Commit Graph

105800 Commits

Author SHA1 Message Date
Zhao Liu
a916dc954b hw/riscv: Fix typo field in error_report
"smp.cpus" means the number of online CPUs and "smp.max_cpus" means the
total number of CPUs.

riscv_numa_get_default_cpu_node_id() checks "smp.cpus" and the
"available CPUs" description in the next error message also indicates
online CPUs.

So report "smp.cpus" in error_report() instand of "smp.max_cpus".

Since "smp.cpus" is "unsigned int", use "%u".

Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20230718080712.503333-1-zhao1.liu@linux.intel.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-07-19 14:31:41 +10:00
Daniel Henrique Barboza
55ea47397d target/riscv/cpu.c: check priv_ver before auto-enable zca/zcd/zcf
Commit bd30559568 made changes in how we're checking and disabling
extensions based on env->priv_ver. One of the changes was to move the
extension disablement code to the end of realize(), being able to
disable extensions after we've auto-enabled some of them.

An unfortunate side effect of this change started to happen with CPUs
that has an older priv version, like sifive-u54. Starting on commit
2288a5ce43 we're auto-enabling zca, zcd and zcf if RVC is enabled,
but these extensions are priv version 1.12.0. When running a cpu that
has an older priv ver (like sifive-u54) the user is spammed with
warnings like these:

qemu-system-riscv64: warning: disabling zca extension for hart 0x0000000000000000 because privilege spec version does not match
qemu-system-riscv64: warning: disabling zcd extension for hart 0x0000000000000000 because privilege spec version does not match

The warnings are part of the code that disables the extension, but in this
case we're throwing user warnings for stuff that we enabled on our own,
without user intervention. Users are left wondering what they did wrong.

A quick 8.1 fix for this nuisance is to check the CPU priv spec before
auto-enabling zca/zcd/zcf. A more appropriate fix will include a more
robust framework that will account for both priv_ver and user choice
when auto-enabling/disabling extensions, but for 8.1 we'll make it do
with this simple check.

It's also worth noticing that this is the only case where we're
auto-enabling extensions based on a criteria (in this case RVC) that
doesn't match the priv spec of the extensions we're enabling. There's no
need for more 8.1 band-aids.

Cc: Conor Dooley <conor@kernel.org>
Fixes: 2288a5ce43 ("target/riscv: add cfg properties for Zc* extension")
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Weiwei Li <liweiwei@iscas.ac.cn>
Tested-by: Conor Dooley <conor.dooley@microchip.com>
Message-Id: <20230717154141.60898-1-dbarboza@ventanamicro.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-07-19 14:30:52 +10:00
Christoph Müllner
36df75a0a9 riscv/disas: Fix disas output of upper immediates
The GNU assembler produces the following output for instructions
with upper immediates:
    00002597                auipc   a1,0x2
    000024b7                lui     s1,0x2
    6409                    lui     s0,0x2 # c.lui

The immediate operands of upper immediates are not shifted.

However, the QEMU disassembler prints them shifted:
    00002597          auipc                   a1,8192
    000024b7          lui                     s1,8192
    6409              lui                     s0,8192 # c.lui

The current implementation extracts the immediate bits and shifts the by 12,
so the internal representation of the immediate is the actual immediate.
However, the immediates are later printed using rv_fmt_rd_imm or
rv_fmt_rd_offset, which don't undo the shift.

Let's fix this by using specific output formats for instructions
with upper immediates, that take care of the shift.

Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20230711075051.1531007-1-christoph.muellner@vrull.eu>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-07-19 14:30:04 +10:00
Daniel Henrique Barboza
542c8776ca docs/system/target-riscv.rst: tidy CPU firmware section
This is how the content of the "RISC-V CPU firmware" section is
displayed after the html is generated:

"When using the sifive_u or virt machine there are three different
firmware boot options: 1. -bios default - This is the default behaviour
if no -bios option is included. (...) 3. -bios <file> - Tells QEMU to
load the specified file as the firmware."

It's all in the same paragraph, in a numbered list, and no special
formatting for the options.

Tidy it a bit by adding line breaks between items and its description.
Remove the numbered list. And apply formatting for the options cited in
the middle of the text.

Cc: qemu-trivial@nongnu.org
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20230712143728.383528-1-dbarboza@ventanamicro.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-07-19 14:30:04 +10:00
Helge Deller
518f32221a linux-user: Fix qemu-arm to run static armhf binaries
qemu-user crashes immediately when running static binaries on the armhf
architecture. The problem is the memory layout where the executable is
loaded before the interpreter library, in which case the reserved brk
region clashes with the interpreter code and is released before qemu
tries to start the program.

At load time qemu calculates a brk value for interpreter and executable
each.  The fix is to choose the higher one of both.

Signed-off-by: Helge Deller <deller@gmx.de>
Cc: Andreas Schwab <schwab@suse.de>
Cc: qemu-stable@nongnu.org
Reported-by:  Venkata.Pyla@toshiba-tsip.com
Closes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040981
2023-07-18 20:42:05 +02:00
Helge Deller
d971040c2d linux-user: Fix strace output for old_mmap
The old_mmap syscall (e.g. on i386) hands over the parameters in
a struct. Adjust the strace output to print the correct values.

Signed-off-by: Helge Deller <deller@gmx.de>
Reported-by: John Reiser <jreiser@BitWagon.com>
Closes: https://gitlab.com/qemu-project/qemu/-/issues/1760
2023-07-18 20:42:05 +02:00
Helge Deller
eac78a4b0b linux-user: Fix signed math overflow in brk() syscall
Fix the math overflow when calculating the new_malloc_size.

new_host_brk_page and brk_page are unsigned integers. If userspace
reduces the heap, new_host_brk_page is lower than brk_page which results
in a huge positive number (but should actually be negative).

Fix it by adding a proper check and as such make the code more readable.

Signed-off-by: Helge Deller <deller@gmx.de>
Tested-by: "Markus F.X.J. Oberhumer" <markus@oberhumer.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Fixes: 86f04735ac ("linux-user: Fix brk() to release pages")
Cc: qemu-stable@nongnu.org
Buglink: https://github.com/upx/upx/issues/683
2023-07-18 20:42:05 +02:00
Helge Deller
dfe49864af linux-user: Prohibit brk() to to shrink below initial heap address
Since commit 86f04735ac ("linux-user: Fix brk() to release pages") it's
possible for userspace applications to reduce their memory footprint by
calling brk() with a lower address and free up memory. Before that commit
guest heap memory was never unmapped.

But the Linux kernel prohibits to reduce brk() below the initial memory
address which is set at startup by the set_brk() function in binfmt_elf.c.
Such a range check was missed in commit 86f04735ac.

This patch adds the missing check by storing the initial brk value in
initial_target_brk and verify any new brk addresses against that value.

Tested with the i386 upx binary from
https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-i386_linux.tar.xz

Signed-off-by: Helge Deller <deller@gmx.de>
Tested-by: "Markus F.X.J. Oberhumer" <markus@oberhumer.com>
Fixes: 86f04735ac ("linux-user: Fix brk() to release pages")
Cc: qemu-stable@nongnu.org
Buglink: https://github.com/upx/upx/issues/683
2023-07-18 20:42:05 +02:00
Helge Deller
15ad98536a linux-user: Fix qemu brk() to not zero bytes on current page
The qemu brk() implementation is too aggressive and cleans remaining bytes
on the current page above the last brk address.

But some existing applications are buggy and read/write bytes above their
current heap address. On a phyiscal machine this does not trigger a
runtime error as long as the access happens on the same page. Additionally
the Linux kernel allocates only full pages and does no zeroing on already
allocated pages, even if the brk address is lowered.

Fix qemu to behave the same way as the kernel does. Do not touch already
allocated pages, and - when running with different page sizes of guest and
host - zero out only those memory areas where the host page size is bigger
than the guest page size.

Signed-off-by: Helge Deller <deller@gmx.de>
Tested-by: "Markus F.X.J. Oberhumer" <markus@oberhumer.com>
Fixes: 86f04735ac ("linux-user: Fix brk() to release pages")
Cc: qemu-stable@nongnu.org
Buglink: https://github.com/upx/upx/issues/683
2023-07-18 20:42:05 +02:00
Thomas Huth
a5754847e0 tests/avocado: Disable the test_sbsaref_edk2_firmware by default
The test fails occasionally, see e.g.:

 https://gitlab.com/thuth/qemu/-/jobs/4196177756#L489
 https://gitlab.com/thuth/qemu/-/jobs/4623296271#L290

It also fails on my laptop in ca. 50% of all runs. Thus disable it by
default by using the QEMU_TEST_FLAKY_TESTS environment variable to fence
it (which we also already use in flaky qtests). While we're at it, also
document this variable in docs/devel/testing.rst.

Message-Id: <20230710170155.7192-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-07-18 11:22:51 +02:00
Philippe Mathieu-Daudé
ca2a07f6c3 tests/vm/freebsd: Get up-to-date package list from lcitool vars file
Get an up-to-date package list from lcitool, that way we
don't need to manually keep this array in sync.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Inspired-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230711144922.67491-5-philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-07-18 09:36:28 +02:00
Philippe Mathieu-Daudé
4cd57671b7 tests/vm: Introduce get_qemu_packages_from_lcitool_json() helper
Add the get_qemu_packages_from_lcitool_json() helper which return
such package list from a lcitool env var file in JSON format.

Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20230711144922.67491-4-philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-07-18 09:36:28 +02:00
Philippe Mathieu-Daudé
a38dee6695 tests/lcitool: Refresh generated files
Refresh the generated files by running:

  $ make lcitool-refresh

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230711144922.67491-3-philmd@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
[thuth: Drop changes to libpmem-dev and libxen-dev]
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-07-18 09:36:28 +02:00
Philippe Mathieu-Daudé
03e596de17 tests/lcitool: Generate distribution packages list in JSON format
Add the generate_pkglist() helper to generate a list of packages
required by a distribution to build QEMU.

Since we can not add a "THIS FILE WAS AUTO-GENERATED" comment in
JSON, create the files under tests/vm/generated/ sub-directory;
add a README mentioning the files are generated.

Suggested-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Warner Losh <imp@bsdimp.com>
Message-Id: <20230711144922.67491-2-philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-07-18 09:36:28 +02:00
Fabiano Rosas
94aaf6d8a5 tests/qtest: Fix typo in multifd cancel test
This wasn't noticed because the test is currently disabled.

Fixes: 02f56e3de ("tests/qtest: massively speed up migration-test")
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Message-Id: <20230711212131.2370-1-farosas@suse.de>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-07-18 09:36:27 +02:00
Ilya Leoshkevich
7f114a5807 linux-user/elfload: Fix /proc/cpuinfo features: on s390x
elf_hwcap_str() takes a bit number, but compares it for equality with
the HWCAP_S390_* masks. This causes /proc/cpuinfo to display incorrect
hwcaps.

Fix by introducing the HWCAP_S390_NR_* constants and using them in
elf_hwcap_str() instead of the HWCAP_S390_*. While at it, add the
missing nnpa, pcimio and sie hwcaps from the latest kernel.

Output before:

	features	: esan3 zarch stfle msa

Output after:

	features	: esan3 zarch stfle msa ldisp eimm etf3eh highgprs vx vxe

Fixes: e19807bee3 ("linux-user/elfload: Introduce elf_hwcap_str() on s390x")
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20230627151356.273259-1-iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-07-18 09:36:27 +02:00
Cédric Le Goater
d9458f990a s390x: Fix QEMU abort by selecting S390_FLIC_KVM
If QEMU is built with --without-default-devices, the s390-flic-kvm
device is missing and QEMU aborts when started with the KVM accelerator.
Make sure it's available by selecting S390_FLIC_KVM in Kconfig.

Consequently, this also fixes an abort in tests/qtest/migration-test.

Signed-off-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20230711151440.716822-1-clg@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-07-18 09:36:27 +02:00
Richard Henderson
361d539735 Pull request
Fix the hang in the nvme:// block driver during startup.
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmS1QFoACgkQnKSrs4Gr
 c8i1KQgAqTW/rH+Mq9gC+MabLKXL8BW3KAp/lJqcaTrWRX+9O968E5RjF8fk5KzY
 CZGKGcFd2+r6poUaRrp2CcnDe9AU9r3NBfQIoVAnyWL8fwRBl5ERPZ3q6dmW63vX
 K8ckI9c0tHUNRuKpWiFCFlcEh7GGgl2pZhY1U50J1iaFTtvmDKl4Ls/2GqVUSiSY
 4HbJ99qAYyZ/EUzbFhDPq4XFneqJzU0Gu4uL3bbVY+KlmGOp36W8wwPaKaD6yXWv
 mnv4DkoO3qlZ8tGegwk4SwePWN2Coec+KssMgYR1GWv0pbF8G4sX+UTeQin56Xny
 EY3lJy2z793lMjFVMDd7N8+uKAczsQ==
 =xvCy
 -----END PGP SIGNATURE-----

Merge tag 'block-pull-request' of https://gitlab.com/stefanha/qemu into staging

Pull request

Fix the hang in the nvme:// block driver during startup.

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmS1QFoACgkQnKSrs4Gr
# c8i1KQgAqTW/rH+Mq9gC+MabLKXL8BW3KAp/lJqcaTrWRX+9O968E5RjF8fk5KzY
# CZGKGcFd2+r6poUaRrp2CcnDe9AU9r3NBfQIoVAnyWL8fwRBl5ERPZ3q6dmW63vX
# K8ckI9c0tHUNRuKpWiFCFlcEh7GGgl2pZhY1U50J1iaFTtvmDKl4Ls/2GqVUSiSY
# 4HbJ99qAYyZ/EUzbFhDPq4XFneqJzU0Gu4uL3bbVY+KlmGOp36W8wwPaKaD6yXWv
# mnv4DkoO3qlZ8tGegwk4SwePWN2Coec+KssMgYR1GWv0pbF8G4sX+UTeQin56Xny
# EY3lJy2z793lMjFVMDd7N8+uKAczsQ==
# =xvCy
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 17 Jul 2023 02:21:30 PM BST
# gpg:                using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full]
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>" [full]

* tag 'block-pull-request' of https://gitlab.com/stefanha/qemu:
  block/nvme: invoke blk_io_plug_call() outside q->lock

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-07-17 15:49:27 +01:00
Richard Henderson
08572022e5 target-arm queue:
* hw/arm/sbsa-ref: set 'slots' property of xhci
  * linux-user: Remove pointless NULL check in clock_adjtime handling
  * ptw: Fix S1_ptw_translate() debug path
  * ptw: Account for FEAT_RME when applying {N}SW, SA bits
  * accel/tcg: Zero-pad PC in TCG CPU exec trace lines
  * hw/nvram: Avoid unnecessary Xilinx eFuse backstore write
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmS1OEUZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3syoEACBj2B+btKASbWs6c7iUF9R
 bsMhVVZbeNrW7try7fIjAcvRQV2X7cdqHMGeX0yP9M5EcqBfz4ptxDbxcmEsgm0h
 kZJudG8RuZ/gnw7wbwQ1TfJf4KgsBh49yZjlom2s8CgVStpbuFO4xz7ZucR65uhl
 PwLCgW0/DJR4SQTvDLnCOTTNbY/cuWCKK1CmuLMOE9IgozMNOxxW5wkryrvdllKs
 hYSCWM1jy9fJ4TRlhDJy8JI7+t4TEZN9ESwYGE6QDly8r3GoGMFj5Z9okUbGp3/V
 MYfkbz7l2/C5QxcpY5d0mJUR1HlP7McO7rWhtQjqmCPGpDVqMUu4/DClu6Q/2Ob3
 GRQcgztZ8a9wgVa6b4g1UBkqCnloT7WtU3wLVVmZGF3DO4k+oz53XPHb2zFtI3Xx
 pQ9LyABIoKCM5ql+/WaA3thtTC1qH6lZnjMBqVBx8+d0zKYWSG4wlnbihy70GOpw
 V5n0fQlTXr5WV4tZT/euP17odvnkictH7Vmj6zHUFkHdqHxwFwG0OCw1ZjBrMbzl
 7kY9DxGA+5iKEZoTwHpxXYny70MnpdRIrUhpZ/4PNq68hzIAQ5Dqm29DtKjodM60
 M49CIo+O9E3+0xpcGPDtcuJ7bVPd/95o3usVjapDdBREGWcJsPS6PHK3MuAxgkHo
 B0y1egitacJYp3x91gYIRA==
 =JPpH
 -----END PGP SIGNATURE-----

Merge tag 'pull-target-arm-20230717' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * hw/arm/sbsa-ref: set 'slots' property of xhci
 * linux-user: Remove pointless NULL check in clock_adjtime handling
 * ptw: Fix S1_ptw_translate() debug path
 * ptw: Account for FEAT_RME when applying {N}SW, SA bits
 * accel/tcg: Zero-pad PC in TCG CPU exec trace lines
 * hw/nvram: Avoid unnecessary Xilinx eFuse backstore write

# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmS1OEUZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3syoEACBj2B+btKASbWs6c7iUF9R
# bsMhVVZbeNrW7try7fIjAcvRQV2X7cdqHMGeX0yP9M5EcqBfz4ptxDbxcmEsgm0h
# kZJudG8RuZ/gnw7wbwQ1TfJf4KgsBh49yZjlom2s8CgVStpbuFO4xz7ZucR65uhl
# PwLCgW0/DJR4SQTvDLnCOTTNbY/cuWCKK1CmuLMOE9IgozMNOxxW5wkryrvdllKs
# hYSCWM1jy9fJ4TRlhDJy8JI7+t4TEZN9ESwYGE6QDly8r3GoGMFj5Z9okUbGp3/V
# MYfkbz7l2/C5QxcpY5d0mJUR1HlP7McO7rWhtQjqmCPGpDVqMUu4/DClu6Q/2Ob3
# GRQcgztZ8a9wgVa6b4g1UBkqCnloT7WtU3wLVVmZGF3DO4k+oz53XPHb2zFtI3Xx
# pQ9LyABIoKCM5ql+/WaA3thtTC1qH6lZnjMBqVBx8+d0zKYWSG4wlnbihy70GOpw
# V5n0fQlTXr5WV4tZT/euP17odvnkictH7Vmj6zHUFkHdqHxwFwG0OCw1ZjBrMbzl
# 7kY9DxGA+5iKEZoTwHpxXYny70MnpdRIrUhpZ/4PNq68hzIAQ5Dqm29DtKjodM60
# M49CIo+O9E3+0xpcGPDtcuJ7bVPd/95o3usVjapDdBREGWcJsPS6PHK3MuAxgkHo
# B0y1egitacJYp3x91gYIRA==
# =JPpH
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 17 Jul 2023 01:47:01 PM BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
# gpg:                 aka "Peter Maydell <peter@archaic.org.uk>" [unknown]

* tag 'pull-target-arm-20230717' of https://git.linaro.org/people/pmaydell/qemu-arm:
  hw/nvram: Avoid unnecessary Xilinx eFuse backstore write
  accel/tcg: Zero-pad PC in TCG CPU exec trace lines
  target/arm/ptw.c: Account for FEAT_RME when applying {N}SW, SA bits
  target/arm: Fix S1_ptw_translate() debug path
  target/arm/ptw.c: Add comments to S1Translate struct fields
  linux-user: Remove pointless NULL check in clock_adjtime handling
  hw/arm/sbsa-ref: set 'slots' property of xhci

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-07-17 15:48:48 +01:00
Richard Henderson
f44ccac2c0 ui & audio fixes
-----BEGIN PGP SIGNATURE-----
 
 iQJQBAABCAA6FiEEh6m9kz+HxgbSdvYt2ujhCXWWnOUFAmS1N6IcHG1hcmNhbmRy
 ZS5sdXJlYXVAcmVkaGF0LmNvbQAKCRDa6OEJdZac5SYsD/44+FIoik9v478pZDTp
 CpaezX+DfsW1zee4Ana5eKJkrVld/xEa6i9/msfUHy12bha+kiJ4a6wLu3H4KRZc
 vX/t6sehG2wNcsV5wLhfcjsKzaNUkYpnxLhIZ0fOYXKA0fSBuM/Bsj6zzGTG6kQA
 nt/cK58r1wy63V7werZbA7BI8PF0opDUw5SrZqN0GeoN5clbdyLdcXvD50ibvkDf
 eOVjNQ3QH8IbihmgBVm1wUV8hTuvYRpBmeLJyk7NeR4bnPl3XGIAgtAY8hJL5LdY
 Bm+I3AuxMSskVcag/22QR8mGR0HhDbf3NZauw4ND3LhSctvNN5syaKHVnY5a9aGe
 QLVEV9pxXGfqzWQcsD2HmbupRoBihmp6+WsIpV8ZtuSfeD6slyObw+lqarSQL9b5
 2C4UFmGCsCOk8rrczZRDp9IWbm23toc/QcQZtg/LhdlCr8nM+7m0XtyEY5WtT3U1
 8rJEmjOHHqlD4cVBathc8+ZRjKr8HFRRo1ed6WKMoP6voTsw2fiR7I3Vdc7jO7h9
 A1lMiMoLdAXi0Q2VqbmBdLMgb4fXtLzYl2mcbzW0aEUm8uyUfDy2bkVIIUopu40M
 pROmLjaUzUVE3CruckBUCvoYZtJ5hBtvy3W2k8drBNylnP5B8tEqpxpPb+tSFk82
 xgT6oLp8En8asE293eaACbswuw==
 =W2Xa
 -----END PGP SIGNATURE-----

Merge tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging

ui & audio fixes

# -----BEGIN PGP SIGNATURE-----
#
# iQJQBAABCAA6FiEEh6m9kz+HxgbSdvYt2ujhCXWWnOUFAmS1N6IcHG1hcmNhbmRy
# ZS5sdXJlYXVAcmVkaGF0LmNvbQAKCRDa6OEJdZac5SYsD/44+FIoik9v478pZDTp
# CpaezX+DfsW1zee4Ana5eKJkrVld/xEa6i9/msfUHy12bha+kiJ4a6wLu3H4KRZc
# vX/t6sehG2wNcsV5wLhfcjsKzaNUkYpnxLhIZ0fOYXKA0fSBuM/Bsj6zzGTG6kQA
# nt/cK58r1wy63V7werZbA7BI8PF0opDUw5SrZqN0GeoN5clbdyLdcXvD50ibvkDf
# eOVjNQ3QH8IbihmgBVm1wUV8hTuvYRpBmeLJyk7NeR4bnPl3XGIAgtAY8hJL5LdY
# Bm+I3AuxMSskVcag/22QR8mGR0HhDbf3NZauw4ND3LhSctvNN5syaKHVnY5a9aGe
# QLVEV9pxXGfqzWQcsD2HmbupRoBihmp6+WsIpV8ZtuSfeD6slyObw+lqarSQL9b5
# 2C4UFmGCsCOk8rrczZRDp9IWbm23toc/QcQZtg/LhdlCr8nM+7m0XtyEY5WtT3U1
# 8rJEmjOHHqlD4cVBathc8+ZRjKr8HFRRo1ed6WKMoP6voTsw2fiR7I3Vdc7jO7h9
# A1lMiMoLdAXi0Q2VqbmBdLMgb4fXtLzYl2mcbzW0aEUm8uyUfDy2bkVIIUopu40M
# pROmLjaUzUVE3CruckBUCvoYZtJ5hBtvy3W2k8drBNylnP5B8tEqpxpPb+tSFk82
# xgT6oLp8En8asE293eaACbswuw==
# =W2Xa
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 17 Jul 2023 01:44:18 PM BST
# gpg:                using RSA key 87A9BD933F87C606D276F62DDAE8E10975969CE5
# gpg:                issuer "marcandre.lureau@redhat.com"
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" [full]
# gpg:                 aka "Marc-André Lureau <marcandre.lureau@gmail.com>" [full]

* tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu:
  audio/pw: improve channel position code
  audio/pw: remove wrong comment
  audio/pw: simplify error reporting in stream creation
  audio/pw: add more error reporting
  audio/pw: factorize some common code
  audio/pw: add more details on error
  audio/pw: trace during init before calling pipewire API
  audio/pw: needless check for NULL
  audio/pw: drop needless case statement
  audio/pw: Pipewire->PipeWire case fix for user-visible text
  tests/lcitool: add pipewire
  libvirt-ci: update submodule to cover pipewire
  ui/gtk: skip refresh if new dmabuf has been submitted
  ui/gtk: set scanout-mode right before scheduling draw
  virtio-gpu-udmabuf: correct naming of QemuDmaBuf size properties
  virtio-gpu: replace the surface with null surface when resetting
  ui/gtk: Make sure the right EGL context is currently bound
  ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
  virtio-gpu: fix potential divide-by-zero regression

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-07-17 15:44:54 +01:00
Stefan Hajnoczi
66547f416a block/nvme: invoke blk_io_plug_call() outside q->lock
blk_io_plug_call() is invoked outside a blk_io_plug()/blk_io_unplug()
section while opening the NVMe drive from:

  nvme_file_open() ->
  nvme_init() ->
  nvme_identify() ->
  nvme_admin_cmd_sync() ->
  nvme_submit_command() ->
  blk_io_plug_call()

blk_io_plug_call() immediately invokes the given callback when the
current thread is not plugged, as is the case during nvme_file_open().

Unfortunately, nvme_submit_command() calls blk_io_plug_call() with
q->lock still held:

    ...
    q->sq.tail = (q->sq.tail + 1) % NVME_QUEUE_SIZE;
    q->need_kick++;
    blk_io_plug_call(nvme_unplug_fn, q);
    qemu_mutex_unlock(&q->lock);
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^

nvme_unplug_fn() deadlocks trying to acquire q->lock because the lock is
already acquired by the same thread. The symptom is that QEMU hangs
during startup while opening the NVMe drive.

Fix this by moving the blk_io_plug_call() outside q->lock. This is safe
because no other thread runs code related to this queue and
blk_io_plug_call()'s internal state is immune to thread safety issues
since it is thread-local.

Reported-by: Lukáš Doktor <ldoktor@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Tested-by: Lukas Doktor <ldoktor@redhat.com>
Message-id: 20230712191628.252806-1-stefanha@redhat.com
Fixes: f2e590002b ("block/nvme: convert to blk_io_plug_call() API")
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2023-07-17 09:17:41 -04:00
Marc-André Lureau
92f69a2c9b audio/pw: improve channel position code
Follow PulseAudio backend comment and code, and only implement the
channels QEMU actually supports at this point, and add the same comment
about limits and future mappings. Simplify a bit the code.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-13-marcandre.lureau@redhat.com>
2023-07-17 15:23:31 +04:00
Marc-André Lureau
8297b3d3d0 audio/pw: remove wrong comment
The stream is actually created connected.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-12-marcandre.lureau@redhat.com>
2023-07-17 15:23:31 +04:00
Marc-André Lureau
6f1b280e44 audio/pw: simplify error reporting in stream creation
create_stream() now reports on all error paths.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-11-marcandre.lureau@redhat.com>
2023-07-17 15:23:31 +04:00
Marc-André Lureau
0c57a05533 audio/pw: add more error reporting
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-10-marcandre.lureau@redhat.com>
2023-07-17 15:23:31 +04:00
Marc-André Lureau
92fd78689d audio/pw: factorize some common code
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-9-marcandre.lureau@redhat.com>
2023-07-17 15:23:28 +04:00
Marc-André Lureau
24a9095c13 audio/pw: add more details on error
PipeWire uses errno to report error details.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-8-marcandre.lureau@redhat.com>
2023-07-17 15:22:56 +04:00
Marc-André Lureau
87048d20e6 audio/pw: trace during init before calling pipewire API
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-7-marcandre.lureau@redhat.com>
2023-07-17 15:22:56 +04:00
Marc-André Lureau
3b2876086b audio/pw: needless check for NULL
g_clear_pointer() already checks for NULL.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-6-marcandre.lureau@redhat.com>
2023-07-17 15:22:56 +04:00
Marc-André Lureau
2d216959e1 audio/pw: drop needless case statement
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-5-marcandre.lureau@redhat.com>
2023-07-17 15:22:56 +04:00
Marc-André Lureau
20c5124805 audio/pw: Pipewire->PipeWire case fix for user-visible text
"PipeWire" is the correct case.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20230506163735.3481387-4-marcandre.lureau@redhat.com>
2023-07-17 15:22:56 +04:00
Marc-André Lureau
62259d816c tests/lcitool: add pipewire
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230506163735.3481387-3-marcandre.lureau@redhat.com>
2023-07-17 15:22:56 +04:00
Marc-André Lureau
6200e0ff5f libvirt-ci: update submodule to cover pipewire
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20230506163735.3481387-2-marcandre.lureau@redhat.com>
2023-07-17 15:22:56 +04:00
Dongwon Kim
1be878eb97 ui/gtk: skip refresh if new dmabuf has been submitted
Skip refresh if a new dmabuf (guest scanout frame) has already been
submitted and ready to be drawn because the scanout will be updated
with new frame anyway.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>
Signed-off-by: Dongwon Kim <dongwon.kim@intel.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-ID: <20230706183355.29361-2-dongwon.kim@intel.com>
2023-07-17 15:22:56 +04:00
Dongwon Kim
92b58156e7 ui/gtk: set scanout-mode right before scheduling draw
Setting scanout mode is better to be done very last minute
right because the mode can be reset anytime after it is set in
dpy_gl_scanout_texture by any asynchronouse dpy_refresh call,
which eventually cancels drawing of the guest scanout texture.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>
Signed-off-by: Dongwon Kim <dongwon.kim@intel.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-ID: <20230706183355.29361-1-dongwon.kim@intel.com>
2023-07-17 15:22:56 +04:00
Dongwon Kim
9ac06df8b6 virtio-gpu-udmabuf: correct naming of QemuDmaBuf size properties
Replace 'width' and 'height' in QemuDmaBuf with 'backing_widht'
and 'backing_height' as these commonly indicate the size of the
whole surface (e.g. guest's Xorg extended display). Then use
'width' and 'height' for sub region in there (e.g. guest's
scanouts).

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>
Signed-off-by: Dongwon Kim <dongwon.kim@intel.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-ID: <20230713040444.32267-1-dongwon.kim@intel.com>
2023-07-17 15:22:28 +04:00
Dongwon Kim
0d0be87659 virtio-gpu: replace the surface with null surface when resetting
The primary guest scanout shows the booting screen right after reboot
but additional guest displays (i.e. max_ouptuts > 1) will keep displaying
the old frames until the guest virtio gpu driver gets initialized, which
could cause some confusion. A better way is to to replace the surface with
a place holder that tells the display is not active during the reset of
virtio-gpu device.

And to immediately update the surface with the place holder image after
the switch, displaychangelistener_gfx_switch needs to be called with
'update == TRUE' in dpy_gfx_replace_surface when the new surface is NULL.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>
Signed-off-by: Dongwon Kim <dongwon.kim@intel.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-ID: <20230627224451.11739-1-dongwon.kim@intel.com>
2023-07-17 15:20:56 +04:00
Dongwon Kim
83b4b236ed ui/gtk: Make sure the right EGL context is currently bound
Observed a wrong context is bound when changing the scanout mode.
To prevent problem, it is needed to make sure to bind the right
context in gtk_egl_set_scanout_mode/gtk_gl_area_set_scanout_mode
as well as unbind one in the end of gd_egl_update/gd_gl_area_update.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>
Signed-off-by: Dongwon Kim <dongwon.kim@intel.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-ID: <20230628191504.17185-1-dongwon.kim@intel.com>
2023-07-17 15:20:56 +04:00
Mauro Matteo Cascella
d921fea338 ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
A wrong exit condition may lead to an infinite loop when inflating a
valid zlib buffer containing some extra bytes in the `inflate_buffer`
function. The bug only occurs post-authentication. Return the buffer
immediately if the end of the compressed data has been reached
(Z_STREAM_END).

Fixes: CVE-2023-3255
Fixes: 0bf41cab ("ui/vnc: clipboard support")
Reported-by: Kevin Denis <kevin.denis@synacktiv.com>
Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-ID: <20230704084210.101822-1-mcascell@redhat.com>
2023-07-17 15:20:56 +04:00
Marc-André Lureau
9c18a9234b virtio-gpu: fix potential divide-by-zero regression
Commit 9462ff4695 ("virtio-gpu/win32: allocate shareable 2d
resources/images") introduces a division, which can lead to crashes when
"height" is 0.

Fixes: https://gitlab.com/qemu-project/qemu/-/issues/1744
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2023-07-17 15:20:18 +04:00
Tong Ho
c2c1c4a35c hw/nvram: Avoid unnecessary Xilinx eFuse backstore write
Add a check in the bit-set operation to write the backstore
only if the affected bit is 0 before.

With this in place, there will be no need for callers to
do the checking in order to avoid unnecessary writes.

Signed-off-by: Tong Ho <tong.ho@amd.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-07-17 11:05:52 +01:00
Peter Maydell
e60a7d0d4d accel/tcg: Zero-pad PC in TCG CPU exec trace lines
In commit f0a08b0913 we changed the type of the PC from
target_ulong to vaddr.  In doing so we inadvertently dropped the
zero-padding on the PC in trace lines (the second item inside the []
in these lines).  They used to look like this on AArch64, for
instance:

Trace 0: 0x7f2260000100 [00000000/0000000040000000/00000061/ff200000]

and now they look like this:
Trace 0: 0x7f4f50000100 [00000000/40000000/00000061/ff200000]

and if the PC happens to be somewhere low like 0x5000
then the field is shown as /5000/.

This is because TARGET_FMT_lx is a "%08x" or "%016x" specifier,
depending on TARGET_LONG_SIZE, whereas VADDR_PRIx is just PRIx64
with no width specifier.

Restore the zero-padding by adding an 016 width specifier to
this tracing and a couple of others that were similarly recently
changed to use VADDR_PRIx without a width specifier.

We can't unfortunately restore the "32-bit guests are padded to
8 hex digits and 64-bit guests to 16 hex digits" behaviour so
easily.

Fixes: f0a08b0913 ("accel/tcg/cpu-exec.c: Widen pc to vaddr")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-id: 20230711165434.4123674-1-peter.maydell@linaro.org
2023-07-17 11:05:08 +01:00
Peter Maydell
eeb9578c36 target/arm/ptw.c: Account for FEAT_RME when applying {N}SW, SA bits
In get_phys_addr_twostage() the code that applies the effects of
VSTCR.{SA,SW} and VTCR.{NSA,NSW} only updates result->f.attrs.secure.
Now we also have f.attrs.space for FEAT_RME, we need to keep the two
in sync.

These bits only have an effect for Secure space translations, not
for Root, so use the input in_space field to determine whether to
apply them rather than the input is_secure. This doesn't actually
make a difference because Root translations are never two-stage,
but it's a little clearer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230710152130.3928330-4-peter.maydell@linaro.org
2023-07-17 11:05:08 +01:00
Peter Maydell
3f74da440d target/arm: Fix S1_ptw_translate() debug path
In commit fe4a5472cc we rearranged the logic in S1_ptw_translate()
so that the debug-access "call get_phys_addr_*" codepath is used both
when S1 is doing ptw reads from stage 2 and when it is doing ptw
reads from physical memory.  However, we didn't update the
calculation of s2ptw->in_space and s2ptw->in_secure to account for
the "ptw reads from physical memory" case.  This meant that debug
accesses when in Secure state broke.

Create a new function S2_security_space() which returns the
correct security space to use for the ptw load, and use it to
determine the correct .in_secure and .in_space fields for the
stage 2 lookup for the ptw load.

Reported-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230710152130.3928330-3-peter.maydell@linaro.org
Fixes: fe4a5472cc ("target/arm: Use get_phys_addr_with_struct in S1_ptw_translate")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-07-17 11:05:08 +01:00
Peter Maydell
34eed55127 target/arm/ptw.c: Add comments to S1Translate struct fields
Add comments to the in_* fields in the S1Translate struct
that explain what they're doing.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230710152130.3928330-2-peter.maydell@linaro.org
2023-07-17 11:05:07 +01:00
Peter Maydell
aab746106c linux-user: Remove pointless NULL check in clock_adjtime handling
In the code for TARGET_NR_clock_adjtime, we set the pointer phtx to
the address of the local variable htx.  This means it can never be
NULL, but later in the code we check it for NULL anyway.  Coverity
complains about this (CID 1507683) because the NULL check comes after
a call to clock_adjtime() that assumes it is non-NULL.

Since phtx is always &htx, and is used only in three places, it's not
really necessary.  Remove it, bringing the code structure in to line
with that for TARGET_NR_clock_adjtime64, which already uses a simple
'&htx' when it wants a pointer to 'htx'.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230623144410.1837261-1-peter.maydell@linaro.org
2023-07-17 11:05:07 +01:00
Yuquan Wang
e65ecb665c hw/arm/sbsa-ref: set 'slots' property of xhci
This extends the slots of xhci to 64, since the default xhci_sysbus
just supports one slot.

Signed-off-by: Wang Yuquan <wangyuquan1236@phytium.com.cn>
Signed-off-by: Chen Baozi <chenbaozi@phytium.com.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Tested-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Message-id: 20230710063750.473510-2-wangyuquan1236@phytium.com.cn
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-07-17 11:05:07 +01:00
Richard Henderson
ed8ad9728a Merge tpm 2023/07/14 v1
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmSxasMACgkQda1lgCoL
 QhHaJwgAzOzXV9xRId1wjNLHI9HF4dkblfr12PgKsECKz7uPvcbpZOsDvu629Z8f
 a2X502Mep+6lBqq5RNUF59a5nE3laoYItaF+P+TFWz74+na7WKyFg107YyoHvCfJ
 GdjpCNyOGaXzDycAcwjqvkX5q532YBD9npedD9NzZ2UgUYWVXOYAZFhek6H9kwHN
 xlewj80pHLw3X8MM/Z1jR5hDFQa4ocCvF8F2Fnr4u0L5b+noga1WzspKTY8mcbVJ
 3ncOTuvoWReBPweZhvSzsFbYAFb3OEeaimUHQrKVJj1L7pJtSJZeOuS+umbhvpFR
 9baczGwrqYqpPtiDT48lTjArdJ8Cqw==
 =6Hmf
 -----END PGP SIGNATURE-----

Merge tag 'pull-tpm-2023-07-14-1' of https://github.com/stefanberger/qemu-tpm into staging

Merge tpm 2023/07/14 v1

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmSxasMACgkQda1lgCoL
# QhHaJwgAzOzXV9xRId1wjNLHI9HF4dkblfr12PgKsECKz7uPvcbpZOsDvu629Z8f
# a2X502Mep+6lBqq5RNUF59a5nE3laoYItaF+P+TFWz74+na7WKyFg107YyoHvCfJ
# GdjpCNyOGaXzDycAcwjqvkX5q532YBD9npedD9NzZ2UgUYWVXOYAZFhek6H9kwHN
# xlewj80pHLw3X8MM/Z1jR5hDFQa4ocCvF8F2Fnr4u0L5b+noga1WzspKTY8mcbVJ
# 3ncOTuvoWReBPweZhvSzsFbYAFb3OEeaimUHQrKVJj1L7pJtSJZeOuS+umbhvpFR
# 9baczGwrqYqpPtiDT48lTjArdJ8Cqw==
# =6Hmf
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 14 Jul 2023 04:33:23 PM BST
# gpg:                using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* tag 'pull-tpm-2023-07-14-1' of https://github.com/stefanberger/qemu-tpm:
  hw/tpm: TIS on sysbus: Remove unsupport ppi command line option

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-07-15 14:54:04 +01:00
Richard Henderson
d7be40e138 tcg: Use HAVE_CMPXCHG128 instead of CONFIG_CMPXCHG128
accel/tcg: Introduce page_check_range_empty
 accel/tcg: Introduce page_find_range_empty
 accel/tcg: Accept more page flags in page_check_range
 accel/tcg: Return bool from page_check_range
 accel/tcg: Always lock pages before translation
 linux-user: Use abi_* types for target structures in syscall_defs.h
 linux-user: Fix abi_llong alignment for microblaze and nios2
 linux-user: Fix do_shmat type errors
 linux-user: Implement execve without execveat
 linux-user: Make sure initial brk is aligned
 linux-user: Use a mask with strace flags
 linux-user: Implement MAP_FIXED_NOREPLACE
 linux-user: Widen target_mmap offset argument to off_t
 linux-user: Use page_find_range_empty for mmap_find_vma_reserved
 linux-user: Use 'last' instead of 'end' in target_mmap and subroutines
 linux-user: Remove can_passthrough_madvise
 linux-user: Simplify target_madvise
 linux-user: Drop uint and ulong types
 linux-user/arm: Do not allocate a commpage at all for M-profile CPUs
 bsd-user: Use page_check_range_empty for MAP_EXCL
 bsd-user: Use page_find_range_empty for mmap_find_vma_reserved
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmSypEYdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9VzQf/RMRK4SQDJiJEbQ6K
 5U1i955Rl4MMLT8PrkbT/UDA9soyIlSVjUenW8ThJJg6SLbSvkXZsWn165PFu+yW
 nYkeCYxkJtAjWmmFlZ44J+VLEZZ6LkWrIvPZHvKohelpi6uT/fuQaAZjKuH2prI/
 7bdP5YdLUMpCztERHYfxmroEX4wJR6knsRpt5rYchADxEfkWk82PanneCw7grQ6V
 VNg1pRGplp0jMkpOOBvMD1ENkmoipklMe9P1gQdCHobg2/kqpozhT1oQp/gHNkP5
 66Cjzv8o0nnPjJetm74pnP06iNhuMjDesD7f+Vq/DALgMobwjvhDW5GD+Ccto85B
 hqvwHA==
 =vm0t
 -----END PGP SIGNATURE-----

Merge tag 'pull-tcg-20230715' of https://gitlab.com/rth7680/qemu into staging

tcg: Use HAVE_CMPXCHG128 instead of CONFIG_CMPXCHG128
accel/tcg: Introduce page_check_range_empty
accel/tcg: Introduce page_find_range_empty
accel/tcg: Accept more page flags in page_check_range
accel/tcg: Return bool from page_check_range
accel/tcg: Always lock pages before translation
linux-user: Use abi_* types for target structures in syscall_defs.h
linux-user: Fix abi_llong alignment for microblaze and nios2
linux-user: Fix do_shmat type errors
linux-user: Implement execve without execveat
linux-user: Make sure initial brk is aligned
linux-user: Use a mask with strace flags
linux-user: Implement MAP_FIXED_NOREPLACE
linux-user: Widen target_mmap offset argument to off_t
linux-user: Use page_find_range_empty for mmap_find_vma_reserved
linux-user: Use 'last' instead of 'end' in target_mmap and subroutines
linux-user: Remove can_passthrough_madvise
linux-user: Simplify target_madvise
linux-user: Drop uint and ulong types
linux-user/arm: Do not allocate a commpage at all for M-profile CPUs
bsd-user: Use page_check_range_empty for MAP_EXCL
bsd-user: Use page_find_range_empty for mmap_find_vma_reserved

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmSypEYdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9VzQf/RMRK4SQDJiJEbQ6K
# 5U1i955Rl4MMLT8PrkbT/UDA9soyIlSVjUenW8ThJJg6SLbSvkXZsWn165PFu+yW
# nYkeCYxkJtAjWmmFlZ44J+VLEZZ6LkWrIvPZHvKohelpi6uT/fuQaAZjKuH2prI/
# 7bdP5YdLUMpCztERHYfxmroEX4wJR6knsRpt5rYchADxEfkWk82PanneCw7grQ6V
# VNg1pRGplp0jMkpOOBvMD1ENkmoipklMe9P1gQdCHobg2/kqpozhT1oQp/gHNkP5
# 66Cjzv8o0nnPjJetm74pnP06iNhuMjDesD7f+Vq/DALgMobwjvhDW5GD+Ccto85B
# hqvwHA==
# =vm0t
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 15 Jul 2023 02:51:02 PM BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* tag 'pull-tcg-20230715' of https://gitlab.com/rth7680/qemu: (47 commits)
  tcg: Use HAVE_CMPXCHG128 instead of CONFIG_CMPXCHG128
  accel/tcg: Always lock pages before translation
  linux-user/arm: Do not allocate a commpage at all for M-profile CPUs
  linux-user: Drop uint and ulong
  linux-user: Simplify target_madvise
  linux-user: Remove can_passthrough_madvise
  accel/tcg: Return bool from page_check_range
  accel/tcg: Accept more page flags in page_check_range
  linux-user: Simplify target_munmap
  linux-user: Rename mmap_reserve to mmap_reserve_or_unmap
  linux-user: Rewrite mmap_reserve
  linux-user: Use 'last' instead of 'end' in target_mmap
  linux-user: Use page_find_range_empty for mmap_find_vma_reserved
  bsd-user: Use page_find_range_empty for mmap_find_vma_reserved
  accel/tcg: Introduce page_find_range_empty
  linux-user: Rewrite mmap_frag
  linux-user: Rewrite target_mprotect
  linux-user: Widen target_mmap offset argument to off_t
  linux-user: Split out target_to_host_prot
  linux-user: Implement MAP_FIXED_NOREPLACE
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-07-15 14:53:37 +01:00
Richard Henderson
76f9d6ad19 tcg: Use HAVE_CMPXCHG128 instead of CONFIG_CMPXCHG128
We adjust CONFIG_ATOMIC128 and CONFIG_CMPXCHG128 with
CONFIG_ATOMIC128_OPT in atomic128.h.  It is difficult
to tell when those changes have been applied with the
ifdef we must use with CONFIG_CMPXCHG128.  So instead
use HAVE_CMPXCHG128, which triggers -Werror-undef when
the proper header has not been included.

Improves tcg_gen_atomic_cmpxchg_i128 for s390x host, which
requires CONFIG_ATOMIC128_OPT.  Without this we fall back
to EXCP_ATOMIC to single-step 128-bit atomics, which is
slow enough to cause some tests to time out.

Reported-by: Thomas Huth <thuth@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-07-15 08:02:49 +01:00