The ptcr (partition table control register) is used to store the address
and size of the partition table. For nested kvm-hv we have a level 1
guest register the location of it's partition table with the hypervisor.
Thus to support migration we need to be able to read this out of kvm
and restore it post migration.
Add the one reg id for the ptcr.
Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
In this mode writing to interrupt/peripheral state is controlled
by can_do_io flag. This flag must be set explicitly before helper
function invocation.
Signed-off-by: Maria Klimushenkova <maria.klimushenkova@ispras.ru>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Coverity points out in CID 1390588 that the test for sh == 0
in sdram_size() can never fire, because we calculate sh with
sh = 1024 - ((bcr >> 6) & 0x3ff);
which must result in a value between 1 and 1024 inclusive.
Without the relevant manual for the SoC, we're not completely
sure of the correct behaviour here, but we can remove the
dead code without changing how QEMU currently behaves.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
I haven't really been maintaining any PowerPC code for quite a while now,
so let's reflect reality: David does all the work and embedded PPC is in
"Odd Fixes" state rather than supported now.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This patch fixes processing of mtmsr instructions in icount mode.
In this mode writing to interrupt/peripheral state is controlled
by can_do_io flag. This flag must be set explicitly before helper
function invocation.
Signed-off-by: Maria Klimushenkova <maria.klimushenkova@ispras.ru>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
In ppc_core99_init(), we allocate an openpic_irqs array, which
we then use to collect up the various qemu_irqs which we're
going to connect to the interrupt controller. Once we've
called sysbus_connect_irq() to connect them all up, the
array is no longer required, but we forgot to free it.
Since board init is only run once at startup, the memory
leak is not a significant one.
Spotted by Coverity: CID 1192916.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Fix missing terminator in VMStateDescription
Fixes: d811d61fbc
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
When allocating an array, it is a recommended coding practice to call
g_new(FooType, n) instead of g_malloc(n * sizeof(FooType)) because
it takes care to avoid overflow when calculating the size of the
allocated block and it returns FooType *, which allows the compiler
to perform type checking.
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Having a separate, logical classifiation of numbers will
unify more error paths for different formats.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Use do_float_check_status directly, so that we don't get confused
about which return address we're using. And definitely don't use
helper_float_check_status.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The always_inline trick only works if the function is always
called from the outer-most helper. But it isn't, so pass in
the outer-most return address. There's no need for a switch
statement whose argument is always a constant. Unravel the
switch and goto via more helpers.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The spapr-rng device is suboptimal when compared to virtio-rng, so
users might want to disable it in their builds. Thus let's introduce
a proper CONFIG switch to allow us to compile QEMU without this device.
The function spapr_rng_populate_dt is required for linking, so move it
to a different location.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
External PID is a mechanism present on BookE 2.06 that enables application to
store/load data from different address spaces. There are special version of some
instructions, which operate on alternate address space, which is specified in
the EPLC/EPSC regiser.
This implementation uses two additional MMU modes (mmu_idx) to provide the
address space for the load and store instructions. The QEMU TLB fill code was
modified to recognize these MMU modes and use the values in EPLC/EPSC to find
the proper entry in he PPC TLB. These two QEMU TLBs are also flushed on each
write to EPLC/EPSC.
Following instructions are implemented: dcbfep dcbstep dcbtep dcbtstep dcbzep
dcbzlep icbiep lbepx ldepx lfdepx lhepx lwepx stbepx stdepx stfdepx sthepx
stwepx.
Following vector instructions are not: evlddepx evstddepx lvepx lvepxl stvepx
stvepxl.
Signed-off-by: Roman Kapl <rka@sysgo.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
A quick coredump on an incomplete command line:
./x86_64-softmmu/qemu-system-x86_64 -mon mode=control,pretty=on
#0 0x00007ffff723d9e4 in g_str_hash () at /lib64/libglib-2.0.so.0
#1 0x00007ffff723ce38 in g_hash_table_lookup () at /lib64/libglib-2.0.so.0
#2 0x0000555555cc0073 in object_class_property_find (klass=0x5555566a94b0, name=0x0, errp=0x0) at qom/object.c:1135
#3 0x0000555555cc004b in object_class_property_find (klass=0x5555566a9440, name=0x0, errp=0x0) at qom/object.c:1129
#4 0x0000555555cbfe6e in object_property_find (obj=0x5555568348c0, name=0x0, errp=0x0) at qom/object.c:1080
#5 0x0000555555cc183d in object_resolve_path_component (parent=0x5555568348c0, part=0x0) at qom/object.c:1762
#6 0x0000555555d82071 in qemu_chr_find (name=0x0) at chardev/char.c:802
#7 0x00005555559d77cb in mon_init_func (opaque=0x0, opts=0x5555566b65a0, errp=0x0) at vl.c:2291
Fix it to instead fail gracefully.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20181023213600.364086-1-eblake@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Commit d32749deb6 moved the call to monitor_init_globals()
to before os_daemonize(), making it an unsuitable place to
spawn the monitor iothread as it won't be inherited over the
fork() in os_daemonize().
We now spawn the thread the first time we instantiate a
monitor which actually has use_io_thread == true.
Instantiation of monitors happens only after os_daemonize().
We still need to create the qmp_dispatcher_bh when not using
iothreads, so this now still happens in
monitor_init_globals().
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fixes: d32749deb6 ("monitor: move init global earlier")
Message-Id: <20180925081507.11873-3-w.bumiller@proxmox.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Tested-by: Peter Xu <peterx@redhat.com>
[This fixes a crash on shutdown with --daemonize]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
monitor_resume() and monitor_suspend() both want to
"kick" the I/O thread if it is there, but in
monitor_suspend() lacked the use_io_thread flag condition.
This is required when we later only spawn the thread on
first use.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Message-Id: <20180925081507.11873-2-w.bumiller@proxmox.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
The $(SHELLSTATUS) variable requires GNU make >= 4.2, but Travis
seems to provide an older version. Change the existing rules to
use command output instead of exit code, to make it compatible
with older GNU make versions.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* Remove can't-happen if() from handle_vec_simd_shli()
* hw/arm/exynos4210: Zero memory allocated for Exynos4210State
* Set S and PTW in 64-bit PAR format
* Fix ATS1Hx instructions
* milkymist: Check for failure trying to load BIOS image
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCAAGBQJb4Xz6AAoJEDwlJe0UNgzecj4P/ApIjAZbPAYLPjhMoA9SZmY1
O2tlcPieYZQZu+GM28TW8URMEK3ter/6rBMuwDsX6qsvyaGE65MV2UDCTjDq2yIt
dE29xOYn8wrSz/xiuMnDU/V26kjyZYtteYo6lS/TWmFeftuhdSXyFX3Lq7KyQ7fE
dOkb9eI6/XNiRajw9kC3OubUIgMpkGz641i9wMa1RY2lq4TtJH1qR6WWl3hHR9o2
riY3BupD7COcFW8ZUjGC+0dl1AqlokVuLojjDGYmzCY6sBnAYyTnxheZmtgcK0RC
Bju5Gnrhw7N9YEiIdThni4hp9s45+u2VifxOXp8Bpa6bkriomkArJYBn+GqNvuox
WDp9ijWlesl3N3B3BlSN3cq2l8I+HRtX/yzWvSgjtEjjQ5IkOHgoPPYCL0N38jlI
2/nLKkTB1ltoGLkj15Vco3bmDhx1fonlr9PdtHoEoJWQZVzNk8JU72wQiKlqIzMt
GbiabB66IaWNgcoXIwu/6NiG7QSZ4zbo4HYqwY9lXS9pCLCAZQF23nfOJmNmqm6E
lrZOjnkO+Q8u6J6Km+zpd6V3Ml2aPJGuRoMsx5qLhSm3poyYgW29jojYNzSAGdDs
k4jhfT1ZfHyjK/hRJGIVr5fEbNpJMHAXdlVxveU04QysL/NPtGfCAtmqia/R7tye
gjcQ4+TzPQY0Ad03/GdW
=7I2F
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20181106' into staging
target-arm queue:
* Remove can't-happen if() from handle_vec_simd_shli()
* hw/arm/exynos4210: Zero memory allocated for Exynos4210State
* Set S and PTW in 64-bit PAR format
* Fix ATS1Hx instructions
* milkymist: Check for failure trying to load BIOS image
# gpg: Signature made Tue 06 Nov 2018 11:37:30 GMT
# gpg: using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg: aka "Peter Maydell <pmaydell@gmail.com>"
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20181106:
target/arm: Fix ATS1Hx instructions
target/arm: Set S and PTW in 64-bit PAR format
hw/arm/exynos4210: Zero memory allocated for Exynos4210State
milkymist: Check for failure trying to load BIOS image
target/arm: Remove can't-happen if() from handle_vec_simd_shli()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
AMD IOMMU VAPIC support + fixes all over the place.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-----BEGIN PGP SIGNATURE-----
iQEcBAABAgAGBQJb4IrKAAoJECgfDbjSjVRp9xEIAIT25r0SeThU32cl8955dBu3
L2q2e+4du4KcwrC1a65mhBeATFtRthL/cWFHf1rvmwsp1t6ib+uVBH/3ezH1b48o
rhrPjysYGbX+M/gxHv8uBM01JnMnmsaZVJv2iAifkO1fjJ5VCWXqJt89y7VryeUz
LRzN1Zzq84umDXUuqptBKI8MF8ySwqnRHCE6YrbpTAppaJRY8zIyWkQzMd+Ls9m/
Rwuo6QiySD4z5WrnL2hpvUCQw2qDTct9xDNrlGpxL1JVvOgo5Y5VFkF2X9IP7qap
TIC7Y9cfUjGNf8ferYsydgzpyTjFrBMUqqcu65HjUlpACXwwwrLHPScfpT37VJI=
=WPCi
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pci, pc, virtio: fixes, features
AMD IOMMU VAPIC support + fixes all over the place.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon 05 Nov 2018 18:24:10 GMT
# gpg: using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream: (33 commits)
vhost-scsi: prevent using uninitialized vqs
piix_pci: fix i440fx data sheet link
piix: use TYPE_FOO constants than string constats
i440fx: use ARRAY_SIZE for pam_regions
pci_bridge: fix typo in comment
hw/pci: Add missing include
hw/pci-bridge/ioh3420: Remove unuseful header
hw/pci-bridge/xio3130: Remove unused functions
tests/bios-tables-test: add 64-bit PCI MMIO aperture round-up test on Q35
bios-tables-test: prepare expected files for mmio64
hw/pci-host/x86: extend the 64-bit PCI hole relative to the fw-assigned base
hw/pci-host/x86: extract get_pci_hole64_start_value() helpers
pci-testdev: add optional memory bar
MAINTAINERS: list "tests/acpi-test-data" files in ACPI/SMBIOS section
x86_iommu/amd: Enable Guest virtual APIC support
x86_iommu/amd: Add interrupt remap support when VAPIC is enabled
i386: acpi: add IVHD device entry for IOAPIC
x86_iommu/amd: Add interrupt remap support when VAPIC is not enabled
x86_iommu/amd: Prepare for interrupt remap support
x86_iommu/amd: make the address space naming consistent with intel-iommu
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
ATS1HR and ATS1HW (which allow AArch32 EL2 to do address translations
on the EL2 translation regime) were implemented in commit 14db7fe09a.
However, we got them wrong: these should do stage 1 address translations
as defined for NS-EL2, which is ARMMMUIdx_S1E2. We were incorrectly
making them perform stage 2 translations.
A few years later in commit 1313e2d7e2 we forgot entirely that
we'd implemented ATS1Hx, and added a comment that ATS1Hx were
"not supported yet". Remove the comment; there is no extra code
needed to handle these operations in do_ats_write(), because
arm_s1_regime_using_lpae_format() returns true for ARMMMUIdx_S1E2,
which forces 64-bit PAR format.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20181016093703.10637-3-peter.maydell@linaro.org
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
In do_ats_write() we construct a PAR value based on the result
of the translation. A comment says "S2WLK and FSTAGE are always
zero, because we don't implement virtualization".
Since we do in fact now implement virtualization, add the missing
code that sets these bits based on the reported ARMMMUFaultInfo.
(These bits are named PTW and S in ARMv8, so we follow that
convention in the new comments in this patch.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20181016093703.10637-2-peter.maydell@linaro.org
In exynos4210_init() we allocate memory for an Exynos4210State
struct. Generally devices can assume that the memory allocated
for their state struct is zero-initialized; we broke that
assumption here by using g_new(). Use g_new0() instead.
(In particular, some code assumes that the various irq arrays
in the Exynos4210Irq sub-struct are zero-initialized.)
In the longer term, this code should be QOMified, and then
the struct memory will be allocated elsewhere and by functions
which always zero-initalize it; but for 3.1 this is a
simple fix.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20181105151132.13884-1-peter.maydell@linaro.org
Check the return value from load_image_targphys(), which tells us
whether our attempt to load the BIOS image into RAM failed.
(Spotted by Coverity, CID 1190305.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Michael Walle <michael@walle.cc>
Message-id: 20181030170032.1844-1-peter.maydell@linaro.org
In handle_vec_simd_shli() we have a check:
if (size > 3 && !is_q) {
unallocated_encoding(s);
return;
}
However this can never be true, because we calculate
int size = 32 - clz32(immh) - 1;
where immh is a 4 bit field which we know cannot be all-zeroes.
So the clz32() return must be in {28,29,30,31} and the resulting
size is in {0,1,2,3}, and "size > 3" is never true.
This unnecessary code confuses Coverity's analysis:
in CID 1396476 it thinks we might later index off the
end of an array because the condition implies that we
might have a size > 3.
Remove the code, and instead assert that the size is in [0..3],
since the decode that enforces that is somewhat distant from
this function.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20181030162517.21816-1-peter.maydell@linaro.org
seabios 1.12 release is planned for november.
update seabios to a master branch snapshot so it gets more testing
and to make the delta smaller when updating to -final during freeze.
git shortlog rel-1.11.2..14221cd86e
===================================
Gerd Hoffmann (12):
optionrom: enable non-vga display devices
cbvga: factor out cbvga_setup_modes()
qemu: add bochs-display support
cbvga_setup_modes: use real mode number instead of 0x140
cbvga_list_modes: don't list current mode twice
cbvga_set_mode: disable clearmem in windows x86 emulator.
bochs_display_setup: return error on failure
pmm: use tmp zone on oom
vgasrc: add allocate_pmm()
qemu: add qemu ramfb support
cbvga_set_mode: refine clear display logic
pretty boot menu entry for cdrom drives
Jing Liu (3):
pci: fix the return value for truncated capability
pci: clean up the debug message for pci capability found
pci: recognize RH PCI legacy bridge resource reservation capability
Kevin O'Connor (8):
docs: Add sercon-port to Runtime_config.md documentation
paravirt: Only enable sercon in NOGRAPHIC mode if no other console specified
shadow: Don't invoke a shutdown on reboot unless in a reboot loop
build: Use git describe --always
docs: Update Download.md to use git clone via https
ssdt: Fix building of legacy acpi tables on current iasl compiler
docs: Update download file link
sdcard: Increase SDHCI_POWER_ON_TIME to 5ms
Marc-André Lureau (4):
x86: add readq()
tpm: generalize init_timeout()
tpm: use get_tpm_version() callback
tpm: add TPM CRB device support
Marcel Apfelbaum (1):
pci: fix 'io hints' capability for RedHat PCI bridges
Matt DeVillier (2):
nvme: fix I/O queue length calculation overflow
SeaVGABios/cbvga: Fix bpp for coreboot framebuffer
Nikolay Nikolov (11):
floppy: Introduce the floppy_dor_read() function
floppy: Introduce floppy_dor_mask()
floppy: Introduce FLOPPY_DOR_XXX constants
floppy: Preserve motor and drive sel bits when resetting the floppy controller
floppy: Reset the floppy motor count in floppy_drive_pio()
floppy: Use timer_check() in floppy_wait_irq()
floppy: hold the DOR reset bit low for 4 microseconds, when resetting
floppy: Execute a SPECIFY command after sensing the media type
floppy: Support up to 4 floppy drives when turning on the floppy motor
floppy: Wait for the floppy motor to reach a stable speed, after starting
floppy: Send 4 sense interrupt commands during controller initialization
Paul Menzel (1):
docs/Download: Use more secure HTTPS URLs where possible
Stefan Berger (5):
tpm: Add support for TPM2 ACPI table
tpm: Wait for tpmRegValidSts flag on CRB interface before probing
tpm: revert return values for successful/failed CRB probing
tpm: when CRB is active, select, lock it, and check addresses
tpm: Request access to locality 0
Stephen Douthit (3):
tpm: Refactor duplicated wait code in tis_wait_sts() & crb_wait_reg()
tpm: Wait for interface startup when probing
tpm: Handle unimplemented TIS_REG_IFACE_ID in tis_get_tpm_version()
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use MAP_STACK in qemu_alloc_stack() on OpenBSD.
Added to our 6.4 release.
MAP_STACK Indicate that the mapping is used as a stack. This
flag must be used in combination with MAP_ANON and
MAP_PRIVATE.
Implement MAP_STACK option for mmap(). Synchronous faults (pagefault and
syscall) confirm the stack register points at MAP_STACK memory, otherwise
SIGSEGV is delivered. sigaltstack() and pthread_attr_setstack() are modified
to create a MAP_STACK sub-region which satisfies alignment requirements.
Observe that MAP_STACK can only be set/cleared by mmap(), which zeroes the
contents of the region -- there is no mprotect() equivalent operation, so
there is no MAP_STACK-adding gadget.
Signed-off-by: Brad Smith <brad@comstyle.com>
Reviewed-by: Kamil Rytarowski <n54@gmx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20181019125239.GA13884@humpty.home.comstyle.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
There are 3 virtqueues (ctrl, event and cmd) for virtio scsi device,
but seabios will only set the physical address for the 3rd one (cmd).
Then in vhost_virtqueue_start(), virtio_queue_get_desc_addr()
will be 0 for ctrl and event vq.
In this case, ctrl and event vq are not initialized.
vhost_verify_ring_mappings may use uninitialized vhost_virtqueue
such that vhost_verify_ring_part_mapping returns ENOMEM.
When encountered this problem, we got the following logs:
qemu-system-x86_64: Unable to map available ring for ring 0
qemu-system-x86_64: Verify ring failure on region 0
Signed-off-by: Forrest Liu <forrestl@synology.com>
Signed-off-by: yuchenlin <yuchenlin@synology.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
It seems that the intel link is unavailable, change it to point to the
qemu site.
Signed-off-by: Li Qiang <liq3ea@163.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Make them more QOMConventional.
Cc:qemu-trivial@nongnu.org
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Cc: qemu-trivial@nongnu.org
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Mao Zhongyi <maozhongyi@cmss.chinamobile.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Noted while refactoring:
CC mips-softmmu/hw/mips/gt64xxx_pci.o
In file included from include/hw/pci-host/gt64xxx.h:2,
from hw/mips/gt64xxx_pci.c:30:
include/hw/pci/pci_bus.h:23:5: error: unknown type name ‘PCIIOMMUFunc’
PCIIOMMUFunc iommu_fn;
^~~~~~~~~~~~
include/hw/pci/pci_bus.h:27:5: error: unknown type name ‘pci_set_irq_fn’
pci_set_irq_fn set_irq;
^~~~~~~~~~~~~~
include/hw/pci/pci_bus.h:28:5: error: unknown type name ‘pci_map_irq_fn’
pci_map_irq_fn map_irq;
^~~~~~~~~~~~~~
include/hw/pci/pci_bus.h:29:5: error: unknown type name ‘pci_route_irq_fn’
pci_route_irq_fn route_intx_to_irq;
^~~~~~~~~~~~~~~~
include/hw/pci/pci_bus.h:31:24: error: ‘PCI_SLOT_MAX’ undeclared here (not in a function)
PCIDevice *devices[PCI_SLOT_MAX * PCI_FUNC_MAX];
^~~~~~~~~~~~
include/hw/pci/pci_bus.h:31:39: error: ‘PCI_FUNC_MAX’ undeclared here (not in a function)
PCIDevice *devices[PCI_SLOT_MAX * PCI_FUNC_MAX];
^~~~~~~~~~~~
make[1]: *** [rules.mak:69: hw/mips/gt64xxx_pci.o] Error 1
make: *** [Makefile:482: subdir-mips-softmmu] Error 2
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Introduced in 48ebf2f90f and faf1e708d5, these functions
were never used. Remove them.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
In commit 9fa99d2519 ("hw/pci-host: Fix x86 Host Bridges 64bit PCI
hole", 2017-11-16), we meant to expose such a 64-bit PCI MMIO aperture in
the ACPI DSDT that would be at least as large as the new "pci-hole64-size"
property (2GB on i440fx, 32GB on q35). The goal was to offer "enough"
64-bit MMIO aperture to the guest OS for hotplug purposes.
Previous patch fixed the issue that the aperture is extended relative to
a possibly incorrect base. This may result in an aperture size that is
smaller than the intent of commit 9fa99d2519.
This patch adds a test to make sure it won't happen again.
In the test case being added:
- use 128 MB initial RAM size,
- ask for one DIMM hotplug slot,
- ask for 2 GB maximum RAM size,
- use a pci-testdev with a 64-bit BAR of 2 GB size.
Consequences:
(1) In pc_memory_init() [hw/i386/pc.c], the DIMM hotplug area size is
initially set to 2048-128 = 1920 MB. (Maximum RAM size minus initial
RAM size.)
(2) The DIMM area base is set to 4096 MB (because the initial RAM is only
128 MB -- there is no initial "high RAM").
(3) Due to commit 085f8e88ba ("pc: count in 1Gb hugepage alignment when
sizing hotplug-memory container", 2014-11-24), we add 1 GB for the one
DIMM hotplug slot that was specified. This sets the DIMM area size to
1920+1024 = 2944 MB.
(4) The reserved-memory-end address (exclusive) is set to 4096 + 2944 =
7040 MB (DIMM area base plus DIMM area size).
(5) The reserved-memory-end address is rounded up to GB alignment,
yielding 7 GB (7168 MB).
(6) Given the 2 GB BAR size of pci-testdev, SeaBIOS allocates said 64-bit
BAR in 64-bit address space.
(7) Because reserved-memory-end is at 7 GB, it is unaligned for the 2 GB
BAR. Therefore SeaBIOS allocates the BAR at 8 GB. QEMU then
(correctly) assigns the root bridge aperture base this BAR address, to
be exposed in \_SB.PCI0._CRS.
(8) The intent of commit 9fa99d2519 dictates that QEMU extend the
aperture size to 32 GB, implying a 40 GB end address. However, QEMU
performs the extension relative to reserved-memory-end (7 GB), not
relative to the bridge aperture base that was correctly deduced from
SeaBIOS's BAR programming (8 GB). Therefore we see 39 GB as the
aperture end address in \_SB.PCI0._CRS:
> QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
> 0x0000000000000000, // Granularity
> 0x0000000200000000, // Range Minimum
> 0x00000009BFFFFFFF, // Range Maximum
> 0x0000000000000000, // Translation Offset
> 0x00000007C0000000, // Length
> ,, , AddressRangeMemory, TypeStatic)
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
In commit 9fa99d2519 ("hw/pci-host: Fix x86 Host Bridges 64bit PCI
hole", 2017-11-16), we meant to expose such a 64-bit PCI MMIO aperture in
the ACPI DSDT that would be at least as large as the new "pci-hole64-size"
property (2GB on i440fx, 32GB on q35). The goal was to offer "enough"
64-bit MMIO aperture to the guest OS for hotplug purposes.
In that commit, we added or modified five functions:
- pc_pci_hole64_start(): shared between i440fx and q35. Provides a default
64-bit base, which starts beyond the cold-plugged 64-bit RAM, and skips
the DIMM hotplug area too (if any).
- i440fx_pcihost_get_pci_hole64_start(), q35_host_get_pci_hole64_start():
board-specific 64-bit base property getters called abstractly by the
ACPI generator. Both of these fall back to pc_pci_hole64_start() if the
firmware didn't program any 64-bit hole (i.e. if the firmware didn't
assign a 64-bit GPA to any MMIO BAR on any device). Otherwise, they
honor the firmware's BAR assignments (i.e., they treat the lowest 64-bit
GPA programmed by the firmware as the base address for the aperture).
- i440fx_pcihost_get_pci_hole64_end(), q35_host_get_pci_hole64_end():
these intended to extend the aperture to our size recommendation,
calculated relative to the base of the aperture.
Despite the original intent, i440fx_pcihost_get_pci_hole64_end() and
q35_host_get_pci_hole64_end() currently only extend the aperture relative
to the default base (pc_pci_hole64_start()), ignoring any programming done
by the firmware. This means that our size recommendation may not be met.
Fix it by honoring the firmware's address assignments.
The strange extension sizes were spotted by Alex, in the log of a guest
kernel running on top of OVMF (which prefers to assign 64-bit GPAs to
64-bit BARs).
This change only affects DSDT generation, therefore no new compat property
is being introduced.
Using an i440fx OVMF guest with 5GB RAM, an example _CRS change is:
> @@ -881,9 +881,9 @@
> QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
> 0x0000000000000000, // Granularity
> 0x0000000800000000, // Range Minimum
> - 0x000000080001C0FF, // Range Maximum
> + 0x000000087FFFFFFF, // Range Maximum
> 0x0000000000000000, // Translation Offset
> - 0x000000000001C100, // Length
> + 0x0000000080000000, // Length
> ,, , AddressRangeMemory, TypeStatic)
> })
> Device (GPE0)
(On i440fx, the low RAM split is at 3GB, in this case. Therefore, with 5GB
guest RAM and no DIMM hotplug range, pc_pci_hole64_start() returns 4 +
(5-3) = 6 GB. Adding the 2GB extension to that yields 8GB, which is below
the firmware-programmed base of 32GB, before the patch. Therefore, before
the patch, the extension is ineffective. After the patch, we add the 2GB
extension to the firmware-programmed base, namely 32GB.)
Using a q35 OVMF guest with 5GB RAM, an example _CRS change is:
> @@ -3162,9 +3162,9 @@
> QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
> 0x0000000000000000, // Granularity
> 0x0000000800000000, // Range Minimum
> - 0x00000009BFFFFFFF, // Range Maximum
> + 0x0000000FFFFFFFFF, // Range Maximum
> 0x0000000000000000, // Translation Offset
> - 0x00000001C0000000, // Length
> + 0x0000000800000000, // Length
> ,, , AddressRangeMemory, TypeStatic)
> })
> Device (GPE0)
(On Q35, the low RAM split is at 2GB. Therefore, with 5GB guest RAM and no
DIMM hotplug range, pc_pci_hole64_start() returns 4 + (5-2) = 7 GB. Adding
the 32GB extension to that yields 39GB (0x0000_0009_BFFF_FFFF + 1), before
the patch. After the patch, we add the 32GB extension to the
firmware-programmed base, namely 32GB.)
The ACPI test data for the bios-tables-test case that we added earlier in
this series are corrected too, as follows:
> @@ -3339,9 +3339,9 @@
> QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
> 0x0000000000000000, // Granularity
> 0x0000000200000000, // Range Minimum
> - 0x00000009BFFFFFFF, // Range Maximum
> + 0x00000009FFFFFFFF, // Range Maximum
> 0x0000000000000000, // Translation Offset
> - 0x00000007C0000000, // Length
> + 0x0000000800000000, // Length
> ,, , AddressRangeMemory, TypeStatic)
> })
> Device (GPE0)
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Fixes: 9fa99d2519
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Expose the calculated "hole64 start" GPAs as plain uint64_t values,
extracting the internals of the current property getters.
This patch doesn't change behavior.
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
