Commit Graph

116976 Commits

Author SHA1 Message Date
Peter Xu
4daff81efb migration: Check current_migration in migration_is_running()
Report shows that commit 34a8892dec broke iotest 055:

https://lore.kernel.org/r/b8806360-a2b6-4608-83a3-db67e264c733@linaro.org

Denis Rastyogin reported more such issue:

https://lore.kernel.org/r/20241107114256.106831-1-gerben@altlinux.org

  In this merge, the migration_is_idle() function was replaced with
  migrate_is_running().  However, the null pointer check for `s` was
  removed, leading to a dereference of `s` when using qemu-system-x86_64
  -hda *.vdi.

When replacing migration_is_idle() with "!migration_is_running()", it was
overlooked that the idle helper also checks for current_migration being
available first.  Sample stack dump:

 migration_is_running
 is_busy
 migrate_add_blocker_modes
 migrate_add_blocker_normal
 vmdk_open
 bdrv_open_driver
 bdrv_open_common
 bdrv_open_inherit
 bdrv_open
 blk_new_open
 blockdev_init
 drive_new
 drive_init_func
 qemu_opts_foreach
 configure_blockdev
 qemu_create_early_backends
 qemu_init
 main

The check would be there if the whole series was applied, but since the
last patches in the previous series rely on some other patches to land
first, we need to recover the behavior of migration_is_idle() first before
that whole set will be merged.

I left migration_is_active / migration_is_device alone, as I don't think
it's possible for them to hit uninitialized current_migration. Also they're
prone to removal soon from VFIO side.

Cc: Peter Maydell <peter.maydell@linaro.org>
Fixes: 34a8892dec ("migration: Drop migration_is_idle()")
Reported-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reported-by: Denis Rastyogin <gerben@altlinux.org>
Tested-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Link: https://lore.kernel.org/r/20241105182725.2393425-1-peterx@redhat.com
[peterx: enhance commit msg]
Signed-off-by: Peter Xu <peterx@redhat.com>
2024-11-13 13:02:45 -05:00
Peter Maydell
f0cfd06786 * i386: fix -M isapc with ubsan
* i386: add sha512, sm3, sm4 feature bits
 * eif: fix Coverity issues
 * i386/hvf: x2APIC support
 * i386/hvf: fixes
 * i386/tcg: fix 2-stage page walk
 * eif: fix coverity issues
 * rust: fix subproject warnings with new rust, avoid useless cmake fallback
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmcvEHYUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroNn4AgAl+GaD/fHHU+9TCyKRg1Ux/iTSkqh
 PBs76H2w879TDeuPkKZlnYqc7n85rlh1cJwQz01X79OFEeXP6oHiI9Q6qyflSxF0
 V+DrJhZc1CtZBChx9ZUMWUAWjYJFFjNwYA7/LLuLl6RfOm8bIJUWIhDjliJ4Bcea
 5VI13OtTvYvVurRLUBXWU0inh9KLHIw4RlNgi8Pmb2wNXkPxENpWjsGqWH0jlKS5
 ZUNgTPx/eY5MDwKoAyif2gsdfJlxGxgkpz3Mic4EGE9cw1cRASI3tKb3KH61hNTE
 K21UI0+/+kv27cPnpZzYMDSkrJs7PEgVJ/70NRmAJySA76IG3XSsb5+xZg==
 =pI4/
 -----END PGP SIGNATURE-----

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* i386: fix -M isapc with ubsan
* i386: add sha512, sm3, sm4 feature bits
* eif: fix Coverity issues
* i386/hvf: x2APIC support
* i386/hvf: fixes
* i386/tcg: fix 2-stage page walk
* eif: fix coverity issues
* rust: fix subproject warnings with new rust, avoid useless cmake fallback

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmcvEHYUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroNn4AgAl+GaD/fHHU+9TCyKRg1Ux/iTSkqh
# PBs76H2w879TDeuPkKZlnYqc7n85rlh1cJwQz01X79OFEeXP6oHiI9Q6qyflSxF0
# V+DrJhZc1CtZBChx9ZUMWUAWjYJFFjNwYA7/LLuLl6RfOm8bIJUWIhDjliJ4Bcea
# 5VI13OtTvYvVurRLUBXWU0inh9KLHIw4RlNgi8Pmb2wNXkPxENpWjsGqWH0jlKS5
# ZUNgTPx/eY5MDwKoAyif2gsdfJlxGxgkpz3Mic4EGE9cw1cRASI3tKb3KH61hNTE
# K21UI0+/+kv27cPnpZzYMDSkrJs7PEgVJ/70NRmAJySA76IG3XSsb5+xZg==
# =pI4/
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 09 Nov 2024 07:34:14 GMT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
  hw/i386/pc: Don't try to init PCI NICs if there is no PCI bus
  rust: qemu-api-macros: always process subprojects before dependencies
  i386/hvf: Removes duplicate/shadowed variables in hvf_vcpu_exec
  i386/hvf: Raise exception on error setting APICBASE
  i386/hvf: Fixes startup memory leak (vmcs caps)
  i386/hvf: Fix for UB in handling CPUID function 0xD
  i386/hvf: Integrates x2APIC support with hvf accel
  eif: cope with huge section sizes
  eif: cope with huge section offsets
  target/i386: Fix legacy page table walk
  rust: add meson_version to all subprojects
  target/i386/hvf: fix clang compilation warning
  target/i386: add sha512, sm3, sm4 feature bits

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-11-09 12:34:01 +00:00
Peter Maydell
bd0e501e1a hw/i386/pc: Don't try to init PCI NICs if there is no PCI bus
The 'isapc' machine type has no PCI bus, but pc_nic_init() still
calls pci_init_nic_devices() passing it a NULL bus pointer.  This
causes the clang sanitizer to complain:

$ ./build/clang/qemu-system-i386 -M isapc
../../hw/pci/pci.c:1866:39: runtime error: member access within null pointer of type 'PCIBus' (aka 'struct PCIBus')
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../hw/pci/pci.c:1866:39 in

This is because pci_init_nic_devices() does
 &bus->qbus
which is undefined behaviour on a NULL pointer even though we're not
actually dereferencing the pointer. (We don't actually crash as
a result, so if you aren't running a sanitizer build then there
are no user-visible effects.)

Make pc_nic_init() avoid trying to initialize PCI NICs on a non-PCI
system.

Cc: qemu-stable@nongnu.org
Fixes: 8d39f9ba14 ("hw/i386/pc: use qemu_get_nic_info() and pci_init_nic_devices()")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Link: https://lore.kernel.org/r/20241105171813.3031969-1-peter.maydell@linaro.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-09 08:34:07 +01:00
Paolo Bonzini
88dd060db9 rust: qemu-api-macros: always process subprojects before dependencies
Avoid looking for Rust dependencies via cmake.

Reviewed-by: Junjie Mao <junjie.mao@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-09 08:34:07 +01:00
Phil Dennis-Jordan
b659ef9d35 i386/hvf: Removes duplicate/shadowed variables in hvf_vcpu_exec
Pointers to the x86 CPU state already exist at the function scope,
no need to re-obtain them in individual exit reason cases.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Link: https://lore.kernel.org/r/20241105155800.5461-6-phil@philjordan.eu
Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-09 08:34:07 +01:00
Phil Dennis-Jordan
04858f95fa i386/hvf: Raise exception on error setting APICBASE
When setting the APICBASE MSR to an illegal value, the APIC
implementation will return an error. This change forwards that report
to the guest as an exception rather than ignoring it when using the hvf
accelerator.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Link: https://lore.kernel.org/r/20241105155800.5461-5-phil@philjordan.eu
Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-09 08:34:07 +01:00
Phil Dennis-Jordan
3a75ba650c i386/hvf: Fixes startup memory leak (vmcs caps)
The hvf_caps data structure only exists once as part of the hvf accelerator
state, but it is initialised during vCPU initialisation. This change therefore
adds a check to ensure memory for it is only allocated once.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Link: https://lore.kernel.org/r/20241105155800.5461-4-phil@philjordan.eu
Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-09 08:34:07 +01:00
Phil Dennis-Jordan
e3150028ff i386/hvf: Fix for UB in handling CPUID function 0xD
The handling for CPUID function 0xD (supported XSAVE features) was
improved in a recent patch. Unfortunately, this appears to have
introduced undefined behaviour for cases where ecx > 30, as the result
of (1 << idx) is undefined if idx > 30.

Per Intel SDM section 13.2, the behaviour for ecx values up to and
including 62 are specified. This change therefore specifically sets
all registers returned by the CPUID instruction to 0 for 63 and higher.
Furthermore, the bit shift uses uint64_t, where behaviour for the entire
range of 2..62 is safe and correct.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Link: https://lore.kernel.org/r/20241105155800.5461-3-phil@philjordan.eu
Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-09 08:34:07 +01:00
Phil Dennis-Jordan
0e27f3a5d0 i386/hvf: Integrates x2APIC support with hvf accel
Support for x2APIC mode was recently introduced in the software emulated
APIC implementation for TCG. Enabling it when using macOS’s hvf
accelerator is useful and significantly helps performance, as Qemu
currently uses the emulated APIC when running on hvf as well.

This change wires up the read & write operations for the MSR VM exits
and allow-lists the CPUID flag in the x86 hvf runtime.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Link: https://lore.kernel.org/r/20241105155800.5461-2-phil@philjordan.eu
Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-09 08:34:07 +01:00
Paolo Bonzini
b7e55bd9d0 eif: cope with huge section sizes
Check for overflow as well as allocation failure.  Resolves Coverity CID 1564859.

Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-09 08:34:00 +01:00
Peter Maydell
134b443512 * Various fixes and improvements for the functional tests
* Refresh CI container files with the latest changes from libvirt-ci
 * Clean up keyboard code of the next-cube machine to get rid of a legacy API
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmct48QRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbUAzw//fOgAe+rNX10KIEWaHzTlw6EPRUHbKEo+
 yvy9mZ4CYiK3PfojuW6u9Mt32RIGFjLRUPC+ljZggjbxY2DUjzAUGx/kSwf0bzwE
 8eRKRvd+l3ZFKklwDd7YQh+/O38P/uAq+T0AZQv/9h7rr0wPD6O+sVpKjVN4akuh
 66Ekz974bDFaVJi8iIix0WCPCUFMZwWQqxaQrnoBH3wN8Ibc6Ermchs7aa1e6KNh
 DoX519JVNofXbugONNnqEjp43tbx/hzPZFyWf9tyX8ehp6+8po0zcZZwqdRkWhuv
 BkESKPz8rHuQOGMjm8rAnjmDEsbpJ+vOfn/ShdyAERv78mTNWwSvYVwq5zfpcTCt
 9gpCNhhFzFLKlbDeIfgy9ky4R8Gzrww3icLzCsLlat6YCK547YkSr57BsYXJzLX4
 /NUYsaJ1RPdutwgNnmSzhBhObtUik3rFYH5aD0ETWZBdVY8ig5OqGpJ29P5zo860
 ROVFn4RX/XpmODOpYez4dwKVetR5SLHNG1aqduWKOwhAxPzLxK5OghjYkGf0bsel
 gA9t7A1TafgneYxJARKi7esD39xeUzhfzdzCOIOLXJga5kD2/bvZnQ4tkoLPl8QR
 iQEp1z758XmSFTYfzGUDA7SgIOzi9JG5dqtzcqJklr9wYurxwMYmqicJqA4ImoQt
 fZV/axe8Em0=
 =YRCB
 -----END PGP SIGNATURE-----

Merge tag 'pull-request-2024-11-08' of https://gitlab.com/thuth/qemu into staging

* Various fixes and improvements for the functional tests
* Refresh CI container files with the latest changes from libvirt-ci
* Clean up keyboard code of the next-cube machine to get rid of a legacy API

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmct48QRHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbUAzw//fOgAe+rNX10KIEWaHzTlw6EPRUHbKEo+
# yvy9mZ4CYiK3PfojuW6u9Mt32RIGFjLRUPC+ljZggjbxY2DUjzAUGx/kSwf0bzwE
# 8eRKRvd+l3ZFKklwDd7YQh+/O38P/uAq+T0AZQv/9h7rr0wPD6O+sVpKjVN4akuh
# 66Ekz974bDFaVJi8iIix0WCPCUFMZwWQqxaQrnoBH3wN8Ibc6Ermchs7aa1e6KNh
# DoX519JVNofXbugONNnqEjp43tbx/hzPZFyWf9tyX8ehp6+8po0zcZZwqdRkWhuv
# BkESKPz8rHuQOGMjm8rAnjmDEsbpJ+vOfn/ShdyAERv78mTNWwSvYVwq5zfpcTCt
# 9gpCNhhFzFLKlbDeIfgy9ky4R8Gzrww3icLzCsLlat6YCK547YkSr57BsYXJzLX4
# /NUYsaJ1RPdutwgNnmSzhBhObtUik3rFYH5aD0ETWZBdVY8ig5OqGpJ29P5zo860
# ROVFn4RX/XpmODOpYez4dwKVetR5SLHNG1aqduWKOwhAxPzLxK5OghjYkGf0bsel
# gA9t7A1TafgneYxJARKi7esD39xeUzhfzdzCOIOLXJga5kD2/bvZnQ4tkoLPl8QR
# iQEp1z758XmSFTYfzGUDA7SgIOzi9JG5dqtzcqJklr9wYurxwMYmqicJqA4ImoQt
# fZV/axe8Em0=
# =YRCB
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 08 Nov 2024 10:11:16 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2024-11-08' of https://gitlab.com/thuth/qemu:
  ui/input-legacy.c: remove unused legacy qemu_add_kbd_event_handler() function
  next-kbd: convert to use qemu_input_handler_register()
  tests: refresh package lists with latest libvirt-ci
  tests/functional: Split the test_aarch64_sbsaref test
  tests/functional: Bump timeouts of functional tests
  tests/functional: Provide the user with hints where to find more log files
  tests/functional: Fix the ppc64_hv and the ppc_40p test for read-only assets
  test/functional: Fix Aspeed buildroot tests
  tests/functional: Convert the riscv_opensbi avocado test into a standalone test
  scripts/checkpatch.pl: Ignore ObjC #import lines for operator spacing

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-11-08 14:47:29 +00:00
Peter Maydell
96ed19c3bc * Fix crash with a bad 9p client.
-----BEGIN PGP SIGNATURE-----
 
 iQJLBAABCgA1FiEEltjREM96+AhPiFkBNMK1h2Wkc5UFAmct4E4XHHFlbXVfb3Nz
 QGNydWRlYnl0ZS5jb20ACgkQNMK1h2Wkc5Wm2RAAjNvQ/0AHrsq8uHc4bsnLsyJH
 5ighwtc3yyjcx+UDEyVR1Jd2fZ9ChFL+KlGcm21JtVlykum2nfzMToZY907M7MdS
 GDG+NKmF2+VsVjyfqsWvyqBAPZkdPcfjgImxNZ2lGl6X2NUCstO4vluW9SWUbQI5
 A9zcA+2XO/P4ufTkjh1L7Kvl2r3Q1qZNbBMdHI/aaiYW/V3W0lsb+xyEhfQ/q5MW
 wqUReTnBf5LdySpd5MlpkB6hdaBoqzKlA5Yw54xv49WH4IsvWVoCwvVWecOUFPhJ
 Vnr5zyHRySbTCIswNGkN6ujrr5Had2zLFwbwoc9SvRx/DnWe5nmnyrsGHXF6+qhe
 xwVd0Nv41ZYUhbfbQS4BbeSOQ1sMCoo7g/QDxUt7JEabBcwJtZXcIfVAkpIgpaOD
 DKCVZiUg9Y30sm6xJOZ9pxoFSwqk17mxwU3GmJyFgAA96zgSMQ9IOsY5n96LOvOo
 XaCFhV3i8OS0CCfncLGITcKo+CId5i02g4pjdhitqQSFqNOCZouPrBkKfuHTakw0
 uviJG2wLHOH1a6E0RHM48zqDKe47/I13xn3OQfpdHRjCwwmKgmrnMuz/AcyTCn/r
 V+ELrXT4TRgrRtNnxW1HCnxnqUKOe3ftMFiGHJXed+ioBXp4zNxqc6PDHNPgCOcZ
 +jGMcGyq7v7VM2MDj/Y=
 =20CO
 -----END PGP SIGNATURE-----

Merge tag 'pull-9p-20241108' of https://github.com/cschoenebeck/qemu into staging

* Fix crash with a bad 9p client.

# -----BEGIN PGP SIGNATURE-----
#
# iQJLBAABCgA1FiEEltjREM96+AhPiFkBNMK1h2Wkc5UFAmct4E4XHHFlbXVfb3Nz
# QGNydWRlYnl0ZS5jb20ACgkQNMK1h2Wkc5Wm2RAAjNvQ/0AHrsq8uHc4bsnLsyJH
# 5ighwtc3yyjcx+UDEyVR1Jd2fZ9ChFL+KlGcm21JtVlykum2nfzMToZY907M7MdS
# GDG+NKmF2+VsVjyfqsWvyqBAPZkdPcfjgImxNZ2lGl6X2NUCstO4vluW9SWUbQI5
# A9zcA+2XO/P4ufTkjh1L7Kvl2r3Q1qZNbBMdHI/aaiYW/V3W0lsb+xyEhfQ/q5MW
# wqUReTnBf5LdySpd5MlpkB6hdaBoqzKlA5Yw54xv49WH4IsvWVoCwvVWecOUFPhJ
# Vnr5zyHRySbTCIswNGkN6ujrr5Had2zLFwbwoc9SvRx/DnWe5nmnyrsGHXF6+qhe
# xwVd0Nv41ZYUhbfbQS4BbeSOQ1sMCoo7g/QDxUt7JEabBcwJtZXcIfVAkpIgpaOD
# DKCVZiUg9Y30sm6xJOZ9pxoFSwqk17mxwU3GmJyFgAA96zgSMQ9IOsY5n96LOvOo
# XaCFhV3i8OS0CCfncLGITcKo+CId5i02g4pjdhitqQSFqNOCZouPrBkKfuHTakw0
# uviJG2wLHOH1a6E0RHM48zqDKe47/I13xn3OQfpdHRjCwwmKgmrnMuz/AcyTCn/r
# V+ELrXT4TRgrRtNnxW1HCnxnqUKOe3ftMFiGHJXed+ioBXp4zNxqc6PDHNPgCOcZ
# +jGMcGyq7v7VM2MDj/Y=
# =20CO
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 08 Nov 2024 09:56:30 GMT
# gpg:                using RSA key 96D8D110CF7AF8084F88590134C2B58765A47395
# gpg:                issuer "qemu_oss@crudebyte.com"
# gpg: Good signature from "Christian Schoenebeck <qemu_oss@crudebyte.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: ECAB 1A45 4014 1413 BA38  4926 30DB 47C3 A012 D5F4
#      Subkey fingerprint: 96D8 D110 CF7A F808 4F88  5901 34C2 B587 65A4 7395

* tag 'pull-9p-20241108' of https://github.com/cschoenebeck/qemu:
  9pfs: fix crash on 'Treaddir' request

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-11-08 10:26:15 +00:00
Peter Maydell
ff30ed9c44 nvme queue
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmctyJoACgkQTeGvMW1P
 DelYBgf+OofWBMas7WJykSpPkhmAUPhUZ50XmeuJqPntb7JLTv7Ne7eoe5/ddG/G
 ul3M3B4oaErx6j6gbAVwRO7EwnLXhI3YL8Ar5ykqXQD9ZqIhXdhKqO7JxSKgBMuN
 0Jtaarviqrn9BO+ZTiMmtJIwh1/tztmmzv97m7r3SwEaoVCK6xK1iIE/dPNIO/ad
 UxWkuSCBWIy9iKuN61q9tBYUMhfhvUggobtU7a9zjrtfSWV1rzboDIgKi8T1DToS
 ahKLsztFg3X4PhBD8O//u0WZSdr/Fh+/3Ya1Dfxsh/wWinuO1kRCEbCCsW+TqDC2
 0vLHlVCtGEmibz8Fhk06c+0QdbHMPQ==
 =dsX0
 -----END PGP SIGNATURE-----

Merge tag 'pull-nvme-20241108' of https://gitlab.com/birkelund/qemu into staging

nvme queue

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmctyJoACgkQTeGvMW1P
# DelYBgf+OofWBMas7WJykSpPkhmAUPhUZ50XmeuJqPntb7JLTv7Ne7eoe5/ddG/G
# ul3M3B4oaErx6j6gbAVwRO7EwnLXhI3YL8Ar5ykqXQD9ZqIhXdhKqO7JxSKgBMuN
# 0Jtaarviqrn9BO+ZTiMmtJIwh1/tztmmzv97m7r3SwEaoVCK6xK1iIE/dPNIO/ad
# UxWkuSCBWIy9iKuN61q9tBYUMhfhvUggobtU7a9zjrtfSWV1rzboDIgKi8T1DToS
# ahKLsztFg3X4PhBD8O//u0WZSdr/Fh+/3Ya1Dfxsh/wWinuO1kRCEbCCsW+TqDC2
# 0vLHlVCtGEmibz8Fhk06c+0QdbHMPQ==
# =dsX0
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 08 Nov 2024 08:15:22 GMT
# gpg:                using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [full]
# gpg:                 aka "Klaus Jensen <k.jensen@samsung.com>" [full]
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468  4272 63D5 6FC5 E55D A838
#      Subkey fingerprint: 5228 33AA 75E2 DCE6 A247  66C0 4DE1 AF31 6D4F 0DE9

* tag 'pull-nvme-20241108' of https://gitlab.com/birkelund/qemu:
  hw/nvme: fix handling of over-committed queues

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-11-08 10:26:11 +00:00
Mark Cave-Ayland
e7e76150a2 ui/input-legacy.c: remove unused legacy qemu_add_kbd_event_handler() function
Since the last keyboard device has now been converted over to use
qemu_input_handler_register(), the legacy qemu_add_kbd_event_handler() function
is now unused and can be removed.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241106120928.242443-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 11:06:42 +01:00
Mark Cave-Ayland
44e21ef055 next-kbd: convert to use qemu_input_handler_register()
Convert the next-kbd device from the legacy UI qemu_add_kbd_event_handler()
function to use qemu_input_handler_register().

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20241106120928.242443-2-mark.cave-ayland@ilande.co.uk>
[thuth: Removed the NEXTKBD_NO_KEY definition - replaced by 0 now]
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 11:05:55 +01:00
Christian Schoenebeck
042b4ebfd2 9pfs: fix crash on 'Treaddir' request
A bad (broken or malicious) 9p client (guest) could cause QEMU host to
crash by sending a 9p 'Treaddir' request with a numeric file ID (FID) that
was previously opened for a file instead of an expected directory:

  #0  0x0000762aff8f4919 in __GI___rewinddir (dirp=0xf) at
    ../sysdeps/unix/sysv/linux/rewinddir.c:29
  #1  0x0000557b7625fb40 in do_readdir_many (pdu=0x557bb67d2eb0,
    fidp=0x557bb67955b0, entries=0x762afe9fff58, offset=0, maxsize=131072,
    dostat=<optimized out>) at ../hw/9pfs/codir.c:101
  #2  v9fs_co_readdir_many (pdu=pdu@entry=0x557bb67d2eb0,
    fidp=fidp@entry=0x557bb67955b0, entries=entries@entry=0x762afe9fff58,
    offset=0, maxsize=131072, dostat=false) at ../hw/9pfs/codir.c:226
  #3  0x0000557b7625c1f9 in v9fs_do_readdir (pdu=0x557bb67d2eb0,
    fidp=0x557bb67955b0, offset=<optimized out>,
    max_count=<optimized out>) at ../hw/9pfs/9p.c:2488
  #4  v9fs_readdir (opaque=0x557bb67d2eb0) at ../hw/9pfs/9p.c:2602

That's because V9fsFidOpenState was declared as union type. So the
same memory region is used for either an open POSIX file handle (int),
or a POSIX DIR* pointer, etc., so 9p server incorrectly used the
previously opened (valid) POSIX file handle (0xf) as DIR* pointer,
eventually causing a crash in glibc's rewinddir() function.

Root cause was therefore a missing check in 9p server's 'Treaddir'
request handler, which must ensure that the client supplied FID was
really opened as directory stream before trying to access the
aforementioned union and its DIR* member.

Cc: qemu-stable@nongnu.org
Fixes: d62dbb51f7 ("virtio-9p: Add fidtype so that we can do type ...")
Reported-by: Akihiro Suda <suda.kyoto@gmail.com>
Tested-by: Akihiro Suda <suda.kyoto@gmail.com>
Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Message-Id: <E1t8GnN-002RS8-E2@kylie.crudebyte.com>
2024-11-08 10:38:12 +01:00
Klaus Jensen
9529aa6bb4 hw/nvme: fix handling of over-committed queues
If a host chooses to use the SQHD "hint" in the CQE to know if there is
room in the submission queue for additional commands, it may result in a
situation where there are not enough internal resources (struct
NvmeRequest) available to process the command. For a lack of a better
term, the host may "over-commit" the device (i.e., it may have more
inflight commands than the queue size).

For example, assume a queue with N entries. The host submits N commands
and all are picked up for processing, advancing the head and emptying
the queue. Regardless of which of these N commands complete first, the
SQHD field of that CQE will indicate to the host that the queue is
empty, which allows the host to issue N commands again. However, if the
device has not posted CQEs for all the previous commands yet, the device
will have less than N resources available to process the commands, so
queue processing is suspended.

And here lies an 11 year latent bug. In the absense of any additional
tail updates on the submission queue, we never schedule the processing
bottom-half again unless we observe a head update on an associated full
completion queue. This has been sufficient to handle N-to-1 SQ/CQ setups
(in the absense of over-commit of course). Incidentially, that "kick all
associated SQs" mechanism can now be killed since we now just schedule
queue processing when we return a processing resource to a non-empty
submission queue, which happens to cover both edge cases. However, we
must retain kicking the CQ if it was previously full.

So, apparently, no previous driver tested with hw/nvme has ever used
SQHD (e.g., neither the Linux NVMe driver or SPDK uses it). But then OSv
shows up with the driver that actually does. I salute you.

Fixes: f3c507adcd ("NVMe: Initial commit for new storage interface")
Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2388
Reported-by: Waldemar Kozaczuk <jwkozaczuk@gmail.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2024-11-08 09:14:30 +01:00
Daniel P. Berrangé
7a383b993e tests: refresh package lists with latest libvirt-ci
This updates the libvirt-ci  submodule to pull in various fixes,
the most notable reducing native package sets in cross builds.
Some packages were mistakenly marked as native, rather than
foreign, in libvirt-ci. Fixing this causes our dockerfiles to
pick up the cross arch package instead of native one, thus
improving our test coverage in a few areas.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20241106123525.511491-1-berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 06:16:45 +01:00
Thomas Huth
9acd388454 tests/functional: Split the test_aarch64_sbsaref test
The test_aarch64_sbsaref test is the test with the longest runtime
in our functional test suite. Split it into parts so that it can
be run on multiple CPUs in parallel.

For this we have to move the fetch_firmware() function out of the
class definition to be able to reuse it easily from the other tests
(deriving the Aarch64SbsarefAlpine and Aarch64SbsarefFreeBSD directly
from Aarch64SbsarefMachine does not work, unfortunately, since we'd
inherit the test_sbsaref_edk2_firmware() function that way, causing
it to be run multiple times - and keeping the fetch_firmware() in
a separate class without the test_sbsaref_edk2_firmware() function
also does not work since the "make precache-functional" won't work
in that case ==> turning fetch_firmware() into a static function is
the best option).

Message-ID: <20241106175029.1000589-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 06:16:45 +01:00
Thomas Huth
f5ccd7e010 tests/functional: Bump timeouts of functional tests
When building QEMU with "--enable-debug" and running the tests
in parallel with "make -j$(nproc) check-functional", many tests are
still timing out due to our conservative timeout settings. Bump
the timeouts of the problematic tests and also increase the default
timeout to 90 seconds (from 60 seconds) to be on the safe side.

Message-ID: <20241106170946.990731-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 06:16:45 +01:00
Thomas Huth
bb986e4068 tests/functional: Provide the user with hints where to find more log files
Since the base.log and console.log files are not referenced from the
meson test logs yet, they might be hard to find for the casual users.
Thus let's print some hints in case a test case failed. For this we
have to run unittest.main() with exit=False to get the results of the
testing. Then we can iterate through the failed test cases to print
out the information accordingly.

Message-ID: <20241105123849.359391-1-thuth@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 06:16:38 +01:00
Thomas Huth
dd6402b34f tests/functional: Fix the ppc64_hv and the ppc_40p test for read-only assets
Since commit 786bc22552, cached asset files are read-only, so now we've
got to use "read-only=true" in tests that try to use these files directly.

Fixes: 786bc22552 ("tests/functional: make cached asset files read-only")
Message-ID: <20241105160926.393852-1-thuth@redhat.com>
Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 06:13:34 +01:00
Cédric Le Goater
feda2611b9 test/functional: Fix Aspeed buildroot tests
Since commit 786bc22552, cached asset files are read-only. Adjust
the QEMU command line for buildroot tests to reflect the new
constraint on the flash drive.

Fixes: f04cb2d00d ("tests/functional: Convert most Aspeed machine tests")
Suggested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241105132339.2967202-1-clg@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 06:13:34 +01:00
Thomas Huth
6a564c8a18 tests/functional: Convert the riscv_opensbi avocado test into a standalone test
The avocado test defined test functions for both, riscv32 and riscv64.
Since we can run the whole file with multiple targets in the new
framework, we can now consolidate the functions so we have to only
define one function per machine now.

Message-ID: <20240821082748.65853-23-thuth@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 06:13:34 +01:00
Phil Dennis-Jordan
3fbb78cfdc scripts/checkpatch.pl: Ignore ObjC #import lines for operator spacing
checkpatch.pl lints for spaces around operators including / (slash).
Code lines starting with #include are ignored, as slashes in those
represent path separators.

In Objective-C code, #import is often used in preference to #include,
as preprocessor-based multiple-#include defenses are considered
non-idiomatic in that language.

This change extends checkpatch.pl to treat #import lines in the same
way as #include, avoiding false positives for "missing" spaces
around path separators on those lines.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Message-ID: <20241024123555.25861-1-phil@philjordan.eu>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-11-08 06:13:33 +01:00
Peter Maydell
e373af5a06 Merge test 2024/11/07 v2
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmcs1YAACgkQda1lgCoL
 QhFPbAgA71gnxNjOEIlDwTbFPkS8mj4mtRryp96UN6v+XYEB0RL2uSEwcCJfQ+Cd
 Xbo0/g1GKNFtf9fsn16M2uxPh8VlcwBF7diboN5sGNVRJGgshD5ynedW/9T3Vyds
 1elahNl/FjqIgcBo9GbAVumcC0TY/8w+BwKG1HQaP0TWSVQQzUfxz3wiVFLJh7Oe
 oxUTvyz0gWFKAqX5rTptWRitfew/xA7LimP0gdl1pVp3mkBS8KiPUdqx+LQ/OsFe
 Gn4JybDhNYdyf8VbcQK5LQKAGVcLLGDtxp5DNdu3fk+LFkqYy4V0AyxxyyU70/OY
 j9+H7nJTlf8pf5s5UrhYADyIvlW+LQ==
 =lGlS
 -----END PGP SIGNATURE-----

Merge tag 'pull-tpm-2024-11-07-2' of https://github.com/stefanberger/qemu-tpm into staging

Merge test 2024/11/07 v2

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmcs1YAACgkQda1lgCoL
# QhFPbAgA71gnxNjOEIlDwTbFPkS8mj4mtRryp96UN6v+XYEB0RL2uSEwcCJfQ+Cd
# Xbo0/g1GKNFtf9fsn16M2uxPh8VlcwBF7diboN5sGNVRJGgshD5ynedW/9T3Vyds
# 1elahNl/FjqIgcBo9GbAVumcC0TY/8w+BwKG1HQaP0TWSVQQzUfxz3wiVFLJh7Oe
# oxUTvyz0gWFKAqX5rTptWRitfew/xA7LimP0gdl1pVp3mkBS8KiPUdqx+LQ/OsFe
# Gn4JybDhNYdyf8VbcQK5LQKAGVcLLGDtxp5DNdu3fk+LFkqYy4V0AyxxyyU70/OY
# j9+H7nJTlf8pf5s5UrhYADyIvlW+LQ==
# =lGlS
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 07 Nov 2024 14:58:08 GMT
# gpg:                using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* tag 'pull-tpm-2024-11-07-2' of https://github.com/stefanberger/qemu-tpm:
  tests: Adjust path for swtpm state to use path under /var/tmp/

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-11-07 20:45:26 +00:00
Peter Maydell
080c8f2df7 qga-pull-2024-11-07
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEwsLBCepDxjwUI+uE711egWG6hOcFAmcslmgACgkQ711egWG6
 hOeFDA//WTmLNpE2gvi6BdG5+2LsjG6eZdwW4sPczaXwU66Q6yrT2WXJD6I5Nztx
 kzB+8HUruLEh94sDn0+n5SFewcS0ffpydJ5OLDuq01BZZdhyRG7WaF0IaOEu6wup
 egEk6dRgOCSorNB6Tspqt00b/nzVpmHA983oWUR1fhhAsl6w5Nnw/pjDyFqbOOkd
 HxlBcIlINXznP0YBqbj9YE1KoJGXe/pDgPWJWBQC5bIhLiYvhGEbdOTnj6aiS8fL
 rd3+yBnw9aek2dGEnmHkbHI8ZR3n+sDcq5nBi/iMgQgBSO6lWgZlAJGI2KZL7+qj
 KUdvPovplU8lY9u/5UTJIba9YACQfr8fRc6stHNipccVsry1bANY8M/BgR4k7RAd
 cDyc4Lm3a3Z7EGWJsbQzOh6YFmheQ+BosgSEdj1JB21Ox2by0Nq4NZmy4VIH8hZS
 GbQ8ndWJyegxFuiw/veM8ihlSWnPwifNGQfKIg3+w1gZwGWHsPBFH9s3F2DLXBST
 2fRF+9jXbGaYvZO2l1ooBLI0kdnbJ/xHCR4A6MVKiCPJD+kXVnNbwrFS9QZwccNy
 932esfb2Zl5Si7Mwa3oapJlTdMAhLIXSuFTJGGmx+WD8aaQXsml8e9p6g+wSWxxk
 3OMcphiCdcOpxyV1WwF5RIharrnlBzLxKxfK2Qm6O9kz+ju+3oM=
 =Vixy
 -----END PGP SIGNATURE-----

Merge tag 'qga-pull-2024-11-07' of https://github.com/kostyanf14/qemu into staging

qga-pull-2024-11-07

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEwsLBCepDxjwUI+uE711egWG6hOcFAmcslmgACgkQ711egWG6
# hOeFDA//WTmLNpE2gvi6BdG5+2LsjG6eZdwW4sPczaXwU66Q6yrT2WXJD6I5Nztx
# kzB+8HUruLEh94sDn0+n5SFewcS0ffpydJ5OLDuq01BZZdhyRG7WaF0IaOEu6wup
# egEk6dRgOCSorNB6Tspqt00b/nzVpmHA983oWUR1fhhAsl6w5Nnw/pjDyFqbOOkd
# HxlBcIlINXznP0YBqbj9YE1KoJGXe/pDgPWJWBQC5bIhLiYvhGEbdOTnj6aiS8fL
# rd3+yBnw9aek2dGEnmHkbHI8ZR3n+sDcq5nBi/iMgQgBSO6lWgZlAJGI2KZL7+qj
# KUdvPovplU8lY9u/5UTJIba9YACQfr8fRc6stHNipccVsry1bANY8M/BgR4k7RAd
# cDyc4Lm3a3Z7EGWJsbQzOh6YFmheQ+BosgSEdj1JB21Ox2by0Nq4NZmy4VIH8hZS
# GbQ8ndWJyegxFuiw/veM8ihlSWnPwifNGQfKIg3+w1gZwGWHsPBFH9s3F2DLXBST
# 2fRF+9jXbGaYvZO2l1ooBLI0kdnbJ/xHCR4A6MVKiCPJD+kXVnNbwrFS9QZwccNy
# 932esfb2Zl5Si7Mwa3oapJlTdMAhLIXSuFTJGGmx+WD8aaQXsml8e9p6g+wSWxxk
# 3OMcphiCdcOpxyV1WwF5RIharrnlBzLxKxfK2Qm6O9kz+ju+3oM=
# =Vixy
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 07 Nov 2024 10:28:56 GMT
# gpg:                using RSA key C2C2C109EA43C63C1423EB84EF5D5E8161BA84E7
# gpg: Good signature from "Kostiantyn Kostiuk (Upstream PR sign) <kkostiuk@redhat.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: C2C2 C109 EA43 C63C 1423  EB84 EF5D 5E81 61BA 84E7

* tag 'qga-pull-2024-11-07' of https://github.com/kostyanf14/qemu:
  qemu-ga: Avoiding freeing line prematurely
  qemu-ga: Optimize var declaration and definition
  qemu-ga: Add 'Null' check and Redefine 'route'

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-11-07 20:45:16 +00:00
Paolo Bonzini
619d144751 eif: cope with huge section offsets
Check for overflow to avoid that fseek() receives a sign-extended value.

Cc: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-07 16:54:02 +01:00
Alexander Graf
8fa11a4df3 target/i386: Fix legacy page table walk
Commit b56617bbcb ("target/i386: Walk NPT in guest real mode") added
logic to run the page table walker even in real mode if we are in NPT
mode.  That function then determined whether real mode or paging is
active based on whether the pg_mode variable was 0.

Unfortunately pg_mode is 0 in two situations:

  1) Paging is disabled (real mode)
  2) Paging is in 2-level paging mode (32bit without PAE)

That means the walker now assumed that 2-level paging mode was real
mode, breaking NetBSD as well as Windows XP.

To fix that, this patch adds a new PG flag to pg_mode which indicates
whether paging is active at all and uses that to determine whether we
are in real mode or not.

Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2654
Fixes: b56617bbcb ("target/i386: Walk NPT in guest real mode")
Signed-off-by: Alexander Graf <graf@amazon.com>
Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Link: https://lore.kernel.org/r/20241106154329.67218-1-graf@amazon.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-07 16:54:02 +01:00
Paolo Bonzini
700784bfc6 rust: add meson_version to all subprojects
Otherwise, newer releases of meson complain.

Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-07 16:54:02 +01:00
Pierrick Bouvier
520c0bb2be target/i386/hvf: fix clang compilation warning
../target/i386/hvf/x86_cpuid.c:35:28: error: a function declaration without a prototype is deprecated in all versions of C

Fixes: 7cac7aa704
Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Link: https://lore.kernel.org/r/20241104222102.1522688-1-pierrick.bouvier@linaro.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-07 16:54:02 +01:00
Paolo Bonzini
78be258c0e target/i386: add sha512, sm3, sm4 feature bits
SHA512, SM3, SM4 (CPUID[EAX=7,ECX=1).EAX bits 0 to 2) is supported by
Clearwater Forest processor, add it to QEMU as it does not need any
specific enablement.

See https://lore.kernel.org/kvm/20241105054825.870939-1-tao1.su@linux.intel.com/
for reference.

Reviewed-by: Tao Su <tao1.su@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-11-07 16:54:01 +01:00
Peter Maydell
feef1866d1 RISC-V PR for 9.2
* Fix broken SiFive UART on big endian hosts
 * Fix IOMMU Coverity issues
 * Improve the performance of vector unit-stride/whole register ld/st instructions
 * Update kvm exts to Linux v6.11
 * Convert the RV32-on-RV64 riscv test
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEaukCtqfKh31tZZKWr3yVEwxTgBMFAmcsPXsACgkQr3yVEwxT
 gBOMjBAAm91x1C+mMLehRo4ESquziP1fGTPO0EyZmv/16Ze2AuKlfs/zPwbypmMY
 VuUAsl2+/+XfiIQ+p7XN6YMrI9ixVluEHu6/o0FXObPyMOBE+5fLF+rqWfqmvbin
 ifFmh8U7nkQ6Y9fxa7KOph8G5C+I4nDZRi4D6DS01+gljIBbNwxHz07YwAShoJiF
 IlqwaiUmZAzA8thR5+WskpYLNOAdfR/0Z67QRc7xw7y3xcRUCsbwyUKCZMC7lWbJ
 yvQeWPaOfFetbu7JFUZMlMwwNF1AGe6rigCaqT6Xjt0uBoeJLyXb6IOEOG8BN5aB
 o+EeFK4gvn18qqegY1R7YNwS9p3XVvPnlw7AxF6YfkgOEb0qgAYhWabXG0CGizoH
 A9prIg1Vft+qvOkAknq7v2knrv2mZ8VJsH4f+gBkKWWRnwpwE3S+jdhbbbw7af6W
 AqkKgf96Klncikf/tYtnwUqG/42/yueUPg4Qfp2hUaxgy3M/ichze3FPF/DatS7B
 ti/nlb+rXwheKaHUXFG8HpB7S4VNYToOeX+o79lXuV4XJAOVWEUVkE/LFV0B8hKT
 O1NpLiF8Ql5MI0ylnUZ+kd/QFNMROrnzDJClOuNKEgBO+wMwZ+f2AKo/FWsCR9gD
 8i07SDj9GE+EmDpHtOgWMzp7KcpdqLNmQMBrezpLex/Z3390sQ4=
 =dYLw
 -----END PGP SIGNATURE-----

Merge tag 'pull-riscv-to-apply-20241107' of https://github.com/alistair23/qemu into staging

RISC-V PR for 9.2

* Fix broken SiFive UART on big endian hosts
* Fix IOMMU Coverity issues
* Improve the performance of vector unit-stride/whole register ld/st instructions
* Update kvm exts to Linux v6.11
* Convert the RV32-on-RV64 riscv test

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEaukCtqfKh31tZZKWr3yVEwxTgBMFAmcsPXsACgkQr3yVEwxT
# gBOMjBAAm91x1C+mMLehRo4ESquziP1fGTPO0EyZmv/16Ze2AuKlfs/zPwbypmMY
# VuUAsl2+/+XfiIQ+p7XN6YMrI9ixVluEHu6/o0FXObPyMOBE+5fLF+rqWfqmvbin
# ifFmh8U7nkQ6Y9fxa7KOph8G5C+I4nDZRi4D6DS01+gljIBbNwxHz07YwAShoJiF
# IlqwaiUmZAzA8thR5+WskpYLNOAdfR/0Z67QRc7xw7y3xcRUCsbwyUKCZMC7lWbJ
# yvQeWPaOfFetbu7JFUZMlMwwNF1AGe6rigCaqT6Xjt0uBoeJLyXb6IOEOG8BN5aB
# o+EeFK4gvn18qqegY1R7YNwS9p3XVvPnlw7AxF6YfkgOEb0qgAYhWabXG0CGizoH
# A9prIg1Vft+qvOkAknq7v2knrv2mZ8VJsH4f+gBkKWWRnwpwE3S+jdhbbbw7af6W
# AqkKgf96Klncikf/tYtnwUqG/42/yueUPg4Qfp2hUaxgy3M/ichze3FPF/DatS7B
# ti/nlb+rXwheKaHUXFG8HpB7S4VNYToOeX+o79lXuV4XJAOVWEUVkE/LFV0B8hKT
# O1NpLiF8Ql5MI0ylnUZ+kd/QFNMROrnzDJClOuNKEgBO+wMwZ+f2AKo/FWsCR9gD
# 8i07SDj9GE+EmDpHtOgWMzp7KcpdqLNmQMBrezpLex/Z3390sQ4=
# =dYLw
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 07 Nov 2024 04:09:31 GMT
# gpg:                using RSA key 6AE902B6A7CA877D6D659296AF7C95130C538013
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6AE9 02B6 A7CA 877D 6D65  9296 AF7C 9513 0C53 8013

* tag 'pull-riscv-to-apply-20241107' of https://github.com/alistair23/qemu:
  tests/functional: Convert the RV32-on-RV64 riscv test
  target/riscv/kvm: Update kvm exts to Linux v6.11
  target/riscv: Inline unit-stride ld/st and corresponding functions for performance
  target/riscv: rvv: Provide group continuous ld/st flow for unit-stride ld/st instructions
  target/riscv: rvv: Provide a fast path using direct access to host ram for unit-stride load-only-first load instructions
  target/riscv: rvv: Provide a fast path using direct access to host ram for unit-stride whole register load/store
  target/riscv: rvv: Provide a fast path using direct access to host ram for unmasked unit-stride load/store
  target/riscv: rvv: Replace VSTART_CHECK_EARLY_EXIT in vext_ldst_us
  target/riscv: Set vdata.vm field for vector load/store whole register instructions
  hw/riscv/riscv-iommu: fix riscv_iommu_validate_process_ctx() check
  hw/riscv/riscv-iommu: change 'depth' to int
  hw/char/sifive_uart: Fix broken UART on big endian hosts

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-11-07 15:08:05 +00:00
Stefan Berger
e3edada526 tests: Adjust path for swtpm state to use path under /var/tmp/
To avoid AppArmor-related test failures when functional test are run from
somewhere under /mnt, adjust the path to swtpm's state to use an AppArmor-
supported path, such as /var/tmp, which is provided by the python function
tempfile.TemporaryDirectory().

An update to swtpm's AppArmor profile is also being done to support /var/tmp.

Link: https://lore.kernel.org/qemu-devel/CAFEAcA8A=kWLtTZ+nua-MpzqkaEjW5srOYZruZnE2tB6vmoMig@mail.gmail.com/
Link: https://github.com/stefanberger/swtpm/pull/944
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Fixes: f04cb2d00d ("tests/functional: Convert most Aspeed machine tests")
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2024-11-07 09:57:20 -05:00
Dehan Meng
5ab1c032e6 qemu-ga: Avoiding freeing line prematurely
It's now only freed at the end of the function.

Signed-off-by: Dehan Meng <demeng@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Konstantin Kostiuk <kkostiuk@redhat.com>
Message-ID: <20241107102155.57573-4-kkostiuk@redhat.com>
Signed-off-by: Konstantin Kostiuk <kkostiuk@redhat.com>
2024-11-07 12:28:20 +02:00
Dehan Meng
ccc2dfab57 qemu-ga: Optimize var declaration and definition
Variable declarations moved to the beginning of blocks
Followed the coding style of using snake_case for variable names.
Proper initialization of param 'size_t n' to '0' for

Signed-off-by: Dehan Meng <demeng@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Konstantin Kostiuk <kkostiuk@redhat.com>
Message-ID: <20241107102155.57573-3-kkostiuk@redhat.com>
Signed-off-by: Konstantin Kostiuk <kkostiuk@redhat.com>
2024-11-07 12:28:20 +02:00
Dehan Meng
32bd9e206e qemu-ga: Add 'Null' check and Redefine 'route'
sscanf return values are checked and add 'Null' check for
mandatory parameters. And merged redundant route and
networkroute variables.

Signed-off-by: Dehan Meng <demeng@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Konstantin Kostiuk <kkostiuk@redhat.com>
Message-ID: <20241107102155.57573-2-kkostiuk@redhat.com>
Signed-off-by: Konstantin Kostiuk <kkostiuk@redhat.com>
2024-11-07 12:28:20 +02:00
Thomas Huth
27652f9ca9 tests/functional: Convert the RV32-on-RV64 riscv test
A straggler that has been added to the Avocado framework while the
conversion to the functional framework was already in progress...
Move it over now, too!

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Message-ID: <20241105103519.341304-1-thuth@redhat.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 13:12:58 +10:00
Quan Zhou
13d438502b target/riscv/kvm: Update kvm exts to Linux v6.11
Add support for a few Zc* extensions, Zimop, Zcmop and Zawrs.

Signed-off-by: Quan Zhou <zhouquan@iscas.ac.cn>
Reviewed-by: Andrew Jones <ajones@ventanamicro.com>
Reviewed-by: Jim Shu <jim.shu@sifive.com>
Message-ID: <ada40759a79c0728652ace59579aa843cb7bf53f.1727164986.git.zhouquan@iscas.ac.cn>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 12:33:44 +10:00
Max Chou
f8ee6f533d target/riscv: Inline unit-stride ld/st and corresponding functions for performance
In the vector unit-stride load/store helper functions. the vext_ldst_us
& vext_ldst_whole functions corresponding most of the execution time.
Inline the functions can avoid the function call overhead to improve the
helper function performance.

Signed-off-by: Max Chou <max.chou@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240918171412.150107-8-max.chou@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 12:33:44 +10:00
Max Chou
e32988789b target/riscv: rvv: Provide group continuous ld/st flow for unit-stride ld/st instructions
The vector unmasked unit-stride and whole register load/store
instructions will load/store continuous memory. If the endian of both
the host and guest architecture are the same, then we can group the
element load/store to load/store more data at a time.

Signed-off-by: Max Chou <max.chou@sifive.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240918171412.150107-7-max.chou@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 12:33:44 +10:00
Max Chou
f00089267d target/riscv: rvv: Provide a fast path using direct access to host ram for unit-stride load-only-first load instructions
The unmasked unit-stride fault-only-first load instructions are similar
to the unmasked unit-stride load/store instructions that is suitable to
be optimized by using a direct access to host ram fast path.

Signed-off-by: Max Chou <max.chou@sifive.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240918171412.150107-6-max.chou@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 12:32:10 +10:00
Max Chou
3333000f69 target/riscv: rvv: Provide a fast path using direct access to host ram for unit-stride whole register load/store
The vector unit-stride whole register load/store instructions are
similar to unmasked unit-stride load/store instructions that is suitable
to be optimized by using a direct access to host ram fast path.

Because the vector whole register load/store instructions do not need to
handle the tail agnostic, so remove the vstart early exit checking.

Signed-off-by: Max Chou <max.chou@sifive.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240918171412.150107-5-max.chou@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 12:32:10 +10:00
Max Chou
338aa15d50 target/riscv: rvv: Provide a fast path using direct access to host ram for unmasked unit-stride load/store
This commit references the sve_ldN_r/sve_stN_r helper functions in ARM
target to optimize the vector unmasked unit-stride load/store
implementation with following optimizations:

* Get the page boundary
* Probing pages/resolving host memory address at the beginning if
  possible
* Provide new interface to direct access host memory
* Switch to the original slow TLB access when cross page element/violate
  page permission/violate pmp/watchpoints in page

The original element load/store interface is replaced by the new element
load/store functions with _tlb & _host postfix that means doing the
element load/store through the original softmmu flow and the direct
access host memory flow.

Signed-off-by: Max Chou <max.chou@sifive.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240918171412.150107-4-max.chou@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 12:32:10 +10:00
Max Chou
2f077842f2 target/riscv: rvv: Replace VSTART_CHECK_EARLY_EXIT in vext_ldst_us
Because the real vl (evl) of vext_ldst_us may be different (e.g.
vlm.v/vsm.v/etc.), so the VSTART_CHECK_EARLY_EXIT checking function
should be replaced by checking evl in vext_ldst_us.

Signed-off-by: Max Chou <max.chou@sifive.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240918171412.150107-3-max.chou@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 08:22:48 +10:00
Max Chou
b48381b1ee target/riscv: Set vdata.vm field for vector load/store whole register instructions
The vm field of the vector load/store whole register instruction's
encoding is 1.
The helper function of the vector load/store whole register instructions
may need the vdata.vm field to do some optimizations.

Signed-off-by: Max Chou <max.chou@sifive.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240918171412.150107-2-max.chou@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 08:21:14 +10:00
Daniel Henrique Barboza
d3b96a5319 hw/riscv/riscv-iommu: fix riscv_iommu_validate_process_ctx() check
'mode' will never be RISCV_IOMMU_CAP_SV32. We are erroring out in the
'switch' right before it if 'mode' isn't 0, 8, 9 or 10.

'mode' should be check with RISCV_IOMMU_DC_FSC_IOSATP_MODE_SV32.

Reported by Coverity via a "DEADCODE" ticket.

Resolves: Coverity CID 1564781
Fixes: 0c54acb824 ("hw/riscv: add RISC-V IOMMU base emulation")
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20241104123839.533442-3-dbarboza@ventanamicro.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 08:19:39 +10:00
Daniel Henrique Barboza
cd5d265f42 hw/riscv/riscv-iommu: change 'depth' to int
Coverity reports an unsigned overflow when doing:

    for (; depth-- > 0; ) {

When depth = 0 inside riscv_iommu_ctx_fetch().

Building it with a recent GCC the code doesn't actually break with depth
= 0, i.e. the comparison "0-- > 0" will exit the loop instead of
proceeding,  but 'depth' will retain the overflow value afterwards.

This behavior can be compiler dependent, so change 'depth' to int to
remove this potential ambiguity.

Resolves: Coverity CID 1564783
Fixes: 0c54acb824 ("hw/riscv: add RISC-V IOMMU base emulation")
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20241104123839.533442-2-dbarboza@ventanamicro.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 08:18:17 +10:00
Thomas Huth
b069018e2f hw/char/sifive_uart: Fix broken UART on big endian hosts
Casting a "uint32_t *" to a "uint8_t *" to get to the lowest 8-bit
part of the value does not work on big endian hosts. We've got to
take the proper detour through an 8-bit variable.

Fixes: 53c1557b23 ("hw/char: sifive_uart: Print uart characters async")
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241104163504.305955-1-thuth@redhat.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-11-07 08:16:53 +10:00
Peter Maydell
a1dacb6691 * rust: cleanups
* rust: integration tests
 * rust/pl011: add support for migration
 * rust/pl011: add TYPE_PL011_LUMINARY device
 * rust: add support for older compilers and bindgen
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmcrrtIUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroPIBwf/W0Jo87UauGYufhEmoPvWG1EAQEqP
 EzNTzem9Iw92VdiSTkAtED0/TSd8RBJOwDfjjusVXZtuMPwpRNgXaFhYTT5gFTMj
 Nk3NZGaX/mbNrtdrukdx9mvUWeovytdZDZccTNkpc3oyiqY9NEz06wZ0tCNJEot6
 qO3dEtKXTOQTdx2R3o0oS+2OFDGEEPxZ0PuXN3sClN4iZhGfcIDsjGAWxEh6mCDy
 VxqKPdax1Ig1w7M+JMclnpOsVHwcefjHiToNPwhCEGelJ9BZilkViuvBzsVRJJz3
 ptYyywBE0FT8MiKQ/wyf7U64qoizJuIgHoQnUGj98hdgvbUUiW5jcBNY3A==
 =s591
 -----END PGP SIGNATURE-----

Merge tag 'for-upstream-rust' of https://gitlab.com/bonzini/qemu into staging

* rust: cleanups
* rust: integration tests
* rust/pl011: add support for migration
* rust/pl011: add TYPE_PL011_LUMINARY device
* rust: add support for older compilers and bindgen

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmcrrtIUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroPIBwf/W0Jo87UauGYufhEmoPvWG1EAQEqP
# EzNTzem9Iw92VdiSTkAtED0/TSd8RBJOwDfjjusVXZtuMPwpRNgXaFhYTT5gFTMj
# Nk3NZGaX/mbNrtdrukdx9mvUWeovytdZDZccTNkpc3oyiqY9NEz06wZ0tCNJEot6
# qO3dEtKXTOQTdx2R3o0oS+2OFDGEEPxZ0PuXN3sClN4iZhGfcIDsjGAWxEh6mCDy
# VxqKPdax1Ig1w7M+JMclnpOsVHwcefjHiToNPwhCEGelJ9BZilkViuvBzsVRJJz3
# ptYyywBE0FT8MiKQ/wyf7U64qoizJuIgHoQnUGj98hdgvbUUiW5jcBNY3A==
# =s591
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 06 Nov 2024 18:00:50 GMT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream-rust' of https://gitlab.com/bonzini/qemu: (39 commits)
  dockerfiles: install bindgen from cargo on Ubuntu 22.04
  rust: make rustfmt optional
  rust: allow older version of bindgen
  rust: do not use --generate-cstr
  rust: allow version 1.63.0 of rustc
  rust: clean up detection of the language
  rust: do not use MaybeUninit::zeroed()
  rust: introduce alternative implementation of offset_of!
  rust: create a cargo workspace
  rust: synchronize dependencies between subprojects and Cargo.lock
  rust: silence unknown warnings for the sake of old compilers
  rust: introduce a c_str macro
  rust: use std::os::raw instead of core::ffi
  rust: fix cfgs of proc-macro2 for 1.63.0
  rust: patch bilge-impl to allow compilation with 1.63.0
  rust/pl011: Use correct masks for IBRD and FBRD
  rust/pl011: remove commented out C code
  rust/pl011: add TYPE_PL011_LUMINARY device
  rust/pl011: move CLK_NAME static to function scope
  rust/pl011: add support for migration
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-11-06 21:27:47 +00:00