHpI296ZOLGBR1s6Z2z0V3YM76SsfmomEORfCaQ7
 3dJfFOGYoYpJQ/qvGF/uZSg5MwuqfpqpdMxwEFcl+zBLrIMcWAanTNNUtHs42rJV
 83klCGeZKe29X0U+CaDFMzXAAlUmRdjq9BFj4f0chzd8tx6hEQa8L2GJDKy32gHn
 xF6fwSInasP9p0rRI9bESd6J+1BOqhyvYS7G1zjx8feTIh3jVDFqxk9gjU7fFSmg
 RjPJgZxmYW6p6I762KundcsFzTxE7ZRTIeJ53XnDlQuQo8O1cj7ynTVV24QSkmA+
 1j+fLHHNNfQx4XhIR7cV
 =6DsA
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/audio-20180625-pull-request' into staging

audio: new timer code for hda codec, fix audio_get_conf_int

# gpg: Signature made Mon 25 Jun 2018 14:12:41 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/audio-20180625-pull-request:
  audio: Convert use of atoi to qemu_strtoi
  audio/hda: enable new timer code by default.
  audio/hda: detect output buffer overruns
  audio/hda: tweak timer adjust logic
  audio/hda: turn some dprintfs into trace points
  audio/hda: create millisecond timers that handle IO

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-25 15:25:26 +01:00
Gerd Hoffmann
bc753dc09f audio/hda: enable new timer code by default.
Also add a compat property to disable it for old machine types,
needed for live migration compatibility.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180622111200.30561-6-kraxel@redhat.com
2018-06-25 13:57:57 +02:00
Babu Moger
e00516475c i386: Enable TOPOEXT feature on AMD EPYC CPU
Enable TOPOEXT feature on EPYC CPU. This is required to support
hyperthreading on VM guests. Also extend xlevel to 0x8000001E.

Disable topoext on PC_COMPAT_2_12 and keep xlevel 0x8000000a.

Signed-off-by: Babu Moger <babu.moger@amd.com>
Message-Id: <1529443919-67509-3-git-send-email-babu.moger@amd.com>
[ehabkost: Added EPYC-IBPB.xlevel to PC_COMPAT_2_12]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-06-22 15:01:15 -03:00
Peter Maydell
5fce312200 target-arm queue:
* hw/intc/arm_gicv3: fix wrong values when reading IPRIORITYR
  * target/arm: fix read of freed memory in kvm_arm_machine_init_done()
  * virt: support up to 512 CPUs
  * virt: support 256MB ECAM PCI region (for more PCI devices)
  * xlnx-zynqmp: Use Cortex-R5F, not Cortex-R5
  * mps2-tz: Implement and use the TrustZone Memory Protection Controller
  * target/arm: enforce alignment checking for v6M cores
  * xen: Don't use memory_region_init_ram_nomigrate() in pci_assign_dev_load_option_rom()
  * vl.c: Don't zero-initialize statics for serial_hds
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJbLPHgAAoJEDwlJe0UNgzeCugP/0yFWNkIQqgPX1D2fDLaea8z
 fj2QCkMHVDC/iM9s2Q7PpQDwfxMfE5MbvcavyfcVWe6lthyWQvvQ+5j4JHipgEup
 vdGX+ASA9sbC3kJ1u/OUekz6JliEWaxOyImnj2gyQfBw8zuMfiF+eTmtoKXcJC3u
 KNSNvArPIaFLNKsaQgTQE19Bu8CxIzfGEzsIgeAoD4gE7wv48EWqpOaYdIkbDo+0
 gJylBVCa46pmf56ESCuLTDZC+2FxBcw+uCFtD5zzt6YVV0Fli1ja9FNwLP17YHqg
 GOfNQ6melPeNUF+ByIEaPLWrq+Sy2P6wlnVlvKcKis8nXq497VjJdvv1txbbnyrn
 s4dKgVHjQP6EocvaVKCxXsLfjvPUCF2+f/uIdA8IR4WRilgTEfV3IdOYNuKjOFXb
 FcYap5UrX4ikEBkDBIBkh1BQXqOAU+lf8JjW1O6kn8PbfkEu2oRqGybWtEOjr+mz
 +iNsJ+4PydJ34WlvPKkzDG7GjEJcleStmgD3/DdL3r+jtjBYBT97xOAqWVnyVRYb
 NEUQEGmG894THftieuMw6r8vi4u24ZkI/3vGvBeSZ1od8IFEjzENRWkhYoDhLO5r
 LH16da19pVgWnLSXJnhxLTRaYNNAphNSIW30GDAwMbuXFK+LpCBufT8X7b6RerNx
 tOYET9DwlQRYEiuBVeSk
 =1T5q
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180622' into staging

target-arm queue:
 * hw/intc/arm_gicv3: fix wrong values when reading IPRIORITYR
 * target/arm: fix read of freed memory in kvm_arm_machine_init_done()
 * virt: support up to 512 CPUs
 * virt: support 256MB ECAM PCI region (for more PCI devices)
 * xlnx-zynqmp: Use Cortex-R5F, not Cortex-R5
 * mps2-tz: Implement and use the TrustZone Memory Protection Controller
 * target/arm: enforce alignment checking for v6M cores
 * xen: Don't use memory_region_init_ram_nomigrate() in pci_assign_dev_load_option_rom()
 * vl.c: Don't zero-initialize statics for serial_hds

# gpg: Signature made Fri 22 Jun 2018 13:56:00 BST
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20180622: (28 commits)
  xen: Don't use memory_region_init_ram_nomigrate() in pci_assign_dev_load_option_rom()
  vl.c: Don't zero-initialize statics for serial_hds
  target/arm: Strict alignment for ARMv6-M and ARMv8-M Baseline
  target/arm: Introduce ARM_FEATURE_M_MAIN
  hw/arm/mps2-tz.c: Instantiate MPCs
  hw/arm/iotkit: Wire up MPC interrupt lines
  hw/arm/iotkit: Instantiate MPC
  hw/misc/iotkit-secctl.c: Implement SECMPCINTSTATUS
  hw/misc/tz_mpc.c: Honour the BLK_LUT settings in translate
  hw/misc/tz-mpc.c: Implement correct blocked-access behaviour
  hw/misc/tz-mpc.c: Implement registers
  hw/misc/tz-mpc.c: Implement the Arm TrustZone Memory Protection Controller
  xlnx-zynqmp: Swap Cortex-R5 for Cortex-R5F
  target-arm: Add the Cortex-R5F
  hw/arm/virt: Increase max_cpus to 512
  hw/arm/virt: Use 256MB ECAM region by default
  hw/arm/virt: Add virt-3.0 machine type
  hw/arm/virt: Add a new 256MB ECAM region
  hw/arm/virt: Register two redistributor regions when necessary
  hw/arm/virt-acpi-build: Advertise one or two GICR structures
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-22 16:03:31 +01:00
Peter Maydell
c52e53f429 ppc patch queue 2018-06-22
Another assorted patch of patches for ppc and spapr.
     * Rework of guest pagesize handling for ppc, which avoids guest
       visibly different behaviour between accelerators
     * A number of Pnv cleanups, working towards more complete POWER9
       support
     * Migration of VPA data, a significant bugfix
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlssebQACgkQbDjKyiDZ
 s5IMUA/+MUejq1eIAE3z4POijm0nNS5r7gce4b6M4G0vV1cC3eY9GA/kir4r3XU5
 LoBGJx96pSXph69tzI7WIdn8vHpE2AkvWr4DT36ndxW0H7V630BCHk7vWMuBrfHf
 5l+bKgKKnfM5MaptnKDsosvfSk7NaH+7cqSa97h2PUGFaTKmD2XyTXQqBkReBzoC
 lBYVUVLjc6l9Y3P+DT+3uF+5lR7QOuqJ+2q31DvuNcTFoYhHc4DPXmDb5PfjY/DG
 3oBIcFC6dqjkRzWAAT65Zk1P/hrKcYmmE382hwsFg76GTGR893MhE0vx0EjqrFbr
 Tdkwj8v6Uto9/iatRz/nBSEg96oDmvSmz97Omh4JwHPKOpHRZ+QjCxccK63Jp1Yv
 xgwV52YIw/5LIQYLw6eArDKfU9iLZ/Nh+rtAZxaCb/Bvsmv2vljbDpHbuhk1uJ8i
 NaJ4Pe9aDt7tew39Sl/ohdUmgOYBal3WwVBNE5JNn5cO6GxzEG8U5JuFDY+RzpUV
 Xh2ksy1n6F7Q3XOqf4CgF/0Gpy5mrUXSRyCVIx47E+DNwFvkexNwX8PqANJqKJFo
 cxBBZbvaHRjpUGUN/yjixPqx7xWWfC698Urgdzg7LMcn3SjaRztT834DhlH46gh6
 1KBf2RrkPXEJD+O4YMb5CowDXrPL4yYXSLN0GxGUknW0nQF3v2g=
 =vjK1
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.0-20180622' into staging

ppc patch queue 2018-06-22

Another assorted patch of patches for ppc and spapr.
    * Rework of guest pagesize handling for ppc, which avoids guest
      visibly different behaviour between accelerators
    * A number of Pnv cleanups, working towards more complete POWER9
      support
    * Migration of VPA data, a significant bugfix

# gpg: Signature made Fri 22 Jun 2018 05:23:16 BST
# gpg:                using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-3.0-20180622: (23 commits)
  spapr: Don't rewrite mmu capabilities in KVM mode
  spapr: Limit available pagesizes to provide a consistent guest environment
  target/ppc: Add ppc_hash64_filter_pagesizes()
  spapr: Use maximum page size capability to simplify memory backend checking
  spapr: Maximum (HPT) pagesize property
  pseries: Update SLOF firmware image to qemu-slof-20180621
  target/ppc: Add missing opcode for icbt on PPC440
  ppc4xx_i2c: Implement directcntl register
  ppc4xx_i2c: Remove unimplemented sdata and intr registers
  sm501: Fix hardware cursor color conversion
  fpu_helper.c: fix helper_fpscr_clrbit() function
  spapr: remove unused spapr_irq routines
  spapr: split the IRQ allocation sequence
  target/ppc: Add kvmppc_hpt_needs_host_contiguous_pages() helper
  spapr: Add cpu_apply hook to capabilities
  spapr: Compute effective capability values earlier
  target/ppc: Allow cpu compatiblity checks based on type, not instance
  ppc/pnv: consolidate the creation of the ISA bus device tree
  ppc/pnv: introduce Pnv8Chip and Pnv9Chip models
  spapr_cpu_core: migrate VPA related state
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-22 15:14:08 +01:00
Peter Maydell
bb75e16d5e hw/arm/iotkit: Wire up MPC interrupt lines
The interrupt outputs from the MPC in the IoTKit and the expansion
MPCs in the board must be wired up to the security controller, and
also all ORed together to produce a single line to the NVIC.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180620132032.28865-8-peter.maydell@linaro.org
2018-06-22 13:28:40 +01:00
Peter Maydell
af60b29183 hw/arm/iotkit: Instantiate MPC
Wire up the one MPC that is part of the IoTKit itself. For the
moment we don't wire up its interrupt line.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180620132032.28865-7-peter.maydell@linaro.org
2018-06-22 13:28:40 +01:00
Peter Maydell
3fd3cb2f6f hw/misc/iotkit-secctl.c: Implement SECMPCINTSTATUS
Implement the SECMPCINTSTATUS register. This is the only register
in the security controller that deals with Memory Protection
Controllers, and it simply provides a read-only view of the
interrupt lines from the various MPCs in the system.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20180620132032.28865-6-peter.maydell@linaro.org
2018-06-22 13:28:40 +01:00
Peter Maydell
cdb6099818 hw/misc/tz-mpc.c: Implement registers
Implement the missing registers for the TZ MPC.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20180620132032.28865-3-peter.maydell@linaro.org
2018-06-22 13:28:39 +01:00
Peter Maydell
344f4b1581 hw/misc/tz-mpc.c: Implement the Arm TrustZone Memory Protection Controller
Implement the Arm TrustZone Memory Protection Controller, which sits
in front of RAM and allows secure software to configure it to either
pass through or reject transactions.

We implement the MPC as a QEMU IOMMU, which will direct transactions
either through to the devices and memory behind it or to a special
"never works" AddressSpace if they are blocked.

This initial commit implements the skeleton of the device:
 * it always permits accesses
 * it doesn't implement most of the registers
 * it doesn't implement the interrupt or other behaviour
   for blocked transactions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20180620132032.28865-2-peter.maydell@linaro.org
2018-06-22 13:28:39 +01:00
Eric Auger
17ec075a65 hw/arm/virt: Use 256MB ECAM region by default
With this patch, virt-3.0 machine uses a new 256MB ECAM region
by default instead of the legacy 16MB one, if highmem is set
(LPAE supported by the guest) and (!firmware_loaded || aarch64).

Indeed aarch32 mode FW may not support this high ECAM region.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 1529072910-16156-11-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-22 13:28:37 +01:00
Eric Auger
601d626d14 hw/arm/virt: Add a new 256MB ECAM region
This patch defines a new ECAM region located after the 256GB limit.

The virt machine state is augmented with a new highmem_ecam field
which guards the usage of this new ECAM region instead of the legacy
16MB one. With the highmem ECAM region, up to 256 PCIe buses can be
used.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 1529072910-16156-9-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-22 13:28:37 +01:00
Eric Auger
f90747c4e8 hw/arm/virt: GICv3 DT node with one or two redistributor regions
This patch allows the creation of a GICv3 node with 1 or 2
redistributor regions depending on the number of smu_cpus.
The second redistributor region is located just after the
existing RAM region, at 256GB and contains up to up to 512 vcpus.

Please refer to kernel documentation for further node details:
Documentation/devicetree/bindings/interrupt-controller/arm,gic-v3.txt

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 1529072910-16156-6-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-22 13:28:36 +01:00
Eric Auger
1e575b6664 hw/intc/arm_gicv3: Introduce redist-region-count array property
To prepare for multiple redistributor regions, we introduce
an array of uint32_t properties that stores the redistributor
count of each redistributor region.

Non accelerated VGICv3 only supports a single redistributor region.
The capacity of all redist regions is checked against the number of
vcpus.

Machvirt is updated to set those properties, ie. a single
redistributor region with count set to the number of vcpus
capped by 123.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 1529072910-16156-4-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-22 13:28:36 +01:00
Eric Auger
77d361b13c linux-headers: Update to kernel mainline commit b357bf602
Update our kernel headers to mainline commit
b357bf6023a948cf6a9472f07a1b0caac0e4f8e8
("Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm")

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Message-id: 1529072910-16156-2-git-send-email-eric.auger@redhat.com
[PMM:  clarified commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-22 13:28:35 +01:00
Peter Maydell
409ef9eb4a nbd patches for 2018-06-20
Add experimental x-nbd-server-add-bitmap to expose a disabled
 bitmap over NBD, in preparation for a pull model incremental
 backup scheme. Also fix a corner case protocol issue with
 NBD_CMD_BLOCK_STATUS, and add new NBD_CMD_CACHE.
 
 - Eric Blake: tests: Simplify .gitignore
 - Eric Blake: nbd/server: Reject 0-length block status request
 - Vladimir Sementsov-Ogievskiy: 0/6 NBD export bitmaps
 - Vladimir Sementsov-Ogievskiy: nbd/server: introduce NBD_CMD_CACHE
 -----BEGIN PGP SIGNATURE-----
 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
 
 iQEcBAABCAAGBQJbK7wDAAoJEKeha0olJ0NqJuMH/0o7wzP3HWIO1pJZvhRA81AP
 ZZqZy/8xO0B++keCxzgTbdr9yf6RDtYGjDrNuOcVzqfA1k9E1Cl2pPjS93TzPlzZ
 PEgtG6bLXL2jCUi/8/EbZ/TLuoQx5YJc7eXTNREgXDRMLiTEg5Kcmg1n0efhr8Sl
 5/bRMDmW1+atO4dJS8bEW5WLuy4IoB823cSHjWoPFRHeNCwmFREwTx2xVULVje84
 JZzHYxyaBRquYLKIAew1WidhKVC4OiYtm4F5PxGBB/ZCVkeoDBX5uqZSjOUVt8y7
 uOhGYQGW/qSj/s3x74NEL6IPo57Iay/Wq065DbolDx7s0y5t38TocrBnakzOBFU=
 =VK6J
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2018-06-20-v2' into staging

nbd patches for 2018-06-20

Add experimental x-nbd-server-add-bitmap to expose a disabled
bitmap over NBD, in preparation for a pull model incremental
backup scheme. Also fix a corner case protocol issue with
NBD_CMD_BLOCK_STATUS, and add new NBD_CMD_CACHE.

- Eric Blake: tests: Simplify .gitignore
- Eric Blake: nbd/server: Reject 0-length block status request
- Vladimir Sementsov-Ogievskiy: 0/6 NBD export bitmaps
- Vladimir Sementsov-Ogievskiy: nbd/server: introduce NBD_CMD_CACHE

# gpg: Signature made Thu 21 Jun 2018 15:53:55 BST
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>"
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>"
# gpg:                 aka "[jpeg image of size 6874]"
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2018-06-20-v2:
  nbd/server: introduce NBD_CMD_CACHE
  docs/interop: add nbd.txt
  qapi: new qmp command nbd-server-add-bitmap
  nbd/server: implement dirty bitmap export
  nbd/server: add nbd_meta_empty_or_pattern helper
  nbd/server: refactor NBDExportMetaContexts
  nbd/server: fix trace
  nbd/server: Reject 0-length block status request
  tests: Simplify .gitignore

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-22 09:58:29 +01:00
David Gibson
123eec6552 spapr: Use maximum page size capability to simplify memory backend checking
The way we used to handle KVM allowable guest pagesizes for PAPR guests
required some convoluted checking of memory attached to the guest.

The allowable pagesizes advertised to the guest cpus depended on the memory
which was attached at boot, but then we needed to ensure that any memory
later hotplugged didn't change which pagesizes were allowed.

Now that we have an explicit machine option to control the allowable
maximum pagesize we can simplify this.  We just check all memory backends
against that declared pagesize.  We check base and cold-plugged memory at
reset time, and hotplugged memory at pre_plug() time.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2018-06-22 14:19:07 +10:00
David Gibson
2309832afd spapr: Maximum (HPT) pagesize property
The way the POWER Hash Page Table (HPT) MMU is virtualized by KVM HV means
that every page that the guest puts in the pagetables must be truly
physically contiguous, not just GPA-contiguous.  In effect this means that
an HPT guest can't use any pagesizes greater than the host page size used
to back its memory.

At present we handle this by changing what we advertise to the guest based
on the backing pagesizes.  This is pretty bad, because it means the guest
sees a different environment depending on what should be host configuration
details.

As a start on fixing this, we add a new capability parameter to the
pseries machine type which gives the maximum allowed pagesizes for an
HPT guest.  For now we just create and validate the parameter without
making it do anything.

For backwards compatibility, on older machine types we set it to the max
available page size for the host.  For the 3.0 machine type, we fix it to
16, the intention being to only allow HPT pagesizes up to 64kiB by default
in future.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2018-06-22 14:19:07 +10:00
Peter Maydell
33836a7315 TCG patch queue:
Workaround macos assembler lossage.
 Eliminate tb_lock.
 Fix TB code generation overflow.
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbJBZIAAoJEGTfOOivfiFfy0gH/1brodMhJbTS6/k9+FyXWEy5
 zYjCGKKlMZk//Y+4wcF5tXY/qDRNWk80j6KyxumNp3gCBehx6u59EEsrJRQaxBHm
 nYbDoE3Fy0J4KgRzdGmkYtl89XDK1++Ea9uL9N/stg2MSodzqoV6uudLYr/f+nRj
 4MkS+7BI+aJ4/XIKLU+/+cRo+5FdD0hNEabjlUxTOSrfJbr/YxbnVINX01A4yD6q
 LSzwLAEqpJehFBQjeSLu93ztrapj/1vEaguPOf04F6pXgOLpvSPlPahqwwk4qRwS
 OFgWwSPby3jrNLYZcufx2cY5pG3i4wDGK3z/B35hnDEGwYp1fNt6xdq+EzmHhaM=
 =ibt/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20180615' into staging

TCG patch queue:

Workaround macos assembler lossage.
Eliminate tb_lock.
Fix TB code generation overflow.

# gpg: Signature made Fri 15 Jun 2018 20:40:56 BST
# gpg:                using RSA key 64DF38E8AF7E215F
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>"
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-tcg-20180615:
  tcg: Reduce max TB opcode count
  tcg: remove tb_lock
  translate-all: remove tb_lock mention from cpu_restore_state_from_tb
  cputlb: remove tb_lock from tlb_flush functions
  translate-all: protect TB jumps with a per-destination-TB lock
  translate-all: discard TB when tb_link_page returns an existing matching TB
  translate-all: introduce assert_no_pages_locked
  translate-all: add page_locked assertions
  translate-all: use per-page locking in !user-mode
  translate-all: move tb_invalidate_phys_page_range up in the file
  translate-all: work page-by-page in tb_invalidate_phys_range_1
  translate-all: remove hole in PageDesc
  translate-all: make l1_map lockless
  translate-all: iterate over TBs in a page with PAGE_FOR_EACH_TB
  tcg: move tb_ctx.tb_phys_invalidate_count to tcg_ctx
  tcg: track TBs with per-region BST's
  qht: return existing entry when qht_insert fails
  qht: require a default comparison function
  tcg/i386: Use byte form of xgetbv instruction

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-21 17:54:26 +01:00
Vladimir Sementsov-Ogievskiy
bc37b06a5c nbd/server: introduce NBD_CMD_CACHE
Handle nbd CACHE command. Just do read, without sending read data back.
Cache mechanism should be done by exported node driver chain.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20180413143156.11409-1-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: fix two missing case labels in switch statements]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-06-21 09:41:39 -05:00
Vladimir Sementsov-Ogievskiy
3d068aff16 nbd/server: implement dirty bitmap export
Handle a new NBD meta namespace: "qemu", and corresponding queries:
"qemu:dirty-bitmap:<export bitmap name>".

With the new metadata context negotiated, BLOCK_STATUS query will reply
with dirty-bitmap data, converted to extents. The new public function
nbd_export_bitmap selects which bitmap to export. For now, only one bitmap
may be exported.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20180609151758.17343-5-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: wording tweaks, minor cleanups, additional tracing]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-06-21 09:23:58 -05:00
BALATON Zoltan
ef9173a5c0 ppc4xx_i2c: Implement directcntl register
As well as being able to generate its own i2c transactions, the ppc4xx
i2c controller has a DIRECTCNTL register which allows explicit control
of the i2c lines.

Using this register an OS can directly bitbang i2c operations. In
order to let emulated i2c devices respond to this, we need to wire up
the DIRECTCNTL register to qemu's bitbanged i2c handling code.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-21 21:22:53 +10:00
BALATON Zoltan
39aeba6caa ppc4xx_i2c: Remove unimplemented sdata and intr registers
We don't emulate slave mode so related registers are not needed.
[lh]sadr are only retained to avoid too many warnings and simplify
debugging but sdata is not even correct because device has a 4 byte
FIFO instead so just remove this unimplemented register for now.

The intr register is also not implemented correctly, it is for
diagnostics and normally not even visible on device without explicitly
enabling it. As no guests are known to need this remove it as well.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-21 21:22:53 +10:00
Cédric Le Goater
71b5c8d26e spapr: remove unused spapr_irq routines
spapr_irq_alloc_block and spapr_irq_alloc() are now deprecated.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-21 21:22:53 +10:00
Cédric Le Goater
4fe75a8ccd spapr: split the IRQ allocation sequence
Today, when a device requests for IRQ number in a sPAPR machine, the
spapr_irq_alloc() routine first scans the ICSState status array to
find an empty slot and then performs the assignement of the selected
numbers. Split this sequence in two distinct routines : spapr_irq_find()
for lookups and spapr_irq_claim() for claiming the IRQ numbers.

This will ease the introduction of a static layout of IRQ numbers.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-21 21:22:53 +10:00
David Gibson
e2e4f64118 spapr: Add cpu_apply hook to capabilities
spapr capabilities have an apply hook to actually activate (or deactivate)
the feature in the system at reset time.  However, a number of capabilities
affect the setup of cpus, and need to be applied to each of them -
including hotplugged cpus for extra complication.  To make this simpler,
add an optional cpu_apply hook that is called from spapr_cpu_reset().

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
2018-06-21 21:22:53 +10:00
David Gibson
9f6edd066e spapr: Compute effective capability values earlier
Previously, the effective values of the various spapr capability flags
were only determined at machine reset time.  That was a lazy way of making
sure it was after cpu initialization so it could use the cpu object to
inform the defaults.

But we've now improved the compat checking code so that we don't need to
instantiate the cpus to use it.  That lets us move the resolution of the
capability defaults much earlier.

This is going to be necessary for some future capabilities.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
2018-06-21 21:22:53 +10:00
Cédric Le Goater
77864267c3 ppc/pnv: introduce Pnv8Chip and Pnv9Chip models
It introduces a base PnvChip class from which the specific processor
chip classes, Pnv8Chip and Pnv9Chip, inherit. Each of them needs to
define an init and a realize routine which will create the controllers
of the target processor. For the moment, the base PnvChip class
handles the XSCOM bus and the cores.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-21 21:22:53 +10:00
Greg Kurz
b94020268e spapr_cpu_core: migrate per-CPU data
A per-CPU machine data pointer was recently added to PowerPCCPU. The
motivation is to to hide platform specific details from the core CPU
code. This per-CPU data can hold state which is relevant to the guest
though, eg, Virtual Processor Areas, and we should migrate this state.

This patch adds the plumbing so that we can migrate the per-CPU data
for PAPR guests. We only do this for newer machine types for the sake
of backward compatibility. No state is migrated for the moment: the
vmstate_spapr_cpu_state structure will be populated by subsequent
patches.

Signed-off-by: Greg Kurz <groug@kaod.org>
[dwg: Fix some trivial spelling and spacing errors]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-21 21:22:53 +10:00
Cédric Le Goater
04026890f2 ppc/pnv: introduce a new isa_create() operation to the chip model
This moves the details of the ISA bus creation under the LPC model but
more important, the new PnvChip operation will let us choose the chip
class to use when we introduce the different chip classes for Power9
and Power8. It hides away the processor chip controllers from the
machine.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-21 21:22:53 +10:00
Cédric Le Goater
d35aefa9ae ppc/pnv: introduce a new intc_create() operation to the chip model
On Power9, the thread interrupt presenter has a different type and is
linked to the chip owning the cores.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-21 21:22:53 +10:00
Peter Maydell
0f01b9fdd4 Block layer patches:
- Active mirror (blockdev-mirror copy-mode=write-blocking)
 - bdrv_drain_*() fixes and test cases
 - Fix crash with scsi-hd and drive_del
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbJ+FaAAoJEH8JsnLIjy/WIRoP/29yh6sRfk+bgxxKczctZLSr
 hJYkf62oZG0NjwAqjA+P9TJjUFLuRS62cVE5IljvcKjcAaXIavJy5ZIqHx/T2BS2
 faaUMOjlhbMtH8Emeun8BoTzPXKME3m7IifxTvc1g40UkeTbeGFF8P3wZ32QtduO
 OwxkT4qM0tiV4rin2Gds4IGokigx9qJKAN3i2PJNlUYg9kXs7tjdVuJp73OK3ZVb
 w0uYvPsiY65GJ3VrLxyPrH3wCWMnI7Ep4ekbjYTusoV57iZdQ6e3kDwqAgCGNPaE
 BaCQx7Aza7D6EDE+fOKIegyh7AyUy+oA1kcA5Z4u4qsasvYIYm7bQIFh+ohRHHpf
 +SbvAY1dockOYuN6V6K2EkIU6jNFmgUFHAU9jHb7QBlgYDfsTBNOPgK6po3NtjJM
 Scv9aB7aHGmTvRFYb1LHHJWsiMOaWgXgCFelAzM6PfhSvPPE8110doGS7dqbDAI+
 PThdtvXoNACuvwNUKGc5I16iO9j3p1aL4RYz2e/9xVlsATwUYiU3D1ICpw/ejb4z
 gfwseeFxdLfWV/bNylYd9FZJSs2NoZhNrw+qghIkJ9hTO2YJguCLqQTtJzT2gTXT
 YVjEhTFGcOtTgG3Z+s5PhHwkWBCVmJWUFxh0eDa4ejfHqc1e+A2Tqxh4LgnsloaK
 WgHFympxV6Sb1s7V8i7V
 =6Krl
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Active mirror (blockdev-mirror copy-mode=write-blocking)
- bdrv_drain_*() fixes and test cases
- Fix crash with scsi-hd and drive_del

# gpg: Signature made Mon 18 Jun 2018 17:44:10 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (35 commits)
  iotests: Add test for active mirroring
  block/mirror: Add copy mode QAPI interface
  block/mirror: Add active mirroring
  job: Add job_progress_increase_remaining()
  block/mirror: Add MirrorBDSOpaque
  block/dirty-bitmap: Add bdrv_dirty_iter_next_area
  test-hbitmap: Add non-advancing iter_next tests
  hbitmap: Add @advance param to hbitmap_iter_next()
  block: Generalize should_update_child() rule
  block/mirror: Use source as a BdrvChild
  block/mirror: Wait for in-flight op conflicts
  block/mirror: Use CoQueue to wait on in-flight ops
  block/mirror: Convert to coroutines
  block/mirror: Pull out mirror_perform()
  block: fix QEMU crash with scsi-hd and drive_del
  test-bdrv-drain: Test graph changes in drain_all section
  block: Allow graph changes in bdrv_drain_all_begin/end sections
  block: ignore_bds_parents parameter for drain functions
  block: Move bdrv_drain_all_begin() out of coroutine context
  block: Allow AIO_WAIT_WHILE with NULL ctx
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-19 16:04:43 +01:00
Peter Maydell
59926de998 vga: add ramfb, print virglrenderer version
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbJ4ISAAoJEEy22O7T6HE4vJsP/11VphYRW9cd7E0+wuH4zqb/
 r0x540BQ+TH8+xVaZDMJgQuwLUFnq/3dWO4ImOSblZs+MD/ojk0XNw8tWLxqAVjk
 CrSA0aZj4tT+Dwpx6ylC+ta6klDr8Y75dK2Zo9ZJrDy3aniqTQNk7QyLuFcrlfPk
 QBJm3J/lrbwTwtFEG9lXe5jZud5eR2rZsPXljuCPAAiIy3WdOMA57OZwND+zngW8
 QCYJH+2K41BXta9o5jKmhDNFc24nnYFtoo9xpZp0S0mP5TKzMP6zmI/JtP270FhC
 KvX4SFgqs2zuQkgbG4MouoXqKAiY8lgarEdiWggAjacTBEkEZ/nBmVLuN7S5nIoA
 M70b+eriybIVVX7fCe0CykcqxXGnuEEPtLGlZ5vk/rCaZiKGmsFaYYF+xcfswMtz
 gVkgZMSgIoJ0pxc4qKOTxy2J6ZxOc+Dz0NEMSSzv8Y4AwYn5d9b+ri8Zc8jnYzLZ
 EHPv+1zXHwXBmwmKcgysW58b4Z5DGyNShpFTPh74Nep72P68Uf4lQOf+gYyjtIIE
 VJ5sdd0kK5cfQHwKaBHgefnyNSPy6WCu4ogEKs3WQKmNVNFS8Zsl4c5kJhgP5pZz
 IEUGyFDV1+yl3ZUilnj/a02IWNOmkHNXdgSUeveqhiaTzl7DMr8oj3byizVnJ/3J
 T6U1DNus9BS7W+UnH+Fw
 =x6JE
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180618-pull-request' into staging

vga: add ramfb, print virglrenderer version

# gpg: Signature made Mon 18 Jun 2018 10:57:38 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20180618-pull-request:
  Add ramfb MAINTAINERS entry
  hw/display: add standalone ramfb device
  hw/display: add ramfb, a simple boot framebuffer living in guest ram
  configure: print virglrenderer version

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-19 13:43:35 +01:00
Max Reitz
481debaa32 block/mirror: Add copy mode QAPI interface
This patch allows the user to specify whether to use active or only
background mode for mirror block jobs.  Currently, this setting will
remain constant for the duration of the entire block job.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 20180613181823.13618-14-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-06-18 17:05:16 +02:00
Max Reitz
62f1360059 job: Add job_progress_increase_remaining()
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180613181823.13618-12-mreitz@redhat.com
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-06-18 17:05:11 +02:00
Max Reitz
72d10a9421 block/dirty-bitmap: Add bdrv_dirty_iter_next_area
This new function allows to look for a consecutively dirty area in a
dirty bitmap.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 20180613181823.13618-10-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-06-18 17:04:57 +02:00
Max Reitz
a33fbb4f8b hbitmap: Add @advance param to hbitmap_iter_next()
This new parameter allows the caller to just query the next dirty
position without moving the iterator.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 20180613181823.13618-8-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-06-18 17:04:55 +02:00
Kevin Wolf
0f12264e7a block: Allow graph changes in bdrv_drain_all_begin/end sections
bdrv_drain_all_*() used bdrv_next() to iterate over all root nodes and
did a subtree drain for each of them. This works fine as long as the
graph is static, but sadly, reality looks different.

If the graph changes so that root nodes are added or removed, we would
have to compensate for this. bdrv_next() returns each root node only
once even if it's the root node for multiple BlockBackends or for a
monitor-owned block driver tree, which would only complicate things.

The much easier and more obviously correct way is to fundamentally
change the way the functions work: Iterate over all BlockDriverStates,
no matter who owns them, and drain them individually. Compensation is
only necessary when a new BDS is created inside a drain_all section.
Removal of a BDS doesn't require any action because it's gone afterwards
anyway.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-18 15:03:25 +02:00
Kevin Wolf
6cd5c9d7b2 block: ignore_bds_parents parameter for drain functions
In the future, bdrv_drained_all_begin/end() will drain all invidiual
nodes separately rather than whole subtrees. This means that we don't
want to propagate the drain to all parents any more: If the parent is a
BDS, it will already be drained separately. Recursing to all parents is
unnecessary work and would make it an O(n²) operation.

Prepare the drain function for the changed drain_all by adding an
ignore_bds_parents parameter to the internal implementation that
prevents the propagation of the drain to BDS parents. We still (have to)
propagate it to non-BDS parents like BlockBackends or Jobs because those
are not drained separately.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-18 15:03:25 +02:00
Kevin Wolf
4d22bbf4ef block: Allow AIO_WAIT_WHILE with NULL ctx
bdrv_drain_all() wants to have a single polling loop for draining the
in-flight requests of all nodes. This means that the AIO_WAIT_WHILE()
condition relies on activity in multiple AioContexts, which is polled
from the mainloop context. We must therefore call AIO_WAIT_WHILE() from
the mainloop thread and use the AioWait notification mechanism.

Just randomly picking the AioContext of any non-mainloop thread would
work, but instead of bothering to find such a context in the caller, we
can just as well accept NULL for ctx.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-18 15:03:25 +02:00
Kevin Wolf
dcf94a23b1 block: Don't poll in parent drain callbacks
bdrv_do_drained_begin() is only safe if we have a single
BDRV_POLL_WHILE() after quiescing all affected nodes. We cannot allow
that parent callbacks introduce a nested polling loop that could cause
graph changes while we're traversing the graph.

Split off bdrv_do_drained_begin_quiesce(), which only quiesces a single
node without waiting for its requests to complete. These requests will
be waited for in the BDRV_POLL_WHILE() call down the call chain.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-18 15:03:25 +02:00
Kevin Wolf
fe4f0614ef block: Drain recursively with a single BDRV_POLL_WHILE()
Anything can happen inside BDRV_POLL_WHILE(), including graph
changes that may interfere with its callers (e.g. child list iteration
in recursive callers of bdrv_do_drained_begin).

Switch to a single BDRV_POLL_WHILE() call for the whole subtree at the
end of bdrv_do_drained_begin() to avoid such effects. The recursion
happens now inside the loop condition. As the graph can only change
between bdrv_drain_poll() calls, but not inside of it, doing the
recursion here is safe.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-18 15:03:25 +02:00
Kevin Wolf
89bd030533 block: Really pause block jobs on drain
We already requested that block jobs be paused in .bdrv_drained_begin,
but no guarantee was made that the job was actually inactive at the
point where bdrv_drained_begin() returned.

This introduces a new callback BdrvChildRole.bdrv_drained_poll() and
uses it to make bdrv_drain_poll() consider block jobs using the node to
be drained.

For the test case to work as expected, we have to switch from
block_job_sleep_ns() to qemu_co_sleep_ns() so that the test job is even
considered active and must be waited for when draining the node.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-18 15:03:25 +02:00
Kevin Wolf
1cc8e54ada block: Avoid unnecessary aio_poll() in AIO_WAIT_WHILE()
Commit 91af091f92 added an additional aio_poll() to BDRV_POLL_WHILE()
in order to make sure that all pending BHs are executed on drain. This
was the wrong place to make the fix, as it is useless overhead for all
other users of the macro and unnecessarily complicates the mechanism.

This patch effectively reverts said commit (the context has changed a
bit and the code has moved to AIO_WAIT_WHILE()) and instead polls in the
loop condition for drain.

The effect is probably hard to measure in any real-world use case
because actual I/O will dominate, but if I run only the initialisation
part of 'qemu-img convert' where it calls bdrv_block_status() for the
whole image to find out how much data there is copy, this phase actually
needs only roughly half the time after this patch.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-18 15:03:25 +02:00
Gerd Hoffmann
94692dcd71 hw/display: add standalone ramfb device
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 20180613122948.18149-3-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-06-18 11:22:15 +02:00
Gerd Hoffmann
995b30179b hw/display: add ramfb, a simple boot framebuffer living in guest ram
The boot framebuffer is expected to be configured by the firmware, so it
uses fw_cfg as interface.  Initialization goes as follows:

  (1) Check whenever etc/ramfb is present.
  (2) Allocate framebuffer from RAM.
  (3) Fill struct RAMFBCfg, write it to etc/ramfb.

Done.  You can write stuff to the framebuffer now, and it should appear
automagically on the screen.

Note that this isn't very efficient because it does a full display
update on each refresh.  No dirty tracking.  Dirty tracking would have
to be active for the whole ram slot, so that wouldn't be very efficient
either.  For a boot display which is active for a short time only this
isn't a big deal.  As permanent guest display something better should be
used (if possible).

This is the ramfb core code.  Some windup is needed for display devices
which want have a ramfb boot display.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 20180613122948.18149-2-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-06-18 11:22:15 +02:00
David Gibson
7388efafc2 target/ppc, spapr: Move VPA information to machine_data
CPUPPCState currently contains a number of fields containing the state of
the VPA.  The VPA is a PAPR specific concept covering several guest/host
shared memory areas used to communicate some information with the
hypervisor.

As a PAPR concept this is really machine specific information, although it
is per-cpu, so it doesn't really belong in the core CPU state structure.

There's also other information that's per-cpu, but platform/machine
specific.  So create a (void *)machine_data in PowerPCCPU which can be
used by the machine to locate per-cpu data.  Intialization, lifetime and
cleanup of machine_data is entirely up to the machine type.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Tested-by: Greg Kurz <groug@kaod.org>
2018-06-16 16:32:50 +10:00
David Gibson
08304a8689 pnv_core: Allocate cpu thread objects individually
Currently, we allocate space for all the cpu objects within a single core
in one big block.  This was copied from an older version of the spapr code
and requires some ugly pointer manipulation to extract the individual
objects.

This design was due to a misunderstanding of qemu lifetime conventions and
has already been changed in spapr (in 94ad93bd "spapr_cpu_core: instantiate
CPUs separately".

Make an equivalent change in pnv_core to get rid of the nasty pointer
arithmetic.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2018-06-16 16:32:33 +10:00
Mark Cave-Ayland
b6c7e42f74 mos6522: expose mos6522_update_irq() through MOS6522DeviceClass
In the case where we have an interrupt generated externally from inputs to
bits 1 and 2 of port A and/or port B, it is necessary to expose
mos6522_update_irq() so it can be called by the interrupt source.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-16 16:32:33 +10:00
Mark Cave-Ayland
d811d61fbc mac_newworld: add PMU device
The PMU device supercedes the CUDA device found on older New World Macs and
is supported by a larger number of guest OSs from OS 9 to OS X 10.5.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-16 16:32:33 +10:00
Mark Cave-Ayland
84051eb400 adb: add property to disable direct reg 3 writes
MacOS 9 has a bug in its PMU driver whereby after configuring the ADB bus
devices it sends another write to reg 3 on both devices resetting them
both back to the same address.

Add a new disable_direct_reg3_writes property to ADBDevice to disable these
direct writes which can enabled just for the upcoming pmu-adb support.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-16 16:32:33 +10:00
Mark Cave-Ayland
7c4166a971 mac_newworld: add gpios to macio devices with PMU enabled
PMU-enabled New World Macs expose their GPIOs via a separate memory region
within the macio device.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-16 16:32:33 +10:00
Mark Cave-Ayland
f1114c17ee mac_newworld: add via machine option to control mac99 VIA/ADB configuration
This option allows the VIA configuration to be controlled between 3
different possible setups: cuda, pmu-adb and pmu with USB rather than ADB
keyboard/mouse.

For the moment we don't do anything with the configuration except to pass
it to the macio device (the via-cuda parent) and also to the firmware via
the fw_cfg interface so that it can present the correct device tree.

The default is cuda which is the current default and so will have no
change in behaviour.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-16 16:32:33 +10:00
Emilio G. Cota
0ac20318ce tcg: remove tb_lock
Use mmap_lock in user-mode to protect TCG state and the page descriptors.
In !user-mode, each vCPU has its own TCG state, so no locks needed.
Per-page locks are used to protect the page descriptors.

Per-TB locks are used in both modes to protect TB jumps.

Some notes:

- tb_lock is removed from notdirty_mem_write by passing a
  locked page_collection to tb_invalidate_phys_page_fast.

- tcg_tb_lookup/remove/insert/etc have their own internal lock(s),
  so there is no need to further serialize access to them.

- do_tb_flush is run in a safe async context, meaning no other
  vCPU threads are running. Therefore acquiring mmap_lock there
  is just to please tools such as thread sanitizer.

- Not visible in the diff, but tb_invalidate_phys_page already
  has an assert_memory_lock.

- cpu_io_recompile is !user-only, so no mmap_lock there.

- Added mmap_unlock()'s before all siglongjmp's that could
  be called in user-mode while mmap_lock is held.
  + Added an assert for !have_mmap_lock() after returning from
    the longjmp in cpu_exec, just like we do in cpu_exec_step_atomic.

Performance numbers before/after:

Host: AMD Opteron(tm) Processor 6376

                 ubuntu 17.04 ppc64 bootup+shutdown time

  700 +-+--+----+------+------------+-----------+------------*--+-+
      |    +    +      +            +           +           *B    |
      |         before ***B***                            ** *    |
      |tb lock removal ###D###                         ***        |
  600 +-+                                           ***         +-+
      |                                           **         #    |
      |                                        *B*          #D    |
      |                                     *** *         ##      |
  500 +-+                                ***           ###      +-+
      |                             * ***           ###           |
      |                            *B*          # ##              |
      |                          ** *          #D#                |
  400 +-+                      **            ##                 +-+
      |                      **           ###                     |
      |                    **           ##                        |
      |                  **         # ##                          |
  300 +-+  *           B*          #D#                          +-+
      |    B         ***        ###                               |
      |    *       **       ####                                  |
      |     *   ***      ###                                      |
  200 +-+   B  *B     #D#                                       +-+
      |     #B* *   ## #                                          |
      |     #*    ##                                              |
      |    + D##D#     +            +           +            +    |
  100 +-+--+----+------+------------+-----------+------------+--+-+
           1    8      16      Guest CPUs       48           64
  png: https://imgur.com/HwmBHXe

              debian jessie aarch64 bootup+shutdown time

  90 +-+--+-----+-----+------------+------------+------------+--+-+
     |    +     +     +            +            +            +    |
     |         before ***B***                                B    |
  80 +tb lock removal ###D###                              **D  +-+
     |                                                   **###    |
     |                                                 **##       |
  70 +-+                                             ** #       +-+
     |                                             ** ##          |
     |                                           **  #            |
  60 +-+                                       *B  ##           +-+
     |                                       **  ##               |
     |                                    ***  #D                 |
  50 +-+                               ***   ##                 +-+
     |                             * **   ###                     |
     |                           **B*  ###                        |
  40 +-+                     ****  # ##                         +-+
     |                   ****     #D#                             |
     |             ***B**      ###                                |
  30 +-+    B***B**        ####                                 +-+
     |    B *   *     # ###                                       |
     |     B       ###D#                                          |
  20 +-+   D  ##D##                                             +-+
     |      D#                                                    |
     |    +     +     +            +            +            +    |
  10 +-+--+-----+-----+------------+------------+------------+--+-+
          1     8     16      Guest CPUs        48           64
  png: https://imgur.com/iGpGFtv

The gains are high for 4-8 CPUs. Beyond that point, however, unrelated
lock contention significantly hurts scalability.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 08:18:48 -10:00
Emilio G. Cota
194125e3eb translate-all: protect TB jumps with a per-destination-TB lock
This applies to both user-mode and !user-mode emulation.

Instead of relying on a global lock, protect the list of incoming
jumps with tb->jmp_lock. This lock also protects tb->cflags,
so update all tb->cflags readers outside tb->jmp_lock to use
atomic reads via tb_cflags().

In order to find the destination TB (and therefore its jmp_lock)
from the origin TB, we introduce tb->jmp_dest[].

I considered not using a linked list of jumps, which simplifies
code and makes the struct smaller. However, it unnecessarily increases
memory usage, which results in a performance decrease. See for
instance these numbers booting+shutting down debian-arm:
                      Time (s)  Rel. err (%)  Abs. err (s)  Rel. slowdown (%)
------------------------------------------------------------------------------
 before                  20.88          0.74      0.154512                 0.
 after                   20.81          0.38      0.079078        -0.33524904
 GTree                   21.02          0.28      0.058856         0.67049808
 GHashTable + xxhash     21.63          1.08      0.233604          3.5919540

Using a hash table or a binary tree to keep track of the jumps
doesn't really pay off, not only due to the increased memory usage,
but also because most TBs have only 0 or 1 jumps to them. The maximum
number of jumps when booting debian-arm that I measured is 35, but
as we can see in the histogram below a TB with that many incoming jumps
is extremely rare; the average TB has 0.80 incoming jumps.

n_jumps: 379208; avg jumps/tb: 0.801099
dist: [0.0,1.0)|▄█▁▁▁▁▁▁▁▁▁▁▁ ▁▁▁▁▁▁ ▁▁▁  ▁▁▁     ▁|[34.0,35.0]

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 08:18:48 -10:00
Emilio G. Cota
faa9372c07 translate-all: introduce assert_no_pages_locked
The appended adds assertions to make sure we do not longjmp with page
locks held. Note that user-mode has nothing to check, since page_locks
are !user-mode only.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 07:42:55 -10:00
Emilio G. Cota
0b5c91f74f translate-all: use per-page locking in !user-mode
Groundwork for supporting parallel TCG generation.

Instead of using a global lock (tb_lock) to protect changes
to pages, use fine-grained, per-page locks in !user-mode.
User-mode stays with mmap_lock.

Sometimes changes need to happen atomically on more than one
page (e.g. when a TB that spans across two pages is
added/invalidated, or when a range of pages is invalidated).
We therefore introduce struct page_collection, which helps
us keep track of a set of pages that have been locked in
the appropriate locking order (i.e. by ascending page index).

This commit first introduces the structs and the function helpers,
to then convert the calling code to use per-page locking. Note
that tb_lock is not removed yet.

While at it, rename tb_alloc_page to tb_page_add, which pairs with
tb_page_remove.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 07:42:55 -10:00
Emilio G. Cota
1e05197f24 translate-all: iterate over TBs in a page with PAGE_FOR_EACH_TB
This commit does several things, but to avoid churn I merged them all
into the same commit. To wit:

- Use uintptr_t instead of TranslationBlock * for the list of TBs in a page.
  Just like we did in (c37e6d7e "tcg: Use uintptr_t type for
  jmp_list_{next|first} fields of TB"), the rationale is the same: these
  are tagged pointers, not pointers. So use a more appropriate type.

- Only check the least significant bit of the tagged pointers. Masking
  with 3/~3 is unnecessary and confusing.

- Introduce the TB_FOR_EACH_TAGGED macro, and use it to define
  PAGE_FOR_EACH_TB, which improves readability. Note that
  TB_FOR_EACH_TAGGED will gain another user in a subsequent patch.

- Update tb_page_remove to use PAGE_FOR_EACH_TB. In case there
  is a bug and we attempt to remove a TB that is not in the list, instead
  of segfaulting (since the list is NULL-terminated) we will reach
  g_assert_not_reached().

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 07:42:55 -10:00
Emilio G. Cota
128ed2278c tcg: move tb_ctx.tb_phys_invalidate_count to tcg_ctx
Thereby making it per-TCGContext. Once we remove tb_lock, this will
avoid an atomic increment every time a TB is invalidated.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 07:42:55 -10:00
Emilio G. Cota
be2cdc5e35 tcg: track TBs with per-region BST's
This paves the way for enabling scalable parallel generation of TCG code.

Instead of tracking TBs with a single binary search tree (BST), use a
BST for each TCG region, protecting it with a lock. This is as scalable
as it gets, since each TCG thread operates on a separate region.

The core of this change is the introduction of struct tcg_region_tree,
which contains a pointer to a GTree and an associated lock to serialize
accesses to it. We then allocate an array of tcg_region_tree's, adding
the appropriate padding to avoid false sharing based on
qemu_dcache_linesize.

Given a tc_ptr, we first find the corresponding region_tree. This
is done by special-casing the first and last regions first, since they
might be of size != region.size; otherwise we just divide the offset
by region.stride. I was worried about this division (several dozen
cycles of latency), but profiling shows that this is not a fast path.
Note that region.stride is not required to be a power of two; it
is only required to be a multiple of the host's page size.

Note that with this design we can also provide consistent snapshots
about all region trees at once; for instance, tcg_tb_foreach
acquires/releases all region_tree locks before/after iterating over them.
For this reason we now drop tb_lock in dump_exec_info().

As an alternative I considered implementing a concurrent BST, but this
can be tricky to get right, offers no consistent snapshots of the BST,
and performance and scalability-wise I don't think it could ever beat
having separate GTrees, given that our workload is insert-mostly (all
concurrent BST designs I've seen focus, understandably, on making
lookups fast, which comes at the expense of convoluted, non-wait-free
insertions/removals).

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 07:42:55 -10:00
Emilio G. Cota
32359d529f qht: return existing entry when qht_insert fails
The meaning of "existing" is now changed to "matches in hash and
ht->cmp result". This is saner than just checking the pointer value.

Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by:  Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 07:42:55 -10:00
Emilio G. Cota
61b8cef1d4 qht: require a default comparison function
qht_lookup now uses the default cmp function. qht_lookup_custom is defined
to retain the old behaviour, that is a cmp function is explicitly provided.

qht_insert will gain use of the default cmp in the next patch.

Note that we move qht_lookup_custom's @func to be the last argument,
which makes the new qht_lookup as simple as possible.
Instead of this (i.e. keeping @func 2nd):
0000000000010750 <qht_lookup>:
   10750:       89 d1                   mov    %edx,%ecx
   10752:       48 89 f2                mov    %rsi,%rdx
   10755:       48 8b 77 08             mov    0x8(%rdi),%rsi
   10759:       e9 22 ff ff ff          jmpq   10680 <qht_lookup_custom>
   1075e:       66 90                   xchg   %ax,%ax

We get:
0000000000010740 <qht_lookup>:
   10740:       48 8b 4f 08             mov    0x8(%rdi),%rcx
   10744:       e9 37 ff ff ff          jmpq   10680 <qht_lookup_custom>
   10749:       0f 1f 80 00 00 00 00    nopl   0x0(%rax)

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-15 07:42:55 -10:00
Peter Maydell
2ef2f16781 Migration pull 2018-06-15
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbI9eNAAoJEAUWMx68W/3nL5cQAIU5FS3dsYplNgk8MUxEeyRE
 KX/v7b/BPua9DwqNPtre37YHO2ibS6k20nb7jLqj0YhDLhC0EJjeHY7g/u6JJr6w
 UGIqFfzPCiwnQ8wLbjYqohliaS72YMN33MukV1KnC0IpIJEzhXPHNG2FJzqoGobb
 MZbjbw+a8X/6uabzuc+7VdbshRXmLIwNPXPRqILvt5vPKc9GTEfRfR5F5eAZouZZ
 PZ+f8vsFeUHtecqQHLkBlGD5LTx00S/Q7qi8LcJf5UKYUhFc4hIxCBxCw8B+nNq5
 D1hlI5aojkBPlXcleuw6DOyHLFkUu1lxlO3ilo5AsVzpHj/5Gs+/FPAlda0hbe7a
 V3mU7Mq77Nl3zU651pUADkwE/QJ5vW52mr/u4MW4Xj8mTOV3DLCDaZEZZVlAiNua
 Afn9vYYIr4afO/MKdBGI9roOL8GXRrlnKHhYSgcjQ5GMoNdT5dzE+KvVS0lsm/qB
 E/F5fmgThDd82abvS2e5crflitOBedW4caewvVs0W/mrJIY0Yqg0rzootdIydlG0
 dvvCRlhuFIk6Ugk3hR0oj33+noRkzhxmnnjjaJzpAZlTORixXm9YNwUwI9LlwynB
 44h/11GDOQY4sYNYagHe17kUYRAZOfCimwJH0fuNiCfb7nYXtcUeKrgY3yy3s/Xl
 MkuHX0Swz0wM12Jt2PpC
 =QgO4
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20180615a' into staging

Migration pull 2018-06-15

# gpg: Signature made Fri 15 Jun 2018 16:13:17 BST
# gpg:                using RSA key 0516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>"
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* remotes/dgilbert/tags/pull-migration-20180615a:
  migration: calculate expected_downtime with ram_bytes_remaining()
  migration/postcopy: Wake rate limit sleep on postcopy request
  migration: Wake rate limiting for urgent requests
  migration/postcopy: Add max-postcopy-bandwidth parameter
  migration: introduce migration_update_rates
  migration: fix counting xbzrle cache_miss_rate
  migration/block-dirty-bitmap: fix dirty_bitmap_load
  migration: Poison ramblock loops in migration
  migration: Fixes for non-migratable RAMBlocks
  typedefs: add QJSON

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-15 18:13:35 +01:00
Peter Maydell
4359255ad3 Block layer patches:
- Fix options that work only with -drive or -blockdev, but not with
   both, because of QDict type confusion
 - rbd: Add options 'auth-client-required' and 'key-secret'
 - Remove deprecated -drive options serial/addr/cyls/heads/secs/trans
 - rbd, iscsi: Remove deprecated 'filename' option
 - Fix 'qemu-img map' crash with unaligned image size
 - Improve QMP documentation for jobs
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbI8sTAAoJEH8JsnLIjy/WeIsP/Ak8ealnjx8GRUfWwi69DX5z
 LPzGXjlFJ1DqVb1SCuc7mptlgQwvHSoeYk6i+2xzJy9WmaAJsT2Mxz+EkviGzlcU
 Xna6t/a9dgMxvHQMKbN1j4Rm3tDJzm2x6ZnBLYlwFhecmkEz4i3TEsceFL7BrN4F
 C21jm+yC2wKPyggKXRRLRP4a1UfuM7OH8OEE3aWCZwEz1+6ucZGs3xsmWJfXxlCK
 adigVec3gNWgQK+gWFlYKXRJKalK50BnZ7+2LlQIcC1kLAx22Wr2t2zmlROa351w
 JEBIQlLkEN8hpB44Xk3Wla3YmwumW8EANIdxkeAXDgYgn8KEpN1nwWyxGUsfoOqz
 WhZ+pT0yerg/kSovKgTyxsF9YoeptJEUmmR0nZX4+xpnctbU6EHuspymMb1Xl95h
 /7lirJbBVb8o9rzcCNOzTc0f9lot9pDglLjxcWq3RqvpJ2iQmxxY2UUidYl9BmRg
 SpkkA9E613bZ9zuK+17FDbnGq/N9h77HSBSVbLgEoajFLXYUtkuc0egi/ZVLWo0W
 wo/XvXTZqy7n9/M/j4yVS+Xv7WotNuyHajk6N73KdL0NodXE776CPxvMlUEHEHB9
 Pizo/fuxmgatjDFf1WU3Qt5pZlU1Pao4Aakcq3z/Ag7ucMK03QQIMBcrJC24+DD2
 pjT5HPIeS3vklkg9Jqdi
 =LxgF
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Fix options that work only with -drive or -blockdev, but not with
  both, because of QDict type confusion
- rbd: Add options 'auth-client-required' and 'key-secret'
- Remove deprecated -drive options serial/addr/cyls/heads/secs/trans
- rbd, iscsi: Remove deprecated 'filename' option
- Fix 'qemu-img map' crash with unaligned image size
- Improve QMP documentation for jobs

# gpg: Signature made Fri 15 Jun 2018 15:20:03 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (26 commits)
  block: Remove dead deprecation warning code
  block: Remove deprecated -drive option serial
  block: Remove deprecated -drive option addr
  block: Remove deprecated -drive geometry options
  rbd: New parameter key-secret
  rbd: New parameter auth-client-required
  block: Fix -blockdev / blockdev-add for empty objects and arrays
  check-block-qdict: Cover flattening of empty lists and dictionaries
  check-block-qdict: Rename qdict_flatten()'s variables for clarity
  block-qdict: Simplify qdict_is_list() some
  block-qdict: Clean up qdict_crumple() a bit
  block-qdict: Tweak qdict_flatten_qdict(), qdict_flatten_qlist()
  block-qdict: Simplify qdict_flatten_qdict()
  block: Make remaining uses of qobject input visitor more robust
  block: Factor out qobject_input_visitor_new_flat_confused()
  block: Clean up a misuse of qobject_to() in .bdrv_co_create_opts()
  block: Fix -drive for certain non-string scalars
  block: Fix -blockdev for certain non-string scalars
  qobject: Move block-specific qdict code to block-qdict.c
  block: Add block-specific QDict header
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-15 16:30:27 +01:00
Peter Maydell
1f871c5e6b exec.c: Handle IOMMUs in address_space_translate_for_iotlb()
Currently we don't support board configurations that put an IOMMU
in the path of the CPU's memory transactions, and instead just
assert() if the memory region fonud in address_space_translate_for_iotlb()
is an IOMMUMemoryRegion.

Remove this limitation by having the function handle IOMMUs.
This is mostly straightforward, but we must make sure we have
a notifier registered for every IOMMU that a transaction has
passed through, so that we can flush the TLB appropriately
when any of the IOMMUs change their mappings.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180604152941.20374-5-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Peter Maydell
2c91bcf273 iommu: Add IOMMU index argument to translate method
Add an IOMMU index argument to the translate method of
IOMMUs. Since all of our current IOMMU implementations
support only a single IOMMU index, this has no effect
on the behaviour.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180604152941.20374-4-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Peter Maydell
cb1efcf462 iommu: Add IOMMU index argument to notifier APIs
Add support for multiple IOMMU indexes to the IOMMU notifier APIs.
When initializing a notifier with iommu_notifier_init(), the caller
must pass the IOMMU index that it is interested in. When a change
happens, the IOMMU implementation must pass
memory_region_notify_iommu() the IOMMU index that has changed and
that notifiers must be called for.

IOMMUs which support only a single index don't need to change.
Callers which only really support working with IOMMUs with a single
index can use the result of passing MEMTXATTRS_UNSPECIFIED to
memory_region_iommu_attrs_to_index().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180604152941.20374-3-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Peter Maydell
21f402093c iommu: Add IOMMU index concept to IOMMU API
If an IOMMU supports mappings that care about the memory
transaction attributes, then it no longer has a unique
address -> output mapping, but more than one. We can
represent these using an IOMMU index, analogous to TCG's
mmu indexes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180604152941.20374-2-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Peter Maydell
afa4f6653d bswap: Add new stn_*_p() and ldn_*_p() memory access functions
There's a common pattern in QEMU where a function needs to perform
a data load or store of an N byte integer in a particular endianness.
At the moment this is handled by doing a switch() on the size and
calling the appropriate ld*_p or st*_p function for each size.

Provide a new family of functions ldn_*_p() and stn_*_p() which
take the size as an argument and do the switch() themselves.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180611171007.4165-2-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Peter Maydell
2d54f19401 cputlb: Pass cpu_transaction_failed() the correct physaddr
The API for cpu_transaction_failed() says that it takes the physical
address for the failed transaction. However we were actually passing
it the offset within the target MemoryRegion. We don't currently
have any target CPU implementations of this hook that require the
physical address; fix this bug so we don't get confused if we ever
do add one.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180611125633.32755-3-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Peter Maydell
ace4109011 cpu-defs.h: Document CPUIOTLBEntry 'addr' field
The 'addr' field in the CPUIOTLBEntry struct has a rather non-obvious
use; add a comment documenting it (reverse-engineered from what
the code that sets it is doing).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180611125633.32755-2-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Peter Maydell
f81804a52b hw/core/or-irq: Support more than 16 inputs to an OR gate
For the IoTKit MPC support, we need to wire together the
interrupt outputs of 17 MPCs; this exceeds the current
value of MAX_OR_LINES. Increase MAX_OR_LINES to 32 (which
should be enough for anyone).

The tricky part is retaining the migration compatibility for
existing OR gates; we add a subsection which is only used
for larger OR gates, and define it such that we can freely
increase MAX_OR_LINES in future (or even move to a dynamically
allocated levels[] array without an upper size limit) without
breaking compatibility.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180604152941.20374-10-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Peter Maydell
38d81dafb3 hw/arm/armv7m: Remove unused armv7m_init() function
Remove the now-unused armv7m_init() function. This was a legacy from
before we properly QOMified ARMv7M, and it has some flaws:

 * it combines work that needs to be done by an SoC object (creating
   and initializing the TYPE_ARMV7M object) with work that needs to
   be done by the board model (setting the system up to load the ELF
   file specified with -kernel)
 * TYPE_ARMV7M creation failure is fatal, but an SoC object wants to
   arrange to propagate the failure outward
 * it uses allocate-and-create via qdev_create() whereas the current
   preferred style for SoC objects is to do creation in-place

Board and SoC models can instead do the two jobs this function
was doing themselves, in the right places and with whatever their
preferred style/error handling is.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20180601144328.23817-3-peter.maydell@linaro.org
2018-06-15 15:23:34 +01:00
Dr. David Alan Gilbert
343f632c70 migration: Poison ramblock loops in migration
The migration code should be using the
  RAMBLOCK_FOREACH_MIGRATABLE and qemu_ram_foreach_block_migratable
not the all-block versions;  poison them so that we can't accidentally
use them.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20180605162545.80778-3-dgilbert@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2018-06-15 14:40:56 +01:00
Greg Kurz
ea134caa08 typedefs: add QJSON
Since commit 83ee768d62, we now have two places that define the
QJSON type:

$ git grep 'typedef struct QJSON QJSON'
include/migration/vmstate.h:typedef struct QJSON QJSON;
migration/qjson.h:typedef struct QJSON QJSON;

This breaks docker-test-build@centos6:

In file included from /tmp/qemu-test/src/migration/savevm.c:59:
/tmp/qemu-test/src/migration/qjson.h:16: error: redefinition of typedef
 'QJSON'
/tmp/qemu-test/src/include/migration/vmstate.h:30: note: previous
 declaration of 'QJSON' was here
make: *** [migration/savevm.o] Error 1

This happens because CentOS 6 has an old GCC 4.4.7. Even if redefining
a typedef with the same type is permitted since GCC 4.6, unless -pedantic
is passed, we don't really need to do that on purpose. Let's have a
single definition in <qemu/typedefs.h> instead.

Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <152844714981.11789.3657734445739553287.stgit@bahia.lan>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2018-06-15 14:40:56 +01:00
Kevin Wolf
b008326744 block: Remove deprecated -drive option serial
The -drive option serial was deprecated in QEMU 2.10. It's time to
remove it.

Tests need to be updated to set the serial number with -global instead
of using the -drive option.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
2018-06-15 14:49:44 +02:00
Kevin Wolf
eae3bd1eb7 block: Remove deprecated -drive option addr
The -drive option addr was deprecated in QEMU 2.10. It's time to remove
it.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
2018-06-15 14:49:44 +02:00
Kevin Wolf
a7aff6dd10 block: Remove deprecated -drive geometry options
The -drive options cyls, heads, secs and trans were deprecated in
QEMU 2.10. It's time to remove them.

hd-geo-test tested both the old version with geometry options in -drive
and the new one with -device. Therefore the code using -drive doesn't
have to be replaced there, we just need to remove the -drive test cases.
This in turn allows some simplification of the code.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2018-06-15 14:49:44 +02:00
Markus Armbruster
af91062ee1 block: Factor out qobject_input_visitor_new_flat_confused()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-15 14:49:44 +02:00
Markus Armbruster
e5af0da1dc block: Fix -blockdev for certain non-string scalars
Configuration flows through the block subsystem in a rather peculiar
way.  Configuration made with -drive enters it as QemuOpts.
Configuration made with -blockdev / blockdev-add enters it as QAPI
type BlockdevOptions.  The block subsystem uses QDict, QemuOpts and
QAPI types internally.  The precise flow is next to impossible to
explain (I tried for this commit message, but gave up after wasting
several hours).  What I can explain is a flaw in the BlockDriver
interface that leads to this bug:

    $ qemu-system-x86_64 -blockdev node-name=n1,driver=nfs,server.type=inet,server.host=localhost,path=/foo/bar,user=1234
    qemu-system-x86_64: -blockdev node-name=n1,driver=nfs,server.type=inet,server.host=localhost,path=/foo/bar,user=1234: Internal error: parameter user invalid

QMP blockdev-add is broken the same way.

Here's what happens.  The block layer passes configuration represented
as flat QDict (with dotted keys) to BlockDriver methods
.bdrv_file_open().  The QDict's members are typed according to the
QAPI schema.

nfs_file_open() converts it to QAPI type BlockdevOptionsNfs, with
qdict_crumple() and a qobject input visitor.

This visitor comes in two flavors.  The plain flavor requires scalars
to be typed according to the QAPI schema.  That's the case here.  The
keyval flavor requires string scalars.  That's not the case here.
nfs_file_open() uses the latter, and promptly falls apart for members
@user, @group, @tcp-syn-count, @readahead-size, @page-cache-size,
@debug.

Switching to the plain flavor would fix -blockdev, but break -drive,
because there the scalars arrive in nfs_file_open() as strings.

The proper fix would be to replace the QDict by QAPI type
BlockdevOptions in the BlockDriver interface.  Sadly, that's beyond my
reach right now.

Next best would be to fix the block layer to always pass correctly
typed QDicts to the BlockDriver methods.  Also beyond my reach.

What I can do is throw another hack onto the pile: have
nfs_file_open() convert all members to string, so use of the keyval
flavor actually works, by replacing qdict_crumple() by new function
qdict_crumple_for_keyval_qiv().

The pattern "pass result of qdict_crumple() to
qobject_input_visitor_new_keyval()" occurs several times more:

* qemu_rbd_open()

  Same issue as nfs_file_open(), but since BlockdevOptionsRbd has only
  string members, its only a latent bug.  Fix it anyway.

* parallels_co_create_opts(), qcow_co_create_opts(),
  qcow2_co_create_opts(), bdrv_qed_co_create_opts(),
  sd_co_create_opts(), vhdx_co_create_opts(), vpc_co_create_opts()

  These work, because they create the QDict with
  qemu_opts_to_qdict_filtered(), which creates only string scalars.
  The function sports a TODO comment asking for better typing; that's
  going to be fun.  Use qdict_crumple_for_keyval_qiv() to be safe.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-15 14:49:44 +02:00
Max Reitz
609f45ea95 block: Add block-specific QDict header
There are numerous QDict functions that have been introduced for and are
used only by the block layer.  Move their declarations into an own
header file to reflect that.

While qdict_extract_subqdict() is in fact used outside of the block
layer (in util/qemu-config.c), it is still a function related very
closely to how the block layer works with nested QDicts, namely by
sometimes flattening them.  Therefore, its declaration is put into this
header as well and util/qemu-config.c includes it with a comment stating
exactly which function it needs.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20180509165530.29561-7-mreitz@redhat.com>
[Copyright note tweaked, superfluous includes dropped]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-06-15 14:49:44 +02:00
Keno Fischer
656282d245 ui: darwin: gtk: Add missing input keymap
In appears the input keymap for osx was forgotten in the commit that
converted the gtk frontend to keycodemapdb. Add it.

Fixes: 2ec78706 ("ui: convert GTK and SDL1 frontends to keycodemapdb")
CC: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Keno Fischer <keno@juliacomputing.com>
Message-id: 1528933916-40670-1-git-send-email-keno@juliacomputing.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-06-14 09:52:23 +02:00
Peter Maydell
2ab09bf2f9 usb: bug fix collection, doc update.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbH6QBAAoJEEy22O7T6HE4ZwMP/RHEknxR+tGKYfUxtVP24+ta
 tKMVuewqnDuIjUQsYj/tMvtGEvPd827Cy1X+ocqNq1Gk9aJez+DWWoDlrSXlLyiG
 r4EBMmOasFdmp1D9iQEDUF0pbnbXQv7kqhnM7XbyO+rjNe1rX7HElmRXtcjBcY2I
 QCIpekUBVGzFO97pVzB66gwYpJvmQu2YS2783NaujeS9VEEUFy6RFCFhfNwxhA4W
 C264zFVk68oK1fL+71Y3Kq0WKmetBwfW2ozcBAnqLB5z0hGd9bHJocaLwqgaaQWC
 uaGUJS70Q7iWZ8NwOYvrpK/2ZetjPAeU6ERXeR7tK6yfkjV9UmpPXQ0aqu1OSgEr
 VjuMPEDK0tL8pgcuhhxkJOD6S/HNyCe8y7WLeHKpd21Mv+R2yB1zs2xsWrdMqreZ
 2YXUpgvIaZJBycO8vzmzWwiSNInOGO/3Vu1kpUP4T/rdmFZ1q5f8tGgwMlq/JsU4
 Ce/p0BCcCXvcG+2x5uouffIuTur4DUPn93BCUmjy/TuyggtXVNoQHEVGrMDjiyO/
 9RFVUgJl32mTbIqfVaWkweTch/yXm4XVrlbcTW3VhCCVWyA9O0m+MwyjIoNeXn8L
 yPLF+3ndYgMoTJBFZ20HWEGhZ2+I54fhn/iRW6Nq7qtZ2rOP//K2CqyEp/CuQWis
 vxb796sHEPPUeTCoCiVY
 =sxQ0
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/usb-20180612-pull-request' into staging

usb: bug fix collection, doc update.

# gpg: Signature made Tue 12 Jun 2018 11:44:17 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/usb-20180612-pull-request:
  usb-mtp: Return error on suspicious TYPE_DATA packet from initiator
  usb-hcd-xhci-test: add a test for ccid hotplug
  usb-ccid: fix bus leak
  object: fix OBJ_PROP_LINK_UNREF_ON_RELEASE ambivalence
  bus: do not unref the added child bus on realize
  usb/dev-mtp: Fix use of uninitialized values
  usb: correctly handle Zero Length Packets
  usb: update docs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-12 15:34:34 +01:00
Peter Maydell
3b68de85b9 ppc patch queue 2018-06-12
Here's another batch of ppc patches towards the 3.0 release.  There's
 a fair bit here, because I've been working through my mail backlog
 after a holiday.  There's not much of a central theme, amongst other
 things we have:
     * ppc440 / sam460ex improvements
     * logging and error cleanups
     * 40p (PReP) bugfixes
     * Macintosh fixes and cleanups
     * Add emulation of the new POWER9 store-forwarding barrier
       instruction variant
     * Hotplug cleanups
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlsfa4kACgkQbDjKyiDZ
 s5IdhxAA1ZDgEMyQkMPlnjYBNSpw9ICo/v+Lj1ZvlVjIbtjP6ZWdmaNHbBLi1N/U
 jbY7Yb+a43xj96WigN2kxu16aL7AvgrGayscht+P+ZXGWaEAt0R1EhiqhheKjkOH
 n0gAxe5c9wN18tJ7ZMtq7HmWw/MyWVjPQ4Pr38npyDU037LG4xY55DigcFu9D/6N
 rSYtB3gWIEvbGhx2Sm+gzbkleKufUNhSJMJI9diRS2KvyocH8ENQUqcMqK//Y6w7
 /Lk/j+qcAOAfCS+QWH9/XQvYdOGR9Gaw4oWLViOCD+EpTJHAYFMzVsp5ZLZZByw/
 S51W3e9mfxzgtIjoDxaetrW95yx2bAcFekP+H8KQesWpydSprsnAlh3SE3dfO2Jp
 Z1yVPHZv2fYZQjNZ0t62Z248iJ4YiBDttDpQYzsiGTiGVfx1IKTNz+gfNwV78CCJ
 SkyIktky2TYAemAB+U90JL3gYSn0GHwgBFLTJ4Rrrf3kC0wNslgosGTEB9v3D+Mb
 zsWxaBftFwZsRnNggBtE2/35zccJ2YURASlDu9ccmczyCUrRZbKE57/GftRXdIcY
 Oqjf48/NSwBm98bIEQGTOw7H1NgWuTazAc2+VS4mAHtUEEYIunuRmC+eTKNM01Yu
 qSMCg6tPADEXwRg6z062sb6T0vvpicv+X1U++tbHNqV3gprOlts=
 =g3bP
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.0-20180612' into staging

ppc patch queue 2018-06-12

Here's another batch of ppc patches towards the 3.0 release.  There's
a fair bit here, because I've been working through my mail backlog
after a holiday.  There's not much of a central theme, amongst other
things we have:
    * ppc440 / sam460ex improvements
    * logging and error cleanups
    * 40p (PReP) bugfixes
    * Macintosh fixes and cleanups
    * Add emulation of the new POWER9 store-forwarding barrier
      instruction variant
    * Hotplug cleanups

# gpg: Signature made Tue 12 Jun 2018 07:43:21 BST
# gpg:                using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-3.0-20180612: (33 commits)
  spapr_pci: Remove unhelpful pagesize warning
  xics_kvm: use KVM helpers
  ppc/pnv: fix LPC HC firmware address space
  spapr: handle cpu core unplug via hotplug handler chain
  spapr: handle pc-dimm unplug via hotplug handler chain
  spapr: introduce machine unplug handler
  spapr: move memory hotplug support check into spapr_memory_pre_plug()
  spapr: move lookup of the node into spapr_memory_plug()
  spapr: no need to verify the node
  target/ppc: Allow PIR read in privileged mode
  ppc4xx_i2c: Clean up and improve error logging
  target/ppc: extend eieio for POWER9
  mos6522: convert VMSTATE_TIMER_PTR_TEST to VMSTATE_TIMER_PTR
  mos6522: move timer frequency initialisation to mos6522_reset
  cuda: embed mos6522_cuda device directly rather than using QOM object link
  mos6522: fix vmstate_mos6522_timer version in vmstate_mos6522
  ppc: add missing FW_CFG_PPC_NVRAM_FLAT definition
  ppc: remove obsolete macio_init() definition from mac.h
  ppc: remove obsolete pci_pmac_init() definitions from mac.h
  hw/misc/mos6522: Add trailing '\n' to qemu_log() calls
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-12 14:32:19 +01:00
Peter Maydell
98d11a6e72 bitmaps pull request
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbHs51AAoJEH3vgQaq/DkOgUwP/3KugXgtQWmg4SO4w5XZpxz+
 q19BKrAJxbgKGrb5vGqQ6GBvORTdN2cdgHeOgHARaeOYy3WUiZOOwaktRHVWWG3k
 EpfPmlAeNYoSrXNMuebvCIDjhqf3XnPQ1DKalU9Al7EXrWkKLGO5bTpJtFXZ2bnh
 UCPlfkaibhJqiZ4LrqzGvdPlCjVjby32s8enzRjV9J1OfZQ5SndPz9txZ+jSd0Ta
 mvJsNQtdWFyhTzu/I8Nz7Hf+IpcQ65jlkk52W+d2zYBVC3SW/l5sEKHD0MILULtx
 C5EobPB7l48hZly5EBc2leR+ckbQ04yjrSgD6tJ6Dcu/ryxXe3un137TBsWNzsbu
 Ngmg4JQZ6Az4o8xREBVNulT2gX4qR9gq73RvkigXV9rU3VQR2EWT229Tsgw9dnGk
 iURrb2aa59T/mu2vYR126aqB7VtSO5YRwwjME6Esx5J1qQqJSQliu7Ar93v28uYF
 XwsVYY6brHuvp5fMmPadnldudCuSaHYFWS07u8KCMRrcsmV1MQIMEbwASPpENLrn
 B2gi05XC7vAl5mFQegSSf9aHzAjTAUsgDgaOhGKK2PpPsI8Z9ZICllqCOEQ+S0/4
 KOwXcMhmMTGIjKnBSSROQOMhYzxsEvvn4O8W1v1PLmqcUyLRCPMOe2UgZedEu5zy
 eu0GErzWdwr+N4heaAPZ
 =0Au5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jnsnow/tags/bitmaps-pull-request' into staging

bitmaps pull request

# gpg: Signature made Mon 11 Jun 2018 20:33:09 BST
# gpg:                using RSA key 7DEF8106AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"
# Primary key fingerprint: FAEB 9711 A12C F475 812F  18F2 88A9 064D 1835 61EB
#      Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76  CBD0 7DEF 8106 AAFC 390E

* remotes/jnsnow/tags/bitmaps-pull-request:
  qapi: add disabled parameter to block-dirty-bitmap-add
  qapi: add x-block-dirty-bitmap-merge
  qmp: transaction support for x-block-dirty-bitmap-enable/disable
  qapi: add x-block-dirty-bitmap-enable/disable
  block/dirty-bitmap: add lock to bdrv_enable/disable_dirty_bitmap
  block: simplify code around releasing bitmaps
  block: remove bdrv_dirty_bitmap_make_anon

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-12 13:33:23 +01:00
Marc-André Lureau
265b578c58 object: fix OBJ_PROP_LINK_UNREF_ON_RELEASE ambivalence
A link property can be set during creation, with
object_property_add_link() and later with object_property_set_link().

add_link() doesn't add a reference to the target object, while
set_link() does.

Furthemore, OBJ_PROP_LINK_UNREF_ON_RELEASE flags, set during add_link,
says whether a reference must be released when the property is destroyed.
This can lead to leaks if the property was later set_link(), as the
added reference is never released.

Instead, rename OBJ_PROP_LINK_UNREF_ON_RELEASE to OBJ_PROP_LINK_STRONG
and use that has an indication on how the link handle reference
management in set_link().

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20180531195119.22021-3-marcandre.lureau@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-06-12 12:07:30 +02:00
Cédric Le Goater
d61c285703 ppc/pnv: fix LPC HC firmware address space
A specific MemoryRegion is required for the LPC HC Firmware address
space.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-12 10:44:36 +10:00
Mark Cave-Ayland
d638fd5c96 mos6522: move timer frequency initialisation to mos6522_reset
The 6522 VIA timer frequency cannot be set by altering registers within the
device itself and hence it is a fixed property of the machine.

Move the initialisation of the timer frequency to the mos6522 reset function
and ensure that any subclasses always call the parent reset function so that
it isn't required to store the timer frequency within vmstate_mos6522_timer
itself.

By moving the frequency initialisation to the device reset function then we
find that the realize function for both mos6522 and mos6522_cuda becomes
obsolete and can simply be removed.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-12 10:44:36 +10:00
Mark Cave-Ayland
2e3e5c7e92 cuda: embed mos6522_cuda device directly rather than using QOM object link
Examining the migration stream it can be seen that the mos6522 device state is
being stored separately rather than as part of the CUDA device which is
incorrect (and likely to cause issues if another mos6522 device is added to
the machine).

Resolve this by embedding the mos6522_cuda device directly within the CUDA
device rather than using a QOM object link to reference the device separately.

Note that we also bump the version in vmstate_cuda to reflect this change: this
isn't particularly important for the moment as the Mac machine migration isn't
100% reliable due to issues migrating the timebase under TCG.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-12 10:44:36 +10:00
Mark Cave-Ayland
5b64db9754 ppc: add missing FW_CFG_PPC_NVRAM_FLAT definition
This is used in OpenBIOS to define the memory layout of the NVRAM device. Whilst
currently left at its default value, add the missing definition to ensure it is
reserved.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-12 10:44:36 +10:00
Nicholas Piggin
0c1272cc7c osdep: powerpc64 align memory to allow 2MB radix THP page tables
This allows KVM with the Book3S radix MMU mode to take advantage of
THP and install larger pages in the partition scope page tables (the
host translation).

Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-12 10:44:36 +10:00
Mark Cave-Ayland
45fefe7c4d uninorth: remove token register from uninorth device
>From observation of various OS sources it can be seen that the token register
introduced in 4e46dcdbd3 "PPC: Newworld: Add uninorth token register" is not
required, since the only register currently implemented is the uninorth hardware
version which is read-only.

Remove the token register implementation and instead return the uninorth
version corresponding to the hardware.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-06-12 09:33:52 +10:00
Ross Zwisler
11c39b5cd9 nvdimm: make persistence option symbolic
Replace the "nvdimm-cap" option which took numeric arguments such as "2"
with a more user friendly "nvdimm-persistence" option which takes symbolic
arguments "cpu" or "mem-ctrl".

Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Suggested-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-06-11 22:19:57 +03:00
Vladimir Sementsov-Ogievskiy
b598e531f1 qapi: add x-block-dirty-bitmap-merge
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 20180606182449.1607-5-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2018-06-11 14:53:32 -04:00
Paolo Bonzini
ab41fc4853 block: remove bdrv_dirty_bitmap_make_anon
All this function is doing will be repeated by
bdrv_do_release_matching_dirty_bitmap_locked, except
resetting bm->persistent.  But even that does not matter
because the bitmap will be freed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20180323164254.26487-1-pbonzini@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2018-06-11 14:53:31 -04:00
Max Reitz
cc02214097 block: Make bdrv_is_writable() public
This is a useful function for the whole block layer, so make it public.
At the same time, users outside of block.c probably do not need to make
use of the reopen functionality, so rename the current function to
bdrv_is_writable_after_reopen() create a new bdrv_is_writable() function
that just passes NULL to it for the reopen queue.

Cc: qemu-stable@nongnu.org
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180606193702.7113-2-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-06-11 16:18:45 +02:00
Max Reitz
b32d7a39af qemu-io: Let command functions return error code
This is basically what everything else in the qemu code base does, so we
can do it here, too.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180509194302.21585-3-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-06-11 16:18:45 +02:00
Max Reitz
b444d0e9d1 qemu-io: Drop command functions' return values
For qemu-io, a function returns an integer with two possible values: 0
for "qemu-io may continue execution", or 1 for "qemu-io should exit".
However, there is only a single command that returns 1, and that is
"quit".

So let's turn this case into a global variable instead so we can make
better use of the return value in a later patch.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180509194302.21585-2-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-06-11 16:18:45 +02:00
Max Reitz
d1402b5026 block: Add Error parameter to bdrv_amend_options
Looking at the qcow2 code that is riddled with error_report() calls,
this is really how it should have been from the start.

Along the way, turn the target_version/current_version comparisons at
the beginning of qcow2_downgrade() into assertions (the caller has to
make sure these conditions are met), and rephrase the error message on
using compat=1.1 to get refcount widths other than 16 bits.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180509210023.20283-3-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-06-11 16:18:45 +02:00
Paolo Bonzini
c173723f24 ide: introduce ide_transfer_start_norecurse
For the case where the end_transfer_func is also the caller of
ide_transfer_start, the mutual recursion can lead to unlimited
stack usage.  Introduce a new version that can be used to change
tail recursion into a loop, and use it in trace_ide_atapi_cmd_reply_end.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180606190955.20845-8-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2018-06-08 13:36:31 -04:00
Paolo Bonzini
bed9bcfa32 ide: push end_transfer_func out of start_transfer callback, rename callback
Now that end_transfer_func is a tail call in ahci_start_transfer,
formalize the fact that the callback (of which ahci_start_transfer is
the sole implementation) takes care of the transfer too: rename it to
pio_transfer and, if it is present, call the end_transfer_func as soon
as it returns.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180606190955.20845-4-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2018-06-08 13:36:25 -04:00
Philippe Mathieu-Daudé
2c51137538 sdcard: Reflect when the Spec v3 is supported in the Config Register (SCR)
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20180607180641.874-6-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-08 13:15:34 +01:00
Philippe Mathieu-Daudé
2f0939c234 sdcard: Add a 'spec_version' property, default to Spec v2.00
As of this commit, the Spec v1 is not working, and all controllers
expect the cards to be conformant to Spec v2.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20180607180641.874-4-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-08 13:15:33 +01:00
Cédric Le Goater
cd679a76a0 ftgmac100: compute maximum frame size depending on the protocol
The maximum frame size includes the CRC and depends if a VLAN tag is
inserted or not. Adjust the frame size limit in the transmit handler
using on the FTGMAC100State buffer size and in the receive handler use
the packet protocol.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180530061711.23673-2-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-08 13:15:32 +01:00
Cédric Le Goater
5141d4158c misc: add pca9552 LED blinker model
Specs are available here :

    https://www.nxp.com/docs/en/application-note/AN264.pdf

This is a simple model supporting the basic registers for led and GPIO
mode. The device also supports two blinking rates but not the model
yet.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180530064049.27976-7-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-08 13:15:32 +01:00
Cédric Le Goater
e222421413 smbus: add a smbus_eeprom_init_one() routine
This is an helper routine to add a single EEPROM on an I2C bus. It can
be directly used by smbus_eeprom_init() which adds a certain number of
EEPROMs on mips and x86 machines.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180530064049.27976-5-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-08 13:15:32 +01:00
Shannon Zhao
910e204841 arm_gicv3_kvm: kvm_dist_get/put: skip the registers banked by GICR
While we skip the GIC_INTERNAL irqs, we don't change the register offset
accordingly. This will overlap the GICR registers value and leave the
last GIC_INTERNAL irq's registers out of update.

Fix this by skipping the registers banked by GICR.

Also for migration compatibility if the migration source (old version
qemu) doesn't send gicd_no_migration_shift_bug = 1 to destination, then
we shift the data of PPI to get the right data for SPI.

Fixes: 367b9f527b
Cc: qemu-stable@nongnu.org
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Message-id: 1527816987-16108-1-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-08 13:15:32 +01:00
Tiwei Bie
f88b44f9eb vfio: remove DPRINTF() definition from vfio-common.h
This macro isn't used by any VFIO code. And its name is
too generic. The vfio-common.h (in include/hw/vfio) can
be included by other modules in QEMU. It can introduce
conflicts.

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-06-05 08:23:16 -06:00
Peter Maydell
0d514fa234 Pull request
* Copy offloading for qemu-img convert (iSCSI, raw, and qcow2)
 
    If the underlying storage supports copy offloading, qemu-img convert will
    use it instead of performing reads and writes.  This avoids data transfers
    and thus frees up storage bandwidth for other purposes.  SCSI EXTENDED COPY
    and Linux copy_file_range(2) are used to implement this optimization.
 
  * Drop spurious "WARNING: I\/O thread spun for 1000 iterations" warning
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbFSBoAAoJEJykq7OBq3PISpEIAIcMao4/rzinAWXzS+ncK9LO
 6FtRVpgutpHaWX2ayySaz5n2CdR3cNMrpCI7sjY2Kw0lrdkqxPgl5n0SWD+VCl4W
 7+JLz/uF0iUV8X+99e7WGAjZbm9LSlxgn5AQKfrrwyPf0ZfzoYQ5nBMcQ6xjEeQP
 48j2WqJqN9/u8RBD07o11yn0+CE5g56/f12xVjR5ASVodzsAmcZ2OQRMQbM01isU
 1mBekJQkDxJkt5l13Rql8+t+vWz8/9BEW2c/eIDKvoayMqYJpdfKv4DqLloIuHnc
 3RkquA0zUuKtl7xEnEkH/We7fi4QPGW/vyBN7ychS/zKzZFQrXmwqrAuFSw3dKU=
 =vZp+
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

 * Copy offloading for qemu-img convert (iSCSI, raw, and qcow2)

   If the underlying storage supports copy offloading, qemu-img convert will
   use it instead of performing reads and writes.  This avoids data transfers
   and thus frees up storage bandwidth for other purposes.  SCSI EXTENDED COPY
   and Linux copy_file_range(2) are used to implement this optimization.

 * Drop spurious "WARNING: I\/O thread spun for 1000 iterations" warning

# gpg: Signature made Mon 04 Jun 2018 12:20:08 BST
# gpg:                using RSA key 9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  main-loop: drop spin_counter
  qemu-img: Convert with copy offloading
  block-backend: Add blk_co_copy_range
  iscsi: Implement copy offloading
  iscsi: Create and use iscsi_co_wait_for_task
  iscsi: Query and save device designator when opening
  file-posix: Implement bdrv_co_copy_range
  qcow2: Implement copy offloading
  raw: Implement copy offloading
  raw: Check byte range uniformly
  block: Introduce API for copy offloading

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-04 18:34:04 +01:00
Peter Maydell
b74588a493 migration/next for 20180604
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbFLygAAoJEPSH7xhYctcjszUP/j7/21sHXwPyB5y4CQHsivLL
 18MnXTkjgSlue3fuPKI9ZzD2VZq19AtwarLuW3IFf15adKfeV0hhZsIMUmu0XTAz
 jgol8YYgoYlk3/on8Ux8PWV9RWKHh7vWAF7hjwJOnI5CFF7gXz6kVjUx03A7RSnB
 1a92lvgl5P8AbK5HZ/i08nOaAxCUWIVIoQeZf3BlZ5WdJE0j+d0Mvp/S8NEq5VPD
 P6oYJZy64QFGotmV1vtYD4G/Hqe8XBw2LoSVgjPSmQpd1m4CXiq0iyCxtC8HT+iq
 0P0eHATRglc5oGhRV6Mi5ixH2K2MvpshdyMKVAbkJchKBHn4k3m6jefhnUXuucwC
 fq9x7VIYzQ80S+44wJri683yUWP3Qmbb6mWYBb1L0jgbTkY1wx431IYMtDVv5q4R
 oXtbe77G6lWKHH0SFrU8TY/fqJvBwpat+QwOoNsluHVjzAzpOpcVokB8pLj592/1
 bHkDwvv7i+B37muOF3PFy++BoliwpRiNbVC5Btw4mnbOoY+AeJHMRBuhJHU6EyJv
 GOFiQ5w5XEXEu98giNqHcc0AC8w7iTRGI472UzpS0AG20wpc1/2jF0yM99stauwD
 oIu3MU4dQlz6QRy8KFnJShqjYNYuOs59USLiYM79ABa9J+JxJxxTAaqRbUFojQR6
 KN2i0QQJ+6MO4Skjbu/3
 =K0eJ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20180604' into staging

migration/next for 20180604

# gpg: Signature made Mon 04 Jun 2018 05:14:24 BST
# gpg:                using RSA key F487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03  4B82 F487 EF18 5872 D723

* remotes/juanquintela/tags/migration/20180604:
  migration: not wait RDMA_CM_EVENT_DISCONNECTED event after rdma_disconnect
  migration: remove unnecessary variables len in QIOChannelRDMA
  migration: Don't activate block devices if using -S
  migration: discard non-migratable RAMBlocks
  migration: introduce decompress-error-check

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-04 12:54:00 +01:00
Peter Maydell
163670542f tcg-next queue
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbEdLqAAoJEGTfOOivfiFfQaEH/Rq96S5bo94495KmRJY9e/jw
 lV321YYI7nx7sHtViG/B3iTkvnxzZPWcc7XbBMxyV5xmMQ/5zjS/ynZPFyy/cYRn
 zLM4W0SJ38EqhHTZpkkvw9Nle8UbNWKm5PgND2TyE4hmeuQ98OrQ6Y1GvP4MFpXs
 uQErbmMjYHMq7thbfCO6ulJjjEliRy3AJ2C3fCCCUgBQrJt6JeqbGr/Zzi2y88M9
 IhoK8RbJiWT2O5Tl95q2NOQvr11WbFlu/K0nuaVgbfTwd2tp3ygmRKPpeZ24qA52
 qtwgcIjWHHkkC5s1qaP8oW4FtoMQZdsaOwSOPw0ZBnG+VA7P/h33fWr9f5SistA=
 =UVdE
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/tcg-next-pull-request' into staging

tcg-next queue

# gpg: Signature made Sat 02 Jun 2018 00:12:42 BST
# gpg:                using RSA key 64DF38E8AF7E215F
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>"
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/tcg-next-pull-request:
  tcg: Pass tb and index to tcg_gen_exit_tb separately

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-04 11:28:31 +01:00
Peter Maydell
f67c9b693a acpi, vhost, misc: fixes, features
vDPA support, fix to vhost blk RO bit handling, some include path
 cleanups, NFIT ACPI table.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbEXNvAAoJECgfDbjSjVRpc8gH/R8xrcFrV+k9wwbgYcOcGb6Y
 LWjseE31pqJcxRV80vLOdzYEuLStZQKQQY7xBDMlA5vdyvZxIA6FLO2IsiJSbFAk
 EK8pclwhpwQAahr8BfzenabohBv2UO7zu5+dqSvuJCiMWF3jGtPAIMxInfjXaOZY
 odc1zY2D2EgsC7wZZ1hfraRbISBOiRaez9BoGDKPOyBY9G1ASEgxJgleFgoBLfsK
 a1XU+fDM6hAVdxftfkTm0nibyf7PWPDyzqghLqjR9WXLvZP3Cqud4p8N29mY51pR
 KSTjA4FYk6Z9EVMltyBHfdJs6RQzglKjxcNGdlrvacDfyFi79fGdiosVllrjfJM=
 =3+V0
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

acpi, vhost, misc: fixes, features

vDPA support, fix to vhost blk RO bit handling, some include path
cleanups, NFIT ACPI table.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Fri 01 Jun 2018 17:25:19 BST
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream: (31 commits)
  vhost-blk: turn on pre-defined RO feature bit
  ACPI testing: test NFIT platform capabilities
  nvdimm, acpi: support NFIT platform capabilities
  tests/.gitignore: add entry for generated file
  arch_init: sort architectures
  ui: use local path for local headers
  qga: use local path for local headers
  colo: use local path for local headers
  migration: use local path for local headers
  usb: use local path for local headers
  sd: fix up include
  vhost-scsi: drop an unused include
  ppc: use local path for local headers
  rocker: drop an unused include
  e1000e: use local path for local headers
  ioapic: fix up includes
  ide: use local path for local headers
  display: use local path for local headers
  trace: use local path for local headers
  migration: drop an unused include
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-04 10:15:16 +01:00
Cédric Le Goater
b895de5027 migration: discard non-migratable RAMBlocks
On the POWER9 processor, the XIVE interrupt controller can control
interrupt sources using MMIO to trigger events, to EOI or to turn off
the sources. Priority management and interrupt acknowledgment is also
controlled by MMIO in the presenter sub-engine.

These MMIO regions are exposed to guests in QEMU with a set of 'ram
device' memory mappings, similarly to VFIO, and the VMAs are populated
dynamically with the appropriate pages using a fault handler.

But, these regions are an issue for migration. We need to discard the
associated RAMBlocks from the RAM state on the source VM and let the
destination VM rebuild the memory mappings on the new host in the
post_load() operation just before resuming the system.

To achieve this goal, the following introduces a new RAMBlock flag
RAM_MIGRATABLE which is updated in the vmstate_register_ram() and
vmstate_unregister_ram() routines. This flag is then used by the
migration to identify RAMBlocks to discard on the source. Some checks
are also performed on the destination to make sure nothing invalid was
sent.

This change impacts the boston, malta and jazz mips boards for which
migration compatibility is broken.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2018-06-04 05:46:15 +02:00
Xiao Guangrong
f548222c24 migration: introduce decompress-error-check
QEMU 3.0 enables strict check for compression & decompression to
make the migration more robust, that depends on the source to fix
the internal design which triggers the unexpected error conditions

To make it work for migrating old version QEMU to 2.13 QEMU, we
introduce this parameter to disable the error check on the
destination which is the default behavior of the machine type
which is older than 2.13, alternately, the strict check can be
enabled explicitly as followings:
      -M pc-q35-2.11 -global migration.decompress-error-check=true

Signed-off-by: Xiao Guangrong <xiaoguangrong@tencent.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2018-06-04 05:46:15 +02:00
Richard Henderson
07ea28b418 tcg: Pass tb and index to tcg_gen_exit_tb separately
Do the cast to uintptr_t within the helper, so that the compiler
can type check the pointer argument.  We can also do some more
sanity checking of the index argument.

Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-06-01 15:15:27 -07:00
Peter Maydell
afd76ffba9 * Linux header upgrade (Peter)
* firmware.json definition (Laszlo)
 * IPMI migration fix (Corey)
 * QOM improvements (Alexey, Philippe, me)
 * Memory API cleanups (Jay, me, Tristan, Peter)
 * WHPX fixes and improvements (Lucian)
 * Chardev fixes (Marc-André)
 * IOMMU documentation improvements (Peter)
 * Coverity fixes (Peter, Philippe)
 * Include cleanup (Philippe)
 * -clock deprecation (Thomas)
 * Disable -sandbox unless CONFIG_SECCOMP (Yi Min Zhao)
 * Configurability improvements (me)
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAlsRd2UUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroPG8Qf+M85E8xAQ/bhs90tAymuXkUUsTIFF
 uI76K8eM0K3b2B+vGckxh1gyN5O3GQaMEDL7vITfqbX+EOH5U2lv8V9JRzf2YvbG
 Zahjd4pOCYzR0b9JENA1r5U/J8RntNrBNXlKmGTaXOaw9VCXlZyvgVd9CE3z/e2M
 0jSXMBdF4LB3UzECI24Va8ejJxdSiJcqXA2j3J+pJFxI698i+Z5eBBKnRdo5TVe5
 jl0TYEsbS6CLwhmbLXmt3Qhq+ocZn7YH9X3HjkHEdqDUeYWyT9jwUpa7OHFrIEKC
 ikWm9er4YDzG/vOC0dqwKbShFzuTpTJuMz5Mj4v8JjM/iQQFrp4afjcW2g==
 =RS/B
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Linux header upgrade (Peter)
* firmware.json definition (Laszlo)
* IPMI migration fix (Corey)
* QOM improvements (Alexey, Philippe, me)
* Memory API cleanups (Jay, me, Tristan, Peter)
* WHPX fixes and improvements (Lucian)
* Chardev fixes (Marc-André)
* IOMMU documentation improvements (Peter)
* Coverity fixes (Peter, Philippe)
* Include cleanup (Philippe)
* -clock deprecation (Thomas)
* Disable -sandbox unless CONFIG_SECCOMP (Yi Min Zhao)
* Configurability improvements (me)

# gpg: Signature made Fri 01 Jun 2018 17:42:13 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (56 commits)
  hw: make virtio devices configurable via default-configs/
  hw: allow compiling out SCSI
  memory: Make operations using MemoryRegionIoeventfd struct pass by pointer.
  char: Remove unwanted crlf conversion
  qdev: Remove DeviceClass::init() and ::exit()
  qdev: Simplify the SysBusDeviceClass::init path
  hw/i2c: Use DeviceClass::realize instead of I2CSlaveClass::init
  hw/i2c/smbus: Use DeviceClass::realize instead of SMBusDeviceClass::init
  target/i386/kvm.c: Remove compatibility shim for KVM_HINTS_REALTIME
  Update Linux headers to 4.17-rc6
  target/i386/kvm.c: Handle renaming of KVM_HINTS_DEDICATED
  scripts/update-linux-headers: Handle kernel license no longer being one file
  scripts/update-linux-headers: Handle __aligned_u64
  virtio-gpu-3d: Define VIRTIO_GPU_CAPSET_VIRGL2 elsewhere
  gdbstub: Prevent fd leakage
  docs/interop: add "firmware.json"
  ipmi: Use proper struct reference for KCS vmstate
  vmstate: Add a VSTRUCT type
  tcg: remove softfloat from --disable-tcg builds
  qemu-options: Mark the non-functional -clock option as deprecated
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-06-01 18:24:16 +01:00
Changpeng Liu
25b1d45a19 vhost-blk: turn on pre-defined RO feature bit
Read only feature shouldn't be negotiable, because if the
backend device reported Read only feature supported, QEMU
host driver shouldn't change backend's RO attribute. While
here, also enable the vhost-user-blk test utility to test
RO feature.

Signed-off-by: Changpeng Liu <changpeng.liu@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-06-01 19:20:38 +03:00
Ross Zwisler
9ab3aad281 nvdimm, acpi: support NFIT platform capabilities
Add a machine command line option to allow the user to control the Platform
Capabilities Structure in the virtualized NFIT.  This Platform Capabilities
Structure was added in ACPI 6.2 Errata A.

Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-06-01 19:20:38 +03:00
Michael S. Tsirkin
83ee768d62 migration: drop an unused include
In the vmstate.h file, we just need a struct name. Use a forward
declaration instead of an include, then adjust the one affected .c file
to include the file that is no longer implicit from the header.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-06-01 19:20:37 +03:00
Fam Zheng
b5679fa49c block-backend: Add blk_co_copy_range
It's a BlockBackend wrapper of the BDS interface.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20180601092648.24614-10-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-01 14:41:48 +01:00
Fam Zheng
604dfaaa32 iscsi: Implement copy offloading
Issue EXTENDED COPY (LID1) command to implement the copy_range API.

The parameter data construction code is modified from libiscsi's
iscsi-dd.c.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20180601092648.24614-9-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-01 14:41:48 +01:00
Fam Zheng
1efad060d7 file-posix: Implement bdrv_co_copy_range
With copy_file_range(2), we can implement the bdrv_co_copy_range
semantics.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 20180601092648.24614-6-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-01 14:41:48 +01:00
Fam Zheng
fcc6767836 block: Introduce API for copy offloading
Introduce the bdrv_co_copy_range() API for copy offloading.  Block
drivers implementing this API support efficient copy operations that
avoid reading each block from the source device and writing it to the
destination devices.  Examples of copy offload primitives are SCSI
EXTENDED COPY and Linux copy_file_range(2).

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20180601092648.24614-2-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-01 14:41:47 +01:00
Philippe Mathieu-Daudé
ff46d9d4d6 qdev: Remove DeviceClass::init() and ::exit()
Since no devices use it, we can safely remove it.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180419212727.26095-5-f4bug@amsat.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Removal of DeviceClass::init() moved from previous patch, missing
documentation updates supplied]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180528144509.15812-5-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 15:14:31 +02:00
Philippe Mathieu-Daudé
c8c9e10394 hw/i2c: Use DeviceClass::realize instead of I2CSlaveClass::init
I2CSlaveClass::init is no more used, remove it.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180419212727.26095-3-f4bug@amsat.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180528144509.15812-3-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 15:14:31 +02:00
Philippe Mathieu-Daudé
19473e51cc hw/i2c/smbus: Use DeviceClass::realize instead of SMBusDeviceClass::init
SMBusDeviceClass::init is no more used, remove it.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180419212727.26095-2-f4bug@amsat.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180528144509.15812-2-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 15:14:31 +02:00
Peter Maydell
65a6d8dd3f Update Linux headers to 4.17-rc6
Update our copy of the Linux headers to upstream 4.17-rc6
(kernel commit 771c577c23bac90597c68).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180525132755.21839-6-peter.maydell@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 15:14:31 +02:00
Alex Williamson
a8bff79e9f virtio-gpu-3d: Define VIRTIO_GPU_CAPSET_VIRGL2 elsewhere
Commit 5643cc94ac ("virtio-gpu-3d: add support for second capability
set (v4)") updated virtio_gpu.h with a define that does not yet(?)
exist upstream resulting in build breakage every time Linux headers
are updated via the standard update script.  Conditionally define this
within QEMU code instead to avoid future breakage.

Cc: Dave Airlie <airlied@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Fixes: 5643cc94ac ("virtio-gpu-3d: add support for second capability set (v4)")
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180525132755.21839-2-peter.maydell@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 15:14:31 +02:00
Corey Minyard
2dc6660bd8 vmstate: Add a VSTRUCT type
The VMS_STRUCT has no way to specify which version of a structure
to use.  Add a type and a new field to allow the specific version
of a structure to be used.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Message-Id: <1524670052-28373-2-git-send-email-minyard@acm.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 15:13:46 +02:00
Paolo Bonzini
257a7430e7 memory: get rid of memory_region_init_reservation
The function has been deprecated for 2.5 years, and there are just a handful
of users.  Convert them to memory_region_init_io with NULL callbacks,
and while at it pass the right device as the owner.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 14:15:10 +02:00
Peter Maydell
0330002cb5 memory.h: Fix typo in documentation comment
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180515134835.3409-1-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 14:15:10 +02:00
Philippe Mathieu-Daudé
b969ea6bcd hw: Clean "hw/devices.h" includes
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180528232719.4721-22-f4bug@amsat.org>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 14:15:10 +02:00
Philippe Mathieu-Daudé
921e1a2ab3 hw/misc/mips_itu: Cleanup includes
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180528232719.4721-17-f4bug@amsat.org>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 14:15:10 +02:00
Philippe Mathieu-Daudé
ab728275e4 hw: Do not include "exec/address-spaces.h" if it is not necessary
Code change produced with:
    $ git grep '#include "exec/address-spaces.h"' hw include/hw | \
      cut -d: -f-1 | \
      xargs egrep -L "(get_system_|address_space_)" | \
      xargs sed -i.bak '/#include "exec\/address-spaces.h"/d'

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180528232719.4721-12-f4bug@amsat.org>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-01 14:15:10 +02:00
Yi Min Zhao
9d0fdecbad sandbox: disable -sandbox if CONFIG_SECCOMP undefined
If CONFIG_SECCOMP is undefined, the option 'elevatedprivileges' remains
compiled. This would make libvirt set the corresponding capability and
then trigger failure during guest startup. This patch moves the code
regarding seccomp command line options to qemu-seccomp.c file and
wraps qemu_opts_foreach finding sandbox option with CONFIG_SECCOMP.
Because parse_sandbox() is moved into qemu-seccomp.c file, change
seccomp_start() to static function.

Signed-off-by: Yi Min Zhao <zyimin@linux.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Tested-by: Ján Tomko <jtomko@redhat.com>
Acked-by: Eduardo Otubo <otubo@redhat.com>
2018-06-01 13:44:15 +02:00
Paul Durrant
d3c49ebbe2 xen-hvm: try to use xenforeignmemory_map_resource() to map ioreq pages
Xen 4.11 has a new API to directly map guest resources. Among the resources
that can be mapped using this API are ioreq pages.

This patch modifies QEMU to attempt to use the new API should it exist,
falling back to the previous mechanism if it is unavailable.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
2018-05-31 12:04:55 -07:00
Igor Druzhinin
04a8f72e87 xen/hvm: correct reporting of modified memory under physmap during migration
When global_log_dirty is enabled VRAM modification tracking never
worked correctly. The address that is passed to xen_hvm_modified_memory()
is not the effective PFN but RAM block address which is not the same
for VRAM.

We need to make a translation for this address into PFN using
physmap. Since there is no way to access physmap properly inside
xen_hvm_modified_memory() let's make it a global structure.

Signed-off-by: Igor Druzhinin <igor.druzhinin@citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
2018-05-31 12:04:54 -07:00
Philippe Mathieu-Daudé
d791937fa0 vfio: Include "exec/address-spaces.h" directly in the source file
No declaration of "hw/vfio/vfio-common.h" directly requires to include
the "exec/address-spaces.h" header.  To simplify dependencies and
ease the upcoming cleanup of "exec/address-spaces.h", directly include
it in the source file where the declaration are used.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180528232719.4721-2-f4bug@amsat.org>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-05-31 19:12:13 +02:00
Yi Min Zhao
0dd693ef1f sandbox: disable -sandbox if CONFIG_SECCOMP undefined
If CONFIG_SECCOMP is undefined, the option 'elevateprivileges' remains
compiled. This would make libvirt set the corresponding capability and
then trigger failure during guest startup. This patch moves the code
regarding seccomp command line options to qemu-seccomp.c file and
wraps qemu_opts_foreach finding sandbox option with CONFIG_SECCOMP.
Because parse_sandbox() is moved into qemu-seccomp.c file, change
seccomp_start() to static function.

Signed-off-by: Yi Min Zhao <zyimin@linux.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Tested-by: Ján Tomko <jtomko@redhat.com>
Acked-by: Eduardo Otubo <otubo@redhat.com>
Message-Id: <20180531032937.1925-1-zyimin@linux.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-05-31 19:12:13 +02:00
Peter Maydell
e0a37e2660 vmstate.h: Provide VMSTATE_BOOL_SUB_ARRAY
Provide a VMSTATE_BOOL_SUB_ARRAY to go with VMSTATE_UINT8_SUB_ARRAY
and friends.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180521140402.23318-23-peter.maydell@linaro.org
2018-05-31 16:32:35 +01:00
Peter Maydell
7446eb07c1 Make address_space_get_iotlb_entry() take a MemTxAttrs argument
As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_get_iotlb_entry().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-12-peter.maydell@linaro.org
2018-05-31 16:32:35 +01:00
Peter Maydell
efa99a2ff8 Make flatview_translate() take a MemTxAttrs argument
As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to flatview_translate(); all its
callers now have attrs available.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-11-peter.maydell@linaro.org
2018-05-31 16:32:35 +01:00
Peter Maydell
8372d38327 Make MemoryRegion valid.accepts callback take a MemTxAttrs argument
As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to the MemoryRegion valid.accepts
callback. We'll need this for subpage_accepts().

We could take the approach we used with the read and write
callbacks and add new a new _with_attrs version, but since there
are so few implementations of the accepts hook we just change
them all.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-9-peter.maydell@linaro.org
2018-05-31 16:32:35 +01:00
Peter Maydell
6d7b9a6c3b Make memory_region_access_valid() take a MemTxAttrs argument
As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to memory_region_access_valid().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

The callsite in flatview_access_valid() is part of a recursive
loop flatview_access_valid() -> memory_region_access_valid() ->
 subpage_accepts() -> flatview_access_valid(); we make it pass
MEMTXATTRS_UNSPECIFIED for now, until the next several commits
have plumbed an attrs parameter through the rest of the loop
and we can add an attrs parameter to flatview_access_valid().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-8-peter.maydell@linaro.org
2018-05-31 16:32:35 +01:00
Peter Maydell
fddffa4268 Make address_space_access_valid() take a MemTxAttrs argument
As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_access_valid().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-6-peter.maydell@linaro.org
2018-05-31 16:32:35 +01:00
Peter Maydell
f26404fbee Make address_space_map() take a MemTxAttrs argument
As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_map().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-5-peter.maydell@linaro.org
2018-05-31 16:32:35 +01:00
Peter Maydell
bc6b1cec84 Make address_space_translate{, _cached}() take a MemTxAttrs argument
As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_translate()
and address_space_translate_cached(). Callers either have an
attrs value to hand, or don't care and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-4-peter.maydell@linaro.org
2018-05-31 14:50:52 +01:00
Peter Maydell
c874dc4f5e Make tb_invalidate_phys_addr() take a MemTxAttrs argument
As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to tb_invalidate_phys_addr().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180521140402.23318-3-peter.maydell@linaro.org
2018-05-31 14:50:52 +01:00
Peter Maydell
2ce931d012 memory.h: Improve IOMMU related documentation
Add more detail to the documentation for memory_region_init_iommu()
and other IOMMU-related functions and data structures.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20180521140402.23318-2-peter.maydell@linaro.org
2018-05-31 14:50:52 +01:00
Richard Henderson
6c2be133a7 tcg: Fix helper function vs host abi for float16
Depending on the host abi, float16, aka uint16_t, values are
passed and returned either zero-extended in the host register
or with garbage at the top of the host register.

The tcg code generator has so far been assuming garbage, as that
matches the x86 abi, but this is incorrect for other host abis.
Further, target/arm has so far been assuming zero-extended results,
so that it may store the 16-bit value into a 32-bit slot with the
high 16-bits already clear.

Rectify both problems by mapping "f16" in the helper definition
to uint32_t instead of (a typedef for) uint16_t.  This forces
the host compiler to assume garbage in the upper 16 bits on input
and to zero-extend the result on output.

Cc: qemu-stable@nongnu.org
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20180522175629.24932-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-31 14:50:51 +01:00
Peter Maydell
a3ac12fba0 NUMA queue, 2018-05-30
* New command-line option: --preconfig
   This option allows pausing QEMU and allow the configuration
   using QMP commands before running board initialization code.
 * New QMP set-numa-node, now made possible because of --preconfig
 * Small update on -numa error messages
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJbDy2jAAoJECgHk2+YTcWm8OgP/As0judZ7JwT5F5fR4nxtQPr
 EODeEI+e/IahGH58Bafx24Fvxy0HZIgwqBDnPgclA8d3ebwmDQIejgk5/00zq2xv
 cktRpzXGSBGJCVNctVz8xqN91m0lPtVgeRvXUJPn3hthXRSLO4p0vbyOW8g/C+O2
 +dEcGqifAQatyxs9gYmmWoUia8zle/v1bd2v/x/DwiFW9cd47yDr3+ChHh6+nx0W
 uh2zymD+ykVeNJ9WSxc3k8zTzQnuxbDK1fNbZsztk9KQDMWG3+u7KRNoJ86/7hKL
 RMUfRCUMBgemuZsrFF8wSsha27e9VgCw4oR8dQ5AnTgMjK6nch/839XuFWh7j5qu
 ntS4vt1v6IczdflKXX7IUILAgvVffLh2SCGWlKq9Q1eKo+CZTCea+iSbb2QobAE+
 9TyuqXVKCsGKLoqkbK39d1UjZFhDQJhMsyuOHreKEINmJRmLI5qrNbEaaysb+mMB
 DnFE1NiWjE+6X4w9U1l8lnKNUakOPNDG8cbgtuiEKDC9e3OZeiS8yyPLaQajELSR
 Ig7N2GxrLMSfS3LNMSwkACILzVeu03aFoHyCPrpUqD8mpxidN0mmFVup8dawtkJ1
 A5dHrKDmzlOT6DivJOgT8/Os/wMo3ErPcvyu69rTUO9PKSbwcFPwi6bMMDzgb4xO
 kAles9X7HrHxSeJiggRW
 =RHIj
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/numa-next-pull-request' into staging

NUMA queue, 2018-05-30

* New command-line option: --preconfig
  This option allows pausing QEMU and allow the configuration
  using QMP commands before running board initialization code.
* New QMP set-numa-node, now made possible because of --preconfig
* Small update on -numa error messages

# gpg: Signature made Thu 31 May 2018 00:02:59 BST
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/numa-next-pull-request:
  tests: functional tests for QMP command set-numa-node
  qmp: add set-numa-node command
  qmp: permit query-hotpluggable-cpus in preconfig state
  tests: extend qmp test with preconfig checks
  cli: add --preconfig option
  tests: qapi-schema tests for allow-preconfig
  qapi: introduce new cmd option "allow-preconfig"
  hmp: disable monitor in preconfig state
  qapi: introduce preconfig runstate
  numa: split out NumaOptions parsing into set_numa_options()
  numa: postpone options post-processing till machine_run_board_init()
  numa: clarify error message when node index is out of range in -numa dist, ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-31 11:12:36 +01:00
Igor Mammedov
047f7038f5 cli: add --preconfig option
This option allows pausing QEMU in the new RUN_STATE_PRECONFIG state,
allowing the configuration of QEMU from QMP before the machine jumps
into board initialization code of machine_run_board_init()

The intent is to allow management to query machine state and additionally
configure it using previous query results within one QEMU instance
(i.e. eliminate the need to start QEMU twice, 1st to query board specific
parameters and 2nd for actual VM start using query results for
additional parameters).

The new option complements -S option and could be used with or without
it. The difference is that -S pauses QEMU when the machine is completely
initialized with all devices wired up and ready to execute guest code
(QEMU needs only to unpause VCPUs to let guest execute its code),
while the "preconfig" option pauses QEMU early before board specific init
callback (machine_run_board_init) is executed and allows the configuration
of machine parameters which will be used by board init code.

When early introspection/configuration is done, command 'exit-preconfig'
should be used to exit RUN_STATE_PRECONFIG and transition to the next
requested state (i.e. if -S is used then QEMU will pause the second
time when board/device initialization is completed or start guest
execution if -S isn't provided on CLI)

PS:
Initially 'preconfig' is planned to be used for configuring numa
topology depending on board specified possible cpus layout.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1526059483-42847-1-git-send-email-imammedo@redhat.com>
[ehabkost: Changed "since 2.13" to "since 3.0"]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-30 13:19:14 -03:00
Igor Mammedov
d6fe3d02e9 qapi: introduce new cmd option "allow-preconfig"
New option will be used to allow commands, which are prepared/need
to run, during preconfig state. Other commands that should be able
to run in preconfig state, should be amended to not expect machine
in initialized state or deal with it.

For compatibility reasons, commands that don't use new flag
'allow-preconfig' explicitly are not permitted to run in
preconfig state but allowed in all other states like they used
to be.

Within this patch allow following commands in preconfig state:
   qmp_capabilities
   query-qmp-schema
   query-commands
   query-command-line-options
   query-status
   exit-preconfig
to allow qmp connection, basic introspection and moving to the next
state.

PS:
set-numa-node and query-hotpluggable-cpus will be enabled later in
a separate patches.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1526057503-39287-1-git-send-email-imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[ehabkost: Changed "since 2.13" to "since 3.0"]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-30 13:19:09 -03:00
Igor Mammedov
3319b4efc2 numa: split out NumaOptions parsing into set_numa_options()
it will allow to reuse set_numa_options() for parsing
configuration commands received via QMP interface

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1525423069-61903-3-git-send-email-imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-30 13:08:11 -03:00
Igor Mammedov
7a3099fc9c numa: postpone options post-processing till machine_run_board_init()
in preparation for numa options to being handled via QMP before
machine_run_board_init(), move final numa configuration checks
and processing to machine_run_board_init() so it could take into
account both CLI (via parse_numa_opts()) and QMP input

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1525423069-61903-2-git-send-email-imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-30 13:08:11 -03:00
Kevin Wolf
1266c9b9f5 job: Add error message for failing jobs
So far we relied on job->ret and strerror() to produce an error message
for failed jobs. Not surprisingly, this tends to result in completely
useless messages.

This adds a Job.error field that can contain an error string for a
failing job, and a parameter to job_completed() that sets the field. As
a default, if NULL is passed, we continue to use strerror(job->ret).

All existing callers are changed to pass NULL. They can be improved in
separate patches.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
2018-05-30 13:31:01 +02:00
Peter Maydell
4f71086665 gdbstub: Clarify what gdb_handlesig() is doing
gdb_handlesig()'s behaviour is not entirely obvious at first
glance. Add a doc comment for it, and also add a comment
explaining why it's ok for gdb_do_syscallv() to ignore
gdb_handlesig()'s return value. (Coverity complains about
this: CID 1390850.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180515181958.25837-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-05-25 10:10:55 +02:00
Peter Maydell
75578d6fce linux-user: Assert on bad type in thunk_type_align() and thunk_type_size()
In thunk_type_align() and thunk_type_size() we currently return
-1 if the value at the type_ptr isn't one of the TYPE_* values
we understand. However, this should never happen, and if it does
then the calling code will go confusingly wrong because none
of the callsites try to handle an error return. Switch to an
assertion instead, so that if this does somehow happen we'll have
a nice clear backtrace of what happened rather than a weird crash
or misbehaviour.

This also silences various Coverity complaints about not handling
the negative return value (CID 1005735, 1005736, 1005738, 1390582).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20180514174616.19601-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-05-24 20:46:54 +02:00
Michael S. Tsirkin
28012e190e osdep: add wait.h compat macros
Man page for WCOREDUMP says:

  WCOREDUMP(wstatus) returns true if the child produced a core dump.
  This macro should be employed only if WIFSIGNALED returned true.

  This  macro  is  not  specified  in POSIX.1-2001 and is not
  available on some UNIX implementations (e.g., AIX, SunOS).  Therefore,
  enclose its use inside #ifdef WCOREDUMP ... #endif.

Let's do exactly this.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-24 21:14:11 +03:00
Tiwei Bie
44866521bd vhost-user: support registering external host notifiers
This patch introduces VHOST_USER_PROTOCOL_F_HOST_NOTIFIER.
With this feature negotiated, vhost-user backend can register
memory region based host notifiers. And it will allow the guest
driver in the VM to notify the hardware accelerator at the
vhost-user backend directly.

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-24 21:14:11 +03:00
Tiwei Bie
4d0cf552d3 vhost-user: introduce shared vhost-user state
When multi queue is enabled e.g. for a virtio-net device,
each queue pair will have a vhost_dev, and the only thing
shared between vhost devs currently is the chardev. This
patch introduces a vhost-user state structure which will
be shared by all vhost devs of the same virtio device.

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-24 21:14:11 +03:00
Tiwei Bie
988a27754b vhost: allow backends to filter memory sections
This patch introduces a vhost op for vhost backends to allow
them to filter the memory sections that they can handle.

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-24 21:14:10 +03:00
Peter Maydell
62b9b076d9 vga: catch depth 0
hw/display: add new bochs-display device
 some cleanups.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJbBt4qAAoJEEy22O7T6HE49zIQAJpmAAqJidE14l6mcnxzxqoS
 yC0VyXFqEbwueTeNd4VIjrJRkOHk8auWCes+QKoR1ZfbEEsLDzD8CF4tKbSj8Y41
 0Poe+vYrOQQazkxWSB08xBE6mdTtXTkDC4zkmNSDxb5LIBGBa1A/juPksaXawFDK
 pfDaCYZdO7RgnU2EgoykDteHMnzKeCO9fMPQvdVuen4DDqeIlXyYAUDEYDag5gJy
 DhZqDDz31m7g9JYLOVSGW0Qd2uZXvw55A3pnDNiCyyDKJl0xLeJOBif714J2GI0r
 wDLDY9sSjx78d/qmNtX+X4lvXW7GWGDw228VjW2XBKqzligg9rM/8h6aIPbqqT5N
 XWdOT6Qx4lSbcsbinSWVmWu9XDb7NXKSu3oc/tTC/ImJTuBPUkaGuMTmd5kCe5Mk
 VG5ZY8ow9pQ9THU1pFW6CA/MRWWfm5IPxkJBiT4sJb8i5aSPxTSBEZjMfVdCvh78
 av2g5NB4IYCOHDDwAOra+NDKULuDFRBYFKyb4Ge52zKe2UB3sKnxlIWeOGS88C6D
 gH/j+02eO4Q8EWauUUFUJNW3TGUirlcl5oxvyZjhEbjsh+2RasOT1ULW54IIdpnU
 ijhHfnRcMNG4iNq1HA49tjHq3QraGQ9zZF3wOSrwyq47uU2Rjp+HS5TnZuzz3Mi4
 VEjZXPmVd9R9++c3E+o1
 =FJjD
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180524-pull-request' into staging

vga: catch depth 0
hw/display: add new bochs-display device
some cleanups.

# gpg: Signature made Thu 24 May 2018 16:45:46 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20180524-pull-request:
  MAINTAINERS: add vga entries
  bochs-display: add pcie support
  bochs-display: add dirty tracking support
  hw/display: add new bochs-display device
  vga-pci: use PCI_VGA_MMIO_SIZE
  vga: move bochs vbe defines to header file
  vga: catch depth 0

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-24 17:48:01 +01:00
Peter Maydell
45eabb2ede pc, pci, virtio, vhost: fixes, features
Beginning of merging vDPA, new PCI ID, a new virtio balloon stat, intel
 iommu rework fixing a couple of security problems (no CVEs yet), fixes
 all over the place.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbBX2cAAoJECgfDbjSjVRpOEYIAIR6KGkwbAJ9SnO9B71DQHl1
 yYYgM7i2HwyZ1YPnXOYWnI1lzQ1bARTf2krQJFGmfjlDaueFf9KnXdNByoVCmG8m
 UhF/rQp3DcJ4wTABktPtME8gWdQxKPmDxlN5W3f29Zrm3g9S+Hshi+sfPZUkBxL4
 gQMFRctb2SxvQXG+lusHVwo1oF6pzGZMmX35906he3m4xS/cfoeCP7Qj6nSvHZq7
 lsLoOeYxHtXWA9gTYxpd7zW+hhUxkspoOqcXySHfO7e5enJANaulTxKuC0T+6HL4
 O2iUM+1wjUYE0tQcNJ6x7emA82k5OdG2OMD6gbR1oSdquttJo7+4R+goqpb44rc=
 =NUoY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pc, pci, virtio, vhost: fixes, features

Beginning of merging vDPA, new PCI ID, a new virtio balloon stat, intel
iommu rework fixing a couple of security problems (no CVEs yet), fixes
all over the place.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed 23 May 2018 15:41:32 BST
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream: (28 commits)
  intel-iommu: rework the page walk logic
  util: implement simple iova tree
  intel-iommu: trace domain id during page walk
  intel-iommu: pass in address space when page walk
  intel-iommu: introduce vtd_page_walk_info
  intel-iommu: only do page walk for MAP notifiers
  intel-iommu: add iommu lock
  intel-iommu: remove IntelIOMMUNotifierNode
  intel-iommu: send PSI always even if across PDEs
  nvdimm: fix typo in label-size definition
  contrib/vhost-user-blk: enable protocol feature for vhost-user-blk
  hw/virtio: Fix brace Werror with clang 6.0.0
  libvhost-user: Send messages with no data
  vhost-user+postcopy: Use qemu_set_nonblock
  virtio: support setting memory region based host notifier
  vhost-user: support receiving file descriptors in slave_read
  vhost-user: add Net prefix to internal state structure
  linux-headers: add kvm header for mips
  linux-headers: add unistd.h on all arches
  update-linux-headers.sh: unistd.h, kvm consistency
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-24 14:22:23 +01:00
Peter Maydell
37cbe4da61 Block layer patches:
- Generic background jobs
 - qemu-iotests fixes for NFS and the 'migration' group
 - sheepdog: Minor code simplification
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJbBV+tAAoJEH8JsnLIjy/WiBoP/0C7IObZ6/yOedSFsCADdt1U
 Kv2So7V7OBC8QeDhJqB9x5GZ4XieBWHqCR7yFKG3/piMuv1+HRiuA4aNiW1mwreU
 VqI6Ls4pZ8jEWYl6p0+enhA2cQVEDJjICC7n6xw8rhu1OaMdXwzNXBjXVMJHmMCg
 m6KixQXB1JCPuGZmoNE6wE34gsCiWTKrbt6T83RMcacJaVBcumN6RyzkFeLZ2jef
 XXNXYGrZ2/UBGJOBxpLjbZvgYehMcUd20HZ0jNFtiA9+APBVoc6iFAXseT9tbedm
 QBdOw8ESshTKOfpNxLEDrQomCpCAmGf5q3z7omikFk3VBaap1cE5ZCA/ylvb/sxp
 ZoigX/VfZ8auol+y/kLS4SAGKbnyg6qT7LX1G1op+Fwewo+mMTpBeNvDGQIIGR33
 cCRl7YBpHvtN2T4GzmGhPKcWqNpykqmNgW/ZMW1BG1NeR8zkdEtvH4xESxAYkaXm
 a7nFCaxAQlU1l0EV9jVKSnS07/8eKCXStGatBBMYn4VjRYZSVaWW1J5WW16nJpip
 eDfv3QQPujAsSAwC1V+4WyrcqBx1Ya2Accic2rbpiLFHAsEFl+UMhiw2ken1x85W
 +ZOyAMXXRPVsYMPAOCZIemYONAons2GSJsJvIZC9ln4yjAFNuGNTvTDgoiZfYxBC
 P9eAY6T905Y2f7bMYV9y
 =cNlf
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Generic background jobs
- qemu-iotests fixes for NFS and the 'migration' group
- sheepdog: Minor code simplification

# gpg: Signature made Wed 23 May 2018 13:33:49 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (46 commits)
  qemu-iotests: Test job-* with block jobs
  iotests: Move qmp_to_opts() to VM
  blockjob: Remove BlockJob.driver
  job: Add query-jobs QMP command
  job: Add lifecycle QMP commands
  job: Add JOB_STATUS_CHANGE QMP event
  job: Introduce qapi/job.json
  job: Move progress fields to Job
  job: Add job_transition_to_ready()
  job: Add job_is_ready()
  job: Add job_dismiss()
  job: Add job_yield()
  block: Cancel job in bdrv_close_all() callers
  job: Move completion and cancellation to Job
  job: Move transactions to Job
  job: Switch transactions to JobTxn
  job: Move job_finish_sync() to Job
  job: Move .complete callback to Job
  job: Add job_drain()
  job: Convert block_job_cancel_async() to Job
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-24 13:24:22 +01:00
Peter Maydell
5ff2a4b97f Xen 2018/05/22
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJbBGT2AAoJEIlPj0hw4a6Q0BIQAIciEH80ZLPSQPJciRoBCB/s
 1BUsbFelfeHcTXAOxiahmaQbzzffosifK0uJAH5Quy5RotnKknguRgfgAl8nWX34
 vXBbYKOmdudNwk3wIhcnnLfiRvNcdF4yDVVArsnvEbCWUBV2mpTrhuqmepZMiY7s
 GQU42ly09WQePBPFW19RS/kxsaR1lSuGIuSxtc+0QvDQpqMRK3HslHrjD0jgUISh
 pitqL3ztPHpJN1d9KI9fNT066magjnAkWV1gSYH9MAFvWV6JVuXqyJPY/x+YcZEU
 uPgZdEmONIoFqLD7yEHf/kXtCoRZavnvX3t0OPvUOPrN8eeui/UrtOyElY0NxmS/
 RGKggOAjN4VYdAfXHqLIWHkkE8CicFkukr6hk2nyfDKT63ZTR6TfEESrweL3clej
 J2dQ1bPvmAhlPU7tFeo8drAFgeIjLl9QAXEtp2+1FXGYBOT4avwtnt4rrGpnSbpL
 wV6SObd4d8yJR1JrA42jXuL2qlubainlceg4dSFGf84iUx68Sq+DXM+ssbVxs4Tc
 VEJ2nIGK2OF0jafFUV4sqZ7iDQoor0A/SGiOHk8j3kr/kWbidid6opl+MRcr/II3
 CYHyR8IH3LLY/CY18ppVbuCNxovPTilwRsleNy6ZxM1uFeWIOGWUy0WutPTi8wq8
 Ksa1MVPftDaMOLL2WE5C
 =e+YI
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/sstabellini-http/tags/xen-20180522-tag' into staging

Xen 2018/05/22

# gpg: Signature made Tue 22 May 2018 19:44:06 BST
# gpg:                using RSA key 894F8F4870E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"
# gpg:                 aka "Stefano Stabellini <sstabellini@kernel.org>"
# Primary key fingerprint: D04E 33AB A51F 67BA 07D3  0AEA 894F 8F48 70E1 AE90

* remotes/sstabellini-http/tags/xen-20180522-tag:
  xen_disk: be consistent with use of xendev and blkdev->xendev
  xen_disk: use a single entry iovec
  xen_backend: make the xen_feature_grant_copy flag private
  xen_disk: remove use of grant map/unmap
  xen_backend: add an emulation of grant copy
  xen: remove other open-coded use of libxengnttab
  xen_disk: remove open-coded use of libxengnttab
  xen_backend: add grant table helpers
  xen: add a meaningful declaration of grant_copy_segment into xen_common.h
  checkpatch: generalize xen handle matching in the list of types
  xen-hvm: create separate function for ioreq server initialization
  xen_pt: Present the size of 64 bit BARs correctly
  configure: Add explanation for --enable-xen-pci-passthrough
  xen/pt: use address_space_memory object for memory region hooks
  xen-pvdevice: Introduce a simplistic xen-pvdevice save state

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-24 11:30:59 +01:00
Gerd Hoffmann
a3ee49f075 vga: move bochs vbe defines to header file
Create a new header file, move the bochs vbe dispi interface
defines to it, so they can be used outside vga code.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20180522165058.15404-2-kraxel@redhat.com
2018-05-24 10:42:13 +02:00
Peter Xu
63b88968f1 intel-iommu: rework the page walk logic
This patch fixes a potential small window that the DMA page table might
be incomplete or invalid when the guest sends domain/context
invalidations to a device.  This can cause random DMA errors for
assigned devices.

This is a major change to the VT-d shadow page walking logic. It
includes but is not limited to:

- For each VTDAddressSpace, now we maintain what IOVA ranges we have
  mapped and what we have not.  With that information, now we only send
  MAP or UNMAP when necessary.  Say, we don't send MAP notifies if we
  know we have already mapped the range, meanwhile we don't send UNMAP
  notifies if we know we never mapped the range at all.

- Introduce vtd_sync_shadow_page_table[_range] APIs so that we can call
  in any places to resync the shadow page table for a device.

- When we receive domain/context invalidation, we should not really run
  the replay logic, instead we use the new sync shadow page table API to
  resync the whole shadow page table without unmapping the whole
  region.  After this change, we'll only do the page walk once for each
  domain invalidations (before this, it can be multiple, depending on
  number of notifiers per address space).

While at it, the page walking logic is also refactored to be simpler.

CC: QEMU Stable <qemu-stable@nongnu.org>
Reported-by: Jintack Lim <jintack@cs.columbia.edu>
Tested-by: Jintack Lim <jintack@cs.columbia.edu>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 17:34:05 +03:00
Peter Xu
eecf5eedbd util: implement simple iova tree
Introduce a simplest iova tree implementation based on GTree.

CC: QEMU Stable <qemu-stable@nongnu.org>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 17:33:58 +03:00
Peter Xu
4f8a62a933 intel-iommu: only do page walk for MAP notifiers
For UNMAP-only IOMMU notifiers, we don't need to walk the page tables.
Fasten that procedure by skipping the page table walk.  That should
boost performance for UNMAP-only notifiers like vhost.

CC: QEMU Stable <qemu-stable@nongnu.org>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 17:33:57 +03:00
Peter Xu
1d9efa73e1 intel-iommu: add iommu lock
SECURITY IMPLICATION: this patch fixes a potential race when multiple
threads access the IOMMU IOTLB cache.

Add a per-iommu big lock to protect IOMMU status.  Currently the only
thing to be protected is the IOTLB/context cache, since that can be
accessed even without BQL, e.g., in IO dataplane.

Note that we don't need to protect device page tables since that's fully
controlled by the guest kernel.  However there is still possibility that
malicious drivers will program the device to not obey the rule.  In that
case QEMU can't really do anything useful, instead the guest itself will
be responsible for all uncertainties.

CC: QEMU Stable <qemu-stable@nongnu.org>
Reported-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 17:33:57 +03:00
Peter Xu
b4a4ba0d68 intel-iommu: remove IntelIOMMUNotifierNode
That is not really necessary.  Removing that node struct and put the
list entry directly into VTDAddressSpace.  It simplfies the code a lot.
Since at it, rename the old notifiers_list into vtd_as_with_notifiers.

CC: QEMU Stable <qemu-stable@nongnu.org>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 17:33:57 +03:00
Ross Zwisler
1a97a478e6 nvdimm: fix typo in label-size definition
Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Fixes: commit da6789c27c ("nvdimm: add a macro for property "label-size"")
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Cc: Haozhong Zhang <haozhong.zhang@intel.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 17:02:03 +03:00
Tiwei Bie
6f80e6170e virtio: support setting memory region based host notifier
This patch introduces the support for setting memory region
based host notifiers for virtio device. This is helpful when
using a hardware accelerator for a virtio device, because
hardware heavily depends on the notification, this will allow
the guest driver in the VM to notify the hardware directly.

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 17:01:54 +03:00
Kevin Wolf
9f6bb4c004 blockjob: Remove BlockJob.driver
BlockJob.driver is redundant with Job.driver and only used in very few
places any more. Remove it.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
456273b024 job: Add query-jobs QMP command
This adds a minimal query-jobs implementation that shouldn't pose many
design questions. It can later be extended to expose more information,
and especially job-specific information.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
30a5c887bf job: Move progress fields to Job
BlockJob has fields .offset and .len, which are actually misnomers today
because they are no longer tied to block device sizes, but just progress
counters. As such they make a lot of sense in generic Jobs.

This patch moves the fields to Job and renames them to .progress_current
and .progress_total to describe their function better.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
2e1795b581 job: Add job_transition_to_ready()
The transition to the READY state was still performed in the BlockJob
layer, in the same function that sent the BLOCK_JOB_READY QMP event.

This patch brings the state transition to the Job layer and implements
the QMP event using a notifier called from the Job layer, like we
already do for other events related to state transitions.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
df956ae201 job: Add job_is_ready()
Instead of having a 'bool ready' in BlockJob, add a function that
derives its value from the job status.

At the same time, this fixes the behaviour to match what the QAPI
documentation promises for query-block-job: 'true if the job may be
completed'. When the ready flag was introduced in commit ef6dbf1e46,
the flag never had to be reset to match the description because after
being ready, the jobs would immediately complete and disappear.

Job transactions and manual job finalisation were introduced only later.
With these changes, jobs may stay around even after having completed
(and they are not ready to be completed a second time), however their
patches forgot to reset the ready flag.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
5f9a6a08e8 job: Add job_dismiss()
This moves block_job_dismiss() to the Job layer.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
198c49cc8d job: Add job_yield()
This moves block_job_yield() to the Job layer.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
3d70ff53b6 job: Move completion and cancellation to Job
This moves the top-level job completion and cancellation functions from
BlockJob to Job.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
7eaa8fb57d job: Move transactions to Job
This moves the logic that implements job transactions from BlockJob to
Job.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:51 +02:00
Kevin Wolf
62c9e4162a job: Switch transactions to JobTxn
This doesn't actually move any transaction code to Job yet, but it
renames the type for transactions from BlockJobTxn to JobTxn and makes
them contain Jobs rather than BlockJobs

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
6a74c075ac job: Move job_finish_sync() to Job
block_job_finish_sync() doesn't contain anything block job specific any
more, so it can be moved to Job.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
3453d97243 job: Move .complete callback to Job
This moves the .complete callback that tells a READY job to complete
from BlockJobDriver to JobDriver. The wrapper function job_complete()
doesn't require anything block job specific any more and can be moved
to Job.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
b69f777dd9 job: Add job_drain()
block_job_drain() contains a blk_drain() call which cannot be moved to
Job, so add a new JobDriver callback JobDriver.drain which has a common
implementation for all BlockJobs. In addition to this we keep the
existing BlockJobDriver.drain callback that is called by the common
drain implementation for all block jobs.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
004e95df98 job: Convert block_job_cancel_async() to Job
block_job_cancel_async() did two things that were still block job
specific:

* Setting job->force. This field makes sense on the Job level, so we can
  just move it. While at it, rename it to job->force_cancel to make its
  purpose more obvious.

* Resetting the I/O status. This can't be moved because generic Jobs
  don't have an I/O status. What the function really implements is a
  user resume, except without entering the coroutine. Consequently, it
  makes sense to call the .user_resume driver callback here which
  already resets the I/O status.

  The old block_job_cancel_async() has two separate if statements that
  check job->iostatus != BLOCK_DEVICE_IO_STATUS_OK and job->user_paused.
  However, the former condition always implies the latter (as is
  asserted in block_job_iostatus_reset()), so changing the explicit call
  of block_job_iostatus_reset() on the former condition with the
  .user_resume callback on the latter condition is equivalent and
  doesn't need to access any BlockJob specific state.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
4ad351819b job: Move single job finalisation to Job
This moves the finalisation of a single job from BlockJob to Job.

Some part of this code depends on job transactions, and job transactions
call this code, we introduce some temporary calls from Job functions to
BlockJob ones. This will be fixed once transactions move to Job, too.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
139a9f020d job: Add job_event_*()
Go through the Job layer in order to send QMP events. For the moment,
these functions only call a notifier in the BlockJob layer that sends
the existing commands.

This uses notifiers rather than JobDriver callbacks because internal
users of jobs won't receive QMP events, but might still be interested
in getting notified for the events.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
bb02b65c7d job: Move BlockJobCreateFlags to Job
This renames the BlockJobCreateFlags constants, moves a few JOB_INTERNAL
checks to job_create() and the auto_{finalize,dismiss} fields from
BlockJob to Job.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
dbe5e6c1f7 job: Replace BlockJob.completed with job_is_completed()
Since we introduced an explicit status to block job, BlockJob.completed
is redundant because it can be derived from the status. Remove the field
from BlockJob and add a function to derive it from the status at the Job
level.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
b15de82867 job: Move pause/resume functions to Job
While we already moved the state related to job pausing to Job, the
functions to do were still BlockJob only. This commit moves them over to
Job.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
5d43e86e11 job: Add job_sleep_ns()
There is nothing block layer specific about block_job_sleep_ns(), so
move the function to Job.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
da01ff7f38 job: Move coroutine and related code to Job
This commit moves some core functions for dealing with the job coroutine
from BlockJob to Job. This includes primarily entering the coroutine
(both for the first and reentering) and yielding explicitly and at pause
points.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
1908a5590c job: Move defer_to_main_loop to Job
Move the defer_to_main_loop functionality from BlockJob to Job.

The code can be simplified because we can use job->aio_context in
job_defer_to_main_loop_bh() now, instead of having to access the
BlockDriverState.

Probably taking the data->aio_context lock in addition was already
unnecessary in the old code because we didn't actually make use of
anything protected by the old AioContext except getting the new
AioContext, in case it changed between scheduling the BH and running it.
But it's certainly unnecessary now that the BDS isn't accessed at all
any more.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:50 +02:00
Kevin Wolf
08be6fe26f job: Add Job.aio_context
When block jobs need an AioContext, they just take it from their main
block node. Generic jobs don't have a main block node, so we need to
assign them an AioContext explicitly.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:49 +02:00
Kevin Wolf
daa7f2f946 job: Move cancelled to Job
We cannot yet move the whole logic around job cancelling to Job because
it depends on quite a few other things that are still only in BlockJob,
but we can move the cancelled field at least.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:49 +02:00
Kevin Wolf
80fa2c756b job: Add reference counting
This moves reference counting from BlockJob to Job.

In order to keep calling the BlockJob cleanup code when the job is
deleted via job_unref(), introduce a new JobDriver.free callback. Every
block job must use block_job_free() for this callback, this is asserted
in block_job_create().

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:49 +02:00
Kevin Wolf
a50c2ab858 job: Move state transitions to Job
This moves BlockJob.status and the closely related functions
(block_)job_state_transition() and (block_)job_apply_verb to Job. The
two QAPI enums are renamed to JobStatus and JobVerb.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-05-23 14:30:49 +02:00
Kevin Wolf
e7c1d78bbd job: Maintain a list of all jobs
This moves the job list from BlockJob to Job. Now we can check for
duplicate IDs in job_create().

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:49 +02:00
Kevin Wolf
fd61a701f1 job: Add job_delete()
This moves freeing the Job object and its fields from block_job_unref()
to job_delete().

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:49 +02:00
Kevin Wolf
252291eaea job: Add JobDriver.job_type
This moves the job_type field from BlockJobDriver to JobDriver.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:49 +02:00
Kevin Wolf
8e4c87000f job: Rename BlockJobType into JobType
QAPI types aren't externally visible, so we can rename them without
causing problems. Before we add a job type to Job, rename the enum
so it can be used for more than just block jobs.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:49 +02:00
Kevin Wolf
33e9e9bd62 job: Create Job, JobDriver and job_create()
This is the first step towards creating an infrastructure for generic
background jobs that aren't tied to a block device. For now, Job only
stores its ID and JobDriver, the rest stays in BlockJob.

The following patches will move over more parts of BlockJob to Job if
they are meaningful outside the context of a block job.

BlockJob.driver is now redundant, but this patch leaves it around to
avoid unnecessary churn. The next patches will get rid of almost all of
its uses anyway so that it can be removed later with much less churn.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-23 14:30:49 +02:00
Michael S. Tsirkin
1814eab673 x86/cpu: use standard-headers/asm-x86.kvm_para.h
Switch to the header we imported from Linux,
this allows us to drop a hack in kvm_i386.h.
More code will be dropped in the next patch.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 03:14:41 +03:00
Michael S. Tsirkin
d49bd359d1 include/standard-headers: add asm-x86/kvm_para.h
Import asm-x86/kvm_para.h from linux where it can
be easily used on Linux and non-Linux platforms.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 03:14:41 +03:00
Jonathan Helman
b7b1264429 virtio-balloon: add hugetlb page allocation counts
qemu should read and report hugetlb page allocation
counts exported in the following kernel patch:

    commit 4c3ca37c4a4394978fd0f005625f6064ed2b9a64
    Author: Jonathan Helman <jonathan.helman@oracle.com>
    Date:   Mon Mar 19 11:00:35 2018 -0700

    virtio_balloon: export hugetlb page allocation counts

    Export the number of successful and failed hugetlb page
    allocations via the virtio balloon driver. These 2 counts
    come directly from the vm_events HTLB_BUDDY_PGALLOC and
    HTLB_BUDDY_PGALLOC_FAIL.

Signed-off-by: Jonathan Helman <jonathan.helman@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
2018-05-23 03:14:40 +03:00
Gerd Hoffmann
50a6fa8f93 allocate pci id for mdpy
mdpy is a sample pci device for vfio-mdev.  Not (yet) merged upstream,
patch available here:

https://www.kraxel.org/cgit/linux/commit/?h=vfio-sample-display&id=6fd86cff3d7df38ab89625b16fdd6434b1c18749

Cc: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-05-23 03:14:40 +03:00
Paul Durrant
a68bf540f6 xen_backend: make the xen_feature_grant_copy flag private
There is no longer any use of this flag outside of the xen_backend code.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Acked-by: Anthony Perard <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
2018-05-22 11:43:21 -07:00
Paul Durrant
9838824aff xen_backend: add grant table helpers
This patch adds grant table helper functions to the xen_backend code to
localize error reporting and use of xen_domid.

The patch also defers the call to xengnttab_open() until just before the
initialise method in XenDevOps is invoked. This method is responsible for
mapping the shared ring. No prior method requires access to the grant table.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
2018-05-22 11:43:21 -07:00
Paul Durrant
5c0d914a9b xen: add a meaningful declaration of grant_copy_segment into xen_common.h
Currently the xen_disk source has to carry #ifdef exclusions to compile
against Xen older then 4.8. This is a bit messy so this patch lifts the
definition of struct xengnttab_grant_copy_segment and adds it into the
pre-4.8 compat area in xen_common.h, which allows xen_disk to be cleaned
up.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
2018-05-22 11:43:21 -07:00
Philippe Mathieu-Daudé
201376cb9e typedefs: Remove PcGuestInfo from qemu/typedefs.h
It is long gone since e4e8ba04c2 ...

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2018-05-20 08:53:36 +03:00
Thomas Huth
f23c81073a trivial: Do not include pci.h if it is not necessary
There is no need to include pci.h in these files.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2018-05-20 08:40:00 +03:00
Francisco Iglesias
04965bca4e xlnx-zynqmp: Connect the ZynqMP GDMA and ADMA
The ZynqMP contains two instances of a generic DMA, the GDMA, located in the
FPD (full power domain), and the ADMA, located in LPD (low power domain).  This
patch adds these two DMAs to the ZynqMP board.

Signed-off-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20180503214201.29082-3-frasse.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-18 17:48:07 +01:00
Francisco Iglesias
22cd0945b8 xlnx-zdma: Add a model of the Xilinx ZynqMP generic DMA
Add a model of the generic DMA found on Xilinx ZynqMP.

Signed-off-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20180503214201.29082-2-frasse.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-18 17:48:07 +01:00
Abdallah Bouassida
200bf5b7ff target/arm: Add the XML dynamic generation
Generate an XML description for the cp-regs.
Register these regs with the gdb_register_coprocessor().
Add arm_gdb_get_sysreg() to use it as a callback to read those regs.
Add a dummy arm_gdb_set_sysreg().

Signed-off-by: Abdallah Bouassida <abdallah.bouassida@lauterbach.com>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1524153386-3550-4-git-send-email-abdallah.bouassida@lauterbach.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-18 17:48:07 +01:00
Peter Maydell
d32e41a118 Docker and block patches
Two fairly small fixes.
 -----BEGIN PGP SIGNATURE-----
 
 iQFEBAABCAAuFiEEUAN8t5cGD3bwIa1WyjViTGqRccYFAlr+mhIQHGZhbXpAcmVk
 aGF0LmNvbQAKCRDKNWJMapFxxoccB/0dggVLJUZl2/EkjhMltoh0/bt8q5KWqDqo
 weEbW2SCwprz8AlSSxdF/nfoy6DYmIeRww+v3hR3PFLRgJ1ZPBri3M4jvL5uFN7s
 KMu4Hk6mqz+a5P9HSmhfj1SDiBGH88RDLNQtlMakp/aCP3nuqGXF6dc9JKMWC3aO
 NhJX/jv1kc6l1py34Jnx3YWeksYvPYYJ3IJRKhOSxQaWYbMvpXeQhPUd3XLdOn6o
 7nJVDfy2YsqxxnDw6PJFED7ewWEJlkEQOzSB22tVuUG3YmiXDLA4POCddnNHjQzJ
 u69wFYo7OX/caoRE5LEauoc+9x5TZng+/uvZKoOjk/Yv/zY0lOj5
 =ybz3
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/famz/tags/docker-and-block-pull-request' into staging

Docker and block patches

Two fairly small fixes.

# gpg: Signature made Fri 18 May 2018 10:17:06 BST
# gpg:                using RSA key CA35624C6A9171C6
# gpg: Good signature from "Fam Zheng <famz@redhat.com>"
# Primary key fingerprint: 5003 7CB7 9706 0F76 F021  AD56 CA35 624C 6A91 71C6

* remotes/famz/tags/docker-and-block-pull-request:
  iothread: fix epollfd leak in the process of delIOThread
  docker: Fix trivial typo

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-18 14:11:52 +01:00
Jie Wang
cd0a6d2b2c iothread: fix epollfd leak in the process of delIOThread
When we call addIOThread, the epollfd created in aio_context_setup,
but not close it in the process of delIOThread, so the epollfd will leak.

Reorder the code in aio_epoll_disable and reuse it.

Signed-off-by: Jie Wang <wangjie88@huawei.com>
Message-Id: <1526517763-11108-1-git-send-email-wangjie88@huawei.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
[Mention change to aio_epoll_disable in commit message. - Fam]
Signed-off-by: Fam Zheng <famz@redhat.com>
2018-05-18 17:09:54 +08:00
Richard Henderson
03385dfdaa fpu/softfloat: Specialize on snan_bit_is_one
Only MIPS requires snan_bit_is_one to be variable.  While we are
specializing softfloat behaviour, allow other targets to eliminate
this runtime check.

Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Yongbok Kim <yongbok.kim@mips.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: Alexander Graf <agraf@suse.de>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-05-17 15:27:15 -07:00
Richard Henderson
5240a30dcc fpu/softfloat: Remove floatX_maybe_silence_nan
These functions are now unused.

Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-05-17 15:27:15 -07:00
Alex Bennée
6fed16b265 fpu/softfloat: re-factor float to float conversions
This allows us to delete a lot of additional boilerplate
code which is no longer needed.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-05-17 15:27:15 -07:00
Richard Henderson
d619bb98fd fpu/softfloat: Split floatXX_silence_nan from floatXX_maybe_silence_nan
The new function assumes that the input is an SNaN and
does not double-check.

Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-05-17 15:24:19 -07:00
Peter Maydell
eb7514ae10 migration/next for 20180515
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJa+1ceAAoJEPSH7xhYctcjdHQP/2To/iZXf7lp2mgxnN0YeDRV
 ivOooHXsCfYx5MtZCFo11wlZjGlnE6b5yEUzU7MapRLUgO3kd+gbDld/90gVdbLg
 umDL2nxTSjvIAlpg6O8aiQLaQLPvMDf1WSQQdyBHcqauy3KLaFmlm0ldK1besatQ
 KFniKXc8fL0R9QWA4aGDe22Sq9m7M9AKfmJU3NO9qNvxDImyMU2ix4w6cTZ0BtXk
 ltLju5zegBkKUxLFCgip7k6iCHh//tnBymQaLx6O7DdUJWIdKS+fHuCbA8WR24v2
 pKsTcTICjI4FLWJMyIiH012paHoYGQIGdIx3Dv0JoQA6fT8x3arpztX3YVYFqrwF
 hsC6CAnHufDioipEhJk7JcEAGJ+82krqvTG1nRQe/ULvDSHGDjpwF1y0BxzGMVw6
 hU+Ds4ohxyWJYJ0cx9msuKyIlCj1EooIuO6l1unmjBdRAptC8/bZXITVTixEHG+e
 X5vnBqloCL7PUATlaXipqVJfLA8T1MMNfwb11bI4OhTfteueFAAdyeJ2zCBqGBLa
 SK1sxYvMYY3/pzBhAO3YcTJIQofDQ2IciUvylr2jzCd2hB5Qj5In9789LVbl5I9B
 55cICuVcsiXS7krJysSxtdCbjOB44Iv6M09vmA4ap8dmi9AWL/4LQIAJHVc1+koK
 6y76K1BBFdB6aMkDzBeg
 =1a+b
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20180515' into staging

migration/next for 20180515

# gpg: Signature made Tue 15 May 2018 22:54:38 BST
# gpg:                using RSA key F487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03  4B82 F487 EF18 5872 D723

* remotes/juanquintela/tags/migration/20180515: (40 commits)
  Migration+TLS: Fix crash due to double cleanup
  migration: Textual fixups for blocktime
  migration: update index field when delete or qsort RDMALocalBlock
  migration: update docs
  migration/hmp: add migrate_pause command
  migration/qmp: add command migrate-pause
  migration: introduce lock for to_dst_file
  hmp/migration: add migrate_recover command
  qmp/migration: new command migrate-recover
  migration: init dst in migration_object_init too
  migration: final handshake for the resume
  migration: setup ramstate for resume
  migration: synchronize dirty bitmap for resume
  migration: introduce SaveVMHandlers.resume_prepare
  migration: new message MIG_RP_MSG_RESUME_ACK
  migration: new cmd MIG_CMD_POSTCOPY_RESUME
  migration: new message MIG_RP_MSG_RECV_BITMAP
  migration: new cmd MIG_CMD_RECV_BITMAP
  migration: wakeup dst ram-load-thread for recover
  migration: new state "postcopy-recover"
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-17 11:10:12 +01:00
Peter Maydell
61126a8b4b x86 queue, 2018-05-15
* KnightsMill CPU model
 * CLDEMOTE(Demote Cache Line) cpu feature
 * pc-i440fx-2.13 and pc-q35-2.13 machine-types
 * Add model-specific cache information to EPYC CPU model
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJa+1bIAAoJECgHk2+YTcWmebgP/2337b3L2z5K6YRBOjaH/Kmw
 xuBmns8B2ta4/KFX1IjX+7TRvl8qJT39TadLs6OGaPKDHi/OIK7vhXZZdgqm3o2H
 WKpsPYp6MPYx/Ff8eOesHGUyxDTqP49rMYTTbP1GdgoulqjUq0XqgmdF4+uKesei
 1v4NG7M6H2VxlAdkF1PeZUyuuEEZT6F1T2O43FDTQHOQRWmb1XAHiSgiqC4431J9
 9SVe4E0v8i96zrMVeaezvQrMVCCGIo3zC3JZBfbX205Yehl/eCK5WktO03zIn9yS
 IK7Gqwh4RfWmRg2wef+5qEQ1fl11XlH895/F0wMcZ8sRrSm04jNcBs9O4kc59Zz2
 kyvaGkCG14aTC2Y35H0BsNd1AszKaWfknIJKNMnPkeXYLYAbPm1bwgBmXVXAa0Ux
 mI6dk4ArwHALNl2srNOnJRvtmgohm+1HCZtlstSzHVWzNFS9nfGWK3kpgDqXft8w
 TKe2r928uQtympCK7s43wIstT1KRwaVn7ivNpcotJgojCuUg0tK4PQvP82Z/ZXUh
 pUxhW03al6Dz2Khh8vpz88rryCh72i5BQ9S7D8kAcFpyQDd6DfbLv6ebu/mWgjLR
 EwMdJkLQjXGs1SNcpA085KVksGW5U1S2avjeakkp3ceSA/fBt4UdftTmwG6oORaS
 pCxNIzozXx4QdDK81aaE
 =uP+F
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' into staging

x86 queue, 2018-05-15

* KnightsMill CPU model
* CLDEMOTE(Demote Cache Line) cpu feature
* pc-i440fx-2.13 and pc-q35-2.13 machine-types
* Add model-specific cache information to EPYC CPU model

# gpg: Signature made Tue 15 May 2018 22:53:12 BST
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/x86-next-pull-request:
  i386: Add new property to control cache info
  pc: add 2.13 machine types
  i386: Initialize cache information for EPYC family processors
  i386: Add cache information in X86CPUDefinition
  i386: Helpers to encode cache information consistently
  x86/cpu: Enable CLDEMOTE(Demote Cache Line) cpu feature
  i386: add KnightsMill cpu model

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-17 09:57:55 +01:00
Peter Xu
d1b8eadbc4 migration: introduce SaveVMHandlers.resume_prepare
This is hook function to be called when a postcopy migration wants to
resume from a failure. For each module, it should provide its own
recovery logic before we switch to the postcopy-active state.

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180502104740.12123-16-peterx@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2018-05-15 20:56:55 +02:00
Peter Maydell
c416eecea5 Block layer patches:
- Switch AIO/callback based block drivers to a byte-based interface
 - Block jobs: Expose error string via query-block-jobs
 - Block job cleanups and fixes
 - hmp: Allow using a qdev id in block_set_io_throttle
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJa+v22AAoJEH8JsnLIjy/Wy5kP/21fPSvmyxMsSQ5lF5hlkodr
 qNFIV6EuQ46YXSr4KzK2Dw88YR18nI5SlMd6mzWF9qx7WhjTMeHhARG9G497cQty
 yDb3Y6dwiuhVndWLMzj/590miqk5TnJvFx5ii88oEnsrbcjKmTY78KMkl/q1bHSp
 qL7sBhI3zPol+y28mvILPXgKsqnabvS/cmsQJCISUfSdFsnsxXVABUPI/WKe1ecs
 UE3tl3cDA/0F8TYDerPUX1RZLJcr7yoXc91ieVWrzug4SStY3HZqWT8SShe2igN0
 w5eWshUBhccHKeiqKx8vdXN7MzNP4v5H2lstTdqV/zDQEXO9vqF1X91zaRBJNb+o
 A4M3lZU/U3xideBo7Hvp4euJ5f6ZKNswpeIC3Ppky788Q+HU/d+cQF+eZUxm+t8y
 vVtixTToSt52dIaAPMsssWCtVwkS4IFO9RLXJeRs94XR3ocrsSdJNOQPTodWafjF
 BXIF4wyKlPvVMzisvpj6jsjVR4Oq7J7P+EXq+hAMbio9WlsXssWu0ZedH8oV+mKl
 UkEB5TgRAaz8MpYNCCEhUwdmHLwlc/PaPN+BAlvQCnDWMtfiFTys6Sh9N9vv/c16
 HISDkR8sf7gPm3VLnt2fPoVOQMU3Gjtany+RySXfn1AzCRG3tPzdS/Ay+s1WpoYv
 7F2Pm9QLepP7xRB48yD3
 =JFBS
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Switch AIO/callback based block drivers to a byte-based interface
- Block jobs: Expose error string via query-block-jobs
- Block job cleanups and fixes
- hmp: Allow using a qdev id in block_set_io_throttle

# gpg: Signature made Tue 15 May 2018 16:33:10 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (37 commits)
  iotests: Add test for -U/force-share conflicts
  qemu-img: Use only string options in img_open_opts
  qemu-io: Use purely string blockdev options
  block: Document BDRV_REQ_WRITE_UNCHANGED support
  qemu-img: Check post-truncation size
  iotests: Add test for COR across nodes
  iotests: Copy 197 for COR filter driver
  iotests: Clean up wrap image in 197
  block: Support BDRV_REQ_WRITE_UNCHANGED in filters
  block/quorum: Support BDRV_REQ_WRITE_UNCHANGED
  block: Set BDRV_REQ_WRITE_UNCHANGED for COR writes
  block: Add BDRV_REQ_WRITE_UNCHANGED flag
  block: BLK_PERM_WRITE includes ..._UNCHANGED
  block: Add COR filter driver
  iotests: Skip 181 and 201 without userfaultfd
  iotests: Add failure matching to common.qemu
  docs: Document the new default sizes of the qcow2 caches
  qcow2: Give the refcount cache the minimum possible size by default
  specs/qcow2: Clarify that compressed clusters have the COPIED bit reset
  Fix error message about compressed clusters with OFLAG_COPIED
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-15 17:02:00 +01:00
Babu Moger
ab8f992e3e i386: Add new property to control cache info
The property legacy-cache will be used to control the cache information.
If user passes "-cpu legacy-cache" then older information will
be displayed even if the hardware supports new information. Otherwise
use the statically loaded cache definitions if available.

Renamed the previous cache structures to legacy_*. If there is any change in
the cache information, then it needs to be initialized in builtin_x86_defs.

Signed-off-by: Babu Moger <babu.moger@amd.com>
Tested-by: Geoffrey McRae <geoff@hostfission.com>
Message-Id: <20180514164156.27034-3-babu.moger@amd.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-15 11:33:33 -03:00
Babu Moger
968ee4ad25 pc: add 2.13 machine types
Add pc-q35-2.13 and pc-i440fx-2.13 machine types

Signed-off-by: Babu Moger <babu.moger@amd.com>
Message-Id: <20180514164156.27034-2-babu.moger@amd.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-15 11:33:33 -03:00
Max Reitz
c1e3489dfa block: Document BDRV_REQ_WRITE_UNCHANGED support
Add BDRV_REQ_WRITE_UNCHANGED to the list of flags honored during pwrite
and pwrite_zeroes, and also add a note on when you absolutely need to
support it.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180502140359.18222-1-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-05-15 16:15:21 +02:00
Max Reitz
c6035964f8 block: Add BDRV_REQ_WRITE_UNCHANGED flag
This flag signifies that a write request will not change the visible
disk content.  With this flag set, it is sufficient to have the
BLK_PERM_WRITE_UNCHANGED permission instead of BLK_PERM_WRITE.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 20180421132929.21610-4-mreitz@redhat.com
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-05-15 16:15:21 +02:00
Max Reitz
24b7c538fe block: BLK_PERM_WRITE includes ..._UNCHANGED
Currently we never actually check whether the WRITE_UNCHANGED
permission has been taken for unchanging writes.  But the one check that
is commented out checks both WRITE and WRITE_UNCHANGED; and considering
that WRITE_UNCHANGED is already documented as being weaker than WRITE,
we should probably explicitly document WRITE to include WRITE_UNCHANGED.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 20180421132929.21610-3-mreitz@redhat.com
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-05-15 16:15:21 +02:00
Kevin Wolf
bd21935b50 blockjob: Add block_job_driver()
The backup block job directly accesses the driver field in BlockJob. Add
a wrapper for getting it.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-15 16:11:50 +02:00
Kevin Wolf
dee81d5111 blockjob: Introduce block_job_ratelimit_get_delay()
This gets us rid of more direct accesses to BlockJob fields from the
job drivers.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-15 16:11:50 +02:00
Kevin Wolf
18bb69287e blockjob: Implement block_job_set_speed() centrally
All block job drivers support .set_speed and all of them duplicate the
same code to implement it. Move that code to blockjob.c and remove the
now useless callback.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-15 16:11:50 +02:00
Kevin Wolf
f05fee508f blockjob: Move RateLimit to BlockJob
Every block job has a RateLimit, and they all do the exact same thing
with it, so it should be common infrastructure. Move the struct field
for a start.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-15 16:11:50 +02:00
Kevin Wolf
05df8a6a2b blockjob: Wrappers for progress counter access
Block job drivers are not expected to mess with the internals of the
BlockJob object, so provide wrapper functions for one of the cases where
they still do it: Updating the progress counter.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
2018-05-15 16:11:49 +02:00
Eric Blake
e18a58b4e3 block: Merge .bdrv_co_writev{,_flags} in drivers
We have too many driver callback interfaces; simplify the mess
somewhat by merging the flags parameter of .bdrv_co_writev_flags()
into .bdrv_co_writev().  Note that as long as a driver doesn't set
.supported_write_flags, the flags argument will be 0 and behavior is
identical.  Also note that the public function bdrv_co_writev() still
lacks a flags argument; so the driver signature is thus intentionally
slightly different.  But that's not the end of the world, nor the first
time that the driver interface differs slightly from the public
interface.

Ideally, we should be rewriting all of these drivers to use modern
byte-based interfaces.  But that's a more invasive patch to write
and audit, compared to the simplification done here.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-05-15 16:11:41 +02:00
Eric Blake
edfab6a08b block: Drop last of the sector-based aio callbacks
We are gradually moving away from sector-based interfaces, towards
byte-based.  Now that all drivers with aio callbacks are using the
byte-based interfaces, we can remove the sector-based versions.

Signed-off-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-05-15 16:11:41 +02:00
Eric Blake
de7056a3f9 file-win32: Switch to byte-based callbacks
We are gradually moving away from sector-based interfaces, towards
byte-based.  Make the change for the last few sector-based callbacks
in the file-win32 driver.

Note that the driver was already using byte-based calls for
performing actual I/O, so this just gets rid of a round trip
of scaling; however, as I don't know if Windows is tolerant of
non-sector AIO operations, I went with the conservative approach
of modifying .bdrv_refresh_limits to override the block layer
defaults back to the pre-patch value of 512.

Signed-off-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-05-15 16:11:41 +02:00
Eric Blake
e31f6864a6 block: Support byte-based aio callbacks
We are gradually moving away from sector-based interfaces, towards
byte-based.  Add new sector-based aio callbacks for read and write,
to match the fact that bdrv_aio_pdiscard is already byte-based.

Ideally, drivers should be converted to use coroutine callbacks
rather than aio; but that is not quite as trivial (and if we were
to do that conversion, the null-aio driver would disappear), so for
the short term, converting the signature but keeping things with
aio is easier.  However, we CAN declare that a driver that uses
the byte-based aio interfaces now defaults to byte-based
operations, and must explicitly provide a refresh_limits override
to stick with larger alignments (making the alignment issues more
obvious directly in the drivers touched in the next few patches).

Once all drivers are converted, the sector-based aio callbacks will
be removed; in the meantime, a FIXME comment is added due to a
slight inefficiency that will be touched up as part of that later
cleanup.

Simplify some instances of 'bs->drv' into 'drv' while touching this,
since the local variable already exists to reduce typing.

Signed-off-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-05-15 16:11:41 +02:00
Peter Maydell
ae76518047 tcg: Optionally log FPU state in TCG -d cpu logging
Usually the logging of the CPU state produced by -d cpu is sufficient
to diagnose problems, but sometimes you want to see the state of
the floating point registers as well. We don't want to enable that
by default as it adds a lot of extra data to the log; instead,
allow it to be optionally enabled via -d fpu.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180510130024.31678-1-peter.maydell@linaro.org
2018-05-15 14:58:44 +01:00
Peter Maydell
ad1b4ec39c input: ps2 fixes.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJa+qu4AAoJEEy22O7T6HE47msQAI0SIQEPgHYmDmr8iNSggLBK
 cInvCdOw1QzGiyViIKAgj+wUqDjnRv2eM9bmRTzhM5BdESxw4BLmK5zC/kq8bmd6
 QhQZRBpGqk96evD2PbgShv4Vt732+gWIPJqnh4ZuxjDtLmHlCYdZfOC/fCeSNySr
 MbLMR2dqQzJNCll3W8seCDQveaYja9m+l9TSvoJAaZwh6f6PhAOl0linihniDX4a
 aCaa23jWs+M64+3Boo4wLSlhXVRz5vKvaGyiTBdvUhy0Pxe3PCKKNxtzUujg/5t7
 E7xaCEmGFR/WnzMmTYrDMEBqsp0F8sMaNDDQVWbFeWdzZVRXG9+aHJsOIATzSsrf
 KuVwJRtle55G8rvc21L8PELqHy3fGI0CkipjQpEtDiQZV481dkHV/+ytWDUQW6t5
 HgTIhCo4xI7GyHfwo8DjfqejSZKlRBb104SeonlE0oiDvjgEbBnJmnKW2ryNUOSD
 JkZYRxddrHKkgbspYlLHW2/EBJfc4xScbjfvaAjeafaZXKMXI37CRxUxdsXBMoUK
 4IZ2UmIMpWM1P+5L9f5OYJcboGeeV0lbUi22tc9RWGGUG5nCAXZ6r10PZRlI6PHv
 36NUBNLRL4LeC24XKpgWRekMX052lDgwPT0oXGjWfrqc+T1QfK8wafr7KjOnAXRE
 huKY5PiPrGKbzyfBzbXo
 =qt2Q
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/input-20180515-pull-request' into staging

input: ps2 fixes.

# gpg: Signature made Tue 15 May 2018 10:43:20 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/input-20180515-pull-request:
  ps2: Fix mouse stream corruption due to lost data
  ps2: Clear the PS/2 queue and obey disable

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-15 12:50:06 +01:00
Geoffrey McRae
7abe7eb294 ps2: Fix mouse stream corruption due to lost data
This fixes an issue by adding bounds checking to multi-byte packets
where the PS/2 mouse data stream may become corrupted due to data being
discarded when the PS/2 ringbuffer is full.

Interrupts for Multi-byte responses are postponed until the final byte
has been queued.

These changes fix a bug where windows guests drop the mouse device
entirely requring the guest to be restarted.

Signed-off-by: Geoffrey McRae <geoff@hostfission.com>
Message-Id: <20180507150310.2FEA0381924@moya.office.hostfission.com>

[ kraxel: codestyle fixes ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-05-15 11:31:33 +02:00
Peter Maydell
f39ddb3a08 -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJa+dImAAoJEPMMOL0/L748umMP/R9miqzm3/Pj1gssD/yA5lZE
 7rx/d14Sefo2T/L1kmg6vbbyOJyLnHf9DtTI/JCgOnC9otOQ1IKfeI4c0coJjI5R
 G0yNHswLB+VMIJ830ivF0QE4Z8f6K1UbBD9y+iQfpFk55rrT+dt9U3YJBrCY7bQ8
 Sk+2dFpk+oVh9oz3GPHRkWua/KGMDrqCjAOlkVCXyNZuJ8yp69wHWI2j81nFQv3v
 1AnXOm6bbjy9zwRuRUJ6yco2vu8uXyor/usA465C66A5XZ7xcrgKIZQge3hV31fo
 4BmnxEviMKM5dM013e2nk0Hh5YwG/Vv+t8YYgco79Mcy9QJIEO4J1JXedUYZ3FJ/
 JhV5nTcYNi1hQMkSxzXWoxyOMElwL8DaPQIZS7c++pOSXCS9oD/baBuPzC/dWBTH
 VThuCYd1EsBe8ZFkgph/oUMYZQHcS2/paGE1RuHlLXVOqd1k9v/d27yxngo1/wn7
 +zesaWkp9aQOC6pij23cgKAq8S1X8KeaOM0UK+KmMNSr1h9nQY146D3/SOqUfAfS
 2DzW7PBnUHFzi6uXE99ZiUSSWWIyIjJEgAOnqnZCrl5LbPCKnjp4/BYupxoUwAWF
 Nr9Gk34R2FhoqqJtplzYWxXfyyCFujQMXHUe/yYx5ITG18totKb+09GbeeSep8Is
 myxrDirmbaqCnj8zfd+M
 =yjsX
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-2.13-pull-request' into staging

# gpg: Signature made Mon 14 May 2018 19:15:02 BST
# gpg:                using RSA key F30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-2.13-pull-request:
  linux-user: correctly align types in thunking code
  linux-user: fix UNAME_MACHINE for sparc/sparc64
  linux-user: add sparc/sparc64 specific errno
  linux-user: fix conversion of flock/flock64 l_type field
  linux-user: update sparc/syscall_nr.h to linux header 4.16
  linux-user: fix flock/flock64 padding
  linux-user: define correct fcntl() values for sparc

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-15 10:04:22 +01:00
Peter Maydell
fbd3a489df Some s390x fixes/cleanups, mainly in the reset area and build fixes
for recent compilers (GCC 8 and clang 6.0.0).
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAlr5rAQSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vczoQAIjJUt9as1PvBjgZOa2ynHe9ZgCDEurU
 7aTVLB3Ss75Bm05TgWcQDHyCFVSSYnUqS1p/iMMh7I59arQwWqmkc2ZIH33tFBAR
 GtmOQbxJF/0t7SOyL26Rn2xrHfuJoLHLPRYiWs/CSAW9YCjgfEUY0WZJli79SULV
 DnTv6AQYlKZgM6KDHhxenL3ejIoZDxTEK/VHV/EKSerASxMPmUl8zVansCu5lG7r
 doUfBxuI9aAbkLFhTtX0H6fc1qDYEAxvZcoWkiUMtn/qAtQ2ij/YvvKj4/NZ9X8G
 ipM3s6iwyYwBmqK9w4cYV3Ka3NK+dOMA33IgN8NgP0ahtMhKm5N535pgdEkvSEsa
 r58k5xr9xJfOi1ctvKa4iErIerXlBqbdsTcFphMo5rWkoA9EzgXC8dhzxory87B8
 Yl2fvinKHne3+1+VtF9kXhUeLCRA9GYtE2QBV65eRPUwvyRsGepdYYThr+bTku4N
 IdR6UpxxNKKWf8HSCnL3D6yUq0f3/znFHItIOcKnVN95l90y2uMNGTR/jk/CF7uN
 VFA+EXjCTp94hhIy9SQp5vtjW4Rpdmwu6pYgwbLQ17rHbVZCvxe4NgXRESpAXgZg
 /nWLIkjjRaU2WUDFQhDKVed3r1fFc7uJnD6N3jM8k+ivXyeyO7OcM0jqQdZa4iW7
 HEkymnhU/Akp
 =9P5N
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20180514' into staging

Some s390x fixes/cleanups, mainly in the reset area and build fixes
for recent compilers (GCC 8 and clang 6.0.0).

# gpg: Signature made Mon 14 May 2018 16:32:20 BST
# gpg:                using RSA key DECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>"
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20180514:
  target/s390x: Fix brace Werror with clang 6.0.0
  s390x: refactor reset/reipl handling
  s390x/ccw: make sure all ccw devices are properly reset
  virtio-ccw: common reset handler
  pc-bios/s390-ccw: struct tpi_info must be declared as aligned(4)
  s390x/css: disabled subchannels cannot be status pending

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-14 18:53:42 +01:00
Peter Maydell
a9cb55a356 Block pull request
* Support -drive cache.direct=off live migration for POSIX files
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJa9rOXAAoJEJykq7OBq3PIsEYH/RQtBexXbqiosBvHkoZUwEjG
 +lepQXEgJjhNoHil23q/2Ilo16w4gSoV0HA1AGs2Ka5eoWvOj+mwmE+mxPV3mdBy
 jJt0FVWJxh0Ak9bKEEl3LYDu/yRt2gAyiCWVZcgTJNXepXagLMcwZ8mNsyb4R+Lh
 EWroCBGp1de4kUhNmx/639DQCc5Wm9c6rTHnBt/jfCo2IRA6Wm/AsBXZKhZ4+RY9
 4qyujA7rUjCK2lOHHOw2tsABxhsfMiLlbW4K78Z5cIzjudMHhUMgvkFp7FvDEmQC
 61b0ogLErewhKwGdaVrjN4iSnFv2mJz1GJQGe5n9C2CYvUzxlEW7l+mV5kxNjsk=
 =GmNn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Block pull request

 * Support -drive cache.direct=off live migration for POSIX files

# gpg: Signature made Sat 12 May 2018 10:27:51 BST
# gpg:                using RSA key 9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  block/file-posix: add x-check-page-cache=on|off option
  block/file-posix: implement bdrv_co_invalidate_cache() on Linux
  checkpatch: reduce MAINTAINERS update message frequency
  checkpatch: emit a warning on file add/move/delete
  checkpatch: ignore email headers better
  checkpatch: check utf-8 content from a commit log when it's missing from charset
  checkpatch: add a --strict check for utf-8 in commit logs
  blockjob: drop block_job_pause/resume_all()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-14 17:52:46 +01:00
David Hildenbrand
a30fb811cb s390x: refactor reset/reipl handling
Calling pause_all_vcpus()/resume_all_vcpus() from a VCPU thread might
not be the best idea. As pause_all_vcpus() temporarily drops the qemu
mutex, two parallel calls to pause_all_vcpus() can be active at a time,
resulting in a deadlock. (either by two VCPUs or by the main thread and a
VCPU)

Let's handle it via the main loop instead, as suggested by Paolo. If we
would have two parallel reset requests by two different VCPUs at the
same time, the last one would win.

We use the existing ipl device to handle it. The nice side effect is
that we can get rid of reipl_requested.

This change implies that all reset handling now goes via the common
path, so "no-reboot" handling is now active for all kinds of reboots.

Let's execute any CPU initialization code on the target CPU using
run_on_cpu.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180424101859.10239-1-david@redhat.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-05-14 17:10:02 +02:00
Peter Maydell
7a9180b77e -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJa+UAZAAoJEO8Ells5jWIRTJIIAIcpNROupxHEfcAQKU7lIqys
 qx/FxKp+lknzzQMwUfmZwT3PuBD+tWuE7ugXgzjVulvE11F+Z3QBPTDBtOObaMa1
 qpgIF3zzrNxtuWMc/72Q8/wEE1wtBUo+WTAGw9Xp1dVomYOOsg1wa7dsKdZhRfz7
 nIwDW2ftw3/mx+uTW2/a163v+IDDL9L+HOLibQHWUxOMM39ASchiqAXLF4mfhpwH
 xr0OPd7wtcmrDsD/CLbdkGCJ/+vsXnY8pzNmy1RjJuDpWpqlgYpJJPtLBfXBo9VA
 91sz5+KryzjpXXzKcQuhiU020O1dIKIe3PWqK6z0x0UjtZ1Yox5adZ3eFomHHwU=
 =bIws
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Mon 14 May 2018 08:51:53 BST
# gpg:                using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  net: Get rid of 'vlan' terminology and use 'hub' instead in the doc files
  net: Get rid of 'vlan' terminology and use 'hub' instead in the source files
  net: Remove the deprecated "vlan" parameter
  net: Fix memory leak in net_param_nic()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-14 14:15:27 +01:00
Laurent Vivier
f606e4d625 linux-user: correctly align types in thunking code
This is a follow up
of patch:

        commit c2e3dee6e0
        Author: Laurent Vivier <laurent@vivier.eu>
        Date:   Sun Feb 13 23:37:34 2011 +0100

            linux-user: Define target alignment size

In my case m68k aligns "int" on 2 not 4. You can check this with the
following program:

int main(void)
{
        struct rtentry rt;
        printf("rt_pad1 %ld %zd\n", offsetof(struct rtentry, rt_pad1),
                sizeof(rt.rt_pad1));
        printf("rt_dst %ld %zd\n", offsetof(struct rtentry, rt_dst),
                sizeof(rt.rt_dst));
        printf("rt_gateway %ld %zd\n", offsetof(struct rtentry, rt_gateway),
                sizeof(rt.rt_gateway));
        printf("rt_genmask %ld %zd\n", offsetof(struct rtentry, rt_genmask),
                sizeof(rt.rt_genmask));
        printf("rt_flags %ld %zd\n", offsetof(struct rtentry, rt_flags),
                sizeof(rt.rt_flags));
        printf("rt_pad2 %ld %zd\n", offsetof(struct rtentry, rt_pad2),
                sizeof(rt.rt_pad2));
        printf("rt_pad3 %ld %zd\n", offsetof(struct rtentry, rt_pad3),
                sizeof(rt.rt_pad3));
        printf("rt_pad4 %ld %zd\n", offsetof(struct rtentry, rt_pad4),
                sizeof(rt.rt_pad4));
        printf("rt_metric %ld %zd\n", offsetof(struct rtentry, rt_metric),
                sizeof(rt.rt_metric));
        printf("rt_dev %ld %zd\n", offsetof(struct rtentry, rt_dev),
                sizeof(rt.rt_dev));
        printf("rt_mtu %ld %zd\n", offsetof(struct rtentry, rt_mtu),
                sizeof(rt.rt_mtu));
        printf("rt_window %ld %zd\n", offsetof(struct rtentry, rt_window),
                sizeof(rt.rt_window));
        printf("rt_irtt %ld %zd\n", offsetof(struct rtentry, rt_irtt),
                sizeof(rt.rt_irtt));
}

And result is :

i386

rt_pad1 0 4
rt_dst 4 16
rt_gateway 20 16
rt_genmask 36 16
rt_flags 52 2
rt_pad2 54 2
rt_pad3 56 4
rt_pad4 62 2
rt_metric 64 2
rt_dev 68 4
rt_mtu 72 4
rt_window 76 4
rt_irtt 80 2

m68k

rt_pad1 0 4
rt_dst 4 16
rt_gateway 20 16
rt_genmask 36 16
rt_flags 52 2
rt_pad2 54 2
rt_pad3 56 4
rt_pad4 62 2
rt_metric 64 2
rt_dev 66 4
rt_mtu 70 4
rt_window 74 4
rt_irtt 78 2

This affects the "route" command :

WITHOUT this patch:

$ sudo route add -net default gw 10.0.3.1 window 1024 irtt 2 eth0
$ netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.0.3.1        0.0.0.0         UG        0 67108866  32768 eth0
10.0.3.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0

WITH this patch:

$ sudo route add -net default gw 10.0.3.1 window 1024 irtt 2 eth0
$ netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.0.3.1        0.0.0.0         UG        0 1024       2 eth0
10.0.3.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180510205949.26455-1-laurent@vivier.eu>
2018-05-14 12:01:21 +02:00
Peter Maydell
9ba1733a76 * Don't silently truncate extremely long words in the command line
* dtc configure fixes
 * MemoryRegionCache second try
 * Deprecated option removal
 * add support for Hyper-V reenlightenment MSRs
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJa9Y2qAAoJEL/70l94x66Df8EIAI4pi+zf1mTlH0Koi+oqOg+d
 geBC6N9IA+n1p90XERnPbuiT19NjON2R1Z907SbzDkijxdNRoYUoQf7Z+ZBTENjn
 dYsVvgLYzajGLWWtJetPPaNFAqeF2z8B3lbVQnGVLzH5pQQ2NS1NJsvXQA2LslLs
 2ll1CJ2EEBhayoBSbHK+0cY85f+DUgK/T1imIV2T/rwcef9Rw218nvPfGhPBSoL6
 tI2xIOxz8bBOvZNg2wdxpaoPuDipBFu6koVVbaGSgXORg8k5CEcKNxInztufdELW
 KZK5ORa3T0uqu5T/GGPAfm/NbYVQ4aTB5mddshsXtKbBhnbSfRYvpVsR4kQB/Hc=
 =oC1r
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Don't silently truncate extremely long words in the command line
* dtc configure fixes
* MemoryRegionCache second try
* Deprecated option removal
* add support for Hyper-V reenlightenment MSRs

# gpg: Signature made Fri 11 May 2018 13:33:46 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (29 commits)
  rename included C files to foo.inc.c, remove osdep.h
  pc-dimm: fix error messages if no slots were defined
  build: Silence dtc directory creation
  shippable: Remove Debian 8 libfdt kludge
  configure: Display if libfdt is from system or git
  configure: Really use local libfdt if the system one is too old
  i386/kvm: add support for Hyper-V reenlightenment MSRs
  qemu-doc: provide details of supported build platforms
  qemu-options: Remove deprecated -no-kvm-irqchip
  qemu-options: Remove deprecated -no-kvm-pit-reinjection
  qemu-options: Bail out on unsupported options instead of silently ignoring them
  qemu-options: Remove remainders of the -tdf option
  qemu-options: Mark -virtioconsole as deprecated
  target/i386: sev: fix memory leaks
  opts: don't silently truncate long option values
  opts: don't silently truncate long parameter keys
  accel: use g_strsplit for parsing accelerator names
  update-linux-headers: drop hyperv.h
  qemu-thread: always keep the posix wrapper layer
  exec: reintroduce MemoryRegion caching
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-14 09:55:09 +01:00
Thomas Huth
af1a5c3eb4 net: Remove the deprecated "vlan" parameter
It's been marked as deprecated since QEMU v2.9.0, so that should have
been enough time for everybody to either just drop unnecessary "vlan=0"
parameters, to switch to the modern -device + -netdev syntax for connecting
guest NICs with host network backends, or to switch to the "hubport" netdev
in case hubs are really wanted instead.

Buglink: https://bugs.launchpad.net/qemu/+bug/658904
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-05-14 15:47:14 +08:00
Peter Maydell
f5583c527f target-arm queue:
* hw/arm/iotkit.c: fix minor memory leak
  * softfloat: fix wrong-exception-flags bug for multiply-add corner case
  * arm: isolate and clean up DTB generation
  * implement Arm v8.1-Atomics extension
  * Fix some bugs and missing instructions in the v8.2-FP16 extension
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJa9IUCAAoJEDwlJe0UNgzeEGMQAKKjVRzZ7MBgvxQj0FJSWhSP
 BZkATf3ktid255PRpIssBZiY9oM+uY6n+/IRozAGvfDBp9eQOkrZczZjfW5hpe0B
 YsQadtk5cUOXqQzRTegSMPOoMmz8f5GaGOk4R6AEXJEX+Rug/zbOn9Q8Yx7JTd7o
 yBvU1+fys3galSiB88cffA95B9fwGfLsM7rP6OC4yNdUBYwjHf3wtY53WsxtWqX9
 oX4keEiROQkrOfbSy9wYPZzu/0iRo8v35+7wIZhvNSlf02k6yJ7a+w0C4EQIRhWm
 5zciE+aMYr7nOGpj7AEJLrRekhwnD6Ppje6aUd15yrxfNRZkpk/FeECWnaOPDis7
 QNijx5Zqg6+GyItQKi5U4vFVReMj09OB7xDyAq77xDeBj4l3lg2DNkRfRhqQZAcv
 2r4EW+pfLNj76Ah1qtQ410fprw462Sopb6bHmeuFbf1QFbQvJ4CL1+7Jl3ExrDX4
 2+iQb4sQghWDxhDLfRSLxQ7K+bX+mNfGdFW8h+jPShD/+JY42dTKkFZEl4ghNgMD
 mpj8FrQuIkSMqnDmPfoTG5MVTMERacqPU7GGM7/fxudIkByO3zTiLxJ/E+Iy8HvX
 29xKoOBjKT5FJrwJABsN6VpA3EuyAARgQIZ/dd6N5GZdgn2KAIHuaI+RHFOesKFd
 dJGM6sdksnsAAz28aUEJ
 =uXY+
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180510' into staging

target-arm queue:
 * hw/arm/iotkit.c: fix minor memory leak
 * softfloat: fix wrong-exception-flags bug for multiply-add corner case
 * arm: isolate and clean up DTB generation
 * implement Arm v8.1-Atomics extension
 * Fix some bugs and missing instructions in the v8.2-FP16 extension

# gpg: Signature made Thu 10 May 2018 18:44:34 BST
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20180510: (21 commits)
  target/arm: Clear SVE high bits for FMOV
  target/arm: Fix float16 to/from int16
  target/arm: Implement vector shifted FCVT for fp16
  target/arm: Implement vector shifted SCVF/UCVF for fp16
  target/arm: Enable ARM_FEATURE_V8_ATOMICS for user-only
  target/arm: Implement CAS and CASP
  target/arm: Fill in disas_ldst_atomic
  target/arm: Introduce ARM_FEATURE_V8_ATOMICS and initial decode
  target/riscv: Use new atomic min/max expanders
  tcg: Use GEN_ATOMIC_HELPER_FN for opposite endian atomic add
  tcg: Introduce atomic helpers for integer min/max
  target/xtensa: Use new min/max expanders
  target/arm: Use new min/max expanders
  tcg: Introduce helpers for integer min/max
  atomic.h: Work around gcc spurious "unused value" warning
  make sure that we aren't overwriting mc->get_hotplug_handler by accident
  arm/boot: split load_dtb() from arm_load_kernel()
  platform-bus-device: use device plug callback instead of machine_done notifier
  pc: simplify MachineClass::get_hotplug_handler handling
  softfloat: Handle default NaN mode after pickNaNMulAdd, not before
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	target/riscv/translate.c
2018-05-11 17:41:54 +01:00
Peter Maydell
cd95fc28fb atomic.h: Work around gcc spurious "unused value" warning
Some versions of gcc produce a spurious warning if the result of
__atomic_compare_echange_n() is not used and the type involved
is a signed 8 bit value:
  error: value computed is not used [-Werror=unused-value]
This has been seen on at least
 gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609

Work around this by using an explicit cast to void to indicate
that we don't care about the return value.

We don't currently use our atomic_cmpxchg() macro on any signed
8 bit types, but the upcoming support for the Arm v8.1-Atomics
will require it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2018-05-10 18:10:57 +01:00
Igor Mammedov
3b77f6c353 arm/boot: split load_dtb() from arm_load_kernel()
load_dtb() depends on arm_load_kernel() to figure out place
in RAM where it should be loaded, but it's not required for
arm_load_kernel() to work. Sometimes it's neccesary for
devices added with -device/device_add to be enumerated in
DTB as well, which's lead to [1] and surrounding commits to
add 2 more machine_done notifiers with non obvious ordering
to make dynamic sysbus devices initialization happen in
the right order.

However instead of moving whole arm_load_kernel() in to
machine_done, it's sufficient to move only load_dtb() into
virt_machine_done() notifier and remove ArmLoadKernelNotifier/
/PlatformBusFDTNotifierParams notifiers, which saves us ~90LOC
and simplifies code flow quite a bit.
Later would allow to consolidate DTB generation within one
function for 'mach-virt' board and make it reentrant so it
could generate updated DTB in device hotplug secenarios.

While at it rename load_dtb() to arm_load_dtb() since it's
public now.

Add additional field skip_dtb_autoload to struct arm_boot_info
to allow manual DTB load later in mach-virt and to avoid touching
all other boards to explicitly call arm_load_dtb().

 1) (ac9d32e hw/arm/boot: arm_load_kernel implemented as a machine init done notifier)

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 1525691524-32265-4-git-send-email-imammedo@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-10 18:10:56 +01:00
Igor Mammedov
a3fc839635 platform-bus-device: use device plug callback instead of machine_done notifier
platform-bus were using machine_done notifier to get and map
(assign irq/mmio resources) dynamically added sysbus devices
after all '-device' options had been processed.
That however creates non obvious dependencies on ordering of
machine_done notifiers and requires carefull line juggling
to keep it working. For example see comment above
create_platform_bus() and 'straitforward' arm_load_kernel()
had to converted to machine_done notifier and that lead to
yet another machine_done notifier to keep it working
arm_register_platform_bus_fdt_creator().

Instead of hiding resource assignment in platform-bus-device
to magically initialize sysbus devices, use device plug
callback and assign resources explicitly at board level
at the moment each -device option is being processed.

That adds a bunch of machine declaration boiler plate to
e500plat board, similar to ARM/x86 but gets rid of hidden
machine_done notifier and would allow to remove the dependent
notifiers in ARM code simplifying it and making code flow
easier to follow.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Message-id: 1525691524-32265-3-git-send-email-imammedo@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-10 18:10:56 +01:00
Igor Mammedov
38aefb578d pc: simplify MachineClass::get_hotplug_handler handling
By default MachineClass::get_hotplug_handler is NULL and concrete board
should set it to it's own handler.
Considering there isn't any default handler, drop saving empty
MachineClass::get_hotplug_handler in child class and make PC code
consistent with spapr/s390x boards.

We can bring this back when actual usecase surfaces and do it
consistently across boards that use get_hotplug_handler().

Suggested-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-id: 1525691524-32265-2-git-send-email-imammedo@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-10 18:10:56 +01:00
Stefan Hajnoczi
23d702d898 blockjob: drop block_job_pause/resume_all()
Commit 8119334918 ("block: Don't
block_job_pause_all() in bdrv_drain_all()") removed the only callers of
block_job_pause/resume_all().

Pausing and resuming now happens in child_job_drained_begin/end() so
it's no longer necessary to globally pause/resume jobs.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 20180424085240.5798-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-05-10 10:41:12 +01:00
Emilio G. Cota
b542683d77 translator: merge max_insns into DisasContextBase
While at it, use int for both num_insns and max_insns to make
sure we have same-type comparisons.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-05-09 10:12:21 -07:00
Thomas Huth
1217d6ca2b qemu-options: Bail out on unsupported options instead of silently ignoring them
The dangling remainder of the -tdf option revealed a deficiency in our
option parsing: Options that have been declared, but are not supported
in the switch-case statement in vl.c and not handled in the OS-specifc
os_parse_cmd_args() functions are currently silently ignored. We should
rather tell the users that they specified something that we can not
handle, so let's print an error message and exit instead.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1525453270-23074-3-git-send-email-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-05-09 00:13:39 +02:00
Daniel P. Berrangé
950c4e6c94 opts: don't silently truncate long option values
The existing QemuOpts parsing code uses a fixed size 1024 byte buffer
for storing the option values. If a value exceeded this size it was
silently truncated and no error reported to the user. Long option values
is not a common scenario, but it is conceivable that they will happen.
eg if the user has a very deeply nested filesystem it would be possible
to come up with a disk path that was > 1024 bytes. Most of the time if
such data was silently truncated, the user would get an error about
opening a non-existant disk. If they're unlucky though, QEMU might use a
completely different disk image from another VM, which could be
considered a security issue. Another example program was in using the
-smbios command line arg with very large data blobs. In this case the
silent truncation will be providing semantically incorrect data to the
guest OS for SMBIOS tables.

If the operating system didn't limit the user's argv when spawning QEMU,
the code should honour whatever length arguments were given without
imposing its own length restrictions. This patch thus changes the code
to use a heap allocated buffer for storing the values during parsing,
lifting the arbitrary length restriction.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180416111743.8473-4-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-09 00:13:39 +02:00
Daniel P. Berrangé
20efc49ed6 accel: use g_strsplit for parsing accelerator names
Instead of re-using the get_opt_name() method from QemuOpts to split a
string on ':', just use g_strsplit().

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180416111743.8473-2-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-09 00:13:38 +02:00
Paolo Bonzini
48564041a7 exec: reintroduce MemoryRegion caching
MemoryRegionCache was reverted to "normal" address_space_* operations
for 2.9, due to lack of support for IOMMUs.  Reinstate the
optimizations, caching only the IOMMU translation at address_cache_init
but not the IOMMU lookup and target AddressSpace translation are not
cached; now that MemoryRegionCache supports IOMMUs, it becomes more widely
applicable too.

The inlined fast path is defined in memory_ldst_cached.inc.h, while the
slow path uses memory_ldst.inc.c as before.  The smaller fast path causes
a little code size reduction in MemoryRegionCache users:

    hw/virtio/virtio.o text size before: 32373
    hw/virtio/virtio.o text size after: 31941

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-05-09 00:13:38 +02:00
Paolo Bonzini
4269c82bf7 exec: move memory access declarations to a common header, inline *_phys functions
For now, this reduces the text size very slightly due to the newly-added
inlining:

   text size before: 9301965
   text size after: 9300645

Later, however, the declarations in include/exec/memory_ldst.inc.h will be
reused for the MemoryRegionCache slow path functions.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-05-09 00:13:38 +02:00
Paolo Bonzini
29de4ec164 memdev: remove "id" property
The "id" property is unnecessary and can be replaced simply with
object_get_canonical_path_component.  This patch mostly undoes commit
e1ff3c67e8 ("monitor: fix qmp/hmp query-memdev not reporting IDs of
memory backends", 2017-01-12).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-05-09 00:13:37 +02:00
Paolo Bonzini
770dec2627 qom: allow object_get_canonical_path_component without parent
Just return NULL; any callers that cause a change in behavior
would have caused an assertion failure before, so this is safe.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-05-09 00:13:37 +02:00
Peter Maydell
cc8f8ba754 Machine queue, 2018-05-07
* pc-dimm: factor out MemoryDevice
   (virtio-pmem and virtio-mem will make use of the new abstraction later)
 * scripts/device-crash-test: Removed fixed CAN entries
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJa8IZ2AAoJECgHk2+YTcWmmD0P/2Lddw+ilGhGS/CWarq4uLSF
 ILtEMwNgbJeJAEza6IQx/IIuUER3H5UcxgZhO49nELpurobhl5yW9JKP1qjH9z9i
 7hVPORGioiyGkjgjbm8jWtljePAloTIwEiIcrqYkVHpWDCUJaZ7SES2VQL7ltY/W
 AU3uSFQQMDfVqr/MXDxZq084wFK3Jm2aIE+p8a0MF7B+29RSHdFU9iKysCC1Wu/1
 AllXCkQ4yWHCGoSRBfzFz9EWBb4VlzM+VNj9nhHu75zdF3hm7J05yIiGuZLiOjmB
 MDOkvKhSeXNj+21mXVLmSxkfI65z6jrq3aI7iTp4+orrd2SCXoHsOZoj4Q2cRSnw
 kJlY62+p85H9NYIKTgMCM/oURpL2ZnqPKmCto1NRFywSBGLXll2weyKpX9ByvXe2
 gL8hqra/K8eUPW4zSsPYbbN1b16EnK4MY2nkYvG0Y/aAXGZF6V9zQwKNT4/F5GyY
 SRMC4c2OtQOgZNDSuPdgZ5Lu5PXfetvvcqWCj0tXNdaScOp6Omsc/i/YCUtu6r/3
 IbBIclJ+K5aD+U4QP4DKZ+DJbEkIGMU4pSHgR2i8bK7MmoJpJcAIB1mL5nA/TknP
 /RVgtnP7gVbfGIVVwjUw9bMurvOti4PBp0/DxC/VqUqGs9e8avE1yb9grVJdj/jA
 oEGJ6EIsmO1URbk1+f93
 =Hhge
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/machine-next-pull-request' into staging

Machine queue, 2018-05-07

* pc-dimm: factor out MemoryDevice
  (virtio-pmem and virtio-mem will make use of the new abstraction later)
* scripts/device-crash-test: Removed fixed CAN entries

# gpg: Signature made Mon 07 May 2018 18:01:42 BST
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/machine-next-pull-request:
  scripts/device-crash-test: Removed fixed CAN entries
  vl: allow 'maxmem' without 'slot'
  spapr: rename "hotplug memory" terminology to "device memory"
  pc: rename "hotplug memory" terminology to "device memory"
  machine: rename MemoryHotplugState to DeviceMemoryState
  pc-dimm: move actual plug/unplug of a memory region to MemoryDevice
  pc-dimm: factor out capacity and slot checks into MemoryDevice
  pc-dimm: factor out address search into MemoryDevice code
  pc-dimm: pass in the machine and to the MemoryHotplugState
  pc-dimm: no need to pass the memory region
  machine: make MemoryHotplugState accessible via the machine
  pc-dimm: factor out MemoryDevice interface

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-08 15:25:17 +01:00
Peter Maydell
3add3f7edc RISC-V: QEMU 2.13 Privileged ISA emulation updates
Several code cleanups, minor specification conformance changes,
 fixes to make ROM read-only and add device-tree size checks.
 
 * Honour privileged ISA v1.10 counter enable CSRs.
 * Implements WARL behavior for CSRs that don't support writes
   * Past behavior of raising traps was non-conformant
     with the RISC-V Privileged ISA Specification v1.10.
 * Allow S-mode access to sstatus.MXR when priv ISA >= v1.10
 * Sets mtval/stval to zero on exceptions without addresses
   * Past behavior of leaving the last value was non-conformant
     with the RISC-V Privileged ISA Specition v1.10. mtval/stval
     must be set on all exceptions; to zero if not supported.
 * Make ROMs read-only and implement device-tree size checks
   * Uses memory_region_init_rom and rom_add_blob_fixed_as
 * Adds hexidecimal instruction bytes to disassembly output.
 * Fixes missing break statement for rv128 disassembly.
 * Several code cleanups
   * Replacing hard-coded constants with enums
   * Dead-code elimination
 
 This is an incremental pull that contains 20 reviewed changes out
 of 38 changes currently queued in the qemu-2.13-for-upstream branch.
 -----BEGIN PGP SIGNATURE-----
 
 iF0EABECAB0WIQR8mZMOsXzYugc9Xvpr8dezV+8+TwUCWu496QAKCRBr8dezV+8+
 T1ZEAJ4wQRHZtn4suN5yMEHQMA2FkX1iNACgiYWLtcNcgoa88eaTcJJJu4QZryY=
 =I2wf
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/riscv/tags/riscv-qemu-2.13-pull-20180506' into staging

RISC-V: QEMU 2.13 Privileged ISA emulation updates

Several code cleanups, minor specification conformance changes,
fixes to make ROM read-only and add device-tree size checks.

* Honour privileged ISA v1.10 counter enable CSRs.
* Implements WARL behavior for CSRs that don't support writes
  * Past behavior of raising traps was non-conformant
    with the RISC-V Privileged ISA Specification v1.10.
* Allow S-mode access to sstatus.MXR when priv ISA >= v1.10
* Sets mtval/stval to zero on exceptions without addresses
  * Past behavior of leaving the last value was non-conformant
    with the RISC-V Privileged ISA Specition v1.10. mtval/stval
    must be set on all exceptions; to zero if not supported.
* Make ROMs read-only and implement device-tree size checks
  * Uses memory_region_init_rom and rom_add_blob_fixed_as
* Adds hexidecimal instruction bytes to disassembly output.
* Fixes missing break statement for rv128 disassembly.
* Several code cleanups
  * Replacing hard-coded constants with enums
  * Dead-code elimination

This is an incremental pull that contains 20 reviewed changes out
of 38 changes currently queued in the qemu-2.13-for-upstream branch.

# gpg: Signature made Sun 06 May 2018 00:27:37 BST
# gpg:                using DSA key 6BF1D7B357EF3E4F
# gpg: Good signature from "Michael Clark <michaeljclark@mac.com>"
# gpg:                 aka "Michael Clark <mjc@sifive.com>"
# gpg:                 aka "Michael Clark <michael@metaparadigm.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 7C99 930E B17C D8BA 073D  5EFA 6BF1 D7B3 57EF 3E4F

* remotes/riscv/tags/riscv-qemu-2.13-pull-20180506:
  RISC-V: Mark ROM read-only after copying in code
  RISC-V: No traps on writes to misa,minstret,mcycle
  RISC-V: Make mtvec/stvec ignore vectored traps
  RISC-V: Add mcycle/minstret support for -icount auto
  RISC-V: Use [ms]counteren CSRs when priv ISA >= v1.10
  RISC-V: Allow S-mode mxr access when priv ISA >= v1.10
  RISC-V: Clear mtval/stval on exceptions without info
  RISC-V: Hardwire satp to 0 for no-mmu case
  RISC-V: Update E and I extension order
  RISC-V: Remove erroneous comment from translate.c
  RISC-V: Remove EM_RISCV ELF_MACHINE indirection
  RISC-V: Make virt header comment title consistent
  RISC-V: Make some header guards more specific
  RISC-V: Fix missing break statement in disassembler
  RISC-V: Include instruction hex in disassembly
  RISC-V: Remove unused class definitions
  RISC-V: Remove identity_translate from load_elf
  RISC-V: Use ROM base address and size from memmap
  RISC-V: Make virt board description match spike
  RISC-V: Replace hardcoded constants with enum values

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-08 13:34:03 +01:00
David Hildenbrand
0c9269a52d spapr: rename "hotplug memory" terminology to "device memory"
Let's make it clear at relevant places that we are dealing with device
memory. That it can be used for memory hotplug is just a special case.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-11-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
[ehabkost: rebased series, solved conflicts at spapr.c]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
f2ffbe2b7d pc: rename "hotplug memory" terminology to "device memory"
Let's make it clear that we are dealing with device memory. That it can
be used for memory hotplug is just a special case.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-10-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
e017da370b machine: rename MemoryHotplugState to DeviceMemoryState
Rename it to better match the new terminology.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-9-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
18d11dc910 pc-dimm: move actual plug/unplug of a memory region to MemoryDevice
Registering the memory region for migration has do be done by the owner.
There could be cases, where we don't want to migrate the memory.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-8-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
1b6d6af21b pc-dimm: factor out capacity and slot checks into MemoryDevice
Move the checks into memory_device_get_free_addr(). This will check
before doing any calculations if we have KVM/vhost slots left and if
the total region size would be exceeded.

Of course, while at it, make it independent of pc-dimm code.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-7-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
bb0831bdf4 pc-dimm: factor out address search into MemoryDevice code
This mainly moves code, but does a handfull of optimizations:
- We pass the machine instead of the address space properties
- We check the hinted address directly and handle fragmented memory
  better
- We make the search independent of pc-dimm

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-6-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
bd6c3e4a49 pc-dimm: pass in the machine and to the MemoryHotplugState
We use the machine internally either way, so let's just pass it in then.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-5-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
acc7fa17e6 pc-dimm: no need to pass the memory region
We can just query it ourselves. When unplugging, we should always be
able to the region (as it was previously plugged). E.g. PPC already
assumed that and used &error_abort.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-4-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
b0c14ec4ef machine: make MemoryHotplugState accessible via the machine
Let's allow to query the MemoryHotplugState directly from the machine.
If the pointer is NULL, the machine does not support memory devices. If
the pointer is !NULL, the machine supports memory devices and the
data structure contains information about the applicable physical
guest address space region.

This allows us to generically detect if a certain machine has support
for memory devices, and to generically manage it (find free address
range, plug/unplug a memory region).

We will rename "MemoryHotplugState" to something more meaningful
("DeviceMemory") after we completed factoring out the pc-dimm code into
MemoryDevice code.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-3-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
[ehabkost: rebased series, solved conflicts at spapr.c]
[ehabkost: squashed fix to use g_malloc0()]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
David Hildenbrand
2cc0e2e814 pc-dimm: factor out MemoryDevice interface
On the qmp level, we already have the concept of memory devices:
    "query-memory-devices"
Right now, we only support NVDIMM and PCDIMM.

We want to map other devices later into the address space of the guest.
Such device could e.g. be virtio devices. These devices will have a
guest memory range assigned but won't be exposed via e.g. ACPI. We want
to make them look like memory device, but not glued to pc-dimm.

Especially, it will not always be possible to have TYPE_PC_DIMM as a parent
class (e.g. virtio devices). Let's use an interface instead. As a first
part, convert handling of
- qmp_pc_dimm_device_list
- get_plugged_memory_size
to our new model. plug/unplug stuff etc. will follow later.

A memory device will have to provide the following functions:
- get_addr(): Necessary, as the property "addr" can e.g. not be used for
              virtio devices (already defined).
- get_plugged_size(): The amount this device offers to the guest as of
                      now.
- get_region_size(): Because this can later on be bigger than the
                     plugged size.
- fill_device_info(): Fill MemoryDeviceInfo, e.g. for qmp.

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180423165126.15441-2-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-05-07 10:00:02 -03:00
Michael Clark
5b5583806b
RISC-V: Make virt header comment title consistent
Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2018-05-06 10:39:38 +12:00
Michael Clark
4996b12874
RISC-V: Make some header guards more specific
Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2018-05-06 10:39:38 +12:00
Michael Clark
42b3a4b7cc
RISC-V: Remove unused class definitions
Removes a whole lot of unnecessary boilerplate code. Machines
don't need to be objects. The expansion of the SOC object model
for the RISC-V machines will happen in the future as SiFive
plans to add their FE310 and FU540 SOCs to QEMU. However, it
seems that this present boilerplate is complete unnecessary.

Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2018-05-06 10:39:38 +12:00
Michael Clark
6b01e3277e
RISC-V: Use ROM base address and size from memmap
Another case of replacing hard coded constants, this time
referring to the definition in the virt machine's memmap.

Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2018-05-06 10:39:38 +12:00
Michael Clark
2a8756ed7d
RISC-V: Replace hardcoded constants with enum values
The RISC-V device-tree code has a number of hard-coded
constants and this change moves them into header enums.

Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2018-05-06 10:39:38 +12:00
Prem Mallappa
a703b4f6c1 hw/arm/virt-acpi-build: Add smmuv3 node in IORT table
This patch builds the smmuv3 node in the ACPI IORT table.

The RID space of the root complex, which spans 0x0-0x10000
maps to streamid space 0x0-0x10000 in smmuv3, which in turn
maps to deviceid space 0x0-0x10000 in the ITS group.

The guest must feature the IOMMU probe deferral series
(https://lkml.org/lkml/2017/4/10/214) which fixes streamid
multiple lookup. This bug is not related to the SMMU emulation.

Signed-off-by: Prem Mallappa <prem.mallappa@broadcom.com>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Shannon Zhao <zhaoshenglong@huawei.com>
Message-id: 1524665762-31355-14-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 18:52:58 +01:00
Prem Mallappa
584105eab2 hw/arm/virt: Add SMMUv3 to the virt board
Add code to instantiate an smmuv3 in virt machine. A new iommu
integer member is introduced in VirtMachineState to store the type
of the iommu in use.

Signed-off-by: Prem Mallappa <prem.mallappa@broadcom.com>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1524665762-31355-13-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 18:52:58 +01:00
Prem Mallappa
10a83cb988 hw/arm/smmuv3: Skeleton
This patch implements a skeleton for the smmuv3 device.
Datatypes and register definitions are introduced. The MMIO
region, the interrupts and the queue are initialized.

Only the MMIO read operation is implemented here.

Signed-off-by: Prem Mallappa <prem.mallappa@broadcom.com>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1524665762-31355-5-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 18:49:10 +01:00
Eric Auger
93641948d4 hw/arm/smmu-common: VMSAv8-64 page table walk
This patch implements the page table walk for VMSAv8-64.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Prem Mallappa <prem.mallappa@broadcom.com>
Message-id: 1524665762-31355-4-git-send-email-eric.auger@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 18:05:51 +01:00
Eric Auger
cac994ef43 hw/arm/smmu-common: IOMMU memory region and address space setup
We set up the infrastructure to enumerate all the PCI devices
attached to the SMMU and create an associated IOMMU memory
region and address space.

Those info are stored in SMMUDevice objects. The devices are
grouped according to the PCIBus they belong to. A hash table
indexed by the PCIBus pointer is used. Also an array indexed by
the bus number allows to find the list of SMMUDevices.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Prem Mallappa <prem.mallappa@broadcom.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1524665762-31355-3-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 18:05:51 +01:00
Eric Auger
527773eeef hw/arm/smmu-common: smmu base device and datatypes
The patch introduces the smmu base device and class for the ARM
smmu. Devices for specific versions will be derived from this
base device.

We also introduce some important datatypes.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Prem Mallappa <prem.mallappa@broadcom.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1524665762-31355-2-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 18:05:51 +01:00
Peter Maydell
7c867af89a QAPI patches for 2018-05-04
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJa7BLUAAoJEDhwtADrkYZTumIQAJC6wXmN+wBYc2MoR2Y8SQgY
 +gTM9J6R6H50ijb7RkkERLTgys7IxCDD/jy2p0yX/Re3ReXbYwzYQXmSFpF1KWGe
 SXB84uDtwSILbvR5iS0TBdQSyO+u5DRboukuLfTEZHjYQUP+guT1we3YwqWGzIKp
 o5kV/7Nq0vPWO5Sbs4FWB0t9hWzWV3Kef9b4gRPn05sWPaq2/sU6A3xai+ty6qS7
 PCm7VwT4z5SACdR4LRiL45h3HdThgr/alJJ6lUr2kaNCBiDBvM4h6d7W+lI/Vi3Y
 rG+wqyPQFyWLXf0uuI3AmSScVUzfYv9C4TcBTJkFnebrFcybPsGwEJLGtaIgFnBU
 1Mcz/TCl1bB4fDvhwV2qexxlXryOWXKn+ygdu9sBSY/QSA+NEqbJQo6cCDqMQ9Qy
 6zqrGxUrM/peVLvhfle4cIbyPslGRGn2s95oQzCJi8TlZxBj8lgW1x1kr7OhSlf4
 rNteSYAHDNSiNVL1PcW3vOS7ndTA6O0vHAtGa+0vbQzAf+RUfFG0sfggG6350O8e
 97Hp4LKT3VpGEuwyQEw6wk3zODNfAgtkkwjQHTnQYHriKB/fcVfY3g7gpYp4zMLF
 GJ3h5KZj71JNoFoxVJniAgkWY8+IP11ggXMyYWSMxMZ3M81EqQ/rbvOvGxn1wjd8
 kHbpUEMmGBHF1VmKs7e1
 =Kukn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2018-05-04' into staging

QAPI patches for 2018-05-04

# gpg: Signature made Fri 04 May 2018 08:59:16 BST
# gpg:                using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2018-05-04:
  qapi: deprecate CpuInfoFast.arch
  qapi: discriminate CpuInfoFast on SysEmuTarget, not CpuInfoArch
  qapi: change the type of TargetInfo.arch from string to enum SysEmuTarget
  qapi: add SysEmuTarget to "common.json"
  qapi: fill in CpuInfoFast.arch in query-cpus-fast
  qobject: Modify qobject_ref() to return obj
  qobject: Replace qobject_incref/QINCREF qobject_decref/QDECREF
  qobject: use a QObjectBase_ struct
  qobject: Ensure base is at offset 0
  qobject: Use qobject_to() instead of type cast

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 13:49:08 +01:00
Peter Maydell
46e04dacd3 First s390x pull request for 2.13.
- new machine type
 - extend SCLP event masks
 - support configuration of consoles via -serial
 - firmware improvements: non-sequential entries in boot menu, support
   for indirect loading via .INS files in s390-netboot
 - bugfixes and cleanups
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAlrsCZ0SHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vrN8QAKP3poc2wm/+32vCUv+qUyHby6cm5bl+
 2PeHS/CLC1q/nIggb1l8z9I3BeVSgeWB3B5/dKHvuRM4sVGslg2t2ivSXXbU06Na
 4sv9NaPh1DV0YLuSIj7gIbk9BZdsuw5Ik2846KIFW4HjYmgWJZJc9WhC+ezBqMLI
 jbOUQiQk7JfhJ0julc5Z1BcZN50PxUquvN8BmmS+QHhbdcQ0xMjmlDpkhGNzk9Hg
 +Ui6Fu5HOnybGXE3u9V+xS1I9Gn0cG90lgGFkIRgGO6oqn0C0hmYfrcXc11xg9yH
 /hUx+lIg3k44T6e2nG6IxDyuAfugxJiKeD1PscAd8DzBceKHxpIVk37xoITlCO25
 iRAcvToruaxZf0RSprQsW3DCto5cEhdX5XLVs6J5I/jlBqNgllKkezS5mG2fpibe
 xH7MlRL00DqaNEqWCrQ2+64w5THIkkiukYQLv6eDdoaTP/6emJ6KeqGr7KDbijvx
 ViR8LQ2aaGR/sL90X/HDNvR3otnC3doAQTCjlxDlHkjE3hSL9Z6Nvq4KBztiP418
 leHoiscmzRLJzagAhOn+uZWjETnoBKv1OnEN1yLf80ADz/FaArvnb9zq5KR6Oh43
 30+5RKLFKaDx6fnXGB2eqIOgq/4x1wXcGwRCBpRfYDXc/pQjbnj7AsKQiSTdTOa3
 hfTCL7/LscMU
 =cYvD
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20180504' into staging

First s390x pull request for 2.13.
- new machine type
- extend SCLP event masks
- support configuration of consoles via -serial
- firmware improvements: non-sequential entries in boot menu, support
  for indirect loading via .INS files in s390-netboot
- bugfixes and cleanups

# gpg: Signature made Fri 04 May 2018 08:19:57 BST
# gpg:                using RSA key DECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>"
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20180504:
  pc-bios/s390: Update firmware images
  s390-ccw: force diag 308 subcode to unsigned long
  pc-bios/s390-ccw/net: Add support for .INS config files
  pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS
  pc-bios/s390-ccw/net: Split up net_load() into init, load and release parts
  pc-bios/s390-ccw: fix non-sequential boot entries (enum)
  pc-bios/s390-ccw: fix non-sequential boot entries (eckd)
  pc-bios/s390-ccw: fix loadparm initialization and int conversion
  pc-bios/s390-ccw: rename MAX_TABLE_ENTRIES to MAX_BOOT_ENTRIES
  pc-bios/s390-ccw: size_t should be unsigned
  hw/s390x: Allow to configure the consoles with the "-serial" parameter
  s390x/kvm: cleanup calls to cpu_synchronize_state()
  vfio-ccw: introduce vfio_ccw_get_device()
  s390x/sclp: extend SCLP event masks to 64 bits
  s390x: introduce 2.13 compat machine

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 11:53:58 +01:00
Peter Maydell
2e4bd4a286 ppc patch queue 2018-05-04
Second patch of patches for qemu-2.13 (or whatever the version ends up
 being called).  Highlights are:
   * Preliminary patches for POWER9 hash MMU support for powernv
   * A number of cleanups fo pseries startup and LPCR handling
   * Remove support for explicitly allocated RMAs (which require kernel
     support that's been gone for 3+ years)
   * Some mac_newworld cleanups
   * A few bugfixes
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlrr6p8ACgkQbDjKyiDZ
 s5IxDQ/+NIZzD6xmMW0AtTes73Sn5uy3vB5utv/mgjbKuoovCE+FRtVXAPVlc41O
 q6Y8f0PWCfTbJb+G/XusSyQX9kc/anmmyQdrWuCbMFYJgwf9Fy3NVntx6HzppTub
 HEQJTdiPU3VCt3et1C4R9NqJmyG8n8qfyoa3oeEY+LTdIEQTRxgmzVfxMzfOddGQ
 jlvtwUqzGwSkXiJ/ZpKwFrn2XQiuvRdGeypMZWTk6ZsPAUHUpYvWO4LvhCmMsy1E
 PErwpHm8XCzOmkcdz2C6c7S9sfg1b8axllzwA5o6forfi9Hu8lk7EK08SRN0SUMf
 qjBA3upaQ4/HyKOuHMEAnVLErSerUOAM4hpkSt2ua9/KRR7zkx0pzqvAFPAKCuUv
 jXkYq/PlkbzxglkFiHaVyywAA7UBRPzTBn7NWhAf3XPtfcN5z/pU5qdeLAFRyw/U
 J77ET0Xq50po16uLIn8MVJY315C+kLvL8uz7IW6vN3koW4ZQeJ+v7s5S5ZZv20CY
 zLC5N/2loNyOVBvB3mTc+fa+HTDv8B9UBn+gLMHfzuCUbHiDC8BSKk/Z/FtpNCEG
 lW9whJ/prjZ+VTIiJxbSTg5o8UPl9RAAhDxi6g09BiJe9dBYWdYAe0EenSUllETy
 jfYeKbo0PG0NcbcsvxapCW1zvarMbczmpNWAe2w4MPuXUj+vfUc=
 =CAwC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.13-20180504' into staging

ppc patch queue 2018-05-04

Second patch of patches for qemu-2.13 (or whatever the version ends up
being called).  Highlights are:
  * Preliminary patches for POWER9 hash MMU support for powernv
  * A number of cleanups fo pseries startup and LPCR handling
  * Remove support for explicitly allocated RMAs (which require kernel
    support that's been gone for 3+ years)
  * Some mac_newworld cleanups
  * A few bugfixes

# gpg: Signature made Fri 04 May 2018 06:07:43 BST
# gpg:                using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.13-20180504:
  spapr: don't advertise radix GTSE if max-compat-cpu < power9
  spapr: don't migrate "spapr_option_vector_ov5_cas" to pre 2.8 machines
  target/ppc: always set PPC_MEM_TLBIE in pre 2.8 migration hack
  mac_newworld: move wiring of macio IRQs to macio_newworld_realize()
  mac_newworld: remove pics IRQ array and wire up macio to OpenPIC directly
  uninorth: create new uninorth device
  spapr: Clean up handling of LPCR power-saving exit bits
  spapr: Move PAPR mode cpu setup fully to spapr code
  target/ppc: Delay initialization of LPCR_UPRT for secondary cpus
  spapr: Clean up LPCR updates from hypercalls
  spapr: Make a helper to set up cpu entry point state
  spapr: Remove unhelpful helpers from rtas_start_cpu()
  spapr: Clean up rtas_start_cpu() & rtas_stop_self()
  target/ppc: Add ppc_store_lpcr() helper
  spapr: Remove support for explicitly allocated RMAs
  target/ppc: add basic support for PTCR on POWER9
  target/ppc: return a nil HPT base address on sPAPR machines

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-05-04 10:13:13 +01:00
Marc-André Lureau
f5a74a5a50 qobject: Modify qobject_ref() to return obj
For convenience and clarity, make it possible to call qobject_ref() at
the time when the reference is associated with a variable, or
argument, by making qobject_ref() return the same pointer as given.
Use that to simplify the callers.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180419150145.24795-5-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Useless change to qobject_ref_impl() dropped, commit message improved
slightly]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-05-04 08:27:53 +02:00
Marc-André Lureau
cb3e7f08ae qobject: Replace qobject_incref/QINCREF qobject_decref/QDECREF
Now that we can safely call QOBJECT() on QObject * as well as its
subtypes, we can have macros qobject_ref() / qobject_unref() that work
everywhere instead of having to use QINCREF() / QDECREF() for QObject
and qobject_incref() / qobject_decref() for its subtypes.

The replacement is mechanical, except I broke a long line, and added a
cast in monitor_qmp_cleanup_req_queue_locked().  Unlike
qobject_decref(), qobject_unref() doesn't accept void *.

Note that the new macros evaluate their argument exactly once, thus no
need to shout them.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180419150145.24795-4-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Rebased, semantic conflict resolved, commit message improved]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-05-04 08:27:53 +02:00
Marc-André Lureau
3d3eacaecc qobject: use a QObjectBase_ struct
By moving the base fields to a QObjectBase_, QObject can be a type
which also has a 'base' field. This allows writing a generic QOBJECT()
macro that will work with any QObject type, including QObject
itself. The container_of() macro ensures that the object to cast has a
QObjectBase_ base field, giving some type safety guarantees. QObject
must have no members but QObjectBase_ base, or else QOBJECT() breaks.

QObjectBase_ is not a typedef and uses a trailing underscore to make
it obvious it is not for normal use and to avoid potential abuse.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180419150145.24795-3-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-05-04 08:27:53 +02:00
Marc-André Lureau
7ee9edfdb1 qobject: Ensure base is at offset 0
All QObject types have the base QObject as their first field. This
allows the simplification of qobject_to().

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180419150145.24795-2-marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Commit message paragraph on type casts dropped, to avoid giving the
impression type casting would be okay]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2018-05-04 08:27:53 +02:00
Mark Cave-Ayland
0fcd2a814a mac_newworld: move wiring of macio IRQs to macio_newworld_realize()
Since the macio device has a link to the PIC device, we can now wire up the
IRQs directly via qdev GPIOs rather than having to use an intermediate array.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-05-04 15:00:37 +10:00
Mark Cave-Ayland
0662946aa6 uninorth: create new uninorth device
Commit 4e46dcdbd3 "PPC: Newworld: Add uninorth token register" added a TODO
which was to convert the uninorth registers hack to a proper device. Move
these registers to a new uninorth device, removing the old hacks from
mac_newworld.c.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-05-04 15:00:37 +10:00
David Gibson
84369f639e spapr: Make a helper to set up cpu entry point state
Under PAPR, only the boot CPU is active when the system starts.  Other cpus
must be explicitly activated using an RTAS call.  The entry state for the
boot and secondary cpus isn't identical, but it has some things in common.
We're going to add a bit more common setup later, too, so to simplify
make a helper which sets up the common entry state for both boot and
secondary cpu threads.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2018-05-04 15:00:37 +10:00
Laurent Vivier
7f254c5cb8 linux-user: remove useless padding in flock64 structure
Since commit 8efb2ed5ec ("linux-user: Correct signedness of
target_flock l_start and l_len fields"), flock64 structure uses
abi_llong for l_start and l_len in place of "unsigned long long"
this should force them to be aligned accordingly to the target
rules. So we can remove the padding field and the QEMU_PACKED
attribute.

I have compared the result of the following program before and
after the change:

    cat -> flock64_dump  <<EOF
    p/d sizeof(struct target_flock64)
    p/d &((struct target_flock64 *)0)->l_type
    p/d &((struct target_flock64 *)0)->l_whence
    p/d &((struct target_flock64 *)0)->l_start
    p/d &((struct target_flock64 *)0)->l_len
    p/d &((struct target_flock64 *)0)->l_pid
    quit
    EOF

    for file in build/all/*-linux-user/qemu-* ; do
    echo $file
    gdb -batch -nx -x flock64_dump $file 2> /dev/null
    done

The sizeof() changes because we remove the QEMU_PACKED.
The new size is 32 (except for i386 and m68k) and this is
the real size of "struct flock64" on the target architecture.

The following architectures differ:
aarch64_be, aarch64, alpha, armeb, arm, cris, hppa, nios2, or1k,
riscv32, riscv64, s390x.

For a subset of these architectures, I have checked with the following
program the new structure is the correct one:

  #include <stdio.h>
  #define __USE_LARGEFILE64
  #include <fcntl.h>

  int main(void)
  {
	  printf("struct flock64 %d\n", sizeof(struct flock64));
	  printf("l_type %d\n", &((struct flock64 *)0)->l_type);
	  printf("l_whence %d\n", &((struct flock64 *)0)->l_whence);
	  printf("l_start %d\n", &((struct flock64 *)0)->l_start);
	  printf("l_len %d\n", &((struct flock64 *)0)->l_len);
	  printf("l_pid %d\n", &((struct flock64 *)0)->l_pid);
  }

[I have checked aarch64, alpha, hppa, s390x]

For ARM, the target_flock64 becomes the EABI definition, so we need to
define the OABI one in place of the EABI one and use it when it is
needed.

I have also fixed the alignment value for sh4 (to align llong on 4 bytes)
(see c2e3dee6e0 "linux-user: Define target alignment size")
[We should check alignment properties for cris, nios2 and or1k]

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20180502215730.28162-1-laurent@vivier.eu>
2018-05-03 18:40:19 +02:00
Christophe Lyon
cf58affecc linux-user: ARM-FDPIC: Identify ARM FDPIC binaries
Define an ARM-specific version of elf_is_fdpic:
FDPIC ELF objects are identified with e_ident[EI_OSABI] ==
ELFOSABI_ARM_FDPIC.

Co-Authored-By: Mickaël Guêné <mickael.guene@st.com>
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180430080404.7323-3-christophe.lyon@st.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-05-03 18:25:29 +02:00
Thomas Huth
052888f043 hw/s390x: Allow to configure the consoles with the "-serial" parameter
The consoles ("sclpconsole" and "sclplmconsole") can only be configured
with "-device" and "-chardev" so far. Other machines use the convenience
option "-serial" to configure the default consoles, even for virtual
consoles like spapr-vty on the pseries machine. So let's support this
option on s390x, too. This way we can easily enable the serial console
here again with "-nodefaults", for example:

qemu-system-s390x -no-shutdown -nographic -nodefaults -serial mon:stdio

... which is way shorter than typing:

qemu-system-s390x -no-shutdown -nographic -nodefaults \
  -chardev stdio,id=c1,mux=on -device sclpconsole,chardev=c1 \
  -mon chardev=c1

The -serial parameter can also be used if you only want to see the QEMU
monitor on stdio without using -nodefaults, but not the console output.
That's something that is pretty impossible with the current code today:

qemu-system-s390x -no-shutdown -nographic -serial none

While we're at it, this patch also maps the second -serial option to the
"sclplmconsole", so that there is now an easy way to configure this second
console on s390x, too, for example:

qemu-system-s390x -no-shutdown -nographic -serial null -serial mon:stdio

Additionally, the new code is also smaller than the old one and we have
less s390x-specific code in vl.c :-)

I've also checked that migration still works as expected by migrating
a guest with console output back and forth between a qemu-system-s390x
that has this patch and an instance without this patch.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1524754794-28005-1-git-send-email-thuth@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-04-30 10:48:29 +02:00
Claudio Imbrenda
98e43b71b2 s390x/sclp: extend SCLP event masks to 64 bits
Extend the SCLP event masks to 64 bits.

Notice that using any of the new bits results in a state that cannot be
migrated to an older version.

Signed-off-by: Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>
Message-Id: <1520507069-22179-1-git-send-email-imbrenda@linux.vnet.ibm.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-04-30 10:31:41 +02:00
Peter Maydell
10f4718b51 vnc: fix use-after-free.
sdl2: gles support.
 vfio-display: add reset support.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJa4vNJAAoJEEy22O7T6HE4kP0P/iRErkXMYSuX6oKIaXCCSPLj
 KfK6Evw5YZ3IuntFg466D/1MthH8bZvAmSYD4uxGM8senIxqSzU4ta6026Orm6ds
 zrECnt4uiai261gdcwpQzt8wAo3NXTY6YSabO+pUaN7IDU5vO/nA8D6PNWPDwn1I
 NSz3LKCdwLHMlNVASF2GOjhhflB9vr1iQcGSB7YJtyeFN/R95j4qXKXcZ5XERTeR
 ue8eut39xOBikk5KZQj9gh+LjSmTMcENUJIOngb15FupKNhz55K+mLQ4FyC74kSQ
 csJrleD9kwbaDaw8tFPQ3LN9ZxelHhgByzEh7hPGgvXIk5tAOcqx9JPsHXgI/00w
 h6FiTgT8WpZ/xgriCtPAzKiEURvnNXQY25Zu5M+Wbj0CAMU5kDwoHDoRDqW7p4q2
 +YtmJpSmRhVWbAetslxJ+Qv5rP+XSCBdKALkyADOffkq/nEWgc3v/290N8/4kpP+
 +k7A9ClbhzJEt6LfKP5h09sSC0fbIb6TtmE/XqS0RyIKFoOctSBGU5n093lrMpL1
 Eo7WpUcC4qS+lTF+xASUJibbIiyVc+oPtdcF1ucYP0yrcEJgs5a2AEZrwLLHBZAB
 JtV29Z5eHVH0BdgKCN5DjN8NgiEPySDRk2WOje3sOiSvNv28YvzA+LR2pOppunqi
 Ho5Aays4s3sgmVdF4TpQ
 =gpOC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/ui-20180427-pull-request' into staging

vnc: fix use-after-free.
sdl2: gles support.
vfio-display: add reset support.

# gpg: Signature made Fri 27 Apr 2018 10:54:17 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/ui-20180427-pull-request:
  ui: introduce vfio_display_reset
  console: introduce dpy_gfx_update_full
  sdl: Allow OpenGL ES context creation
  sdl: Move DisplayOptions global to sdl2_console
  qapi: Parameter gl of DisplayType now accept an enum
  vnc: fix use-after-free

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-04-27 11:39:31 +01:00
Tina Zhang
7cd0afe69f console: introduce dpy_gfx_update_full
dpy_gfx_update_full is used to do the whole display surface update.

This function is proposed by Gerd Hoffmann.

Signed-off-by: Tina Zhang <tina.zhang@intel.com>
Message-id: 1524820266-27079-2-git-send-email-tina.zhang@intel.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-04-27 11:36:34 +02:00
Bharata B Rao
a324d6f166 spapr: Support ibm,dynamic-memory-v2 property
The new property ibm,dynamic-memory-v2 allows memory to be represented
in a more compact manner in device tree.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:23 +10:00
David Gibson
644a2c99a9 target/ppc: Pass cpu instead of env to ppc_create_page_sizes_prop()
As a rule we prefer to pass PowerPCCPU instead of CPUPPCState, and this
change will make some things simpler later on.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
2018-04-27 18:05:22 +10:00
David Gibson
2b10808539 Add host_memory_backend_pagesize() helper
There are a couple places (one generic, one target specific) where we need
to get the host page size associated with a particular memory backend.  I
have some upcoming code which will add another place which wants this.  So,
for convenience, add a helper function to calculate this.

host_memory_backend_pagesize() returns the host pagesize for a given
HostMemoryBackend object.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
2018-04-27 18:05:22 +10:00
David Gibson
8a4fd427fe spapr: Introduce pseries-2.13 machine type
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:22 +10:00
Mark Cave-Ayland
c90c393c2d uninorth: rename UNINState to UNINHostState
The existing UNINState actually represents the PCI/AGP host bridge stage so
rename it accordingly.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:22 +10:00
Mark Cave-Ayland
e226efbb26 uninorth: move PCI IO (ISA) memory region into the uninorth device
Do this for both the uninorth main and uninorth u3 AGP buses, using the main
PCI bus for each machine (this ensures the IO addresses still match those
used by OpenBIOS).

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:22 +10:00
Mark Cave-Ayland
e7755cc114 uninorth: use object link to pass OpenPIC object to uninorth
Now that the OpenPIC is wired up via the board, we can now remove our temporary
PIC qdev pointer property and replace it with an object link instead.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:22 +10:00
Mark Cave-Ayland
0b06520954 uninorth: introduce temporary pic_irqs device property
This is in preparation for moving the PCI bus wiring inside the uninorth
host bridge devices. In the future it will be possible to remove this once the
PICs have been switched to use qdev GPIOs.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:22 +10:00
Mark Cave-Ayland
20d2514ad8 mac_oldworld: move wiring of macio IRQs to macio_oldworld_realize()
Since the macio device has a link to the PIC device, we can now wire up the
IRQs directly via qdev GPIOs rather than having to use an intermediate array.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:22 +10:00
Mark Cave-Ayland
a5ed75fe2e heathrow: remove obsolete heathow_init() function
Instead wire up heathrow to the CPU and grackle PCI host using qdev GPIOs.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:22 +10:00
Mark Cave-Ayland
5d2eaa0250 uninorth: move uninorth definitions into uninorth.h
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
[dwg: Added hw/hw.h #include as suggested by Philippe Mathieu-Daudé]
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-04-27 18:05:22 +10:00
Elie Tournier
844fd50dbb sdl: Move DisplayOptions global to sdl2_console
Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Elie Tournier <elie.tournier@collabora.com>
Message-id: 20180413135842.21325-3-tournier.elie@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-04-27 09:51:40 +02:00
Ian Jackson
1c4010fa09 xen: Remove now-obsolete xen_xc_domain_add_to_physmap
The last user was just removed; remove this function, accordingly.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
2018-04-26 16:29:51 +01:00
Ross Lagerwall
2cbf890353 xen: Use newly added dmops for mapping VGA memory
Xen unstable (to be in 4.11) has two new dmops, relocate_memory and
pin_memory_cacheattr. Use these to set up the VGA memory, replacing the
previous calls to libxc. This allows the VGA console to work properly
when QEMU is running restricted (-xen-domid-restrict).

Wrapper functions are provided to allow QEMU to work with older versions
of Xen.

Tweak the error handling while making this change:
* Report pin_memory_cacheattr errors.
* Report errors even when DEBUG_HVM is not set. This is useful for
trying to understand why VGA is not working, since otherwise it just
fails silently.
* Fix the return values when an error occurs. The functions now
consistently return -1 and set errno.

CC: Ian Jackson <ian.jackson@eu.citrix.com>
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Reviewed-by: Ian Jackson <ian.jackson@eu.citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
2018-04-26 16:29:51 +01:00
Ian Jackson
6b47c2aa78 xen: destroy_hvm_domain: Try xendevicemodel_shutdown
xc_interface_open etc. is not going to work if we have dropped
privilege, but xendevicemodel_shutdown will if everything is new
enough.

xendevicemodel_shutdown is only availabe in Xen 4.10 and later, so
provide a stub for earlier versions.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
2018-04-26 16:29:51 +01:00
Ian Jackson
85f3c64da3 xen: move xc_interface compatibility fallback further up the file
We are going to want to use the dummy xendevicemodel_handle type in
new stub functions in the CONFIG_XEN_CTRL_INTERFACE_VERSION < 41000
section.  So we need to provide that definition, or (as applicable)
include the appropriate header, earlier in the file.

(Ideally the newer compatibility layers would be at the bottom of the
file, so that they can naturally benefit from the compatibility layers
for earlier version.  But that's rather too much for this series.)

No functional change.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Stefano Stabellini <sstabellini@kernel.org>
2018-04-26 16:29:51 +01:00
Ian Jackson
0ef4d87da5 xen: restrict: use xentoolcore_restrict_all
And insist that it works.

Drop individual use of xendevicemodel_restrict and
xenforeignmemory_restrict.  These are not actually effective in this
version of qemu, because qemu has a large number of fds open onto
various Xen control devices.

The restriction arrangements are still not right, because the
restriction needs to be done very late - after qemu has opened all of
its control fds.

xentoolcore_restrict_all and xentoolcore.h are available in Xen 4.10
and later, only.  Provide a compatibility stub.  And drop the
compatibility stubs for the old functions.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Stefano Stabellini <sstabellini@kernel.org>
2018-04-26 16:29:51 +01:00
Ian Jackson
7a64c17f3b AccelClass: Introduce accel_setup_post
This is called just before os_setup_post.  Currently none of the
accelerators provide this hook, but the Xen one is going to provide
one in a moment.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
2018-04-26 16:29:50 +01:00
Peter Maydell
b8846a4d63 vl.c: new function serial_max_hds()
Create a new function serial_max_hds() which returns the number of
serial ports defined by the user. This is needed only by spapr.

This allows us to remove the MAX_SERIAL_PORTS define.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180420145249.32435-14-peter.maydell@linaro.org
2018-04-26 13:58:29 +01:00
Peter Maydell
6af2692e86 vl.c: Remove compile time limit on number of serial ports
Instead of having a fixed sized global serial_hds[] array,
use a local dynamically reallocated one, so we don't have
a compile time limit on how many serial ports a system has.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180420145249.32435-13-peter.maydell@linaro.org
2018-04-26 13:57:00 +01:00
Peter Maydell
2cd4f8acb0 superio: Don't use MAX_SERIAL_PORTS for serial port limit
The superio device has a limit on the number of serial
ports it supports which is really only there because
it has a fixed-size array serial[]. This limit isn't
related particularly to the global MAX_SERIAL_PORTS limit,
so use a different #define for it.

(In practice the users of superio only ever want 2 serial ports.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180420145249.32435-12-peter.maydell@linaro.org
2018-04-26 13:57:00 +01:00
Peter Maydell
def337ffda serial-isa: Use MAX_ISA_SERIAL_PORTS instead of MAX_SERIAL_PORTS
The ISA serial port handling in serial-isa.c imposes a limit
of 4 serial ports. This is because we only know of 4 IO port
and IRQ settings for them, and is unrelated to the generic
MAX_SERIAL_PORTS limit, though they happen to both be set at
4 currently.

Use a new MAX_ISA_SERIAL_PORTS wherever that is the correct
limit to be checking against.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180420145249.32435-11-peter.maydell@linaro.org
2018-04-26 13:57:00 +01:00
Peter Maydell
a8d78cd0ab vl.c: Provide accessor function serial_hd() for serial_hds[] array
Provide an accessor function serial_hd() to return the Chardev
(if any) associated with the numbered serial port. This will
be used to replace direct accesses to the serial_hds[] array,
so that calling code doesn't need to care about the size of
that array.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180420145249.32435-7-peter.maydell@linaro.org
2018-04-26 13:57:00 +01:00
Pavel Dovgalyuk
afd46fcad2 icount: fix cpu_restore_state_from_tb for non-tb-exit cases
In icount mode, instructions that access io memory spaces in the middle
of the translation block invoke TB recompilation.  After recompilation,
such instructions become last in the TB and are allowed to access io
memory spaces.

When the code includes instruction like i386 'xchg eax, 0xffffd080'
which accesses APIC, QEMU goes into an infinite loop of the recompilation.

This instruction includes two memory accesses - one read and one write.
After the first access, APIC calls cpu_report_tpr_access, which restores
the CPU state to get the current eip.  But cpu_restore_state_from_tb
resets the cpu->can_do_io flag which makes the second memory access invalid.
Therefore the second memory access causes a recompilation of the block.
Then these operations repeat again and again.

This patch moves resetting cpu->can_do_io flag from
cpu_restore_state_from_tb to cpu_loop_exit* functions.

It also adds a parameter for cpu_restore_state which controls restoring
icount.  There is no need to restore icount when we only query CPU state
without breaking the TB.  Restoring it in such cases leads to the
incorrect flow of the virtual time.

In most cases new parameter is true (icount should be recalculated).
But there are two cases in i386 and openrisc when the CPU state is only
queried without the need to break the TB.  This patch fixes both of
these cases.

Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru>
Message-Id: <20180409091320.12504.35329.stgit@pasha-VirtualBox>
[rth: Make can_do_io setting unconditional; move from cpu_exec;
make cpu_loop_exit_{noexc,restore} call cpu_loop_exit.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2018-04-11 09:05:22 +10:00
Dr. David Alan Gilbert
5f52353091 e1000: Old machine types, turn new subsection off
Turn the newly added subsection off for old machine types

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-04-10 11:30:04 +08:00
Peter Maydell
915d34c5f9 Miscellaneous bugfixes, including crash fixes from Alexey, Peter M. and
Thomas.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJay3qbAAoJEL/70l94x66D7LwIAIDjHDULzCy/u+m/uFyTn7rD
 zyDhQTWgHP6OQ+TqixIDDszeasev/PWmiC6Bp+NG6ZIG102+XTREciSW+X7B6mct
 OqI/5xpjoqzKj2LrTeCnm754Xv7Ilz9kxZ1MKlGqjnRzdmykDRx7RNLqGBohL4EI
 nnF3iiOiT4ECY/aLgeRLfufJqj9zHr8hQ3om+2zMqntPfqc3Eg0eCpgb7uGMRDq8
 nWLecnDtqmBWhXDJCPngxDavBQqHDAmq1aj9ppJPLS+nB6pez0DvHMI6Gg3K4fIl
 2ybJse5FbOj/+PsM1Ae5g8TcWz607mVgtE+crKxLDmffg+YjbO9raqWigZoIw2Y=
 =aMIC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

Miscellaneous bugfixes, including crash fixes from Alexey, Peter M. and
Thomas.

# gpg: Signature made Mon 09 Apr 2018 15:37:15 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  Add missing bit for SSE instr in VEX decoding
  maint: Add .mailmap entries for patches claiming list authorship
  dump: Fix build with newer gcc
  device-crash-test: Remove fixed isa-fdc entry
  qemu-pr-helper: Write pidfile more often
  qemu-pr-helper: Daemonize before dropping privileges
  virtio-serial: fix heapover-flow
  kvmclock: fix clock_is_reliable on migration from QEMU < 2.9
  hw/dma/i82374: Avoid double creation of the 82374 controller
  hw/scsi: support SCSI-2 passthrough without PI
  scsi-disk: allow customizing the SCSI version
  scsi-disk: Don't enlarge min_io_size to max_io_size
  configure: Add missing configure options to help text
  i386/hyperv: error out if features requested but unsupported
  i386/hyperv: add hv-frequencies cpu property
  target/i386: WHPX: set CPUID_EXT_HYPERVISOR bit
  memfd: fix vhost-user-test on non-memfd capable host
  scripts/checkpatch.pl: Bug fix
  target/i386: Fix andn instruction
  sys_membarrier: fix up include directives

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-04-09 17:29:10 +01:00
Paolo Bonzini
2343be0d7e scsi-disk: allow customizing the SCSI version
We would like to have different behavior for passthrough devices
depending on the SCSI version they expose.  To prepare for that,
allow the user of emulated devices to specify the desired SCSI
level, and adjust the emulation according to the property value.
The next patch will set the level for scsi-block and scsi-generic
devices.

Based on a patch by Daniel Henrique Barboza
<danielhb@linux.vnet.ibm.com>.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-04-09 16:36:39 +02:00
Marc-André Lureau
648abbfbaa memfd: fix vhost-user-test on non-memfd capable host
On RHEL7, memfd is not supported, and vhost-user-test fails:
TEST: tests/vhost-user-test... (pid=10248)
  /x86_64/vhost-user/migrate:
  qemu-system-x86_64: -object memory-backend-memfd,id=mem,size=2M,: failed to create memfd
FAIL

There is a qemu_memfd_check() to prevent running memfd path, but it
also checks for fallback implementation. Let's specialize
qemu_memfd_check() to check memfd only, while qemu_memfd_alloc_check()
checks for the qemu_memfd_alloc() API.

Reported-by: Miroslav Rezanina <mrezanin@redhat.com>
Tested-by: Miroslav Rezanina <mrezanin@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180328121804.16203-1-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2018-04-09 12:57:06 +02:00
Gerd Hoffmann
da024b1ed2 ui: add ctrl modifier support to kbd_put_qcode_console()
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180321135041.15768-2-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-04-09 10:40:47 +02:00
KONRAD Frederic
1bb982b8fc gdbstub: send a termination packet instead of crashing gdb
Since the commit:
commit 4486e89c21
Author: Stefan Hajnoczi <stefanha@redhat.com>
Date:   Wed Mar 7 14:42:05 2018 +0000

    vl: introduce vm_shutdown()

GDB crashes when qemu exits (at least on sparc-softmmu):
Remote communication error.  Target disconnected.: Connection reset by peer.
Quitting: putpkt: write failed: Broken pipe.

So send a packet to exit GDB before we exit QEMU:
[Inferior 1 (Thread 0) exited normally]

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-id: 1521538773-30802-1-git-send-email-frederic.konrad@adacore.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-27 21:16:27 +01:00
Peter Maydell
f55e88f2ab qapi patches for 2018-03-27, 2.12-rc1
- Marc-André Lureau: qmp-test: fix response leak
 - Eric Blake: tests: Silence false positive warning on generated test name
 - Laurent Vivier: 0/4 (partial) coccinelle: re-run scripts from scripst/coccinelle
 - Peter Xu: 0/8 Monitor: some oob related patches (fixes, new param, tests)
 - Satheesh Rajendran: hmp.c: Revert hmp_info_cpus output format change
 -----BEGIN PGP SIGNATURE-----
 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
 
 iQEcBAABCAAGBQJaumDMAAoJEKeha0olJ0NqY34IAJ1AJLZeqtb9HIPDrL/iydXQ
 qrMPxfz/fbcjMbomYvltvCYB3GMQw88YVtTuu2kS5aZsr6vLhpw2ZjGrb+a0llFM
 lF6oERg/6VmfQNaeqcHEzORIdG6/GEctxoWS07f+NgSrjdxNNHyU+i/LGvvA5K4m
 x7akPw3DZIF/oBLDlFgtl80KtOf8vQ8QitCIp2nsURQFLHvjVSoXHGUfhoiUUgNA
 89rF62Repq9xZXSsFr+Jpp4/bPGxA717sixXSxFUDuTVIZGnffbt4wVxLi4TKSx1
 1Ho6psPK3d82rQ9OeIc6CqulElLMPGn7aNwR1VR6ig0sB409K5PQJybJDqQD/C4=
 =ld/c
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-qapi-2018-03-27-v2' into staging

qapi patches for 2018-03-27, 2.12-rc1

- Marc-André Lureau: qmp-test: fix response leak
- Eric Blake: tests: Silence false positive warning on generated test name
- Laurent Vivier: 0/4 (partial) coccinelle: re-run scripts from scripst/coccinelle
- Peter Xu: 0/8 Monitor: some oob related patches (fixes, new param, tests)
- Satheesh Rajendran: hmp.c: Revert hmp_info_cpus output format change

# gpg: Signature made Tue 27 Mar 2018 16:18:36 BST
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>"
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>"
# gpg:                 aka "[jpeg image of size 6874]"
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-qapi-2018-03-27-v2:
  hmp.c: Revert hmp_info_cpus output format change
  tests: qmp-test: add test for new "x-oob"
  tests: Add parameter to qtest_init_without_qmp_handshake
  monitor: new parameter "x-oob"
  qmp: cleanup qmp queues properly
  tests: add oob-test for qapi-schema
  tests: let qapi-schema tests detect oob
  qapi: restrict allow-oob value to be "true"
  qmp: fix qmp_capabilities error regression
  qdict: remove useless cast
  error: Remove NULL checks on error_propagate() calls
  error: Strip trailing '\n' from error string arguments (again again)
  tests: Silence false positive warning on generated test name
  qmp-test: fix response leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-27 19:20:57 +01:00
Peter Xu
be933ffc23 monitor: new parameter "x-oob"
Add new parameter to optionally enable Out-Of-Band for a QMP server.

An example command line:

  ./qemu-system-x86_64 -chardev stdio,id=char0 \
                       -mon chardev=char0,mode=control,x-oob=on

By default, Out-Of-Band is off.

It is not allowed if either MUX or non-QMP is detected, since
Out-Of-Band is currently only for QMP, and non-MUX chardev backends.

Note that the client STILL has to request 'oob' during qmp_capabilities;
in part because the x-oob command line option may disappear in the
future if we decide the capabilities negotiation is sufficient.

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180326063901.27425-4-peterx@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
[eblake: enhance commit message]
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-27 10:17:45 -05:00
Stefan Hajnoczi
c40a254570 coroutine: avoid co_queue_wakeup recursion
qemu_aio_coroutine_enter() is (indirectly) called recursively when
processing co_queue_wakeup.  This can lead to stack exhaustion.

This patch rewrites co_queue_wakeup in an iterative fashion (instead of
recursive) with bounded memory usage to prevent stack exhaustion.

qemu_co_queue_run_restart() is inlined into qemu_aio_coroutine_enter()
and the qemu_coroutine_enter() call is turned into a loop to avoid
recursion.

There is one change that is worth mentioning:  Previously, when
coroutine A queued coroutine B, qemu_co_queue_run_restart() entered
coroutine B from coroutine A.  If A was terminating then it would still
stay alive until B yielded.  After this patch B is entered by A's parent
so that a A can be deleted immediately if it is terminating.

It is safe to make this change since B could never interact with A if it
was terminating anyway.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180322152834.12656-3-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-03-27 13:05:28 +01:00
Stefan Hajnoczi
67a74148d8 queue: add QSIMPLEQ_PREPEND()
QSIMPLEQ_CONCAT(a, b) joins a = a + b.  The new QSIMPLEQ_PREPEND(a, b)
API joins a = b + a.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180322152834.12656-2-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-03-27 13:05:28 +01:00
Peter Maydell
62a2b55e8d Block layer patches
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJauQSdAAoJEH8JsnLIjy/WkwMQAKV8ne1AmBygQFxyZdXy+hrv
 ZAU7xdm35rvN/gRHSHCinyRKVa2vXU4+9F79FxdVuTJwGDOaTQHADL0lZN4USzfY
 dZKrqWn6ExZjKDl/iJPA7qpRyIzhwK83ZhcQSJS/HUertOH7ga+bkgePAN15iyiK
 Jw4li6s2ZBSBmg0UgSg5YAcEaG3RxYfVzmLgpPCMMPkZZzkKXStiPkX/gPdyYPyr
 666PLgA6O7U0rr6Lk5ALkNQwT81rZMO8YjENwmmKkzHnUsNnezGsc0OB8iXzlgWQ
 wh9SFAVtRl9xOz00t0ZX1U3eMzsAARz/sYG3dvYioyMtJhGj8AFLUx9DIVlcQbXG
 kyMFFKt9L2z9rj3HxulWkefLTFq9i2GA/GS36nJx/UjPxjh6AfXSDPjy1esiOlq+
 TiTvUsBvJM6VHxj/qXLimTeT9gYF4ysmMyzSYJHj8XTgh6KoLq4Nc8/VpL9FoGjQ
 4/3a08YzIQ/C2wJcsCl5SYKH9XiDQcxPPZ1pgxFxtkJM9vDjmGrbTuluZFB++vxP
 JZHJpMZQA9TncZQGnX/RWD+qkk/rP4NZ2YUlfxwHRV7sggi3P+Cz/WDwi3hZImYA
 rOXPv/IdzDFffzxINhmEjEUkatljJn5V4x/J+1nnEbNeioskFhdlaXHWMeU9Q12S
 UVV7fMvklUZ3Lu8Xc7kf
 =rvhx
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Mon 26 Mar 2018 15:33:01 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  qemu-iotests: Test vhdx image creation with QMP
  vhdx: Check for 4 GB maximum log size on creation
  vhdx: Don't use error_setg_errno() with constant errno
  vhdx: Require power-of-two block size on create
  qemu-iotests: Test parallels image creation with QMP
  parallels: Check maximum cluster size on create
  qemu-iotests: Test invalid resize on luks
  luks: Turn another invalid assertion into check
  qemu-iotests: Enable 025 for luks
  qemu-iotests: Test vdi image creation with QMP
  vdi: Fix build with CONFIG_VDI_DEBUG
  vdi: Change 'static' create option to 'preallocation' in QMP
  qcow2: Reset free_cluster_index when allocating a new refcount block
  include/block/block_int: Document protocol related functions
  block/blkreplay: Remove protocol-related fields
  block/throttle: Remove protocol-related fields
  block/quorum: Remove protocol-related fields
  block/replication: Remove protocol_name field
  iotests: 163 is not quick

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-26 17:13:31 +01:00
Fabiano Rosas
1e486cf30a include/block/block_int: Document protocol related functions
Clarify that:

- for protocols the brdv_file_open function is used instead
of bdrv_open;

- when protocol_name is set, a driver should expect
to be given only a filename and no other options.

Signed-off-by: Fabiano Rosas <farosas@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-26 12:16:00 +02:00
Greg Kurz
94b52958b7 virtio_net: flush uncompleted TX on reset
If the backend could not transmit a packet right away for some reason,
the packet is queued for asynchronous sending. The corresponding vq
element is tracked in the async_tx.elem field of the VirtIONetQueue,
for later freeing when the transmission is complete.

If a reset happens before completion, virtio_net_tx_complete() will push
async_tx.elem back to the guest anyway, and we end up with the inuse flag
of the vq being equal to -1. The next call to virtqueue_pop() is then
likely to fail with "Virtqueue size exceeded".

This can be reproduced easily by starting a guest with an hubport backend
that is not connected to a functional network, eg,

 -device virtio-net-pci,netdev=hub0 -netdev hubport,id=hub0,hubid=0

and no other -netdev hubport,hubid=0 on the command line.

The appropriate fix is to ensure that such an asynchronous transmission
cannot survive a device reset. So for all queues, we first try to send
the packet again, and eventually we purge it if the backend still could
not deliver it.

CC: qemu-stable@nongnu.org
Reported-by: R. Nageswara Sastry <nasastry@in.ibm.com>
Buglink: https://github.com/open-power-host-os/qemu/issues/37
Signed-off-by: Greg Kurz <groug@kaod.org>
Tested-by: R. Nageswara Sastry <nasastry@in.ibm.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-03-26 14:49:17 +08:00
Wei Huang
dfadc3bfb4 mach-virt: Set VM's SMBIOS system version to mc->name
Instead of using "1.0" as the system version of SMBIOS, we should use
mc->name for mach-virt machine type to be consistent other architectures.
With this patch, "dmidecode -t 1" (e.g., "-M virt-2.12,accel=kvm") will
show:

    Handle 0x0100, DMI type 1, 27 bytes
    System Information
            Manufacturer: QEMU
            Product Name: KVM Virtual Machine
            Version: virt-2.12
            Serial Number: Not Specified
            ...

instead of:

    Handle 0x0100, DMI type 1, 27 bytes
    System Information
            Manufacturer: QEMU
            Product Name: KVM Virtual Machine
            Version: 1.0
            Serial Number: Not Specified
            ...

For backward compatibility, we allow older machine types to keep "1.0"
as the default system version.

Signed-off-by: Wei Huang <wei@redhat.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 20180322212318.7182-1-wei@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-23 18:26:46 +00:00
Trent Piepho
478a573a7d i.MX: Support serial RS-232 break properly
Linux does not detect a break from this IMX serial driver as a magic
sysrq.  Nor does it note a break in the port error counts.

The former is because the Linux driver uses the BRCD bit in the USR2
register to trigger the RS-232 break handler in the kernel, which is
where sysrq hooks in.  The emulated UART was not setting this status
bit.

The latter is because the Linux driver expects, in addition to the BRK
bit, that the ERR bit is set when a break is read in the FIFO.  A break
should also count as a frame error, so add that bit too.

Cc: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Message-id: 20180320013657.25038-1-tpiepho@impinj.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-23 18:26:45 +00:00
Peter Maydell
ed627b2ad3 virtio,vhost,pci,pc: features, cleanups
SRAT tables for DIMM devices
 new virtio net flags for speed/duplex
 post-copy migration support in vhost
 cleanups in pci
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJasR1rAAoJECgfDbjSjVRpOocH/R9A3g/TkpGjmLzJBrrX1NGO
 I/iq0ttHjqg4OBIChA4BHHjXwYUMs7XQn26B3efrk1otLAJhuqntZIIo3uU0WraA
 5J+4DT46ogs5rZWNzDCZ0zAkSaATDA6h9Nfh7TvPc9Q2WpcIT0cTa/jOtrxRc9Vq
 32hbUKtJSpNxRjwbZvk6YV21HtWo3Tktdaj9IeTQTN0/gfMyOMdgxta3+bymicbJ
 FuF9ybHcpXvrEctHhXHIL4/YVGEH/4shagZ4JVzv1dVdLeHLZtPomdf7+oc0+07m
 Qs+yV0HeRS5Zxt7w5blGLC4zDXczT/bUx8oln0Tz5MV7RR/+C2HwMOHC69gfpSc=
 =vomK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,vhost,pci,pc: features, cleanups

SRAT tables for DIMM devices
new virtio net flags for speed/duplex
post-copy migration support in vhost
cleanups in pci

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Tue 20 Mar 2018 14:40:43 GMT
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream: (51 commits)
  postcopy shared docs
  libvhost-user: Claim support for postcopy
  postcopy: Allow shared memory
  vhost: Huge page align and merge
  vhost+postcopy: Wire up POSTCOPY_END notify
  vhost-user: Add VHOST_USER_POSTCOPY_END message
  libvhost-user: mprotect & madvises for postcopy
  vhost+postcopy: Call wakeups
  vhost+postcopy: Add vhost waker
  postcopy: postcopy_notify_shared_wake
  postcopy: helper for waking shared
  vhost+postcopy: Resolve client address
  postcopy-ram: add a stub for postcopy_request_shared_page
  vhost+postcopy: Helper to send requests to source for shared pages
  vhost+postcopy: Stash RAMBlock and offset
  vhost+postcopy: Send address back to qemu
  libvhost-user+postcopy: Register new regions with the ufd
  migration/ram: ramblock_recv_bitmap_test_byte_offset
  postcopy+vhost-user: Split set_mem_table for postcopy
  vhost+postcopy: Transmit 'listen' to slave
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	scripts/update-linux-headers.sh
2018-03-20 15:48:34 +00:00
Peter Maydell
036793aebf Machine and x86 queue, 2018-03-19
* cpu_model/cpu_type cleanups
 * x86: Fix on Intel Processor Trace CPUID checks
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJasBhyAAoJECgHk2+YTcWmex4QAJ08ac8kDK0oHT4wyZFJkf4s
 tvrfY8LeAEwlSZaOSierJyJZpuRJldQWQdZRk9tdUYiDXzIkn7T5ate4ju9JmIsa
 C+VRb4ELeoOt8sILSe7hMjtCYGDfQqJ03ApMHAx+ns+MLcytlf7Hb0IilcueKkZx
 GGl3lLScdCyLSGqnX4ls+hQQrpL+rhjnLnpptIcMOAqqUMqzmt2TDU03Y8QaSy9m
 HeCECfgaqxBg7w1CaBsurN2X6kh/usx91Uae+4iZ5pj2x0Dublu4IYcYCCjpFzj+
 r76LfcZdt4aGWQCuFVulcnvbogmlxxCRjahitrsR79QlFlhtxRHhf97/r8plo7q3
 lTHumGy5ZP7866FgZXCsseR1pNluEE/VFX0ooTrvQYWBA/C7tuBxn/4+5Fqpy78y
 aA0nymphaNTMkEMkM1fEzN4mVT+l5x1GyXAjDYLLgE9pOt1rMmWrXohZe18LUfOc
 IIDUxUMkP+vRxSEXzZvjcqt3KhGTjedOsMeWKb9Qdu6vVa7C55r0bzpya1tzw7AS
 rLBulqIy2J0Lrzg/0wP5acPykXh5DzGmJuNEip0NuNFQ79+bWaEAE0ZHQnhgd6zo
 gZuglQnTl8d5yvwE3HDU5r/zNbjqlcBVQ/th8ZUTKGKBzdECQ5eQROgdDFRZuDNB
 N4kfkPY/4O/0r+8xuAxB
 =13B9
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/machine-next-pull-request' into staging

Machine and x86 queue, 2018-03-19

* cpu_model/cpu_type cleanups
* x86: Fix on Intel Processor Trace CPUID checks

# gpg: Signature made Mon 19 Mar 2018 20:07:14 GMT
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/machine-next-pull-request:
  i386: Disable Intel PT if packets IP payloads have LIP values
  cpu: drop unnecessary NULL check and cpu_common_class_by_name()
  cpu: get rid of unused cpu_init() defines
  Use cpu_create(type) instead of cpu_init(cpu_model)
  cpu: add CPU_RESOLVING_TYPE macro
  tests: add machine 'none' with -cpu test
  nios2: 10m50_devboard: replace cpu_model with cpu_type

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-20 12:56:20 +00:00
Peter Maydell
4bdc24fa01 qapi patches for 2018-03-12, 2.12 softfreeze
- Marc-André Lureau: 0/4 qapi: generate a literal qobject for introspection
 - Max Reitz: 0/7 block: Handle null backing link
 - Daniel P. Berrange: chardev: tcp: postpone TLS work until machine done
 - Peter Xu: 00/23 QMP: out-of-band (OOB) execution support
 - Vladimir Sementsov-Ogievskiy: 0/2 block latency histogram
 - Eric Blake: qapi: Pass '-u' when doing non-silent diff
 -----BEGIN PGP SIGNATURE-----
 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
 
 iQEcBAABCAAGBQJasBaIAAoJEKeha0olJ0NqEdEH/0pKMS2sErLZBE6G9qkZmvx2
 bkbuiUx0skknCpGKLJ09s+wcZl2HtHS8U4+E8yQO/VujoWmhYxaufBGAtPQTyHm3
 GC4mUDoPsGnVaQinZ8uT8284QmlgRoiWCt/LYvfP3D6gd9dHtMv3deqQGZrkOYZJ
 7pWcSkr6BBTH/+7wgVzKC9FcriRq0va4/hee1juFVK2KuvBHJCALi01CQmzR0C+w
 YFObgFfRJb262gtuZQmMe/Y9ZuP4fUdwoz3n9sGZbUu4Jh74SWL4hIw2BWCh4Txl
 VXWrc/RfurycKAFKMcaXfpkjXx8f+tO/WRk2t05biiRJ1VYK0f686YSwd6vV9dw=
 =Ed01
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-qapi-2018-03-12-v4' into staging

qapi patches for 2018-03-12, 2.12 softfreeze

- Marc-André Lureau: 0/4 qapi: generate a literal qobject for introspection
- Max Reitz: 0/7 block: Handle null backing link
- Daniel P. Berrange: chardev: tcp: postpone TLS work until machine done
- Peter Xu: 00/23 QMP: out-of-band (OOB) execution support
- Vladimir Sementsov-Ogievskiy: 0/2 block latency histogram
- Eric Blake: qapi: Pass '-u' when doing non-silent diff

# gpg: Signature made Mon 19 Mar 2018 19:59:04 GMT
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>"
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>"
# gpg:                 aka "[jpeg image of size 6874]"
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-qapi-2018-03-12-v4: (38 commits)
  qapi: Pass '-u' when doing non-silent diff
  qapi: add block latency histogram interface
  block/accounting: introduce latency histogram
  tests: qmp-test: add oob test
  tests: qmp-test: verify command batching
  qmp: add command "x-oob-test"
  monitor: enable IO thread for (qmp & !mux) typed
  qmp: isolate responses into io thread
  qmp: support out-of-band (oob) execution
  qapi: introduce new cmd option "allow-oob"
  monitor: send event when command queue full
  qmp: add new event "command-dropped"
  monitor: separate QMP parser and dispatcher
  monitor: let suspend/resume work even with QMPs
  monitor: let suspend_cnt be thread safe
  monitor: introduce monitor_qmp_respond()
  qmp: introduce QMPCapability
  monitor: allow using IO thread for parsing
  monitor: let mon_list be tail queue
  monitor: unify global init
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-20 09:51:49 +00:00
Dr. David Alan Gilbert
2ce16640b4 postcopy: use UFFDIO_ZEROPAGE only when available
Use a flag on the RAMBlock to state whether it has the
UFFDIO_ZEROPAGE capability, use it when it's available.

This allows the use of postcopy on tmpfs as well as hugepage
backed files.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-20 05:03:27 +02:00
Dr. David Alan Gilbert
f90bb71bfd qemu_ram_block_host_offset
Utility to give the offset of a host pointer within a RAMBlock
(assuming we already know it's in that RAMBlock)

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-20 05:03:26 +02:00
Haozhong Zhang
52c95cae4e pc-dimm: make qmp_pc_dimm_device_list() sort devices by address
Make qmp_pc_dimm_device_list() return sorted by start address
list of devices so that it could be reused in places that
would need sorted list*. Reuse existing pc_dimm_built_list()
to get sorted list.

While at it hide recursive callbacks from callers, so that:

  qmp_pc_dimm_device_list(qdev_get_machine(), &list);

could be replaced with simpler:

  list = qmp_pc_dimm_device_list();

* follow up patch will use it in build_srat()

Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au> for ppc part
Reviewed-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-20 03:34:52 +02:00
Philippe Mathieu-Daudé
1d0cad532c hw/pci: remove obsolete PCIDevice->init()
All PCI devices are now QOM'ified.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-20 03:34:52 +02:00
Michael S. Tsirkin
056c339d97 standard-headers: update virtio_net.h
include speed/duplex fields

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-20 03:34:52 +02:00
Vladimir Sementsov-Ogievskiy
b741ae7417 block/accounting: introduce latency histogram
Introduce latency histogram statics for block devices.
For each accounted operation type, the latency region [0, +inf) is
divided into subregions by several points. Then, calculate
hits for each subregion.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20180309165212.97144-2-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 14:58:37 -05:00
Peter Xu
cf869d5317 qmp: support out-of-band (oob) execution
Having "allow-oob":true for a command does not mean that this command
will always be run in out-of-band mode.  The out-of-band quick path will
only be executed if we specify the extra "run-oob" flag when sending the
QMP request:

    { "execute":   "command-that-allows-oob",
      "arguments": { ... },
      "control":   { "run-oob": true } }

The "control" key is introduced to store this extra flag.  "control"
field is used to store arguments that are shared by all the commands,
rather than command specific arguments.  Let "run-oob" be the first.

Note that in the patch I exported qmp_dispatch_check_obj() to be used to
check the request earlier, and at the same time allowed "id" field to be
there since actually we always allow that.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180309090006.10018-19-peterx@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: rebase to qobject_to(), spelling fix]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 14:58:37 -05:00
Peter Xu
876c67512e qapi: introduce new cmd option "allow-oob"
Here "oob" stands for "Out-Of-Band".  When "allow-oob" is set, it means
the command allows out-of-band execution.

The "oob" idea is proposed by Markus Armbruster in following thread:

  https://lists.gnu.org/archive/html/qemu-devel/2017-09/msg02057.html

This new "allow-oob" boolean will be exposed by "query-qmp-schema" as
well for command entries, so that QMP clients can know which commands
can be used in out-of-band calls. For example the command "migrate"
originally looks like:

  {"name": "migrate", "ret-type": "17", "meta-type": "command",
   "arg-type": "86"}

And it'll be changed into:

  {"name": "migrate", "ret-type": "17", "allow-oob": false,
   "meta-type": "command", "arg-type": "86"}

This patch only provides the QMP interface level changes.  It does not
contain the real out-of-band execution implementation yet.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180309090006.10018-18-peterx@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: rebase on introspection done by qlit]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 14:58:37 -05:00
Peter Xu
6adf08dd42 monitor: unify global init
There are many places where the monitor initializes its globals:

- monitor_init_qmp_commands() at the very beginning
- single function to init monitor_lock
- in the first entry of monitor_init() using "is_first_init"

Unify them a bit.

monitor_lock is not used before monitor_init() (as confirmed by code
analysis and gdb watchpoints); so we are safe delaying what was a
constructor-time initialization of the mutex into the later first call
to monitor_init().

Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180309090006.10018-8-peterx@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 14:58:36 -05:00
Peter Xu
b26ae1cb8e qobject: introduce qobject_get_try_str()
A quick way to fetch string from qobject when it's a QString.

Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180309090006.10018-4-peterx@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: rebase to qobject_to() macro]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 14:58:36 -05:00
Peter Xu
775932020d qobject: introduce qstring_get_try_str()
The only difference from qstring_get_str() is that it allows the qstring
to be NULL.  If so, NULL is returned.

CC: Eric Blake <eblake@redhat.com>
CC: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180309090006.10018-3-peterx@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 14:58:36 -05:00
Max Reitz
cb51b976ba qapi: Remove qobject_to_X() functions
They are no longer needed now.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-Id: <20180224154033.29559-5-mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 14:58:36 -05:00
Max Reitz
1a56b1e2ab qapi: Add qobject_to()
This is a dynamic casting macro that, given a QObject type, returns an
object as that type or NULL if the object is of a different type (or
NULL itself).

The macro uses lower-case letters because:
1. There does not seem to be a hard rule on whether qemu macros have to
   be upper-cased,
2. The current situation in qapi/qmp is inconsistent (compare e.g.
   QINCREF() vs. qdict_put()),
3. qobject_to() will evaluate its @obj parameter only once, thus it is
   generally not important to the caller whether it is a macro or not,
4. I prefer it aesthetically.

The macro parameter order is chosen with typename first for
consistency with other QAPI macros like QAPI_CLONE(), as well as
for legibility (read it as "qobject to" type "applied to" obj).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20180224154033.29559-3-mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
[eblake: swap parameter order to list type first, avoid clang ubsan
warning on QOBJECT(NULL) and container_of(NULL,type,base)]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 14:49:04 -05:00
Peter Maydell
0fd74f03ed hw/arm/bcm2836: Create proper bcm2837 device
The bcm2837 is pretty similar to the bcm2836, but it does have
some differences. Notably, the MPIDR affinity aff1 values it
sets for the CPUs are 0x0, rather than the 0xf that the bcm2836
uses, and if this is wrong Linux will not boot.

Rather than trying to have one device with properties that
configure it differently for the two cases, create two
separate QOM devices for the two SoCs. We use the same approach
as hw/arm/aspeed_soc.c and share code and have a data table
that might differ per-SoC. For the moment the two types don't
actually have different behaviour.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180313153458.26822-7-peter.maydell@linaro.org
2018-03-19 18:23:24 +00:00
Peter Maydell
926dcdf073 hw/arm/bcm2836: Rename bcm2836 type/struct to bcm283x
Our BCM2836 type is really a generic one that can be any of
the bcm283x family. Rename it accordingly. We change only
the names which are visible via the header file to the
rest of the QEMU code, leaving private function names
in bcm2836.c as they are.

This is a preliminary to making bcm283x be an abstract
parent class to specific types for the bcm2836 and bcm2837.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180313153458.26822-6-peter.maydell@linaro.org
2018-03-19 18:23:24 +00:00
Andrey Smirnov
46d3fb634c char: i.MX: Add support for "TX complete" interrupt
Add support for "TX complete"/TXDC interrupt generate by real HW since
it is needed to support guests other than Linux.

Based on the patch by Bill Paul as found here:
https://bugs.launchpad.net/qemu/+bug/1753314

Cc: qemu-devel@nongnu.org
Cc: qemu-arm@nongnu.org
Cc: Bill Paul <wpaul@windriver.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Bill Paul <wpaul@windriver.com>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Message-id: 20180315191141.6789-2-andrew.smirnov@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-19 18:23:24 +00:00
Guenter Roeck
6461d7e267 fsl-imx6: Swap Ethernet interrupt defines
The sabrelite machine model used by qemu-system-arm is based on the
Freescale/NXP i.MX6Q processor. This SoC has an on-board ethernet
controller which is supported in QEMU using the imx_fec.c module
(actually called imx.enet for this model.)

The include/hw/arm/fsm-imx6.h file defines the interrupt vectors for the
imx.enet device like this:

 #define FSL_IMX6_ENET_MAC_1588_IRQ 118
 #define FSL_IMX6_ENET_MAC_IRQ 119

According to https://www.nxp.com/docs/en/reference-manual/IMX6DQRM.pdf,
page 225, in Table 3-1. ARM Cortex A9 domain interrupt summary,
interrupts are as follows.

150 ENET MAC 0 IRQ
151 ENET MAC 0 1588 Timer interrupt

where

150 - 32 == 118
151 - 32 == 119

In other words, the vector definitions in the fsl-imx6.h file are reversed.

Fixing the interrupts alone causes problems with older Linux kernels:
The Ethernet interface will fail to probe with Linux v4.9 and earlier.
Linux v4.1 and earlier will crash due to a bug in Ethernet driver probe
error handling. This is a Linux kernel problem, not a qemu problem:
the Linux kernel only worked by accident since it requested both interrupts.

For backward compatibility, generate the Ethernet interrupt on both interrupt
lines. This was shown to work from all Linux kernel releases starting with
v3.16.

Link: https://bugs.launchpad.net/qemu/+bug/1753309
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 1520723090-22130-1-git-send-email-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-19 18:23:24 +00:00
Igor Mammedov
2278b93941 Use cpu_create(type) instead of cpu_init(cpu_model)
With all targets defining CPU_RESOLVING_TYPE, refactor
cpu_parse_cpu_model(type, cpu_model) to parse_cpu_model(cpu_model)
so that callers won't have to know internal resolving cpu
type. Place it in exec.c so it could be called from both
target independed vl.c and *-user/main.c.

That allows us to stop abusing cpu type from
  MachineClass::default_cpu_type
as resolver class in vl.c which were confusing part of
cpu_parse_cpu_model().

Also with new parse_cpu_model(), the last users of cpu_init()
in null-machine.c and bsd/linux-user targets could be switched
to cpu_create() API and cpu_init() API will be removed by
follow up patch.

With no longer users left remove MachineState::cpu_model field,
new code should use MachineState::cpu_type instead and
leave cpu_model parsing to generic code in vl.c.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1518000027-274608-5-git-send-email-imammedo@redhat.com>
[ehabkost: Fix bsd-user build error]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-03-19 14:10:36 -03:00
Max Reitz
9139b56723 compiler: Add QEMU_BUILD_BUG_MSG() macro
_Static_assert() allows us to specify messages, and that may come in
handy.  Even without _Static_assert(), encouraging developers to put a
helpful message next to the QEMU_BUILD_BUG_* may make debugging easier
whenever it breaks.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20180224154033.29559-2-mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 10:00:14 -05:00
Marc-André Lureau
3cf42b8b3a qlit: add qobject_from_qlit()
Instantiate a QObject* from a literal QLitObject.

LitObject only supports int64_t for now.  uint64_t and double aren't
implemented.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180305172951.2150-4-marcandre.lureau@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 10:00:14 -05:00
Marc-André Lureau
3d96ea44d4 qlit: use QType instead of int
Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180305172951.2150-3-marcandre.lureau@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-19 10:00:14 -05:00
Peter Maydell
2c8cfc0b52 Block layer patches
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJar5iZAAoJEH8JsnLIjy/W490P/1u8iULa/vgo3B27SYNxrZAe
 pKFYltBY90uryBWxQaynQpYVE4Hdcm6MLiekThQv6DeTvlv9FnF7bfml/nLWA2ed
 yx8fSWz45HkhxmtjgSxsnchFEoprCuuj+/+q4BmbVhOdNrnAguQbyQXY+xtQcFJ7
 sJ9XruUOPlKplSAs11liN9ZijPawh5xC4ZZOUhA3agWVR/xWw6MgK6KbVi2MoIwa
 R26Qhy9nhUvGC7IEOPniJ3cIXNX47v+0TALZZLjI85kwDQ5MIJZIA/pABxA7GgFx
 IHnF2jbxPFga0sFccT/KZPbOGMEh50O7Bm598bgndI82D8AkjnQA9UVMrilqoaQJ
 fv7USKwnp8j567exKggQYaIMuIKvJHLjjSMTqUmFfxcUtJ/5Qr7Eozm4JyZQKYEZ
 E3SwYwtFo109zuyz98nMJi+M74yiugib69TPfXN/4ZBGVmCHRvLlU2/nclyXMva3
 lrYxVnUYucFHgx5BGrIJ1sJQqby7bdlW5Lq0iiWgUx7II2fVFBntGkub8jNHWQ1z
 Bs1FN5+qxNrzoMpsCo4a3Cisy/BaoUMB/98qGFeF4/Dd++4u0itWfDZZ6FY6TxzR
 QLn+BBQ6yS1w+i5vBgdv22RKCqeSu1vLS7XXUh14rtnrXO3PAHx5b7WX9OwGFHxc
 Kq1Bp7PIaYcAMyLSWEdP
 =i6Jn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Mon 19 Mar 2018 11:01:45 GMT
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (46 commits)
  iotests: Avoid realpath, for CentOS 6
  block: fix iotest 146 output expectations
  iscsi: fix iSER compilation
  block: Fix leak of ignore_children in error path
  vvfat: Fix inherit_options flags
  block/mirror: change the semantic of 'force' of block-job-cancel
  vpc: Require aligned size in .bdrv_co_create
  vpc: Support .bdrv_co_create
  vhdx: Support .bdrv_co_create
  vdi: Make comments consistent with other drivers
  qed: Support .bdrv_co_create
  qcow: Support .bdrv_co_create
  qemu-iotests: Enable write tests for parallels
  parallels: Support .bdrv_co_create
  iotests: Add regression test for commit base locking
  block: Fix flags in reopen queue
  vdi: Implement .bdrv_co_create
  vdi: Move file creation to vdi_co_create_opts
  vdi: Pull option parsing from vdi_co_create
  qemu-iotests: Test luks QMP image creation
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-19 11:44:26 +00:00
Liang Li
b76e4458b1 block/mirror: change the semantic of 'force' of block-job-cancel
When doing drive mirror to a low speed shared storage, if there was heavy
BLK IO write workload in VM after the 'ready' event, drive mirror block job
can't be canceled immediately, it would keep running until the heavy BLK IO
workload stopped in the VM.

Libvirt depends on the current block-job-cancel semantics, which is that
when used without a flag after the 'ready' event, the command blocks
until data is in sync.  However, these semantics are awkward in other
situations, for example, people may use drive mirror for realtime
backups while still wanting to use block live migration.  Libvirt cannot
start a block live migration while another drive mirror is in progress,
but the user would rather abandon the backup attempt as broken and
proceed with the live migration than be stuck waiting for the current
drive mirror backup to finish.

The drive-mirror command already includes a 'force' flag, which libvirt
does not use, although it documented the flag as only being useful to
quit a job which is paused.  However, since quitting a paused job has
the same effect as abandoning a backup in a non-paused job (namely, the
destination file is not in sync, and the command completes immediately),
we can just improve the documentation to make the force flag obviously
useful.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Jeff Cody <jcody@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Max Reitz <mreitz@redhat.com>
Cc: Eric Blake <eblake@redhat.com>
Cc: John Snow <jsnow@redhat.com>
Reported-by: Huaitong Han <huanhuaitong@didichuxing.com>
Signed-off-by: Huaitong Han <huanhuaitong@didichuxing.com>
Signed-off-by: Liang Li <liliangleo@didichuxing.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:39 +01:00
John Snow
11b61fbc0d blockjobs: add block-job-finalize
Instead of automatically transitioning from PENDING to CONCLUDED, gate
the .prepare() and .commit() phases behind an explicit acknowledgement
provided by the QMP monitor if auto_finalize = false has been requested.

This allows us to perform graph changes in prepare and/or commit so that
graph changes do not occur autonomously without knowledge of the
controlling management layer.

Transactions that have reached the "PENDING" state together can all be
moved to invoke their finalization methods by issuing block_job_finalize
to any one job in the transaction.

Jobs in a transaction with mixed job->auto_finalize settings will all
remain stuck in the "PENDING" state, as if the entire transaction was
specified with auto_finalize = false. Jobs that specified
auto_finalize = true, however, will still not emit the PENDING event.

Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:24 +01:00
John Snow
5f241594c4 blockjobs: add PENDING status and event
For jobs utilizing the new manual workflow, we intend to prohibit
them from modifying the block graph until the management layer provides
an explicit ACK via block-job-finalize to move the process forward.

To distinguish this runstate from "ready" or "waiting," we add a new
"pending" event and status.

For now, the transition from PENDING to CONCLUDED/ABORTING is automatic,
but a future commit will add the explicit block-job-finalize step.

Transitions:
Waiting -> Pending:   Normal transition.
Pending -> Concluded: Normal transition.
Pending -> Aborting:  Late transactional failures and cancellations.

Removed Transitions:
Waiting -> Concluded: Jobs must go to PENDING first.

Verbs:
Cancel: Can be applied to a pending job.

             +---------+
             |UNDEFINED|
             +--+------+
                |
             +--v----+
   +---------+CREATED+-----------------+
   |         +--+----+                 |
   |            |                      |
   |         +--+----+     +------+    |
   +---------+RUNNING<----->PAUSED|    |
   |         +--+-+--+     +------+    |
   |            | |                    |
   |            | +------------------+ |
   |            |                    | |
   |         +--v--+       +-------+ | |
   +---------+READY<------->STANDBY| | |
   |         +--+--+       +-------+ | |
   |            |                    | |
   |         +--v----+               | |
   +---------+WAITING<---------------+ |
   |         +--+----+                 |
   |            |                      |
   |         +--v----+                 |
   +---------+PENDING|                 |
   |         +--+----+                 |
   |            |                      |
+--v-----+   +--v------+               |
|ABORTING+--->CONCLUDED|               |
+--------+   +--+------+               |
                |                      |
             +--v-+                    |
             |NULL<--------------------+
             +----+

Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:24 +01:00
John Snow
2da4617a54 blockjobs: add prepare callback
Some jobs upon finalization may need to perform some work that can
still fail. If these jobs are part of a transaction, it's important
that these callbacks fail the entire transaction.

We allow for a new callback in addition to commit/abort/clean that
allows us the opportunity to have fairly late-breaking failures
in the transactional process.

The expected flow is:

- All jobs in a transaction converge to the PENDING state,
  added in a forthcoming commit.
- Upon being finalized, either automatically or explicitly
  by the user, jobs prepare to complete.
- If any job fails preparation, all jobs call .abort.
- Otherwise, they succeed and call .commit.

Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:24 +01:00
John Snow
75f710599f blockjobs: add block_job_dismiss
For jobs that have reached their CONCLUDED state, prior to having their
last reference put down (meaning jobs that have completed successfully,
unsuccessfully, or have been canceled), allow the user to dismiss the
job's lingering status report via block-job-dismiss.

This gives management APIs the chance to conclusively determine if a job
failed or succeeded, even if the event broadcast was missed.

Note: block_job_do_dismiss and block_job_decommission happen to do
exactly the same thing, but they're called from different semantic
contexts, so both aliases are kept to improve readability.

Note 2: Don't worry about the 0x04 flag definition for AUTO_DISMISS, she
has a friend coming in a future patch to fill the hole where 0x02 is.

Verbs:
Dismiss: operates on CONCLUDED jobs only.
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:24 +01:00
John Snow
0ec4dfb8d6 blockjobs: add block_job_verb permission table
Which commands ("verbs") are appropriate for jobs in which state is
also somewhat burdensome to keep track of.

As of this commit, it looks rather useless, but begins to look more
interesting the more states we add to the STM table.

A recurring theme is that no verb will apply to an 'undefined' job.

Further, it's not presently possible to restrict the "pause" or "resume"
verbs any more than they are in this commit because of the asynchronous
nature of how jobs enter the PAUSED state; justifications for some
seemingly erroneous applications are given below.

=====
Verbs
=====

Cancel:    Any state except undefined.
Pause:     Any state except undefined;
           'created': Requests that the job pauses as it starts.
           'running': Normal usage. (PAUSED)
           'paused':  The job may be paused for internal reasons,
                      but the user may wish to force an indefinite
                      user-pause, so this is allowed.
           'ready':   Normal usage. (STANDBY)
           'standby': Same logic as above.
Resume:    Any state except undefined;
           'created': Will lift a user's pause-on-start request.
           'running': Will lift a pause request before it takes effect.
           'paused':  Normal usage.
           'ready':   Will lift a pause request before it takes effect.
           'standby': Normal usage.
Set-speed: Any state except undefined, though ready may not be meaningful.
Complete:  Only a 'ready' job may accept a complete request.

=======
Changes
=======

(1)

To facilitate "nice" error checking, all five major block-job verb
interfaces in blockjob.c now support an errp parameter:

- block_job_user_cancel is added as a new interface.
- block_job_user_pause gains an errp paramter
- block_job_user_resume gains an errp parameter
- block_job_set_speed already had an errp parameter.
- block_job_complete already had an errp parameter.

(2)

block-job-pause and block-job-resume will no longer no-op when trying
to pause an already paused job, or trying to resume a job that isn't
paused. These functions will now report that they did not perform the
action requested because it was not possible.

iotests have been adjusted to address this new behavior.

(3)

block-job-complete doesn't worry about checking !block_job_started,
because the permission table guards against this.

(4)

test-bdrv-drain's job implementation needs to announce that it is
'ready' now, in order to be completed.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:24 +01:00
John Snow
58b295ba52 blockjobs: add status enum
We're about to add several new states, and booleans are becoming
unwieldly and difficult to reason about. It would help to have a
more explicit bookkeeping of the state of blockjobs. To this end,
add a new "status" field and add our existing states in a redundant
manner alongside the bools they are replacing:

UNDEFINED: Placeholder, default state. Not currently visible to QMP
           unless changes occur in the future to allow creating jobs
           without starting them via QMP.
CREATED:   replaces !!job->co && paused && !busy
RUNNING:   replaces effectively (!paused && busy)
PAUSED:    Nearly redundant with info->paused, which shows pause_count.
           This reports the actual status of the job, which almost always
           matches the paused request status. It differs in that it is
           strictly only true when the job has actually gone dormant.
READY:     replaces job->ready.
STANDBY:   Paused, but job->ready is true.

New state additions in coming commits will not be quite so redundant:

WAITING:   Waiting on transaction. This job has finished all the work
           it can until the transaction converges, fails, or is canceled.
PENDING:   Pending authorization from user. This job has finished all the
           work it can until the job or transaction is finalized via
           block_job_finalize. This implies the transaction has converged
           and left the WAITING phase.
ABORTING:  Job has encountered an error condition and is in the process
           of aborting.
CONCLUDED: Job has ceased all operations and has a return code available
           for query and may be dismissed via block_job_dismiss.
NULL:      Job has been dismissed and (should) be destroyed. Should never
           be visible to QMP.

Some of these states appear somewhat superfluous, but it helps define the
expected flow of a job; so some of the states wind up being synchronous
empty transitions. Importantly, jobs can be in only one of these states
at any given time, which helps code and external users alike reason about
the current condition of a job unambiguously.

Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:24 +01:00
John Snow
62bfdf0ca1 Blockjobs: documentation touchup
Trivial; Document what the job creation flags do,
and some general tidying.

Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:24 +01:00
John Snow
75859b9420 blockjobs: model single jobs as transactions
model all independent jobs as single job transactions.

It's one less case we have to worry about when we add more states to the
transition machine. This way, we can just treat all job lifetimes exactly
the same. This helps tighten assertions of the STM graph and removes some
conditionals that would have been needed in the coming commits adding a
more explicit job lifetime management API.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-19 12:01:24 +01:00
Thomas Huth
b891538e81 hw/ppc/prep: Fix implicit creation of "-drive if=scsi" devices
The global hack for creating SCSI devices has recently been removed,
but this apparently broke SCSI devices on some boards that were not
ready for this change yet. For the 40p machine you now get:

$ ppc64-softmmu/qemu-system-ppc64 -M 40p -cdrom x.iso
qemu-system-ppc64: -cdrom x.iso: machine type does not support if=scsi,bus=0,unit=2

Fix it by providing a lsi53c810_create() function that takes care
of calling scsi_bus_legacy_handle_cmdline() after creating the
corresponding SCSI controller.

Fixes: 1454509726
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-03-18 18:27:23 +11:00
Wang Xin
0ab126f165 pc: correct misspelled CPU model-id for pc 2.2
Signed-off-by: Wang Xin <wangxinxin.wang@huawei.com>
Message-Id: <1517367668-25048-1-git-send-email-wangxinxin.wang@huawei.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-03-16 16:29:07 -03:00
Peter Maydell
9cc7d0cf6a -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJaqD6PAAoJEH3vgQaq/DkO9FIP/3pAW3xJUDGYsONiebX1IbhA
 VpoQCcjks3cHD18AUoVHufayJBUVfed1LhYPP8xoDuSRmKs1xU1O9FknxMQaL+Dw
 kbliBY7GjN8A2EcCjW+ZwyNT/KpjyXXwuZ2PSnOSSiN3JK6wrLCzeZyKyOYewLCS
 u9fKscnqWkg+awbCfDlVs92AaBAKoOP9loOq6e2J/jVY8HSDGb2owRnsxaWg8gJ8
 J9BlnXENQ14jEwickD3sluPfWkhu9xh7cCocH8cfgXL5veGUELz0Ugx4RHcsAF9Q
 SVDg/EhRRN11cvOkLnlggETaLbGtEE64AL4HhjxzCLraHsnEazPDwFgetB9mOhhF
 Nqu8HuGcVvRgn89au89mxAvTSWX9KFq4oF8Vi+FZZHkLilRx6NJnMpUpd9zkSJDq
 yjR2/BV0A9Ep1gvWX/rhpPrN5dALYHcaxoiSB497Yj4SI2ZSyzfrneteYdPv4EEc
 3CSJ3l6NCGAE2dNXuVZTVqHyXOSl7mJQQmT53dtsSNipCMEsVr0mOx3DPNY26LIc
 DUdnX6JOyZPU0wzOj8xjFNV72/gBEkqVZ5p9UJ+lrIYwOsTobpzfDtYquu4asda8
 IN44mcbRCZRFIiZZOGEdnwf34vIpQKMiZAtszAaan9KXwTXV9LbipaomBEN88vUD
 IgI5XsZTfiD2uIjnREWv
 =ISfR
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jnsnow/tags/bitmaps-pull-request' into staging

# gpg: Signature made Tue 13 Mar 2018 21:11:43 GMT
# gpg:                using RSA key 7DEF8106AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"
# Primary key fingerprint: FAEB 9711 A12C F475 812F  18F2 88A9 064D 1835 61EB
#      Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76  CBD0 7DEF 8106 AAFC 390E

* remotes/jnsnow/tags/bitmaps-pull-request:
  iotests: add dirty bitmap postcopy test
  iotests: add dirty bitmap migration test
  migration: add postcopy migration of dirty bitmaps
  migration: allow qmp command migrate-start-postcopy for any postcopy
  migration: add is_active_iterate handler
  migration/qemu-file: add qemu_put_counted_string()
  migration: include migrate_dirty_bitmaps in migrate_postcopy
  qapi: add dirty-bitmaps migration capability
  migration: introduce postcopy-only pending
  dirty-bitmap: add locked state
  block/dirty-bitmap: add _locked version of bdrv_reclaim_dirty_bitmap
  block/dirty-bitmap: fix locking in bdrv_reclaim_dirty_bitmap
  block/dirty-bitmap: add bdrv_dirty_bitmap_enable_successor()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-16 14:15:18 +00:00
Peter Maydell
475fe4576f nbd patches for 2018-03-13
- Eric Blake: iotests: Fix stuck NBD process on 33
 - Vladimir Sementsov-Ogievskiy: 0/5 nbd server fixing and refactoring before BLOCK_STATUS
 - Eric Blake: nbd/server: Honor FUA request on NBD_CMD_TRIM
 - Stefan Hajnoczi: 0/2 block: fix nbd-server-stop crash after blockdev-snapshot-sync
 - Vladimir Sementsov-Ogievskiy: nbd block status base:allocation
 -----BEGIN PGP SIGNATURE-----
 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
 
 iQEcBAABCAAGBQJaqDklAAoJEKeha0olJ0NqRsAH+waQGLA8YPwxlnpRW2kulLfC
 dZXv/ocl2vGgxRrDLEL46xh1RUpapERHADk/Qun8reQpqLicd6p8VCuoOZFEj6QN
 Xo98JHrKKL6AZ1rVhWUzD8G6qwgL6FGq6Eb5ty/kanf2/0igwtHmu86nOgGyc9dz
 zelGPdIxyxIEjCNiLIN49iEFs+gk1hr8qp1TNMbnHlQh8moOYqdCJWNisOQowoEE
 soCJ4NLnvKBtnmrxDrvtkppQKW8ukDOG/q5BkSTvAIEBH/v0ioohFUNTFkC8vmjO
 8YAwlXAz6EpQuKxpEfl7vxaT19edrNIo55JO1/Gwzk50g4/Mt+AH2JM/msFcMKQ=
 =i+nR
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2018-03-13-v2' into staging

nbd patches for 2018-03-13

- Eric Blake: iotests: Fix stuck NBD process on 33
- Vladimir Sementsov-Ogievskiy: 0/5 nbd server fixing and refactoring before BLOCK_STATUS
- Eric Blake: nbd/server: Honor FUA request on NBD_CMD_TRIM
- Stefan Hajnoczi: 0/2 block: fix nbd-server-stop crash after blockdev-snapshot-sync
- Vladimir Sementsov-Ogievskiy: nbd block status base:allocation

# gpg: Signature made Tue 13 Mar 2018 20:48:37 GMT
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>"
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>"
# gpg:                 aka "[jpeg image of size 6874]"
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2018-03-13-v2:
  iotests: new test 209 for NBD BLOCK_STATUS
  iotests: add file_path helper
  iotests.py: tiny refactor: move system imports up
  nbd: BLOCK_STATUS for standard get_block_status function: client part
  block/nbd-client: save first fatal error in nbd_iter_error
  nbd: BLOCK_STATUS for standard get_block_status function: server part
  nbd/server: add nbd_read_opt_name helper
  nbd/server: add nbd_opt_invalid helper
  iotests: add 208 nbd-server + blockdev-snapshot-sync test case
  block: let blk_add/remove_aio_context_notifier() tolerate BDS changes
  nbd/server: Honor FUA request on NBD_CMD_TRIM
  nbd/server: refactor nbd_trip: split out nbd_handle_request
  nbd/server: refactor nbd_trip: cmd_read and generic reply
  nbd/server: fix: check client->closing before sending reply
  nbd/server: fix sparse read
  nbd/server: move nbd_co_send_structured_error up
  iotests: Fix stuck NBD process on 33

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-16 13:14:07 +00:00
Peter Maydell
3788c7b6e5 * Record-replay lockstep execution, log dumper and fixes (Alex, Pavel)
* SCSI fix to pass maximum transfer size (Daniel Barboza)
 * chardev fixes and improved iothread support (Daniel Berrangé, Peter)
 * checkpatch tweak (Eric)
 * make help tweak (Marc-André)
 * make more PCI NICs available with -net or -nic (myself)
 * change default q35 NIC to e1000e (myself)
 * SCSI support for NDOB bit (myself)
 * membarrier system call support (myself)
 * SuperIO refactoring (Philippe)
 * miscellaneous cleanups and fixes (Thomas)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJapqaMAAoJEL/70l94x66DQoUH/Rvg+a8giz/SrEA4P8D3Cb2z
 4GNbNUUoy4oU0ltD5IAMskMwpOsvl1batE0D+pKIlfO9NV4+Cj2kpgo0p9TxoYqM
 VCby3wRtx27zb5nVytC6M++iIKXmeEMqXmFw61I6umddNPSl4IR3hiHEE0DM+7dV
 UPIOvJeEiazyQaw3Iw+ZctNn8dDBKc/+6oxP9xRcYTaZ6hB4G9RZkqGNNSLcJkk7
 R0UotdjzIZhyWMOkjIwlpTF4sWv8gsYUV4bPYKMYho5B0Obda2dBM3I1kpA8yDa/
 xZ5lheOaAVBZvM5aMIcaQPa65MO9hLyXFmhMOgyfpJhLBBz6Qpa4OLLI6DeTN+0=
 =UAgA
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Record-replay lockstep execution, log dumper and fixes (Alex, Pavel)
* SCSI fix to pass maximum transfer size (Daniel Barboza)
* chardev fixes and improved iothread support (Daniel Berrangé, Peter)
* checkpatch tweak (Eric)
* make help tweak (Marc-André)
* make more PCI NICs available with -net or -nic (myself)
* change default q35 NIC to e1000e (myself)
* SCSI support for NDOB bit (myself)
* membarrier system call support (myself)
* SuperIO refactoring (Philippe)
* miscellaneous cleanups and fixes (Thomas)

# gpg: Signature made Mon 12 Mar 2018 16:10:52 GMT
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (69 commits)
  tcg: fix cpu_io_recompile
  replay: update documentation
  replay: save vmstate of the asynchronous events
  replay: don't process async events when warping the clock
  scripts/replay-dump.py: replay log dumper
  replay: avoid recursive call of checkpoints
  replay: check return values of fwrite
  replay: push replay_mutex_lock up the call tree
  replay: don't destroy mutex at exit
  replay: make locking visible outside replay code
  replay/replay-internal.c: track holding of replay_lock
  replay/replay.c: bump REPLAY_VERSION again
  replay: save prior value of the host clock
  replay: added replay log format description
  replay: fix save/load vm for non-empty queue
  replay: fixed replay_enable_events
  replay: fix processing async events
  cpu-exec: fix exception_index handling
  hw/i386/pc: Factor out the superio code
  hw/alpha/dp264: Use the TYPE_SMC37C669_SUPERIO
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	default-configs/i386-softmmu.mak
#	default-configs/x86_64-softmmu.mak
2018-03-16 11:05:03 +00:00
Peter Maydell
a57946ff2a VFIO updates 2018-03-13
- Display support for vGPUs (Gerd Hoffmann)
 
  - Enable new kernel support for mmaps overlapping MSI-X vector table,
    disable MSI-X emulation on POWER (Alexey Kardashevskiy)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.14 (GNU/Linux)
 
 iQIcBAABAgAGBQJaqCshAAoJECObm247sIsivFQP/3Y0e0mW4fbf1Z0uRiduZ3Bh
 bAKD52n8Id3alAmelo1P7OUS8LP0vdw9lLAJz9m3VB+Nvye0XewFn0/9SVLnL022
 aCBIj9cGg57hraTd6PUfsfG8T1HryDeQqE/PRIYEaqf9htBZ51VM2EY3+n2O7Bcy
 TVDnac0IOaWb8FrXK+lGpLP6dPFQ0Z+mhkAvDR7v7FZGEy000D71+gKOe4aIAMib
 X/NJa42O1x9cbDE39AEpVMub/QYwtRD/HkcZwNylyY4YKIjsMtxPYYz2Ndt+wm0r
 e21s/4iy2a1HXen4OBc2KAnpVoZyGnXya6KZ0dzirt8Q1dK606Az/HxifVb/CJQZ
 L10NSfYTWNPfPlf0gYZmPlZeZDuNeZaHi8bZGqTquL4AAOTdqtQOMEoT+68qd74s
 00B9XrA2Jmjvpya2pHQSqvAsuSqZ1E2iRMGMC9r/+UYb54OnXnrl9fOw/TtbrLMm
 isbB1Ll0hDcJvacikYJ5ck+lGrFLHbYpWtBIrokBHbw9fwl1I9aY5MloBYZwmcTz
 e65L7M4MvA/y6gSlCi6DS1fmdZ5ecNnBkuW6YseDI884P4c4+YDMOhs/B/rO16v6
 In2fSWvb+DSuAPmn+6QDV0msJg34J2oykbKcdDK7F1g7By/yDNVVgHPoWhi4EGBA
 u09A/2nM0VwhXYNrElJI
 =LVMf
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20180313.0' into staging

VFIO updates 2018-03-13

 - Display support for vGPUs (Gerd Hoffmann)

 - Enable new kernel support for mmaps overlapping MSI-X vector table,
   disable MSI-X emulation on POWER (Alexey Kardashevskiy)

# gpg: Signature made Tue 13 Mar 2018 19:48:49 GMT
# gpg:                using RSA key 239B9B6E3BB08B22
# gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>"
# gpg:                 aka "Alex Williamson <alex@shazbot.org>"
# gpg:                 aka "Alex Williamson <alwillia@redhat.com>"
# gpg:                 aka "Alex Williamson <alex.l.williamson@gmail.com>"
# Primary key fingerprint: 42F6 C04E 540B D1A9 9E7B  8A90 239B 9B6E 3BB0 8B22

* remotes/awilliam/tags/vfio-update-20180313.0:
  ppc/spapr, vfio: Turn off MSIX emulation for VFIO devices
  vfio-pci: Allow mmap of MSIX BAR
  vfio/pci: Relax DMA map errors for MMIO regions
  vfio/display: adding dmabuf support
  vfio/display: adding region support
  vfio/display: core & wireup
  vfio/common: cleanup in vfio_region_finalize
  secondary-vga: properly close QemuConsole on unplug
  console: minimal hotplug suport
  ui/pixman: add qemu_drm_format_to_pixman()
  standard-headers: add drm/drm_fourcc.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-16 09:51:47 +00:00
Peter Maydell
58888f8cdd -----BEGIN PGP SIGNATURE-----
iQIcBAABCAAGBQJaqBR+AAoJEL6G67QVEE/fqHQP/2qAzY8BVheN28qVMB5UoHh7
 fz3IqgearImhtYJNgfp3GHTOZTgvdSONI7o+q7yw27ORh4c0zPNQpm9dBmzm9H7x
 yCojRhD0gH2X1mwoLjEfCkdJpPBNP0/DP6JwNkwS/Mg6GwRQbIiN6W7OPyjtp5fF
 ImlCMB9ap8aQmoCaVqbRE7B/8YpjLg5/YY3kqhz5K8NMuOl4W3/icLD/0z35M3et
 cSos831a+UZqUOBKjlj7MSFYaLX40gqKvkZ5bGkh1HAPxDh/jRiU/eaMZmJDSVgY
 6PuhUv0sg3F0FHd6udfQVP8ogbQf0bDyLyeP4cHiWHAWjvHTg+th2mMuFGQ9T4qs
 5E0ZEiTO+iliWthvcqrtDQNlR447BnghBL5AVRCuSBLZyLX6EGlQPRlP/bLbNYDu
 e2tZ4pl095vDjuDHpu0Aq7CPUw4lS3Oyipvsr2QBMs4bBsZ57UjKoiT5a/7Z5Hhk
 D0r9JFXCjWYB56IiG4NMEXqeuLo+K0n9F1lLrHfSnH2b7YrKFAGYdDCw2Omxu8kB
 j5wfnnhst20x2yEOSMjPyHCKIRKyxDOFvPgvjD+9s9MMBuLHtKx+jeOcJA+9DnyK
 S/50+bEVEv/ef/s1Nc4wSRdI26WMwh5veTKVoSi9BoQd8BGsp+ucb/jZBQR20emI
 CKHxvYuR/2ySra0P9KI8
 =QeRU
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/socket-next-pull-request' into staging

# gpg: Signature made Tue 13 Mar 2018 18:12:14 GMT
# gpg:                using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/socket-next-pull-request:
  char: allow passing pre-opened socket file descriptor at startup
  char: refactor parsing of socket address information
  sockets: allow SocketAddress 'fd' to reference numeric file descriptors
  sockets: check that the named file descriptor is a socket
  sockets: move fd_is_socket() into common sockets code
  sockets: strengthen test suite IP protocol availability checks
  sockets: pull code for testing IP availability out of specific test
  cutils: add qemu_strtoi & qemu_strtoui parsers for int/unsigned int types
  char: don't silently skip tn3270 protocol init when TLS is enabled

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-15 18:53:07 +00:00
Peter Maydell
55901900ec -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJaqAtPAAoJEPMMOL0/L748IaoP+QGkpzztPy+2O1kwPswYKqeQ
 0Lo5Z4q/1MnoMmRPoJ15oqJNpdZud5giz3ZKCkNbxwu79dPCifAz5lbRb5J4FADP
 XMZwotxKSooTHCAg9BI2FGglTgczYcimRqeojSzV4cCxEysbCp9VpKsBAoI4b4VS
 eyDSHJ6m+Wl633fTqWJtbBzBfVf8i5x34rQcasTSgXchAOZ1e+ZhKQrkzIAmNYLJ
 a+3Mdck9iK6xw3j1wnMAT4WYzs69GYPeuVYXbbSlwUbIkpxaC67ekpgVbPoQSbvk
 YKDEgHWg5FwZGW5/RWHDDEbTMYv/C8OCsTzTg4krBHHYDOQks16Gi/jmyagFfh6k
 FMTDu7EJXvugNOEkWIUeBaeb2LC2XTk8m0SkxtwECmI9tLvXYNphxrKsDENezIZ2
 fuPSPJM7SX+6XqxazM51oLGtD2VcbhNQw3bni4s1LvgAXvcZHTqha6TdJMV1iKC2
 iVP+pWOLrSAq1aeTIdB0TJA5qs7tbm4+2TH+AcGgOzmQf71Xb2e0wIL2VckauYsC
 6C6AuP9R1+EWpe7/6JhEAsbzmIris/N8mWMyQ0i1Pzoub8xxsY/PihKrbM/PHjr6
 SSk69TPnvuQwoWJXSz+KEyqPlvNmJFMxlEOygUw2LFdsfmjt6qgMYX/9aFG3pqBh
 75Jwcvg758eUeBL3JVPu
 =9TjW
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-2.12-pull-request' into staging

# gpg: Signature made Tue 13 Mar 2018 17:33:03 GMT
# gpg:                using RSA key F30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-2.12-pull-request:
  linux-user: init_guest_space: Add a comment about search strategy
  linux-user: init_guest_space: Don't try to align if we'll reject it
  linux-user: init_guest_space: Clean up control flow a bit
  linux-user: init_guest_commpage: Add a comment about size check
  linux-user: init_guest_space: Clarify page alignment logic
  linux-user: init_guest_space: Correctly handle guest_start in commpage initialization
  linux-user: init_guest_space: Clean up if we can't initialize the commpage
  linux-user: Rename validate_guest_space => init_guest_commpage
  linux-user: Use #if to only call validate_guest_space for 32-bit ARM target
  qemu-binfmt-conf.sh: add qemu-xtensa
  linux-user: drop unused target_msync function
  linux-user: fix target_mprotect/target_munmap error return values
  linux-user: fix assertion in shmdt
  linux-user: fix mmap/munmap/mprotect/mremap/shmat
  linux-user: Support f_flags in statfs when available.
  linux-user: allows to use "--systemd ALL" with qemu-binfmt-conf.sh
  linux-user: Remove the unused "not implemented" signal handling stubs
  linux-user: Drop unicore32 code

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-15 17:58:28 +00:00
Peter Maydell
5bdd374347 * Migrate MSR_SMI_COUNT (Liran)
* Update kernel headers (Gerd, myself)
 * SEV support (Brijesh)
 
 I have not tested non-x86 compilation, but I reordered the SEV patches
 so that all non-x86-specific changes go first to catch any possible
 issues (which weren't there anyway :)).
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJap/4yAAoJEL/70l94x66DmPoH/igfzYkxFyIHFqzb/hQEut3e
 IJA05u9DBSqqdSvL0UeLdUgyJTeDM3S5kKZqZ38BPHIudwOGtydoIM2utWtPSejf
 Z+mS77+dSgchEMgf1gxmD0oZ5TrO/2pdOYfaZZuQuGmGLruKsDgz6vH3F87cfk8b
 yJSJkoZkFc8C9SpwQERWYuhXn2fYFxSBFgEMc9xSFN+zqQUFqeIfOJhwZ+txjAUl
 y1EKlhhVyjkxTLR++SkzhKIJ8D5cycpcY/H19gw3ghHviY/tGwNLot3bLRPbwCM6
 QvrXDf4rhvFHTmmOfliCI5y6Xgj0u7IZv2fVoKXEtKk1qyfyD4ZnouYTaqP/U9I=
 =Q4/y
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-sev' into staging

* Migrate MSR_SMI_COUNT (Liran)
* Update kernel headers (Gerd, myself)
* SEV support (Brijesh)

I have not tested non-x86 compilation, but I reordered the SEV patches
so that all non-x86-specific changes go first to catch any possible
issues (which weren't there anyway :)).

# gpg: Signature made Tue 13 Mar 2018 16:37:06 GMT
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream-sev: (22 commits)
  sev/i386: add sev_get_capabilities()
  sev/i386: qmp: add query-sev-capabilities command
  sev/i386: qmp: add query-sev-launch-measure command
  sev/i386: hmp: add 'info sev' command
  cpu/i386: populate CPUID 0x8000_001F when SEV is active
  sev/i386: add migration blocker
  sev/i386: finalize the SEV guest launch flow
  sev/i386: add support to LAUNCH_MEASURE command
  target/i386: encrypt bios rom
  sev/i386: add command to encrypt guest memory region
  sev/i386: add command to create launch memory encryption context
  sev/i386: register the guest memory range which may contain encrypted data
  sev/i386: add command to initialize the memory encryption context
  include: add psp-sev.h header file
  sev/i386: qmp: add query-sev command
  target/i386: add Secure Encrypted Virtualization (SEV) object
  kvm: introduce memory encryption APIs
  kvm: add memory encryption context
  docs: add AMD Secure Encrypted Virtualization (SEV)
  machine: add memory-encryption option
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-15 16:49:30 +00:00
Igor Mammedov
89d47c1927 tests: acpi: don't read all fields in test_acpi_fadt_table()
there is no point to read fields here but not actually
checking them so drop it and read only header + dsdt/facs
addresses since it's needed later to fetch that tables.

With this cleanup we can get rid of AcpiFadtDescriptorRev3/
ACPI_FADT_COMMON_DEF which have no users left.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:50 +02:00
Igor Mammedov
dd1b2037a3 virt_arm: acpi: reuse common build_fadt()
Extend generic build_fadt() to support rev5.1 FADT
and reuse it for 'virt' board, it would allow to
phase out usage of AcpiFadtDescriptorRev5_1 and
later ACPI_FADT_COMMON_DEF.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:50 +02:00
Igor Mammedov
8612f8bd9f acpi: move build_fadt() from i386 specific to generic ACPI source
It will be extended and reused by follow up patch for ARM target.

PS:
Since it's generic function now, don't patch FIRMWARE_CTRL, DSDT
fields if they don't point to tables since platform might not
provide them and use X_ variants instead if applicable.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:50 +02:00
Igor Mammedov
937d1b5871 pc: acpi: isolate FADT specific data into AcpiFadtData structure
move FADT data initialization out of fadt_setup() into dedicated
init_fadt_data() that will set common for pc/q35 values in
AcpiFadtData structure and acpi_get_pm_info() will complement
it with pc/q35 specific values initialization.

That will allow to get rid of fadt_setup() and generalize
build_fadt() so it could be easily extended for rev5 and
reused by ARM target.

While at it also move facs/dsdt/xdsdt offsets from build_fadt()
arg list into AcpiFadtData, as they belong to the same dataset.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:50 +02:00
Igor Mammedov
f8eaef67a3 acpi: move ACPI_PORT_SMI_CMD define to header it belongs to
ACPI_PORT_SMI_CMD is alias for APM_CNT_IOPORT,
so make it really one instead of duplicating its value.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:50 +02:00
Igor Mammedov
d0384d9020 acpi: add build_append_gas() helper for Generic Address Structure
it will help to add Generic Address Structure to ACPI tables
without using packed C structures and avoid endianness
issues as API doesn't need an explicit conversion.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:50 +02:00
Igor Mammedov
b8e0f58982 acpi: reuse AcpiGenericAddress instead of Acpi20GenericAddress
Drop duplicate in form of Acpi20GenericAddress and reuse
AcpiGenericAddress.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:50 +02:00
Jason Baron
9473939ed7 virtio-net: add linkspeed and duplex settings to virtio-net
Although linkspeed and duplex can be set in a linux guest via 'ethtool -s',
this requires custom ethtool commands for virtio-net by default.

Introduce a new feature flag, VIRTIO_NET_F_SPEED_DUPLEX, which allows
the hypervisor to export a linkspeed and duplex setting. The user can
subsequently overwrite it later if desired via: 'ethtool -s'.

Linkspeed and duplex settings can be set as:
'-device virtio-net,speed=10000,duplex=full'

where speed is [0...INT_MAX], and duplex is ["half"|"full"].

Signed-off-by: Jason Baron <jbaron@akamai.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: virtio-dev@lists.oasis-open.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:49 +02:00
Jason Baron
127833eeea virtio-net: use 64-bit values for feature flags
In prepartion for using some of the high order feature bits, make sure that
virtio-net uses 64-bit values everywhere.

Signed-off-by: Jason Baron <jbaron@akamai.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: virtio-dev@lists.oasis-open.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-03-13 23:09:49 +02:00
Jason Baron
d3b7b37445 scripts/update-linux-headers: add ethtool.h and update to 4.16.0-rc4
A subsequent patch to add support for setting linkspeed/duplex in
virtio-net, requires a few definitions from ethtool.h, which ends up
pulling in kernel.h and sysinfo.h as well.

Signed-off-by: Jason Baron <jbaron@akamai.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: virtio-dev@lists.oasis-open.org
2018-03-13 23:09:49 +02:00
Vladimir Sementsov-Ogievskiy
b35ebdf076 migration: add postcopy migration of dirty bitmaps
Postcopy migration of dirty bitmaps. Only named dirty bitmaps are migrated.

If destination qemu is already containing a dirty bitmap with the same name
as a migrated bitmap (for the same node), then, if their granularities are
the same the migration will be done, otherwise the error will be generated.

If destination qemu doesn't contain such bitmap it will be created.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 20180313180320.339796-12-vsementsov@virtuozzo.com
[Changed '+' to '*' as per list discussion. --js]
Signed-off-by: John Snow <jsnow@redhat.com>
2018-03-13 17:06:09 -04:00
Vladimir Sementsov-Ogievskiy
c865d84872 migration: add is_active_iterate handler
Only-postcopy savevm states (dirty-bitmap) don't need live iteration, so
to disable them and stop transporting empty sections there is a new
savevm handler.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 20180313180320.339796-10-vsementsov@virtuozzo.com
2018-03-13 17:05:58 -04:00
Vladimir Sementsov-Ogievskiy
4799502640 migration: introduce postcopy-only pending
There would be savevm states (dirty-bitmap) which can migrate only in
postcopy stage. The corresponding pending is introduced here.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 20180313180320.339796-6-vsementsov@virtuozzo.com
2018-03-13 17:05:41 -04:00
Vladimir Sementsov-Ogievskiy
4f43e9535b dirty-bitmap: add locked state
Add special state, when qmp operations on the bitmap are disabled.
It is needed during bitmap migration. "Frozen" state is not
appropriate here, because it looks like bitmap is unchanged.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 20180207155837.92351-5-vsementsov@virtuozzo.com
Signed-off-by: John Snow <jsnow@redhat.com>
2018-03-13 17:05:00 -04:00
Vladimir Sementsov-Ogievskiy
044ee8e143 block/dirty-bitmap: add _locked version of bdrv_reclaim_dirty_bitmap
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 20180207155837.92351-4-vsementsov@virtuozzo.com
Signed-off-by: John Snow <jsnow@redhat.com>
2018-03-13 17:04:54 -04:00
Vladimir Sementsov-Ogievskiy
78a33ab587 nbd: BLOCK_STATUS for standard get_block_status function: client part
Minimal realization: only one extent in server answer is supported.
Flag NBD_CMD_FLAG_REQ_ONE is used to force this behavior.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20180312152126.286890-6-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: grammar tweaks, fix min_block check and 32-bit cap, use -1
instead of errno on failure in nbd_negotiate_simple_meta_context,
ensure that block status makes progress on success]
Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-13 15:43:48 -05:00
Vladimir Sementsov-Ogievskiy
e73a265e9f block/dirty-bitmap: add bdrv_dirty_bitmap_enable_successor()
Enabling bitmap successor is necessary to enable successors of bitmaps
being migrated before target vm start.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 20180207155837.92351-2-vsementsov@virtuozzo.com
Signed-off-by: John Snow <jsnow@redhat.com>
2018-03-13 15:33:59 -04:00
Daniel P. Berrange
58dc31f1a7 sockets: move fd_is_socket() into common sockets code
The fd_is_socket() helper method is useful in a few places, so put it in
the common sockets code. Make the code more compact while moving it.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-03-13 18:06:06 +00:00
Daniel P. Berrange
473a2a331e cutils: add qemu_strtoi & qemu_strtoui parsers for int/unsigned int types
There are qemu_strtoNN functions for various sized integers. This adds two
more for plain int & unsigned int types, with suitable range checking.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-03-13 18:06:05 +00:00
Alexey Kardashevskiy
ae0215b2bb vfio-pci: Allow mmap of MSIX BAR
At the moment we unconditionally avoid mapping MSIX data of a BAR and
emulate MSIX table in QEMU. However it is 1) not always necessary as
a platform may provide a paravirt interface for MSIX configuration;
2) can affect the speed of MMIO access by emulating them in QEMU when
frequently accessed registers share same system page with MSIX data,
this is particularly a problem for systems with the page size bigger
than 4KB.

A new capability - VFIO_REGION_INFO_CAP_MSIX_MAPPABLE - has been added
to the kernel [1] which tells the userspace that mapping of the MSIX data
is possible now. This makes use of it so from now on QEMU tries mapping
the entire BAR as a whole and emulate MSIX on top of that.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a32295c612c57990d17fb0f41e7134394b2f35f6

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-03-13 11:17:31 -06:00
Gerd Hoffmann
8b818e059b vfio/display: adding dmabuf support
Wire up dmabuf-based display.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-03-13 11:17:30 -06:00
Gerd Hoffmann
00195ba710 vfio/display: adding region support
Wire up region-based display.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed By: Kirti Wankhede <kwankhede@nvidia.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-03-13 11:17:30 -06:00
Gerd Hoffmann
9588d67e72 console: minimal hotplug suport
This patch allows to unbind devices from QemuConsoles, using the new
graphic_console_close() function.  The QemuConsole will show a static
display then, saying the device was unplugged.  When re-plugging a
display later on the QemuConsole will be reused.

Eventually we will allocate and release QemuConsoles dynamically at some
point in the future, that'll need more infrastructure though to notify
user interfaces (gtk, sdl, spice, ...) about QemuConsoles coming and
going.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-03-13 11:17:29 -06:00
Gerd Hoffmann
a5127bd73f ui/pixman: add qemu_drm_format_to_pixman()
Map drm fourcc codes to pixman formats.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed by: Kirti Wankhede <kwankhede@nvidia.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-03-13 11:17:28 -06:00
Gerd Hoffmann
8e8ee8509a standard-headers: add drm/drm_fourcc.h
So we can use the drm fourcc codes without a dependency on libdrm-devel.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2018-03-13 11:17:28 -06:00
Brijesh Singh
54e8953967 kvm: introduce memory encryption APIs
Inorder to integerate the Secure Encryption Virtualization (SEV) support
add few high-level memory encryption APIs which can be used for encrypting
the guest memory region.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13 12:04:03 +01:00
Brijesh Singh
b20e37801f kvm: add memory encryption context
Split from a patch by Brijesh Singh (brijesh.singh@amd.com).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
2018-03-13 12:04:03 +01:00
Brijesh Singh
db5881949f machine: add memory-encryption option
When CPU supports memory encryption feature, the property can be used to
specify the encryption object to use when launching an encrypted guest.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Stefan Hajnoczi <stefanha@gmail.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13 12:04:03 +01:00
Paolo Bonzini
9f2d175db5 update Linux headers to 4.16-rc5
Note that VIRTIO_GPU_CAPSET_VIRGL2 was added manually so it has to be added
manually after re-running scripts/update-linux-headers.sh.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13 12:02:32 +01:00
Peter Maydell
834eddf22e -----BEGIN PGP SIGNATURE-----
iQEcBAABAgAGBQJapqRMAAoJEJykq7OBq3PISrYIAKXc7psqt0A5f3Cz74IwvIiw
 hhcLGWdwA8tNYkTs/OU+xzwGPJYWgLbzvnday2FsfVuzJ0iYAPm/nCVtuMCS/ZFT
 hEAV7gvDU0VNwfDrVLwGiNf7mGqDBAlLdO1hUkth0kJ7URuqO8RVOSNuLWiKLYtv
 nHSpuZwGSM+eKfA4MB4GUR1zvg9cTTY0P9pCDK/1iUXxfP62xYbeC6SX55C2W50c
 nU0YeGw6gbAnX49AzwM/gDo5NOCAPct22p/9wy4KShiBWDkzf7+VBKUZ9wBle6xV
 wEGVDS4Iv1IrKN0KsnCcYDuylflrTC0mTeC4bN9UVAtqPnrnESobFQMuVMVOU44=
 =eDNN
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Mon 12 Mar 2018 16:01:16 GMT
# gpg:                using RSA key 9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  block: make BDRV_POLL_WHILE() re-entrancy safe

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-13 10:49:02 +00:00
Peter Maydell
73988d529e -----BEGIN PGP SIGNATURE-----
iQEcBAABAgAGBQJapqP6AAoJEJykq7OBq3PIZasIAL+NKBQGa/e0FD28PYdLU/JE
 sKZZ0O6+eVTCejGXap4bzbKOy+qZyOXvaRk5KNREc5A9R8HFBt5GotMfE80Cw9Nt
 rryX+qVdf4w27u2jMqY4215jD5jy/nPijRQ0a8UBsi6z2PXVPPNeS3lMB8RSFEZS
 IZu+l3j1op1wUlM4GfZvLCjmgHC+73lk6a5xZLJ2UvH9UoqJepgVZnSs2YvOctzG
 LVGMhk6/yAy4hh3NWx/M2h2B2ASMJJya8XrLgelAVnr6CxKBeBII0bSPur+1YIH7
 OkJhNsk6QKSWNFKtzXE6N+y1ryWLnbE8vzKSZt+xSzUDjhnqTm5iFpZQ+Ed16qA=
 =nCAn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging

# gpg: Signature made Mon 12 Mar 2018 15:59:54 GMT
# gpg:                using RSA key 9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/tracing-pull-request:
  trace: only permit standard C types and fixed size integer types
  trace: remove use of QEMU specific types from trace probes
  trace: include filename when printing parser error messages
  simpletrace: fix timestamp argument type
  log-for-trace.h: Split out parts of log.h used by trace.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-13 09:43:44 +00:00
Peter Maydell
6ceb1b51f0 modules: use gmodule-export.
audio: add driver registry, enable module builds.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJaplmLAAoJEEy22O7T6HE4SQEP/18a0Vqk0ejx3HLzt0NPCiGG
 nQVPJlZFzEaMf6llMqyNyIQBuwrJJWSpXBF+k70adK984BuE4QoTiJ1ZNDxvRyID
 Lag3VsIHfmM8v3Nu2SKzy6icIGS4gQOda0G4kwwOXHyHJPmr/OY+JaiFZU8Qz0sb
 ZXATjoQuJh8PXD8P9k62T5BuTjXA/Hah1dWYn5KzNG8cPTc5dqMvA2KdFlFKcmvT
 s0isuQ7tDEr1IG+X5LCgFfbNUwjppodc3cxpF9qy+FhbC0RSlovakuFLG7T/PJAs
 yoDEEAbE3MmuCWWGN7eJ1iyHtz4B/kPl5cYYOiCUQ3rPNxuaTCjO9LXAcX9kBxg2
 ZM6FAmOKrMPTFVDsmsJi1eUn5d/batsE3aMgUNVlK+3pJwGr7J/B1LdKN0pU3zic
 rWcyLGU8SWfhmjiWEG20iL6kHhcKjW1Y9NtiBhICmR/3+Y3DHCSPSxbvzIW/ECaN
 9PEdjPukMHMfZD1yY1sSGNNtFNj+3rRXThfQJktzkHU+RnaRouimfOzPZT58c3HR
 vwQu6pBYJydpUY8g7WzCfY7l+jVanuXNOPIWzlQNB8l0gjL0Xyq9sxrBAT8TghCX
 Y3JeN/WIeMM4+QTeQHoR8A9xmqZ2IcUmE6mT5Wj/eXE/SiO6/2KGUArn4dQSnPMF
 9ufxaJvtr+YDNcExCbSL
 =CjTD
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/audio-20180312-pull-request' into staging

modules: use gmodule-export.
audio: add driver registry, enable module builds.

# gpg: Signature made Mon 12 Mar 2018 10:42:19 GMT
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/audio-20180312-pull-request:
  audio/sdl: build as module
  audio/pulseaudio: build as module
  audio/oss: build as module
  audio/alsa: build as module
  build: enable audio modules
  audio: add module loading support
  audio: add driver registry
  modules: use gmodule-export

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-12 16:14:37 +00:00
Alex Bennée
a36544d34c replay: make locking visible outside replay code
The replay_mutex_lock/unlock/locked functions are now going to be used
for ensuring lock-step behaviour between the two threads. Make them
public API functions and also provide stubs for non-QEMU builds on
common paths.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Message-Id: <20180227095242.1060.16601.stgit@pasha-VirtualBox>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:50 +01:00
Pavel Dovgalyuk
4b930d264c replay: save prior value of the host clock
This patch adds saving/restoring of the host clock field 'last'.
It is used in host clock calculation and therefore clock may
become incorrect when using restored vmstate.

Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20180227095226.1060.50975.stgit@pasha-VirtualBox>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru>
2018-03-12 16:12:50 +01:00
Pavel Dovgalyuk
377b21ccea replay: fix save/load vm for non-empty queue
This patch does not allows saving/loading vmstate when
replay events queue is not empty. There is no reliable
way to save events queue, because it describes internal
coroutine state. Therefore saving and loading operations
should be deferred to another record/replay step.

Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Message-Id: <20180227095214.1060.32939.stgit@pasha-VirtualBox>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru>
2018-03-12 16:12:50 +01:00
Philippe Mathieu-Daudé
7bea0dd434 hw/isa/superio: Add the SMC FDC37C669 Super I/O
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-23-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:49 +01:00
Philippe Mathieu-Daudé
98cf824b5f hw/isa/vt82c686: Add the TYPE_VT82C686B_SUPERIO
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-20-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:49 +01:00
Philippe Mathieu-Daudé
728d891003 hw/isa/vt82c686: Rename vt82c686b_init() -> vt82c686b_isa_init()
This function only initialize the ISA bus.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-19-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:49 +01:00
Philippe Mathieu-Daudé
7313b1f28b hw/isa/superio: Factor out the FDC37M817 Super I/O from mips_malta.c
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-17-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:49 +01:00
Philippe Mathieu-Daudé
c16a4e1bc5 hw/isa/superio: Factor out the IDE code from pc87312.c
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-15-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:49 +01:00
Philippe Mathieu-Daudé
72d3d8f052 hw/isa/superio: Add a keyboard/mouse controller (8042)
Since the PC87312 inherits this abstract model, we remove the I8042
instance in the PREP machine.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <20180308223946.26784-14-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
6f6695b136 hw/isa/superio: Factor out the floppy disc controller code from pc87312.c
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-13-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
cd9526ab7c hw/isa/superio: Factor out the serial code from pc87312.c
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-12-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
4c3119a6e3 hw/isa/superio: Factor out the parallel code from pc87312.c
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-11-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
63f01a74ae hw/isa/pc87312: Inherit from the abstract TYPE_ISA_SUPERIO
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-10-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
1854eb287e hw/isa/superio: Add a Super I/O template based on the PC87312 device
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-9-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
4e00105a76 hw/isa/pc87312: Use uint16_t for the ISA I/O base address
This matches the isa_register_ioport() prototype.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-7-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
010d2dc473 hw/isa/pc87312: Rename the device type as TYPE_PC87312_SUPERIO
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au> (hw/ppc)
Message-Id: <20180308223946.26784-6-f4bug@amsat.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
47973a2dbf hw/input/i8042: Extract declarations from i386/pc.h into input/i8042.h
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au> (hw/ppc)
Message-Id: <20180308223946.26784-4-f4bug@amsat.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
55f613ac25 hw/dma/i8257: Rename DMA_init() to i8257_dma_init()
- Move the header from hw/isa/ to hw/dma/
- Remove the old i386/pc dependency
- use a bool type for the high_page_enable argument

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-3-f4bug@amsat.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:48 +01:00
Philippe Mathieu-Daudé
bb3d5ea858 hw/isa: Move parallel_hds_isa_init() to hw/char/parallel-isa.c
Again... (after 07dc788054 and 9157eee1b1).

We now extract the ISA bus specific helpers.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20180308223946.26784-2-f4bug@amsat.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:47 +01:00
Paolo Bonzini
a40161cbe9 membarrier: add --enable-membarrier
Actually enable the global memory barriers if supported by the OS.
Because only recent versions of Linux include the support, they
are disabled by default.  Note that it also has to be disabled
for QEMU to run under Wine.

Before this patch, rcutorture reports 85 ns/read for my machine,
after the patch it reports 12.5 ns/read.  On the other hand updates
go from 50 *micro*seconds to 20 *milli*seconds.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:47 +01:00
Paolo Bonzini
c8d3877e48 membarrier: introduce qemu/sys_membarrier.h
This new header file provides heavy-weight "global" memory barriers that
enforce memory ordering on each running thread belonging to the current
process.  For now, use a dummy implementation that issues memory barriers
on both sides (matching what QEMU has been doing so far).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:47 +01:00
Paolo Bonzini
77a8b8462b rcu: make memory barriers more explicit
Prepare for introducing smp_mb_placeholder() and smp_mb_global().
The new smp_mb() in synchronize_rcu() is not strictly necessary, since
the first atomic_mb_set for rcu_gp_ctr provides the required ordering.
However, synchronize_rcu is not performance critical, and it *will* be
necessary to introduce a smp_mb_global before calling wait_for_readers().

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:47 +01:00
Thomas Huth
148b2ba114 hw/mips/jazz: Fix implicit creation of "-drive if=scsi" devices
The global hack for creating SCSI devices has recently been removed,
but this apparently broke SCSI devices on some boards that were not
ready for this change yet. For the pica61 machine you now get:

$ mips64-softmmu/qemu-system-mips64 -M pica61 -cdrom x.iso
qemu-system-mips64: -cdrom x.iso: machine type does not support if=scsi,bus=0,unit=2

Fix it by calling scsi_bus_legacy_handle_cmdline() after creating the
corresponding SCSI controller.

Fixes: 1454509726
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1520414644-11535-1-git-send-email-thuth@redhat.com>
Reviewed-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:47 +01:00
Peter Xu
c7278b4355 chardev: introduce chr_machine_done hook
Introduce ChardevClass.chr_machine_done() hook so that chardevs can run
customized procedures after machine init.

There was an existing mux user already that did similar thing but used a
raw machine done notifier.  Generalize it into a framework, and let the
mux chardevs provide such a class-specific hook to achieve the same
thing.  Then we can move the mux related code to the char-mux.c file.

Since at it, replace the mux_realized variable with the global
machine_init_done varible.

This notifier framework will be further leverged by other type of
chardevs soon.

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180306053320.15401-6-peterx@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:46 +01:00
Peter Xu
c8ca2a23a9 vl: export machine_init_done
We have that variable but not exported.  Export that so modules can have
a way to poke on whether machine init has finished.

Meanwhile, set that up even before calling the notifiers, so that
notifiers who may depend on this field will get a correct answer.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180306053320.15401-2-peterx@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:46 +01:00
Paolo Bonzini
4b9c264bd2 q35: change default NIC to e1000e
The e1000 NIC is getting old and is not a very good default for a
PCIe machine type.  Change it to e1000e, which should be supported
by a good number of guests.

In particular, drivers for 82574 were added first to Linux 2.6.27 (2008)
and Windows 2008 R2.  This does mean that Windows 2008 will not work
anymore with Q35 machine types and a default "-net nic -net xxx" network
configuration; it did work before because it does have an AHCI driver.
However, Windows 2008 has been declared out of main stream support
in 2015.  It will get out of extended support in 2020.  Windows 2008
R2 has the same end of support dates and, since the two are basically
Vista vs. Windows 7, R2 probably is more popular.

Reviewed-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 16:12:45 +01:00
Paolo Bonzini
47c66009ab qom: introduce object_class_get_list_sorted
Unify half a dozen copies of very similar code (the only difference being
whether comparisons were case-sensitive) and use it also in Tricore,
which did not do any sorting of CPU model names.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12 15:21:10 +01:00
Peter Maydell
b16a54da06 gtk,spice: add dmabuf support.
sdl,vnc,gtk: bugfixes.
 ui/qapi: add device ID and head parameters to screendump.
 build: try improve handling of clang warnings.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJapkS4AAoJEEy22O7T6HE4868P/i1HqNsrWjvQOlslHSiqa+L+
 t1YYM47qdy+Qv12z9wc5dVYLZy6xhKqUE41Ks/5IdeDmOmnSJSU6YNnQsav0BNwJ
 RDsaahiIVHyWN5cihZeL9aZvw6c+2GjJ2oBJbLgeogqukKuHluEfcSXfUPT3AT+M
 yGZe3jqQXqSqdG9B3yYxejFOnlAy26HlqD9CmTeqs9es2m9kUq3b/0EQaJd4BwiU
 1ObNqJy32t+6NjIlhlgUAFuZm+M+E/gCFQqjfnERiQPzMuE3d2go87mHfZ3LkvSl
 dCOrQJ7kEFJB2hjppVvm8NtpQ9QUS4KXpwqtyJEh6+cuHVpgOxBNUyeiSV3ItjQa
 tMlFsFIpR4YBD/Gj5pbx8doqfSpFV8tMv62ncCrfsC2/8XqGtLO33DZPguJDJOee
 qg8hzc7VIZmuT4fpjyMDzOkGG6X5fKnSSRvnpEkswBz0Vyf8t/0B029ksr9Jxger
 AvrOB96LWVW8mR1ksI/HO3iMkDeQP/xiHGUh4Cy1cR+qJuVVKNwXBQHg3viDcpbV
 YdoBG5CQ2MDsI7v3XvNihCqLFMZ2OigpAGLDe4a26IR/3Rz+0XEIdtfZHcGbxJ6l
 4cAb4JP+DOgVGGLyRBW+bDcg7q4BXwCp77mzipcsocnMu/HtZ5uoSH+EKFkKLcnP
 PKpab2lurVbG9oqYfD1P
 =3Hmp
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/ui-20180312-pull-request' into staging

gtk,spice: add dmabuf support.
sdl,vnc,gtk: bugfixes.
ui/qapi: add device ID and head parameters to screendump.
build: try improve handling of clang warnings.

# gpg: Signature made Mon 12 Mar 2018 09:13:28 GMT
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/ui-20180312-pull-request:
  qapi: Add device ID and head parameters to screendump
  spice: add cursor_dmabuf support
  spice: add scanout_dmabuf support
  spice: drop dprint() debug logging
  vnc: deal with surface NULL pointers
  ui/gtk-egl: add cursor_dmabuf support
  ui/gtk-egl: add scanout_dmabuf support
  ui/gtk: use GtkGlArea on wayland only
  ui/opengl: Makefile cleanup
  ui/gtk: group gtk.mo declarations in Makefile
  ui/gtk: make GtkGlArea usage a runtime option
  sdl: workaround bug in sdl 2.0.8 headers
  make: switch language file build to be gtk module aware
  build: try improve handling of clang warnings

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-12 14:06:23 +00:00
Peter Maydell
5df089564b target-arm queue:
* i.MX: Add i.MX7 SOC implementation and i.MX7 Sabre board
  * Report the correct core count in A53 L2CTLR on the ZynqMP board
  * linux-user: preliminary SVE support work (signal handling)
  * hw/arm/boot: fix memory leak in case of error loading ELF file
  * hw/arm/boot: avoid reading off end of buffer if passed very
    small image file
  * hw/arm: Use more CONFIG switches for the object files
  * target/arm: Add "-cpu max" support
  * hw/arm/virt: Support -machine gic-version=max
  * hw/sd: improve debug tracing
  * hw/sd: sdcard: Add the Tuning Command (CMD 19)
  * MAINTAINERS: add Philippe as odd-fixes maintainer for SD
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJaosNHAAoJEDwlJe0UNgzexcoP/RHqkdKk91Dzg4MirndihMrJ
 nCu4n1J68uEOt79SlS4ES+EVKmfPvo2DP94Kp8L4bjqiHuvSMQfjX7YnPzCvQKOC
 Idz4BklbjYg3QP+UWFysoHvv5vXvytRhwu6LeVoTgebpBIwvKKyQh/89mwp1hKRm
 ZkpdkTRP2lsQUCG36kYUiAyhcJH+9nxQBtecfYjpzKsQg49Piltt999l9c8VzTfw
 yY72rEw4vFKFUjHfkbi0m2lPhZWIwGMoU0/qFNfIrMRi4vp6WDeQaRYgDgxpGfwy
 ZCbHVQeuQg87xD48HQMoQO+F3iaCvbjllDKnqAL80W8NreAyKJX8e8Cz9FD2k0n5
 RvDeQ6QOq5jzOW6uSDlJgT71kajiEzJH43TLLB6k7/mdJICt/JGU7EWVSP6C0fZz
 cEjRLfx8JoZN4HmFy2f8K+IwdWpGkshzTVO1XmFsWZmSHUD+6vcUv9Nd1MP3ACGN
 BPqmbjk2guiacuKs3gbOSCB1mLWXCu4HMAc6ppO1d3pVHRWaR9UAVCiYJNuXd/VU
 dXELAbcP6WOwHteBxgwGnEALcgz40gx149+gePD3MLc3ImZEqWba91Ghp8T6NNSu
 p8ZJqN7Dsow6mOxaS5iYfFfXdf8K13cTmB371Q+0IOi3Z0cO2CgEmFZ8fj5yKCSK
 wjtYIFhwzFdWqzGb4e/Q
 =CWr5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180309' into staging

target-arm queue:
 * i.MX: Add i.MX7 SOC implementation and i.MX7 Sabre board
 * Report the correct core count in A53 L2CTLR on the ZynqMP board
 * linux-user: preliminary SVE support work (signal handling)
 * hw/arm/boot: fix memory leak in case of error loading ELF file
 * hw/arm/boot: avoid reading off end of buffer if passed very
   small image file
 * hw/arm: Use more CONFIG switches for the object files
 * target/arm: Add "-cpu max" support
 * hw/arm/virt: Support -machine gic-version=max
 * hw/sd: improve debug tracing
 * hw/sd: sdcard: Add the Tuning Command (CMD 19)
 * MAINTAINERS: add Philippe as odd-fixes maintainer for SD

# gpg: Signature made Fri 09 Mar 2018 17:24:23 GMT
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20180309: (25 commits)
  MAINTAINERS: Add entries for SD (SDHCI, SDBus, SDCard)
  sdhci: Fix a typo in comment
  sdcard: Add the Tuning Command (CMD19)
  sdcard: Display which protocol is used when tracing (SD or SPI)
  sdcard: Display command name when tracing CMD/ACMD
  sdcard: Do not trace CMD55, except when we already expect an ACMD
  hw/arm/virt: Support -machine gic-version=max
  hw/arm/virt: Add "max" to the list of CPU types "virt" supports
  target/arm: Make 'any' CPU just an alias for 'max'
  target/arm: Add "-cpu max" support
  target/arm: Move definition of 'host' cpu type into cpu.c
  target/arm: Query host CPU features on-demand at instance init
  arm: avoid heap-buffer-overflow in load_aarch64_image
  arm: fix load ELF error leak
  hw/arm: Use more CONFIG switches for the object files
  aarch64-linux-user: Add support for SVE signal frame records
  aarch64-linux-user: Add support for EXTRA signal frame records
  aarch64-linux-user: Remove struct target_aux_context
  aarch64-linux-user: Split out helpers for guest signal handling
  linux-user: Implement aarch64 PR_SVE_SET/GET_VL
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-12 11:47:52 +00:00
Peter Maydell
be0aa7ac89 log-for-trace.h: Split out parts of log.h used by trace.h
A persistent build problem we see is where a source file
accidentally omits the #include of log.h. This slips through
local developer testing because if you configure with the
default (log) trace backend trace.h will pull in log.h for you.
Compilation fails only if some other backend is selected.

To make this error cause a compile failure regardless of
the configured trace backend, split out the parts of log.h
that trace.h requires into a new log-for-trace.h header.
Since almost all manual uses of the log.h functions will
use constants or functions which aren't in log-for-trace.h,
this will let us catch missing #include "qemu/log.h" more
consistently.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180213140029.8308-1-peter.maydell@linaro.org
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-03-12 11:10:20 +00:00
Stefan Hajnoczi
7376eda7c2 block: make BDRV_POLL_WHILE() re-entrancy safe
Nested BDRV_POLL_WHILE() calls can occur.  Currently
assert(!wait_->wakeup) fails in AIO_WAIT_WHILE() when this happens.

This patch converts the bool wait_->need_kick flag to an unsigned
wait_->num_waiters counter.

Nesting works correctly because outer AIO_WAIT_WHILE() callers evaluate
the condition again after the inner caller completes (invoking the inner
caller counts as aio_poll() progress).

Reported-by: "fuweiwei (C)" <fuweiwei2@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20180307124619.6218-1-stefanha@redhat.com
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-03-12 11:07:37 +00:00
Gerd Hoffmann
65ba869661 audio: add module loading support
Make audio_driver_lookup() try load the module in case it doesn't find
the driver in the registry.  Also load all modules for -audio-help, so
the help output includes the help text for modular audio drivers.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20180306074053.22856-3-kraxel@redhat.com
2018-03-12 11:18:26 +01:00
Peter Maydell
12c06d6f96 Block layer patches
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJaoqOgAAoJEH8JsnLIjy/W2MMP/1gj7CJgtSG9wIzyBHjSWQMy
 ofXEgRJO9t/smfUMlH2NdrW8P2LvYcmqOsEBkLJzCtl48fPexwtI/cunzVjutXcf
 VlpqKz/8uN4C9D6m8FN/5kKf65l+tnVqnCoJgwafY5uT7jmoC8LF1xO2jo8a+lJd
 0Dv6RxJUQq/tDR6OvO6aW4EzbOUcD4wkLvi/uz8+ZjV1BLSLlpdudejr6W9TnJY/
 EGFedbxqjPV7fIvMbodbFp0Ie8Aw0WEL8ttERboeR4jbA/o+PZVGpPtHsr/4V6QO
 Pgh6vH2rGavxFzwuCWEGhlLKGx66CGqqdTknm6lNJchepCvcfoYxjOPZv9FCaMUs
 enC/x43xSkCmkwBwKKxpXqu1vS5nGdMebAwRjstSIplypjv2YOwS1AiU5snaDwuk
 t9Gjkw0Wka5nySuYi43H2RPXmlWbh4T8DfQ6pOyJGvXGjm8t+f5BTaMtSWn6Iq2W
 F6r1UezQJBDnUbpFgsRg4AP+htPGDHgsOg7KzCCd/lBHwbjX7dkQlAYbBZZ2OBF+
 wQN5olDR6jsKIy2IlARNgNweZHW5UQa1cc+7HlVNNE5tqtkjo7aWPk/LhEzBCIHg
 sWG3VH2y3lQlaMzYh1v+jnGrFoq1ZJU4sbjaxvQX8czjmaQvPtbzKuZAovQ4pGwa
 g0SrWP6p9yLo0LXLuXBP
 =WDF4
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Fri 09 Mar 2018 15:09:20 GMT
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (56 commits)
  qemu-iotests: fix 203 migration completion race
  iotests: Tweak 030 in order to trigger a race condition with parallel jobs
  iotests: Skip test for ENOMEM error
  iotests: Mark all tests executable
  iotests: Test creating overlay when guest running
  qemu-iotests: Test ssh image creation over QMP
  qemu-iotests: Test qcow2 over file image creation with QMP
  block: Fail bdrv_truncate() with negative size
  file-posix: Fix no-op bdrv_truncate() with falloc preallocation
  ssh: Support .bdrv_co_create
  ssh: Pass BlockdevOptionsSsh to connect_to_ssh()
  ssh: QAPIfy host-key-check option
  ssh: Use QAPI BlockdevOptionsSsh object
  sheepdog: Support .bdrv_co_create
  sheepdog: QAPIfy "redundancy" create option
  nfs: Support .bdrv_co_create
  nfs: Use QAPI options in nfs_client_open()
  rbd: Use qemu_rbd_connect() in qemu_rbd_do_create()
  rbd: Assign s->snap/image_name in qemu_rbd_open()
  rbd: Support .bdrv_co_create
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-12 10:08:09 +00:00
Gerd Hoffmann
b153f9019b spice: add cursor_dmabuf support
Add support for cursor dmabufs.  qemu has to render the cursor for
that, so in case a cursor is present qemu allocates a new dmabuf, blits
the scanout, blends in the pointer and passes on the new dmabuf to
spice-server.  Without cursor qemu continues to simply pass on the
scanout dmabuf as-is.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20180308090618.30147-4-kraxel@redhat.com
2018-03-12 09:01:56 +01:00
Gerd Hoffmann
2e5567c903 vnc: deal with surface NULL pointers
Secondary displays in multihead setups are allowed to have a NULL
DisplaySurface.  Typically user interfaces handle this by hiding the
window which shows the display in question.

This isn't an option for vnc though because it simply hasn't a concept
of windows or outputs.  So handle the situation by showing a placeholder
DisplaySurface instead.  Also check in console_select whenever a surface
is preset in the first place before requesting an update.

This fixes a segfault which can be triggered by switching to an unused
display (via vtrl-alt-<nr>) in a multihead setup, for example using
-device virtio-vga,max_outputs=2.

Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Message-id: 20180308161803.6152-1-kraxel@redhat.com
2018-03-12 09:00:59 +01:00
Gerd Hoffmann
f1bd313264 ui/gtk-egl: add cursor_dmabuf support
Add support for cursor dmabufs to gtk-egl.  Just blend in the cursor
(if we have one) when rendering the dmabuf.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180306090951.22932-7-kraxel@redhat.com
2018-03-12 09:00:34 +01:00
Gerd Hoffmann
70763fea4f ui/gtk-egl: add scanout_dmabuf support
Add support for dmabuf scanouts to gtk-egl.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180306090951.22932-6-kraxel@redhat.com
2018-03-12 09:00:34 +01:00
Gerd Hoffmann
11c82b584a ui/gtk: make GtkGlArea usage a runtime option
Compile in both gtk-egl and gtk-gl-area, then allow to choose at runtime
instead of compile time which opengl variant we want use.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180306090951.22932-2-kraxel@redhat.com
2018-03-12 09:00:34 +01:00
Max Filippov
ebf9a3630c linux-user: fix mmap/munmap/mprotect/mremap/shmat
In linux-user QEMU that runs for a target with TARGET_ABI_BITS bigger
than L1_MAP_ADDR_SPACE_BITS an assertion in page_set_flags fires when
mmap, munmap, mprotect, mremap or shmat is called for an address outside
the guest address space. mmap and mprotect should return ENOMEM in such
case.

Change definition of GUEST_ADDR_MAX to always be the last valid guest
address. Account for this change in open_self_maps.
Add macro guest_addr_valid that verifies if the guest address is valid.
Add function guest_range_valid that verifies if address range is within
guest address space and does not wrap around. Use that macro in
mmap/munmap/mprotect/mremap/shmat for error checking.

Cc: qemu-stable@nongnu.org
Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20180307215010.30706-1-jcmvbkbc@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-03-09 19:21:34 +01:00
Peter Maydell
e4ae62b802 -----BEGIN PGP SIGNATURE-----
iQEcBAABAgAGBQJaoonGAAoJEJykq7OBq3PIuvIH/1sU3LokJ9KroaKaqYyAQnOX
 V9ow3x4z3CQ8qOUpFWXA3l3lMLWE3YzGLvSMLsUVXafobX6qmK/LhtmLk3oNrg4j
 Q5T+d/JFZFZx+MsO4yqD29yJFi2BN1paZ1dpjo6uY5BtABg3zi/cKHOcwkCQDvBA
 XNHCSATt0neew51zZ7xKf2ja8tCPbaeshGY56FW1N118LTCNxIU42JKvK3sCZ8KL
 bgWRqg3FDZEF5MY0xZwCuCMwskIpu1nw6xgwXe5UdB42p2QntzGGfd9xzlmAcy2O
 nYjBqlL7ACN0kbKcPtTNPsikP7O4huoT+62s4cRkFuIUNssot3NSv+iV+HJ3ESs=
 =zmof
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Fri 09 Mar 2018 13:19:02 GMT
# gpg:                using RSA key 9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  vl: introduce vm_shutdown()
  virtio-scsi: fix race between .ioeventfd_stop() and vq handler
  virtio-blk: fix race between .ioeventfd_stop() and vq handler
  block: add aio_wait_bh_oneshot()
  virtio-blk: dataplane: Don't batch notifications if EVENT_IDX is present
  README: Fix typo 'git-publish'
  block: Fix qemu crash when using scsi-block

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-09 17:28:16 +00:00
Andrey Smirnov
757282ada8 i.MX: Add i.MX7 SOC implementation.
The following interfaces are partially or fully emulated:

    * up to 2 Cortex A9 cores (SMP works with PSCI)
    * A7 MPCORE (identical to A15 MPCORE)
    * 4 GPTs modules
    * 7 GPIO controllers
    * 2 IOMUXC controllers
    * 1 CCM module
    * 1 SVNS module
    * 1 SRC module
    * 1 GPCv2 controller
    * 4 eCSPI controllers
    * 4 I2C controllers
    * 7 i.MX UART controllers
    * 2 FlexCAN controllers
    * 2 Ethernet controllers (FEC)
    * 3 SD controllers (USDHC)
    * 4 WDT modules
    * 1 SDMA module
    * 1 GPR module
    * 2 USBMISC modules
    * 2 ADC modules
    * 1 PCIe controller

Tested to boot and work with upstream Linux (4.13+) guest.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
[PMM: folded a couple of long lines]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-09 17:09:43 +00:00
Andrey Smirnov
d64e5eabc4 pci: Add support for Designware IP block
Add code needed to get a functional PCI subsytem when using in
conjunction with upstream Linux guest (4.13+). Tested to work against
"e1000e" (network adapter, using MSI interrupts) as well as
"usb-ehci" (USB controller, using legacy PCI interrupts).

Based on "i.MX6 Applications Processor Reference Manual" (Document
Number: IMX6DQRM Rev. 4) as well as corresponding dirver in Linux
kernel (circa 4.13 - 4.16 found in drivers/pci/dwc/*)

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-09 17:09:43 +00:00
Kevin Wolf
b0292b851b block: x-blockdev-create QMP command
This adds a synchronous x-blockdev-create QMP command that can create
qcow2 images on a given node name.

We don't want to block while creating an image, so this is not the final
interface in all aspects, but BlockdevCreateOptionsQcow2 and
.bdrv_co_create() are what they actually might look like in the end. In
any case, this should be good enough to test whether we interpret
BlockdevCreateOptions as we should.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-03-09 15:17:47 +01:00
Kevin Wolf
e8eb863778 block: Make bdrv_is_whitelisted() public
We'll use a separate source file for image creation, and we need to
check there whether the requested driver is whitelisted.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-03-09 15:17:47 +01:00
Kevin Wolf
bcebf102cc qdict: Introduce qdict_rename_keys()
A few block drivers will need to rename .bdrv_create options for their
QAPIfication, so let's have a helper function for that.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-03-09 15:17:47 +01:00
Kevin Wolf
72215395b9 util: Add qemu_opts_to_qdict_filtered()
This allows, given a QemuOpts for a QemuOptsList that was merged from
multiple QemuOptsList, to only consider those options that exist in one
specific list. Block drivers need this to separate format-layer create
options from protocol-level options.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-03-09 15:17:47 +01:00
Kevin Wolf
e1d74bc6c6 qcow2: Use BlockdevRef in qcow2_co_create()
Instead of passing a separate BlockDriverState* into qcow2_co_create(),
make use of the BlockdevRef that is included in BlockdevCreateOptions.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2018-03-09 15:17:47 +01:00
Paolo Bonzini
2fd6163884 block: convert bdrv_check callback to coroutine_fn
Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1516279431-30424-8-git-send-email-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-09 15:17:47 +01:00
Paolo Bonzini
2b148f392b block: convert bdrv_invalidate_cache callback to coroutine_fn
QED's bdrv_invalidate_cache implementation would like to reuse functions
that acquire/release the metadata locks.  Call it from coroutine context
to simplify the logic.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1516279431-30424-6-git-send-email-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-03-09 15:17:47 +01:00
Peter Maydell
d9bbfea646 QEMU RISC-V Emulation Support (RV64GC, RV32GC)
This release renames the SiFive machines to sifive_e and sifive_u
 to represent the SiFive Everywhere and SiFive Unleashed platforms.
 SiFive has configurable soft-core IP, so it is intended that these
 machines will be extended to enable a variety of SiFive IP blocks.
 The CPU definition infrastructure has been improved and there are
 now vendor CPU modules including the SiFiVe E31, E51, U34 and U54
 cores. The emulation accuracy for the E series has been improved
 by disabling the MMU for the E series. S mode has been disabled on
 cores that only support M mode and U mode. The two Spike machines
 that support two privileged ISA versions have been coalesced into
 one file. This series has Signed-off-by from the core contributors.
 
 *** Known Issues ***
 
 * Disassembler has some checkpatch warnings for the sake of code brevity
 * scripts/qemu-binfmt-conf.sh has checkpatch warnings due to line length
 * PMP (Physical Memory Protection) is as-of-yet unused and needs testing
 
 *** Changelog ***
 
 v8.2
 
 * Rebase
 
 v8.1
 
 * Fix missed case of renaming spike_v1.9 to spike_v1.9.1
 
 v8
 
 * Added linux-user/riscv/target_elf.h during rebase
 * Make resetvec configurable and clear mpp and mie on reset
 * Use SiFive E31, E51, U34 and U54 cores in SiFive machines
 * Define SiFive E31, E51, U34 and U54 cores
 * Refactor CPU core definition in preparation for vendor cores
 * Prevent S or U mode unless S or U extensions are present
 * SiFive E Series cores have no MMU
 * SiFive E Series cores have U mode
 * Make privileged ISA v1.10 implicit in CPU types
 * Remove DRAM_BASE and EXT_IO_BASE as they vary by machine
 * Correctly handle mtvec and stvec alignment with respect to RVC
 * Print more machine mode state in riscv_cpu_dump_state
 * Make riscv_isa_string use compact extension order method
 * Fix bug introduced in v6 RISCV_CPU_TYPE_NAME macro change
 * Parameterize spike v1.9.1 config string
 * Coalesce spike_v1.9.1 and spike_v1.10 machines
 * Rename sifive_e300 to sifive_e, and sifive_u500 to sifive_u
 
 v7
 
 * Make spike_v1.10 the default machine
 * Rename spike_v1.9 to spike_v1.9.1 to match privileged spec version
 * Remove empty target/riscv/trace-events file
 * Monitor ROM 32-bit reset code needs to be target endian
 * Add TARGET_TIOCGPTPEER to linux-user/riscv/termbits.h
 * Add -initrd support to the virt board
 * Fix naming in spike machine interface header
 * Update copyright notice on RISC-V Spike machines
 * Update copyright notice on RISC-V HTIF Console device
 * Change CPU Core and translator to GPLv2+
 * Change RISC-V Disassembler to GPLv2+
 * Change SiFive Test Finisher to GPLv2+
 * Change SiFive CLINT to GPLv2+
 * Change SiFive PRCI to GPLv2+
 * Change SiFive PLIC to GPLv2+
 * Change RISC-V spike machines to GPLv2+
 * Change RISC-V virt machine to GPLv2+
 * Change SiFive E300 machine to GPLv2+
 * Change SiFive U500 machine to GPLv2+
 * Change RISC-V Hart Array to GPLv2+
 * Change RISC-V HTIF device to GPLv2+
 * Change SiFiveUART device to GPLv2+
 
 v6
 
 * Drop IEEE 754-201x minimumNumber/maximumNumber for fmin/fmax
 * Remove some unnecessary commented debug statements
 * Change RISCV_CPU_TYPE_NAME to use riscv-cpu suffix
 * Define all CPU variants for linux-user
 * qemu_log calls require trailing \n
 * Replace PLIC printfs with qemu_log
 * Tear out unused HTIF code and eliminate shouting debug messages
 * Fix illegal instruction when sfence.vma is passed (rs2) arguments
 * Make updates to PTE accessed and dirty bits atomic
 * Only require atomic PTE updates on MTTCG enabled guests
 * Page fault if accessed or dirty bits can't be updated
 * Fix get_physical_address PTE reads and writes on riscv32
 * Remove erroneous comments from the PLIC
 * Default enable MTTCG
 * Make WFI less conservative
 * Unify local interrupt handling
 * Expunge HTIF interrupts
 * Always access mstatus.mip under a lock
 * Don't implement rdtime/rdtimeh in system mode (bbl emulates them)
 * Implement insreth/cycleh for rv32 and always enable user-mode counters
 * Add GDB stub support for reading and writing CSRs
 * Rename ENABLE_CHARDEV #ifdef from HTIF code
 * Replace bad HTIF ELF code with load_elf symbol callback
 * Convert chained if else fault handlers to switch statements
 * Use RISCV exception codes for linux-user page faults
 
 v5
 
 * Implement NaN-boxing for flw, set high order bits to 1
 * Use float_muladd_negate_* flags to floatXX_muladd
 * Use IEEE 754-201x minimumNumber/maximumNumber for fmin/fmax
 * Fix TARGET_NR_syscalls
 * Update linux-user/riscv/syscall_nr.h
 * Fix FENCE.I, needs to terminate translation block
 * Adjust unusual convention for interruptno >= 0
 
 v4
 
 * Add @riscv: since 2.12 to CpuInfoArch
 * Remove misleading little-endian comment from load_kernel
 * Rename cpu-model property to cpu-type
 * Drop some unnecessary inline function attributes
 * Don't allow GDB to set value of x0 register
 * Remove unnecessary empty property lists
 * Add Test Finisher device to implement poweroff in virt machine
 * Implement priv ISA v1.10 trap and sret/mret xPIE/xIE behavior
 * Store fflags data in fp_status
 * Purge runtime users of helper_raise_exception
 * Fix validate_csr
 * Tidy gen_jalr
 * Tidy immediate shifts
 * Add gen_exception_inst_addr_mis
 * Add gen_exception_debug
 * Add gen_exception_illegal
 * Tidy helper_fclass_*
 * Split rounding mode setting to a new function
 * Enforce MSTATUS_FS via TB flags
 * Implement acquire/release barrier semantics
 * Use atomic operations as required
 * Fix FENCE and FENCE_I
 * Remove commented code from spike machines
 * PAGE_WRITE permissions can be set on loads if page is already dirty
 * The result of format conversion on an NaN must be a quiet NaN
 * Add missing process_queued_cpu_work to riscv linux-user
 * Remove float(32|64)_classify from cpu.h
 * Removed nonsensical unions aliasing the same type
 * Use uintN_t instead of uintN_fast_t in fpu_helper.c
 * Use macros for FPU exception values in softfloat_flags_to_riscv
 * Move code to set round mode into set_fp_round_mode function
 * Convert set_fp_exceptions from a macro to an inline function
 * Convert round mode helper into an inline function
 * Make fpu_helper ieee_rm array static const
 * Include cpu_mmu_index in cpu_get_tb_cpu_state flags
 * Eliminate MPRV influence on mmu_index
 * Remove unrecoverable do_unassigned_access function
 * Only update PTE accessed and dirty bits if necessary
 * Remove unnecessary tlb_flush in set_mode as mode is in mmu_idx
 * Remove buggy support for misa writes. misa writes are optional
   and are not implemented in any known hardware
 * Always set PTE read or execute permissions during page walk
 * Reorder helper function declarations to match order in helper.c
 * Remove redundant variable declaration in get_physical_address
 * Remove duplicated code from get_physical_address
 * Use mmu_idx instead of mem_idx in riscv_cpu_get_phys_page_debug
 
 v3
 
 * Fix indentation in PMP and HTIF debug macros
 * Fix disassembler checkpatch open brace '{' on next line errors
 * Fix trailing statements on next line in decode_inst_decompress
 * NOTE: the other checkpatch issues have been reviewed previously
 
 v2
 
 * Remove redundant NULL terminators from disassembler register arrays
 * Change disassembler register name arrays to const
 * Refine disassembler internal function names
 * Update dates in disassembler copyright message
 * Remove #ifdef CONFIG_USER_ONLY version of cpu_has_work
 * Use ULL suffix on 64-bit constants
 * Move riscv_cpu_mmu_index from cpu.h to helper.c
 * Move riscv_cpu_hw_interrupts_pending from cpu.h to helper.c
 * Remove redundant TARGET_HAS_ICE from cpu.h
 * Use qemu_irq instead of void* for irq definition in cpu.h
 * Remove duplicate typedef from struct CPURISCVState
 * Remove redundant g_strdup from cpu_register
 * Remove redundant tlb_flush from riscv_cpu_reset
 * Remove redundant mode calculation from get_physical_address
 * Remove redundant debug mode printf and dcsr comment
 * Remove redundant clearing of MSB for bare physical addresses
 * Use g_assert_not_reached for invalid mode in get_physical_address
 * Use g_assert_not_reached for unreachable checks in get_physical_address
 * Use g_assert_not_reached for unreachable type in raise_mmu_exception
 * Return exception instead of aborting for misaligned fetches
 * Move exception defines from cpu.h to cpu_bits.h
 * Remove redundant breakpoint control definitions from cpu_bits.h
 * Implement riscv_cpu_unassigned_access exception handling
 * Log and raise exceptions for unimplemented CSRs
 * Match Spike HTIF exit behavior - don’t print TEST-PASSED
 * Make frm,fflags,fcsr writes trap when mstatus.FS is clear
 * Use g_assert_not_reached for unreachable invalid mode
 * Make hret,uret,dret generate illegal instructions
 * Move riscv_cpu_dump_state and int/fpr regnames to cpu.c
 * Lift interrupt flag and mask into constants in cpu_bits.h
 * Change trap debugging to use qemu_log_mask LOG_TRACE
 * Change CSR debugging to use qemu_log_mask LOG_TRACE
 * Change PMP debugging to use qemu_log_mask LOG_TRACE
 * Remove commented code from pmp.c
 * Change CpuInfoRISCV qapi schema docs to Since 2.12
 * Change RV feature macro to use target_ulong cast
 * Remove riscv_feature and instead use misa extension flags
 * Make riscv_flush_icache_syscall a no-op
 * Undo checkpatch whitespace fixes in unrelated linux-user code
 * Remove redudant constants and tidy up cpu_bits.h
 * Make helper_fence_i a no-op
 * Move include "exec/cpu-all" to end of cpu.h
 * Rename set_privilege to riscv_set_mode
 * Move redundant forward declaration for cpu_riscv_translate_address
 * Remove TCGV_UNUSED from riscv_translate_init
 * Add comment to pmp.c stating the code is untested and currently unused
 * Use ctz to simplify decoding of PMP NAPOT address ranges
 * Change pmp_is_in_range to use than equal for end addresses
 * Fix off by one error in pmp_update_rule
 * Rearrange PMP_DEBUG so that formatting is compile-time checked
 * Rearrange trap debugging so that formatting is compile-time checked
 * Rearrange PLIC debugging so that formatting is compile-time checked
 * Use qemu_log/qemu_log_mask for HTIF logging and debugging
 * Move exception and interrupt names into cpu.c
 * Add Palmer Dabbelt as a RISC-V Maintainer
 * Rebase against current qemu master branch
 
 v1
 
 * initial version based on forward port from riscv-qemu repository
 
 *** Background ***
 
 "RISC-V is an open, free ISA enabling a new era of processor innovation
 through open standard collaboration. Born in academia and research,
 RISC-V ISA delivers a new level of free, extensible software and
 hardware freedom on architecture, paving the way for the next 50 years
 of computing design and innovation."
 
 The QEMU RISC-V port has been developed and maintained out-of-tree for
 several years by Sagar Karandikar and Bastian Koppelmann. The RISC-V
 Privileged specification has evolved substantially over this period but
 has recently been solidifying. The RISC-V Base ISA has been frozon for
 some time and the Privileged ISA, GCC toolchain and Linux ABI are now
 quite stable. I have recently joined Sagar and Bastian as a RISC-V QEMU
 Maintainer and hope to support upstreaming the port.
 
 There are multiple vendors taping out, preparing to ship, or shipping
 silicon that implements the RISC-V Privileged ISA Version 1.10. There
 are also several RISC-V Soft-IP cores implementing Privileged ISA
 Version 1.10 that run on FPGA such as SiFive's Freedom U500 Platform
 and the U54‑MC RISC-V Core IP, among many more implementations from a
 variety of vendors. See https://riscv.org/ for more details.
 
 RISC-V support was upstreamed in binutils 2.28 and GCC 7.1 in the first
 half of 2016. RISC-V support is now available in LLVM top-of-tree and
 the RISC-V Linux port was accepted into Linux 4.15-rc1 late last year
 and is available in the Linux 4.15 release. GLIBC 2.27 added support
 for the RISC-V ISA running on Linux (requires at least binutils-2.30,
 gcc-7.3.0, and linux-4.15). We believe it is timely to submit the
 RISC-V QEMU port for upstream review with the goal of incorporating
 RISC-V support into the upcoming QEMU 2.12 release.
 
 The RISC-V QEMU port is still under active development, mostly with
 respect to device emulation, the addition of Hypervisor support as
 specified in the RISC-V Draft Privileged ISA Version 1.11, and Vector
 support once the first draft is finalized later this year. We believe
 now is the appropriate time for RISC-V QEMU development to be carried
 out in the main QEMU repository as the code will benefit from more
 rigorous review. The RISC-V QEMU port currently supports all the ISA
 extensions that have been finalized and frozen in the Base ISA.
 
 Blog post about recent additions to RISC-V QEMU: https://goo.gl/fJ4zgk
 
 The RISC-V QEMU wiki: https://github.com/riscv/riscv-qemu/wiki
 
 Instructions for building a busybox+dropbear root image, BBL (Berkeley
 Boot Loader) and linux kernel image for use with the RISC-V QEMU
 'virt' machine: https://github.com/michaeljclark/busybear-linux
 
 *** Overview ***
 
 The RISC-V QEMU port implements the following specifications:
 
 * RISC-V Instruction Set Manual Volume I: User-Level ISA Version 2.2
 * RISC-V Instruction Set Manual Volume II: Privileged ISA Version 1.9.1
 * RISC-V Instruction Set Manual Volume II: Privileged ISA Version 1.10
 
 The RISC-V QEMU port supports the following instruction set extensions:
 
 * RV32GC with Supervisor-mode and User-mode (RV32IMAFDCSU)
 * RV64GC with Supervisor-mode and User-mode (RV64IMAFDCSU)
 
 The RISC-V QEMU port adds the following targets to QEMU:
 
 * riscv32-softmmu
 * riscv64-softmmu
 * riscv32-linux-user
 * riscv64-linux-user
 
 The RISC-V QEMU port supports the following hardware:
 
 * HTIF Console (Host Target Interface)
 * SiFive CLINT (Core Local Interruptor) for Timer interrupts and IPIs
 * SiFive PLIC (Platform Level Interrupt Controller)
 * SiFive Test (Test Finisher) for exiting simulation
 * SiFive UART, PRCI, AON, PWM, QSPI support is partially implemented
 * VirtIO MMIO (GPEX PCI support will be added in a future patch)
 * Generic 16550A UART emulation using 'hw/char/serial.c'
 * MTTCG and SMP support (PLIC and CLINT) on the 'virt' machine
 
 The RISC-V QEMU full system emulator supports 5 machines:
 
 * 'spike_v1.9.1', CLINT, PLIC, HTIF console, config-string, Priv v1.9.1
 * 'spike_v1.10', CLINT, PLIC, HTIF console, device-tree, Priv v1.10
 * 'sifive_e', CLINT, PLIC, SiFive UART, HiFive1 compat, Priv v1.10
 * 'sifive_u', CLINT, PLIC, SiFive UART, device-tree, Priv v1.10
 * 'virt', CLINT, PLIC, 16550A UART, VirtIO, device-tree, Priv v1.10
 
 This is a list of RISC-V QEMU Port Contributors:
 
 * Alex Suykov
 * Andreas Schwab
 * Antony Pavlov
 * Bastian Koppelmann
 * Bruce Hoult
 * Chih-Min Chao
 * Daire McNamara
 * Darius Rad
 * David Abdurachmanov
 * Hesham Almatary
 * Ivan Griffin
 * Jim Wilson
 * Kito Cheng
 * Michael Clark
 * Palmer Dabbelt
 * Richard Henderson
 * Sagar Karandikar
 * Shea Levy
 * Stefan O'Rear
 
 Notes:
 
 * contributor email addresses available off-list on request.
 * checkpatch has been run on all 23 patches.
 * checkpatch exceptions are noted in patches that have errors.
 * passes "make check" on full build for all targets
 * tested riscv-linux-4.6.2 on 'spike_v1.9.1' machine
 * tested riscv-linux-4.15 on 'spike_v1.10' and 'virt' machines
 * tested SiFive HiFive1 binaries in 'sifive_e' machine
 * tested RV64 on 32-bit i386
 
 This patch series includes the following patches:
 -----BEGIN PGP SIGNATURE-----
 
 iF0EABECAB0WIQR8mZMOsXzYugc9Xvpr8dezV+8+TwUCWqGRpAAKCRBr8dezV+8+
 T2mMAJ9ptK/7Bs3lE+Mki/ymlTPqhXtyxACfZkyfQf1mfhcXnB+oTG1RvEtblY8=
 =TJc8
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/riscv/tags/riscv-qemu-upstream-v8.2' into staging

QEMU RISC-V Emulation Support (RV64GC, RV32GC)

This release renames the SiFive machines to sifive_e and sifive_u
to represent the SiFive Everywhere and SiFive Unleashed platforms.
SiFive has configurable soft-core IP, so it is intended that these
machines will be extended to enable a variety of SiFive IP blocks.
The CPU definition infrastructure has been improved and there are
now vendor CPU modules including the SiFiVe E31, E51, U34 and U54
cores. The emulation accuracy for the E series has been improved
by disabling the MMU for the E series. S mode has been disabled on
cores that only support M mode and U mode. The two Spike machines
that support two privileged ISA versions have been coalesced into
one file. This series has Signed-off-by from the core contributors.

*** Known Issues ***

* Disassembler has some checkpatch warnings for the sake of code brevity
* scripts/qemu-binfmt-conf.sh has checkpatch warnings due to line length
* PMP (Physical Memory Protection) is as-of-yet unused and needs testing

*** Changelog ***

v8.2

* Rebase

v8.1

* Fix missed case of renaming spike_v1.9 to spike_v1.9.1

v8

* Added linux-user/riscv/target_elf.h during rebase
* Make resetvec configurable and clear mpp and mie on reset
* Use SiFive E31, E51, U34 and U54 cores in SiFive machines
* Define SiFive E31, E51, U34 and U54 cores
* Refactor CPU core definition in preparation for vendor cores
* Prevent S or U mode unless S or U extensions are present
* SiFive E Series cores have no MMU
* SiFive E Series cores have U mode
* Make privileged ISA v1.10 implicit in CPU types
* Remove DRAM_BASE and EXT_IO_BASE as they vary by machine
* Correctly handle mtvec and stvec alignment with respect to RVC
* Print more machine mode state in riscv_cpu_dump_state
* Make riscv_isa_string use compact extension order method
* Fix bug introduced in v6 RISCV_CPU_TYPE_NAME macro change
* Parameterize spike v1.9.1 config string
* Coalesce spike_v1.9.1 and spike_v1.10 machines
* Rename sifive_e300 to sifive_e, and sifive_u500 to sifive_u

v7

* Make spike_v1.10 the default machine
* Rename spike_v1.9 to spike_v1.9.1 to match privileged spec version
* Remove empty target/riscv/trace-events file
* Monitor ROM 32-bit reset code needs to be target endian
* Add TARGET_TIOCGPTPEER to linux-user/riscv/termbits.h
* Add -initrd support to the virt board
* Fix naming in spike machine interface header
* Update copyright notice on RISC-V Spike machines
* Update copyright notice on RISC-V HTIF Console device
* Change CPU Core and translator to GPLv2+
* Change RISC-V Disassembler to GPLv2+
* Change SiFive Test Finisher to GPLv2+
* Change SiFive CLINT to GPLv2+
* Change SiFive PRCI to GPLv2+
* Change SiFive PLIC to GPLv2+
* Change RISC-V spike machines to GPLv2+
* Change RISC-V virt machine to GPLv2+
* Change SiFive E300 machine to GPLv2+
* Change SiFive U500 machine to GPLv2+
* Change RISC-V Hart Array to GPLv2+
* Change RISC-V HTIF device to GPLv2+
* Change SiFiveUART device to GPLv2+

v6

* Drop IEEE 754-201x minimumNumber/maximumNumber for fmin/fmax
* Remove some unnecessary commented debug statements
* Change RISCV_CPU_TYPE_NAME to use riscv-cpu suffix
* Define all CPU variants for linux-user
* qemu_log calls require trailing \n
* Replace PLIC printfs with qemu_log
* Tear out unused HTIF code and eliminate shouting debug messages
* Fix illegal instruction when sfence.vma is passed (rs2) arguments
* Make updates to PTE accessed and dirty bits atomic
* Only require atomic PTE updates on MTTCG enabled guests
* Page fault if accessed or dirty bits can't be updated
* Fix get_physical_address PTE reads and writes on riscv32
* Remove erroneous comments from the PLIC
* Default enable MTTCG
* Make WFI less conservative
* Unify local interrupt handling
* Expunge HTIF interrupts
* Always access mstatus.mip under a lock
* Don't implement rdtime/rdtimeh in system mode (bbl emulates them)
* Implement insreth/cycleh for rv32 and always enable user-mode counters
* Add GDB stub support for reading and writing CSRs
* Rename ENABLE_CHARDEV #ifdef from HTIF code
* Replace bad HTIF ELF code with load_elf symbol callback
* Convert chained if else fault handlers to switch statements
* Use RISCV exception codes for linux-user page faults

v5

* Implement NaN-boxing for flw, set high order bits to 1
* Use float_muladd_negate_* flags to floatXX_muladd
* Use IEEE 754-201x minimumNumber/maximumNumber for fmin/fmax
* Fix TARGET_NR_syscalls
* Update linux-user/riscv/syscall_nr.h
* Fix FENCE.I, needs to terminate translation block
* Adjust unusual convention for interruptno >= 0

v4

* Add @riscv: since 2.12 to CpuInfoArch
* Remove misleading little-endian comment from load_kernel
* Rename cpu-model property to cpu-type
* Drop some unnecessary inline function attributes
* Don't allow GDB to set value of x0 register
* Remove unnecessary empty property lists
* Add Test Finisher device to implement poweroff in virt machine
* Implement priv ISA v1.10 trap and sret/mret xPIE/xIE behavior
* Store fflags data in fp_status
* Purge runtime users of helper_raise_exception
* Fix validate_csr
* Tidy gen_jalr
* Tidy immediate shifts
* Add gen_exception_inst_addr_mis
* Add gen_exception_debug
* Add gen_exception_illegal
* Tidy helper_fclass_*
* Split rounding mode setting to a new function
* Enforce MSTATUS_FS via TB flags
* Implement acquire/release barrier semantics
* Use atomic operations as required
* Fix FENCE and FENCE_I
* Remove commented code from spike machines
* PAGE_WRITE permissions can be set on loads if page is already dirty
* The result of format conversion on an NaN must be a quiet NaN
* Add missing process_queued_cpu_work to riscv linux-user
* Remove float(32|64)_classify from cpu.h
* Removed nonsensical unions aliasing the same type
* Use uintN_t instead of uintN_fast_t in fpu_helper.c
* Use macros for FPU exception values in softfloat_flags_to_riscv
* Move code to set round mode into set_fp_round_mode function
* Convert set_fp_exceptions from a macro to an inline function
* Convert round mode helper into an inline function
* Make fpu_helper ieee_rm array static const
* Include cpu_mmu_index in cpu_get_tb_cpu_state flags
* Eliminate MPRV influence on mmu_index
* Remove unrecoverable do_unassigned_access function
* Only update PTE accessed and dirty bits if necessary
* Remove unnecessary tlb_flush in set_mode as mode is in mmu_idx
* Remove buggy support for misa writes. misa writes are optional
  and are not implemented in any known hardware
* Always set PTE read or execute permissions during page walk
* Reorder helper function declarations to match order in helper.c
* Remove redundant variable declaration in get_physical_address
* Remove duplicated code from get_physical_address
* Use mmu_idx instead of mem_idx in riscv_cpu_get_phys_page_debug

v3

* Fix indentation in PMP and HTIF debug macros
* Fix disassembler checkpatch open brace '{' on next line errors
* Fix trailing statements on next line in decode_inst_decompress
* NOTE: the other checkpatch issues have been reviewed previously

v2

* Remove redundant NULL terminators from disassembler register arrays
* Change disassembler register name arrays to const
* Refine disassembler internal function names
* Update dates in disassembler copyright message
* Remove #ifdef CONFIG_USER_ONLY version of cpu_has_work
* Use ULL suffix on 64-bit constants
* Move riscv_cpu_mmu_index from cpu.h to helper.c
* Move riscv_cpu_hw_interrupts_pending from cpu.h to helper.c
* Remove redundant TARGET_HAS_ICE from cpu.h
* Use qemu_irq instead of void* for irq definition in cpu.h
* Remove duplicate typedef from struct CPURISCVState
* Remove redundant g_strdup from cpu_register
* Remove redundant tlb_flush from riscv_cpu_reset
* Remove redundant mode calculation from get_physical_address
* Remove redundant debug mode printf and dcsr comment
* Remove redundant clearing of MSB for bare physical addresses
* Use g_assert_not_reached for invalid mode in get_physical_address
* Use g_assert_not_reached for unreachable checks in get_physical_address
* Use g_assert_not_reached for unreachable type in raise_mmu_exception
* Return exception instead of aborting for misaligned fetches
* Move exception defines from cpu.h to cpu_bits.h
* Remove redundant breakpoint control definitions from cpu_bits.h
* Implement riscv_cpu_unassigned_access exception handling
* Log and raise exceptions for unimplemented CSRs
* Match Spike HTIF exit behavior - don’t print TEST-PASSED
* Make frm,fflags,fcsr writes trap when mstatus.FS is clear
* Use g_assert_not_reached for unreachable invalid mode
* Make hret,uret,dret generate illegal instructions
* Move riscv_cpu_dump_state and int/fpr regnames to cpu.c
* Lift interrupt flag and mask into constants in cpu_bits.h
* Change trap debugging to use qemu_log_mask LOG_TRACE
* Change CSR debugging to use qemu_log_mask LOG_TRACE
* Change PMP debugging to use qemu_log_mask LOG_TRACE
* Remove commented code from pmp.c
* Change CpuInfoRISCV qapi schema docs to Since 2.12
* Change RV feature macro to use target_ulong cast
* Remove riscv_feature and instead use misa extension flags
* Make riscv_flush_icache_syscall a no-op
* Undo checkpatch whitespace fixes in unrelated linux-user code
* Remove redudant constants and tidy up cpu_bits.h
* Make helper_fence_i a no-op
* Move include "exec/cpu-all" to end of cpu.h
* Rename set_privilege to riscv_set_mode
* Move redundant forward declaration for cpu_riscv_translate_address
* Remove TCGV_UNUSED from riscv_translate_init
* Add comment to pmp.c stating the code is untested and currently unused
* Use ctz to simplify decoding of PMP NAPOT address ranges
* Change pmp_is_in_range to use than equal for end addresses
* Fix off by one error in pmp_update_rule
* Rearrange PMP_DEBUG so that formatting is compile-time checked
* Rearrange trap debugging so that formatting is compile-time checked
* Rearrange PLIC debugging so that formatting is compile-time checked
* Use qemu_log/qemu_log_mask for HTIF logging and debugging
* Move exception and interrupt names into cpu.c
* Add Palmer Dabbelt as a RISC-V Maintainer
* Rebase against current qemu master branch

v1

* initial version based on forward port from riscv-qemu repository

*** Background ***

"RISC-V is an open, free ISA enabling a new era of processor innovation
through open standard collaboration. Born in academia and research,
RISC-V ISA delivers a new level of free, extensible software and
hardware freedom on architecture, paving the way for the next 50 years
of computing design and innovation."

The QEMU RISC-V port has been developed and maintained out-of-tree for
several years by Sagar Karandikar and Bastian Koppelmann. The RISC-V
Privileged specification has evolved substantially over this period but
has recently been solidifying. The RISC-V Base ISA has been frozon for
some time and the Privileged ISA, GCC toolchain and Linux ABI are now
quite stable. I have recently joined Sagar and Bastian as a RISC-V QEMU
Maintainer and hope to support upstreaming the port.

There are multiple vendors taping out, preparing to ship, or shipping
silicon that implements the RISC-V Privileged ISA Version 1.10. There
are also several RISC-V Soft-IP cores implementing Privileged ISA
Version 1.10 that run on FPGA such as SiFive's Freedom U500 Platform
and the U54‑MC RISC-V Core IP, among many more implementations from a
variety of vendors. See https://riscv.org/ for more details.

RISC-V support was upstreamed in binutils 2.28 and GCC 7.1 in the first
half of 2016. RISC-V support is now available in LLVM top-of-tree and
the RISC-V Linux port was accepted into Linux 4.15-rc1 late last year
and is available in the Linux 4.15 release. GLIBC 2.27 added support
for the RISC-V ISA running on Linux (requires at least binutils-2.30,
gcc-7.3.0, and linux-4.15). We believe it is timely to submit the
RISC-V QEMU port for upstream review with the goal of incorporating
RISC-V support into the upcoming QEMU 2.12 release.

The RISC-V QEMU port is still under active development, mostly with
respect to device emulation, the addition of Hypervisor support as
specified in the RISC-V Draft Privileged ISA Version 1.11, and Vector
support once the first draft is finalized later this year. We believe
now is the appropriate time for RISC-V QEMU development to be carried
out in the main QEMU repository as the code will benefit from more
rigorous review. The RISC-V QEMU port currently supports all the ISA
extensions that have been finalized and frozen in the Base ISA.

Blog post about recent additions to RISC-V QEMU: https://goo.gl/fJ4zgk

The RISC-V QEMU wiki: https://github.com/riscv/riscv-qemu/wiki

Instructions for building a busybox+dropbear root image, BBL (Berkeley
Boot Loader) and linux kernel image for use with the RISC-V QEMU
'virt' machine: https://github.com/michaeljclark/busybear-linux

*** Overview ***

The RISC-V QEMU port implements the following specifications:

* RISC-V Instruction Set Manual Volume I: User-Level ISA Version 2.2
* RISC-V Instruction Set Manual Volume II: Privileged ISA Version 1.9.1
* RISC-V Instruction Set Manual Volume II: Privileged ISA Version 1.10

The RISC-V QEMU port supports the following instruction set extensions:

* RV32GC with Supervisor-mode and User-mode (RV32IMAFDCSU)
* RV64GC with Supervisor-mode and User-mode (RV64IMAFDCSU)

The RISC-V QEMU port adds the following targets to QEMU:

* riscv32-softmmu
* riscv64-softmmu
* riscv32-linux-user
* riscv64-linux-user

The RISC-V QEMU port supports the following hardware:

* HTIF Console (Host Target Interface)
* SiFive CLINT (Core Local Interruptor) for Timer interrupts and IPIs
* SiFive PLIC (Platform Level Interrupt Controller)
* SiFive Test (Test Finisher) for exiting simulation
* SiFive UART, PRCI, AON, PWM, QSPI support is partially implemented
* VirtIO MMIO (GPEX PCI support will be added in a future patch)
* Generic 16550A UART emulation using 'hw/char/serial.c'
* MTTCG and SMP support (PLIC and CLINT) on the 'virt' machine

The RISC-V QEMU full system emulator supports 5 machines:

* 'spike_v1.9.1', CLINT, PLIC, HTIF console, config-string, Priv v1.9.1
* 'spike_v1.10', CLINT, PLIC, HTIF console, device-tree, Priv v1.10
* 'sifive_e', CLINT, PLIC, SiFive UART, HiFive1 compat, Priv v1.10
* 'sifive_u', CLINT, PLIC, SiFive UART, device-tree, Priv v1.10
* 'virt', CLINT, PLIC, 16550A UART, VirtIO, device-tree, Priv v1.10

This is a list of RISC-V QEMU Port Contributors:

* Alex Suykov
* Andreas Schwab
* Antony Pavlov
* Bastian Koppelmann
* Bruce Hoult
* Chih-Min Chao
* Daire McNamara
* Darius Rad
* David Abdurachmanov
* Hesham Almatary
* Ivan Griffin
* Jim Wilson
* Kito Cheng
* Michael Clark
* Palmer Dabbelt
* Richard Henderson
* Sagar Karandikar
* Shea Levy
* Stefan O'Rear

Notes:

* contributor email addresses available off-list on request.
* checkpatch has been run on all 23 patches.
* checkpatch exceptions are noted in patches that have errors.
* passes "make check" on full build for all targets
* tested riscv-linux-4.6.2 on 'spike_v1.9.1' machine
* tested riscv-linux-4.15 on 'spike_v1.10' and 'virt' machines
* tested SiFive HiFive1 binaries in 'sifive_e' machine
* tested RV64 on 32-bit i386

This patch series includes the following patches:

# gpg: Signature made Thu 08 Mar 2018 19:40:20 GMT
# gpg:                using DSA key 6BF1D7B357EF3E4F
# gpg: Good signature from "Michael Clark <michaeljclark@mac.com>"
# gpg:                 aka "Michael Clark <mjc@sifive.com>"
# gpg:                 aka "Michael Clark <michael@metaparadigm.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 7C99 930E B17C D8BA 073D  5EFA 6BF1 D7B3 57EF 3E4F

* remotes/riscv/tags/riscv-qemu-upstream-v8.2: (23 commits)
  RISC-V Build Infrastructure
  SiFive Freedom U Series RISC-V Machine
  SiFive Freedom E Series RISC-V Machine
  SiFive RISC-V PRCI Block
  SiFive RISC-V UART Device
  RISC-V VirtIO Machine
  SiFive RISC-V Test Finisher
  RISC-V Spike Machines
  SiFive RISC-V PLIC Block
  SiFive RISC-V CLINT Block
  RISC-V HART Array
  RISC-V HTIF Console
  Add symbol table callback interface to load_elf
  RISC-V Linux User Emulation
  RISC-V Physical Memory Protection
  RISC-V TCG Code Generation
  RISC-V GDB Stub
  RISC-V FPU Support
  RISC-V CPU Helpers
  RISC-V Disassembler
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-09 10:58:57 +00:00
Stefan Hajnoczi
4486e89c21 vl: introduce vm_shutdown()
Commit 00d09fdbba ("vl: pause vcpus before
stopping iothreads") and commit dce8921b2b
("iothread: Stop threads before main() quits") tried to work around the
fact that emulation was still active during termination by stopping
iothreads.  They suffer from race conditions:
1. virtio_scsi_handle_cmd_vq() racing with iothread_stop_all() hits the
   virtio_scsi_ctx_check() assertion failure because the BDS AioContext
   has been modified by iothread_stop_all().
2. Guest vq kick racing with main loop termination leaves a readable
   ioeventfd that is handled by the next aio_poll() when external
   clients are enabled again, resulting in unwanted emulation activity.

This patch obsoletes those commits by fully disabling emulation activity
when vcpus are stopped.

Use the new vm_shutdown() function instead of pause_all_vcpus() so that
vm change state handlers are invoked too.  Virtio devices will now stop
their ioeventfds, preventing further emulation activity after vm_stop().

Note that vm_stop(RUN_STATE_SHUTDOWN) cannot be used because it emits a
QMP STOP event that may affect existing clients.

It is no longer necessary to call replay_disable_events() directly since
vm_shutdown() does so already.

Drop iothread_stop_all() since it is no longer used.

Cc: Fam Zheng <famz@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180307144205.20619-5-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-03-08 17:38:51 +00:00
Stefan Hajnoczi
b89d92f3cf block: add aio_wait_bh_oneshot()
Sometimes it's necessary for the main loop thread to run a BH in an
IOThread and wait for its completion.  This primitive is useful during
startup/shutdown to synchronize and avoid race conditions.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180307144205.20619-2-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-03-08 17:38:51 +00:00
Claudio Imbrenda
1ffed98f24 s390x/sclp: clean up sclp masks
Introduce an sccb_mask_t to be used for SCLP event masks instead of just
unsigned int or uint32_t. This will allow later to extend the mask with
more ease.

Signed-off-by: Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>
Message-Id: <1519407778-23095-3-git-send-email-imbrenda@linux.vnet.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-03-08 15:49:23 +01:00
Nia Alarie
2231384e56 s390x/sclpconsole: Remove dead code - remove exit handlers
The other event handlers (quiesce and cpu) do not define these
handlers, and this one does nothing, so it can be removed.

Signed-off-by: Nia Alarie <nia.alarie@gmail.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Message-Id: <20180306100721.19419-1-nia.alarie@gmail.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2018-03-08 15:49:23 +01:00
Peter Maydell
3ef91576b9 -----BEGIN PGP SIGNATURE-----
iQIcBAABCAAGBQJan8v5AAoJEL6G67QVEE/ffDwP/1iXeZZXTvyztiuQaP495JQl
 1e9FChjhB+2eeLuBTZHZrxIM89aoBCHtQ8sPsWDShrdSy5REROr6CX696vyaI/wK
 R72LQ+FuyOmeIASOdAqC7xETSP8f88VvfI4YOtOYHTmIMvMh+Uz1DJAgqI9E5Zbp
 sX2BIg43qqJRaRimyihRpEkmvuV/djd4FpBC1G8r8+tv3jH2tJJ9dhhLwAUkJf34
 j3IIEqw3jhl13K1RDCgAqYovcD5sRZMgoaoD+JXxU+r0IBw5Dz9a9sQ19RzAZNaK
 sbjdgTCG7yQ0JOMOKoRDcHdCQvXLE2XhyPHvbrZ/d4nTcpZN4H9EpuDBL7PrR6kp
 c3q5Uff1UC2EBc3frJ+si27B3b/RKdDXXy6Ocb/BL2aivcVwjZlhuHPrfpR97NEL
 ONICf9OW3j1y6vHRTUMmpkEG71MHD26S6oZKljuGAgc8mjwTI7XwiU66R1+0R7b8
 YuXoHthPlWrKQgnVO7V6c/1YzV7mxjRqvPxvR6Flox/P0wxKPzC1K7UH7qxlhJEW
 xydPiBoaXZySa5M1eScwxaU2bap+zeBQTkjmJ2wpqH6OPwzKwBNLYHus78bIrQFI
 vVq8ukZeJYvLlvu4lhoQoSZM1Im6GFI2Pj65sovDuJqZ+clzqJdmI/1OzZimqSgi
 bIX+8GhilfZR+Gji3Sb1
 =dBv4
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/qio-next-pull-request' into staging

# gpg: Signature made Wed 07 Mar 2018 11:24:41 GMT
# gpg:                using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/qio-next-pull-request:
  qio: non-default context for TLS handshake
  qio: non-default context for async conn
  qio: non-default context for threaded qtask
  qio: store gsources for net listeners
  qio: introduce qio_channel_add_watch_{full|source}
  qio: rename qio_task_thread_result

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-08 11:26:14 +00:00
Michael Clark
25fa194b7b
RISC-V Build Infrastructure
This adds RISC-V into the build system enabling the following targets:

- riscv32-softmmu
- riscv64-softmmu
- riscv32-linux-user
- riscv64-linux-user

This adds defaults configs for RISC-V, enables the build for the RISC-V
CPU core, hardware, and Linux User Emulation. The 'qemu-binfmt-conf.sh'
script is updated to add the RISC-V ELF magic.

Expected checkpatch errors for consistency reasons:

ERROR: line over 90 characters
FILE: scripts/qemu-binfmt-conf.sh

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
a7240d1e4a
SiFive Freedom U Series RISC-V Machine
This provides a RISC-V Board compatible with the the SiFive Freedom U SDK.
The following machine is implemented:

- 'sifive_u'; CLINT, PLIC, UART, device-tree

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
eb637edb12
SiFive Freedom E Series RISC-V Machine
This provides a RISC-V Board compatible with the the SiFive Freedom E SDK.
The following machine is implemented:

- 'sifive_e'; CLINT, PLIC, UART, AON, GPIO, QSPI, PWM

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
e6b8552c65
SiFive RISC-V PRCI Block
Simple model of the PRCI  (Power, Reset, Clock, Interrupt) to emulate
register reads made by the SDK BSP.

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
bb72692cbd
SiFive RISC-V UART Device
QEMU model of the UART on the SiFive E300 and U500 series SOCs.
BBL supports the SiFive UART for early console access via the SBI
(Supervisor Binary Interface) and the linux kernel SBI console.

The SiFive UART implements the pre qom legacy interface consistent
with the 16550a UART in 'hw/char/serial.c'.

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Stefan O'Rear <sorear2@gmail.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
04331d0b56
RISC-V VirtIO Machine
RISC-V machine with device-tree, 16550a UART and VirtIO MMIO.
The following machine is implemented:

- 'virt'; CLINT, PLIC, 16550A UART, VirtIO MMIO, device-tree

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
88a07990fa
SiFive RISC-V Test Finisher
Test finisher memory mapped device used to exit simulation.

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
5b4beba124
RISC-V Spike Machines
RISC-V machines compatble with Spike aka riscv-isa-sim, the RISC-V
Instruction Set Simulator. The following machines are implemented:

- 'spike_v1.9.1'; HTIF console, config-string, Privileged ISA Version 1.9.1
- 'spike_v1.10'; HTIF console, device-tree, Privileged ISA Version 1.10

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
1e24429e40
SiFive RISC-V PLIC Block
The PLIC (Platform Level Interrupt Controller) device provides a
parameterizable interrupt controller based on SiFive's PLIC specification.

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Stefan O'Rear <sorear2@gmail.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
1c77c410b6
SiFive RISC-V CLINT Block
The CLINT (Core Local Interruptor) device provides real-time clock, timer
and interprocessor interrupts based on SiFive's CLINT specification.

Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
Signed-off-by: Stefan O'Rear <sorear2@gmail.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
4b50b8d9f2
RISC-V HART Array
Holds the state of a heterogenous array of RISC-V hardware threads.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
5033606780
RISC-V HTIF Console
HTIF (Host Target Interface) provides console emulation for QEMU. HTIF
allows identical copies of BBL (Berkeley Boot Loader) and linux to run
on both Spike and QEMU. BBL provides HTIF console access via the
SBI (Supervisor Binary Interface) and the linux kernel SBI console.

The HTIT chardev implements the pre qom legacy interface consistent
with the 16550a UART in 'hw/char/serial.c'.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
Signed-off-by: Stefan O'Rear <sorear2@gmail.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
a2480ffa88
Add symbol table callback interface to load_elf
The RISC-V HTIF (Host Target Interface) console device requires access
to the symbol table to locate the 'tohost' and 'fromhost' symbols.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
ea10325917
RISC-V Disassembler
The RISC-V disassembler has no dependencies outside of the 'disas'
directory so it can be applied independently. The majority of the
disassembler is machine-generated from instruction set metadata:

- https://github.com/michaeljclark/riscv-meta

Expected checkpatch errors for consistency and brevity reasons:

ERROR: line over 90 characters
ERROR: trailing statements should be on next line
ERROR: space prohibited between function name and open parenthesis '('

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Michael Clark
f71a8eaffb
RISC-V ELF Machine Definition
Define RISC-V ELF machine EM_RISCV 243

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
Signed-off-by: Michael Clark <mjc@sifive.com>
2018-03-07 08:30:28 +13:00
Paolo Bonzini
b2a44fcad7 address_space_read: address_space_to_flatview needs RCU lock
address_space_read is calling address_space_to_flatview but it can
be called outside the RCU lock.  To fix it, push the rcu_read_lock/unlock
pair up from flatview_read_full to address_space_read's constant size
fast path and address_space_read_full.

Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-06 14:01:28 +01:00
Paolo Bonzini
785a507ec7 memory: inline some performance-sensitive accessors
These accessors are called from inlined functions, and the call sequence
is much more expensive than just inlining the access.  Move the
struct declaration to memory-internal.h so that exec.c and memory.c
can both use an inline function.

Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-06 14:01:27 +01:00
Marc-André Lureau
80818e9ecb lockable: workaround GCC link issue with ASAN
Current GCC has an optimization bug when compiling with ASAN.

See also GCC bug:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84307

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180215212552.26997-3-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-06 14:01:27 +01:00
Alexey Kardashevskiy
961c47bb8b qmp: Add qom-list-properties to list QOM object properties
There is already 'device-list-properties' which does most of the job,
however it does not handle everything returned by qom-list-types such
as machines as they inherit directly from TYPE_OBJECT and not TYPE_DEVICE.
It does not handle abstract classes either.

This adds a new qom-list-properties command which prints properties
of a specific class and its instance. It is pretty much a simplified copy
of the device-list-properties handler.

Since it creates an object instance, device properties should appear
in the output as they are copied to QOM properties at the instance_init
hook.

This adds a object_class_property_iter_init() helper to allow class
properties enumeration uses it in the new QMP command to allow properties
listing for abstract classes.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Message-Id: <20180301130939.15875-3-aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-06 14:01:26 +01:00
Thomas Huth
1454509726 scsi: Remove automatic creation of SCSI controllers with -drive if=scsi
Automatic creation of SCSI controllers for "-drive if=scsi" for x86
machines was quite a bad idea (see description of commit f778a82f0c
for details). This is marked as deprecated since QEMU v2.9.0, and as
far as I know, nobody complained that this is still urgently required
anymore. Time to remove this now.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1519123357-13225-1-git-send-email-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-06 14:00:59 +01:00
Peter Maydell
58e2e17dba Block layer patches
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJanYJPAAoJEH8JsnLIjy/WxjUQAJA+DTOmGXvaNpMs65BrU79K
 /r/iGVrzHv/RMLmrWMnqj96W9SnpMuiAP9hVLNsekqClY9q4ME4DpGcXhWfhSvF5
 FC51ehvFJdfo8cPorsevcqNj60iWebjcx3lFfUq2606UOyYih3oijYxr6gSwWbRc
 GAgdGMqsvGYpzgqAQVEWHUhaX0La49/OzY42aR+E+LCBNfTYvlydvyoc+tUTdIpW
 1eM/ASGndGsN0Cf2vxlbKgJ0/P6v+cRZuuIDhKZqre+YG+yM+pq7yZb+o7nf/P36
 TPR93BsT7FSVAizRK7VFRuPIynHpiaxYygrJERCXF0sxsV4OlKjpmt/uUPamWFh+
 46Jx2NK1AuAx87BdErgmA119ObO3oAPxK0+2p981obb6SphTbbPxDj6SOlYCt4mJ
 mhff4JtIiwCmDSckAwd2mkBI1Tvl9qqcELrpyd2t2eU4ec2vf7fPd85EsK/Mq6Kr
 dbfqFvjNaaMxChoqFgkHAveYJ7zYqRFI2IY5o9c1QyZehCGPWjScxHXZZYdpDl59
 YF9DkYQDOyvEX2jmMECaO1r/0nnO+BqQHu5ItJuTte9rjP9Q0do3iBISiIefewtf
 yji6/QNn2hFrnr1HPAwLFFC3kPgc8Mq8mIUb53j8vG/01KhVRCcnJm2K6D4IUwLZ
 S6ZnQJB97eE4y7YR5dNt
 =2axz
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Mon 05 Mar 2018 17:45:51 GMT
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (38 commits)
  block: Fix NULL dereference on empty drive error
  qcow2: Replace align_offset() with ROUND_UP()
  block/ssh: Add basic .bdrv_truncate()
  block/ssh: Make ssh_grow_file() blocking
  block/ssh: Pull ssh_grow_file() from ssh_create()
  qemu-img: Make resize error message more general
  qcow2: make qcow2_co_create2() a coroutine_fn
  block: rename .bdrv_create() to .bdrv_co_create_opts()
  Revert "IDE: Do not flush empty CDROM drives"
  block: test blk_aio_flush() with blk->root == NULL
  block: add BlockBackend->in_flight counter
  block: extract AIO_WAIT_WHILE() from BlockDriverState
  aio: rename aio_context_in_iothread() to in_aio_context_home_thread()
  docs: document how to use the l2-cache-entry-size parameter
  specs/qcow2: Fix documentation of the compressed cluster descriptor
  iotest 033: add misaligned write-zeroes test via truncate
  block: fix write with zero flag set and iovector provided
  block: Drop unused .bdrv_co_get_block_status()
  vvfat: Switch to .bdrv_co_block_status()
  vpc: Switch to .bdrv_co_block_status()
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	include/block/block.h
2018-03-06 11:20:44 +00:00
Peter Xu
1939ccdaa6 qio: non-default context for TLS handshake
A new parameter "context" is added to qio_channel_tls_handshake() is to
allow the TLS to be run on a non-default context.  Still, no functional
change.

Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-06 10:19:07 +00:00
Peter Xu
8005fdd8fa qio: non-default context for async conn
We have worked on qio_task_run_in_thread() already.  Further, let
all the qio channel APIs use that context.

Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-06 10:19:06 +00:00
Peter Xu
a17536c594 qio: non-default context for threaded qtask
qio_task_run_in_thread() allows main thread to run blocking operations
in the background. However it has an assumption on that it's always
working with the default context. This patch tries to allow the threaded
QIO task framework to run with non-default gcontext.

Currently no functional change so far, so the QIOTasks are still always
running on main context.

Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-06 10:19:05 +00:00
Peter Xu
938c8b79e5 qio: store gsources for net listeners
Originally we were storing the GSources tag IDs.  That'll be not enough
if we are going to support non-default gcontext for QIO code.  Switch to
GSources without changing anything real.  Now we still always pass in
NULL, which means the default gcontext.

Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-06 10:19:05 +00:00
Peter Xu
315409c711 qio: introduce qio_channel_add_watch_{full|source}
Firstly, introduce an internal qio_channel_add_watch_full(), which
enhances qio_channel_add_watch() that context can be specified.

Then add a new API wrapper qio_channel_add_watch_source() to return a
GSource pointer rather than a tag ID.

Note that the _source() call will keep a reference of GSource so that
callers need to unref them explicitly when finished using the GSource.

Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-06 10:19:04 +00:00