Commit Graph

71991 Commits

Author SHA1 Message Date
Markus Armbruster
887a2069f7 qapi: Fix broken discriminator error messages
check_union() checks the discriminator exists in base and makes sense.
Two error messages mention the base.  These are broken for anonymous
bases, as demonstrated by tests flat-union-invalid-discriminator and
flat-union-invalid-if-discriminator.err.  The third one doesn't
bother.

First broken when commit ac4338f8eb "qapi: Allow anonymous base for
flat union" (v2.6.0) neglected to adjust the "not a member of base"
error message.  Commit ccadd6bcba "qapi: Add 'if' to implicit struct
members" (v4.0.0) then cloned the flawed error message.

Dumb them down not to mention the base.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-11-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:23 +02:00
Markus Armbruster
9d55380b5a qapi: Remove null from schema language
We represent the parse tree as OrderedDict.  We fetch optional dict
members with .get().  So far, so good.

We represent null literals as None.  .get() returns None both for
"absent" and for "present, value is the null literal".  Uh-oh.

Test features-if-invalid exposes this bug: "'if': null" is
misinterpreted as absent "if".

We added null to the schema language to "allow [...] an explicit
default value" (commit e53188ada5 "qapi: Allow true, false and null in
schema json", v2.4.0).  Hasn't happened; null is still unused except
as generic invalid value in tests/.

To fix, we'd have to replace .get() by something more careful, or
represent null differently.  Feasible, but we got more and bigger fish
to fry right now.  Remove the null literal from the schema language.
Replace null in tests by another invalid value.

Test features-if-invalid now behaves as it should.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-10-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:23 +02:00
Markus Armbruster
14c3279502 qapi: Improve reporting of lexical errors
Show text up to next structural character, whitespace, or quote
character instead of just the first character.

Forgotten quotes now get reported like "Stray 'command'" instead of
"Stray 'c'".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-9-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:23 +02:00
Markus Armbruster
9f5e6b088a qapi: Use quotes more consistently in frontend error messages
Consistently enclose error messages in double quotes.  Use single
quotes within, except for one case of "'".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-8-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:23 +02:00
Markus Armbruster
4d42815587 tests/qapi-schema: Demonstrate suboptimal lexical errors
The error message for forgotten quotes around a name shows just the
name's first character, which isn't as nice as it could be.  Same for
attempting to use a number.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-7-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:23 +02:00
Markus Armbruster
ef91ab0d5f tests/qapi-schema: Demonstrate insufficient 'if' checking
Cover invalid 'if' in struct members, features, union and alternate
branches.  Four out of four are broken.  Mark FIXME.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-6-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[Comment typo fixed]
2019-09-24 14:07:23 +02:00
Markus Armbruster
31248b985e tests/qapi-schema: Demonstrate broken discriminator errors
When the union definition's base is an object, some error messages
show it as an OrderedDict.  Oops.  Mark FIXME.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-5-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
cd346bdc46 tests/qapi-schema: Demonstrate misleading optional tag error
Test flat-union-optional-discriminator declares its union tag as
'*switch': 'Enum', and points to it with 'discriminator': '*switch'.
This gets rejected as "discriminator of flat union 'MyUnion' uses
invalid name '*switch'".  Correct; member 'discriminator' doesn't
accept a '*' prefix.

However, this merely tests name validity checking, which we already
cover elsewhere.  More interesting is testing the valid name 'switch'.
This reports "discriminator 'switch' is not a member of base struct
'Base'", which is misleading.

Copy the existing 'discriminator': '*switch' test to
flat-union-discriminator-bad-name, and rewrite its comment.  Change
flat-union-optional-discriminator to test 'discriminator': 'switch',
and mark it FIXME.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-4-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
352ada9ad4 tests/qapi-schema: Delete two redundant tests
Tests duplicate-key and double-data test the same thing.  The former
predates the latter, and it has a better name.  Delete the latter, and
tweak the former's comment.

Tests include-format-err and include-extra-junk test the same thing.
The former predates the latter, but the latter has a better name and a
comment.  Delete the former.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-3-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
137cf6a9be tests/qapi-schema: Cover unknown pragma
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190914153506.2151-2-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
8d40738d2f qapi: Tweak code to match docs/devel/qapi-code-gen.txt
The previous commit made qapi-code-gen.txt define "(top-level)
expression" as either "directive" or "definition".  The code still
uses "expression" when it really means "definition".  Tidy up.

The previous commit made qapi-code-gen.txt use "object" rather than
"dictionary".  The code still uses "dictionary".  Tidy up.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-17-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
b6c37ebaaf docs/devel/qapi-code-gen: Improve QAPI schema language doc
We document the language by giving patterns of valid JSON objects.
The patterns contain placeholders we don't define anywhere; their
names have to speak for themselves.  I guess they do, but I'd prefer a
bit more rigor.  Provide a grammar instead, and rework the text
accordingly.

Documentation for QAPI schema conditionals (commit 967c885108,
6cc32b0e14, 87adbbffd4..3e270dcacc) and feature flags (commit
6a8c0b5102) was bolted on.  The sections documenting types, commands
and events don't mention them.  Section "Features" and "Configuring
the schema" then provide additional syntax for types, commands and
events.  I hate that.  Fix the sections documenting types, commands
and events to provide accurate syntax, and point to "Features" and
"Configuring the schema" for details.

We talk about "(top-level) expressions other than include and pragma".
Adopt more convenient terminology: a (top-level) expression is either
a directive (include or pragma) or a definition (anything else).

Avoid the terms "dictionary" and "key".  Stick to JSON terminology
"object" and "member name" instead.

While there, make spacing more consistent.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-16-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
634c82c163 docs/devel/qapi-code-gen: Rewrite introduction to schema
The introduction to the QAPI schema is somewhat rambling.  Rewrite for
clarity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-15-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
ab76bc2794 docs/devel/qapi-code-gen: Rewrite compatibility considerations
We have some compatibility advice buried in sections "Enumeration
types" and "Struct types".  Compatibility is actually about commands
and events.  It devolves to the types used there.  All kinds of types,
not just enumerations and structs.

Replace the existing advice by a new section "Compatibility
considerations".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-14-armbru@redhat.com>
[Squash in paragraph on invisible schema changes, as per Eric's review]
2019-09-24 14:07:22 +02:00
Markus Armbruster
f5821f5262 docs/devel/qapi-code-gen: Reorder sections for readability
Section "QMP/Guest agent schema" starts with a brief introduction,
then subsection "Comments", then subsection "Schema overview" (more
elaborate introduction), and only then talks about schema entities
like types, commands, and so forth.

Subsection "Comments" is long and tiring: almost 500 words, mostly
about doc comments.  Move the doc comment part to its own subsection
"Documentation comments" at the very end of "QMP/Guest agent schema".

Subsection "Schema overview" explains naming rules at considerable
length: 250 words.  Move this part to its own subsection "Naming rules
and reserved names" right after the subsections on schema entities.

Subsection "Enumeration types" is wedged between "Struct types" and
"Union types".  Move it before "Struct types".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-13-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
398969fe1c qapi: Adjust frontend errors to say enum value, not member
For consistency with docs/devel/qapi-code-gen.txt.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-12-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
0ced9531f1 qapi: Permit omitting all flat union branches
Absent flat union branches default to the empty struct (since commit
800877bb16 "qapi: allow empty branches in flat unions").  But an
attempt to omit all of them is rejected with "Union 'FOO' has no
branches".  Harmless oddity, but it's easy to avoid, so do that.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-11-armbru@redhat.com>
[Commit message typo fixed]
2019-09-24 14:07:22 +02:00
Markus Armbruster
f03255362a qapi: Permit alternates with just one branch
A union or alternate without branches makes no sense and doesn't work:
it can't be instantiated.  A union or alternate with just one branch
works, but is degenerate.  We accept the former, but reject the
latter.  Weird.  docs/devel/qapi-code-gen.txt doesn't mention the
difference.  It claims an alternate definition is "is similar to a
simple union type".

Permit degenerate alternates to make them consistent with unions.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-10-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
675b214bc6 qapi: Permit 'boxed' with empty type
We reject empty types with 'boxed': true.  We don't really need that
to work, but making it work is actually simpler than rejecting it, so
do that.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-9-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
9b4416bfc1 qapi: Drop support for escape sequences other than \\
Since the previous commit restricted strings to printable ASCII,
\uXXXX's only use is obfuscation.  Drop it.

This leaves \\, \/, \', and \".  Since QAPI schema strings are all
names, and names are restricted to ASCII letters, digits, hyphen, and
underscore, none of them is useful.

The latter three have no test coverage.  Drop them.

Keep \\ to avoid (more) gratuitous incompatibility with JSON.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-8-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
56a8caff92 qapi: Restrict strings to printable ASCII
RFC 8259 on string contents:

   All Unicode characters may be placed within the quotation marks,
   except for the characters that MUST be escaped: quotation mark,
   reverse solidus, and the control characters (U+0000 through
   U+001F).

The QAPI schema parser accepts both less and more than JSON: it
accepts only ASCII with \u (less), and accepts control characters
other than LF (new line) unescaped.  How it treats unescaped non-ASCII
input differs between Python 2 and Python 3.

Make it accept strictly less: require printable ASCII.  Drop support
for \b, \f, \n, \r, \t.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-7-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
05d6ecd049 tests/qapi-schema: Demonstrate bad reporting of funny characters
Invalid name 'not\\possible' is reported as 'not\possible'.  Control
characters (quoted or not) are even more confusing.  Mark FIXME.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-6-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
e24fe238e2 docs/devel/qapi-code-gen: Minor specification fixes
The specification claims "Each expression that isn't an include
directive may be preceded by a documentation block", but the code also
rejects them for pragma directives.  The code is correct.  Fix the
specification.

The specification reserves member names starting with 'has_', but the
code also reserves name 'u'.  Fix the specification.

The specification claims "The string 'max' is not allowed as an enum
value".  Untrue.  Fix the specification.  While there, delete the
naming advice, because it's redundant with the naming rules in section
"Schema overview"

The specification claims "No branch of the union can be named 'max',
as this would collide with the implicit enum".  Untrue.  Fix the
specification.

The specification claims "It is not allowed to name an event 'MAX',
since the generator also produces a C enumeration of all event names
with a generated _MAX value at the end."  Untrue.  Fix the
specification.

The specification claims "All branches of the union must be complex
types", but the code permits only struct types.  The code is correct.
Fix the specification.

The specification claims a command's return type "must be the string
name of a complex or built-in type, a one-element array containing the
name of a complex or built-in type" unless the command is in pragma
'returns-whitelist'.  The code does not permit built-in types.  Fix
the specification.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-5-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
b22e86585b qapi: Drop support for boxed alternate arguments
Commands and events can define their argument type inline (default) or
by referring to another type ('boxed': true, since commit c818408e44
"qapi: Implement boxed types for commands/events", v2.7.0).  The
unboxed inline definition is an (anonymous) struct type.  The boxed
type may be a struct, union, or alternate type.

The latter is problematic: docs/interop/qemu-spec.txt requires the
value of the 'data' key to be a json-object, but any non-degenerate
alternate type has at least one branch that isn't.

Fortunately, we haven't made use of alternates in this context outside
tests/.  Drop support for them.

QAPISchemaAlternateType.is_empty() is now unused.  Drop it, too.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-4-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
dcca907bed qapi: Drop check_type()'s redundant parameter @allow_optional
check_type() uses @allow_optional only when @value is a dictionary and
@allow_dict is True.  All callers that pass allow_dict=True also pass
allow_optional=True.

Therefore, @allow_optional is always True when check_type() uses it.
Drop the redundant parameter.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190913201349.24332-3-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Markus Armbruster
b1862ee623 scripts/git.orderfile: Match QAPI schema more precisely
Pattern *.json also matches the tests/qapi-schema/*.json.  Separates
them from the tests/qapi-schema/*.{err,exit,out} in diffs.  I hate
that.  Change the pattern to match just the "real" QAPI schemata.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190913201349.24332-2-armbru@redhat.com>
2019-09-24 14:07:22 +02:00
Andrey Shinkevich
863f195fa8 make check-unit: use after free in test-opts-visitor
In the struct OptsVisitor, the 'repeated_opts' member points to a list
in the 'unprocessed_opts' hash table after the list has been destroyed.
A subsequent call to visit_type_int() references the deleted list.
It results in use-after-free issue reproduced by running the test case
under the Valgrind: valgrind tests/test-opts-visitor.
A new mode ListMode::LM_TRAVERSED is declared to mark the list
traversal completed.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <1565024586-387112-1-git-send-email-andrey.shinkevich@virtuozzo.com>
2019-09-24 11:03:44 +02:00
Markus Armbruster
81b49004e0 qapi: Make visit_next_list()'s comment less confusing
visit_next_list() returns non-null on success, null on failure.  The
comment's phrasing "until NULL return or error occurs" is needlessly
confusing.  Scratch the "or error occurs" part.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190802122325.16520-1-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 11:03:44 +02:00
Peter Maydell
2f93a3ecdd Fix a bunch of BUGs in the mem-helpers (including the MVC instruction),
especially, to make them behave correctly on faults.
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEG9nKrXNcTDpGDfzKTd4Q9wD/g1oFAl2Ie9ERHGRhdmlkQHJl
 ZGhhdC5jb20ACgkQTd4Q9wD/g1qMNQ//an/e3uXES+LINt/L/UeMpTVxrKCjqz/0
 xlzN3eZmCTKTWb+PD0BRA5tsLCynI731gZQZgHSkgnNz3bEMklJELdUNL40N1idn
 9ey1ZDOGOtGKNYzoe6C53V0H7T2i1WIhoCNeuUSVjcnGL43RVYJB+gCOwCWKQhgR
 k7wJ7b5riJtNBFy9cx8egjP+Rw+eJ/9e+lDccVAOF4avvvI0gNMN9Fq8N6q2y4DM
 1stzhwuBP4rsl6SwCyvEdaISwVpcnQWQTp0z46ighrqWV/hJnibVQtDGVSvb3+Dr
 Kn+oHaN1VYwgaAacVAzgW+HMak1BRWIf8OGGfZlihUMubUCOHANkj9eIqVAwF8qy
 5hVJMfCA9HpCSy0Va9zmVZ9/2EVJfLacykULxveXKX9e9AU+awoQJIvnRIzpc5Q0
 zvPK/871icXPx9UR46aOt8i8CBOun3HmsfCPyuOvzliCHuKyVqbBfdqOl7BHp5LL
 aMp/DB51DIfvQhSRDFdRR2f5o9KvYcafG72F7pWnLZ83TXVHhVqza03ArnjOa/Gi
 Yty+LMEVYWzfmFq8GpA/9bJvY7Bd/EfkO3xXnlJjEFRPk/XTnzsO5c3flcK9hgnY
 tSlqTj/4k+oyKiV7WTYzixTAu4tUhcKOEDkQ4j6kwUMJUTkueqDTAe1Ycxkzjqy5
 QfGdmuKpE8U=
 =839a
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/davidhildenbrand/tags/s390x-tcg-2019-09-23' into staging

Fix a bunch of BUGs in the mem-helpers (including the MVC instruction),
especially, to make them behave correctly on faults.

# gpg: Signature made Mon 23 Sep 2019 09:01:21 BST
# gpg:                using RSA key 1BD9CAAD735C4C3A460DFCCA4DDE10F700FF835A
# gpg:                issuer "david@redhat.com"
# gpg: Good signature from "David Hildenbrand <david@redhat.com>" [unknown]
# gpg:                 aka "David Hildenbrand <davidhildenbrand@gmail.com>" [full]
# Primary key fingerprint: 1BD9 CAAD 735C 4C3A 460D  FCCA 4DDE 10F7 00FF 835A

* remotes/davidhildenbrand/tags/s390x-tcg-2019-09-23: (30 commits)
  tests/tcg: target/s390x: Test MVC
  tests/tcg: target/s390x: Test MVO
  s390x/tcg: MVO: Fault-safe handling
  s390x/tcg: MVST: Fault-safe handling
  s390x/tcg: MVZ: Fault-safe handling
  s390x/tcg: MVN: Fault-safe handling
  s390x/tcg: MVCIN: Fault-safe handling
  s390x/tcg: NC: Fault-safe handling
  s390x/tcg: XC: Fault-safe handling
  s390x/tcg: OC: Fault-safe handling
  s390x/tcg: MVCLU: Fault-safe handling
  s390x/tcg: MVC: Fault-safe handling on destructive overlaps
  s390x/tcg: MVCS/MVCP: Use access_memmove()
  s390x/tcg: Fault-safe memmove
  s390x/tcg: Fault-safe memset
  s390x/tcg: Always use MMU_USER_IDX for CONFIG_USER_ONLY
  s390x/tcg: MVST: Fix storing back the addresses to registers
  s390x/tcg: MVST: Check for specification exceptions
  s390x/tcg: MVCS/MVCP: Properly wrap the length
  s390x/tcg: MVCOS: Lengths are 32 bit in 24/31-bit mode
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-23 15:44:52 +01:00
Peter Maydell
8400efa51a - bugfixes in ccw bios
- gen15a is called z15
 - officially require a 3.15 kernel or later for kvm
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJdiHHIAAoJEBF7vIC1phx8Fm4P/2Kle4HZwWzgpz+w+4DC5FR/
 mFajE5Jp2Msa0IiW5SBr3cHuWb4VY+qJcpzZzt9/3LMtBkpoo76oIq3prW7Szj4e
 RCyJF0d6tFhmMuOUlMiTA9whIBzFS1lG8pN0MlkPb6zKadCzz8Bn8PqXNyETCYQ6
 XgAJmH4kkKk8njzK363MD3sDoF2g+XJjmv7CwQ0Bm7UBKadApN40GUuitGDutFWv
 y6pVwk0iBYkbyWnske9vnRERpjTAETS9OQBc2wKf9g1vt8GAfsDY+f8eRCXI4yXt
 mOz+NtdeY3mueDo3OR4UD3ZnJXLpNMmpFNCwDVCcNXvOgoPcte4lNdi1XUbb1wYb
 YlVda8lZfwEfCF9LtI/fXS4nBD+SnE5upnSuBm40N0mpkOxszafjE+w9j8LTvH7T
 nZsgltwac+SfO19wKZmcSieXSD6RzNmG2hcued7gP149w5/ssI9VF5CWpZNK+ySt
 yZWv2JxWMX+Fx4Yt1vAtOqIQoqPQg7yx76+8PV2kf+JDU46m3R7H4GbMN6SD8Jm7
 /QmPSdeVgmiEwG42bhucwCENaxF5FXRzUv9SY4RrcO6A9oz8EP2EtF9LJIVoEEsp
 GDU66yiUhGNj+ORxPz7ADGLuhwMFmurFji7pwLJFXLkaqTn3bNl0GozVSWrjeizp
 /4u7pugdDl3anw8MOzzx
 =ALS2
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20190923' into staging

- bugfixes in ccw bios
- gen15a is called z15
- officially require a 3.15 kernel or later for kvm

# gpg: Signature made Mon 23 Sep 2019 08:18:32 BST
# gpg:                using RSA key 117BBC80B5A61C7C
# gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@de.ibm.com>" [full]
# Primary key fingerprint: F922 9381 A334 08F9 DBAB  FBCA 117B BC80 B5A6 1C7C

* remotes/borntraeger/tags/s390x-20190923:
  s390x/cpumodel: Add the z15 name to the description of gen15a
  s390x/kvm: Officially require at least kernel 3.15
  pc-bios/s390-ccw: Rebuild the s390-netboot.img firmware image
  pc-bios/s390-ccw/net: fix a possible memory leak in get_uuid()
  pc-bios/s390-ccw: Do not pre-initialize empty array

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-23 11:42:05 +01:00
Peter Maydell
e446ed5a29 ipmi: Some bug fixes and new interfaces
Some bug fixes for the watchdog and hopeful the BT tests.
 
 Change the IPMI UUID handling to give the user the ability to set it or
 not have it.
 
 Add a PCI interface.
 
 Add an SMBus interfaces.
 
 -corey
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE/Q1c5nzg9ZpmiCaGYfOMkJGb/4EFAl2FJFkACgkQYfOMkJGb
 /4ELTQ//csJVqXnjaeQUO6snd6X2QTBF62349RcVyontNNT5MSNTeyelvNYEZY3W
 I8vSjvaYVwK2XkVMLAw0E1I9HlgLEVJt/Kas7r6Ka7IC7QhyCo6XioQAcWjtjnsK
 LrpKjWfbswlkxeIP+dpzXT1zjiB46CjSApJmlelo3A35iSRLQGJMbohPs0edzeUr
 GtzTkJrOpeSFRmWVKPqpVX5cJUqXrdKgXTnUciSN1uHQqjXDCYlQQqlYuYfAJxbY
 zp9Zli/nJXuTHSGNg7OfTGPqePIUt+U/2bNVM9aT1TgMpedvy4KdUNqebiMhJlE/
 rrylXId9kpGyTYxJLllTyFC03ay3MIn/HeQDFBjlwA1PGH7wrAST4jddiDTuVJEd
 vSbo59Ek6v+1wuIgCZMsof9A/t3G/JmBClnsxS2FA6VNFO3+Y5J94o8Uqz5uZvwZ
 yEMfgGODNqO33VMBlMchyW0flxsn5F3kAKzARZf1ifhJZta8mCnyf7jmJ2A0hROQ
 5LnWn/FUZjQ5kaiNAotzHxF3tWleY0rnp7wgmeQrA+5fJHki0CyMNJ6MNbkDTeW9
 rfI8iHQHp4dQk1ZSq5C6OsEeNfPERgyCRCJdGgh5BACeyZbgAqctxC2hH2iWe89n
 Kc9SiZQrWHsCWWPZIXadTKkbcykLl8CaBVOX9hAz5VdV0qmmx6w=
 =lCyp
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cminyard/tags/ipmi-for-release-2019-09-20' into staging

ipmi: Some bug fixes and new interfaces

Some bug fixes for the watchdog and hopeful the BT tests.

Change the IPMI UUID handling to give the user the ability to set it or
not have it.

Add a PCI interface.

Add an SMBus interfaces.

-corey

# gpg: Signature made Fri 20 Sep 2019 20:11:21 BST
# gpg:                using RSA key FD0D5CE67CE0F59A6688268661F38C90919BFF81
# gpg: Good signature from "Corey Minyard <cminyard@mvista.com>" [unknown]
# gpg:                 aka "Corey Minyard <minyard@acm.org>" [unknown]
# gpg:                 aka "Corey Minyard <corey@minyard.net>" [unknown]
# gpg:                 aka "Corey Minyard <minyard@mvista.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FD0D 5CE6 7CE0 F59A 6688  2686 61F3 8C90 919B FF81

* remotes/cminyard/tags/ipmi-for-release-2019-09-20:
  pc: Add an SMB0 ACPI device to q35
  ipmi: Fix SSIF ACPI handling to use the right CRS
  acpi: Add i2c serial bus CRS handling
  ipmi: Add an SMBus IPMI interface
  ipmi: Add PCI IPMI interfaces
  smbios:ipmi: Ignore IPMI devices with no fwinfo function
  ipmi: Allow a size value to be passed for I/O space
  ipmi: Split out BT-specific code from ISA BT code
  ipmi: Split out KCS-specific code from ISA KCS code
  ipmi: Add a UUID device property
  qdev: Add a no default uuid property
  tests:ipmi: Fix IPMI BT tests
  ipmi: Generate an interrupt on watchdog pretimeout expiry
  ipmi: Fix the get watchdog command
  ipmi: Fix watchdog NMI handling

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-23 10:56:46 +01:00
David Hildenbrand
5d69cbdfdd tests/tcg: target/s390x: Test MVC
Let's add a test that especially verifies that no data will be touched
in case we cross page boundaries and one page access triggers a fault.

Before the fault-safe handling fixes, the test failes with:
      TEST    mvc on s390x
    data modified during a fault
    make[2]: *** [../Makefile.target:116: run-mvc] Error 1

Acked-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
d9e13c3419 tests/tcg: target/s390x: Test MVO
Let's add the simple test based on the example from the PoP.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
ab89acd0b7 s390x/tcg: MVO: Fault-safe handling
Each operand can have a maximum length of 16. Make sure to prepare all
reads/writes before writing.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
bb36ed88e9 s390x/tcg: MVST: Fault-safe handling
Access at most single pages and document why. Using the access helpers
might over-indicate watchpoints within the same page, I guess we can
live with that.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
6514f42bf8 s390x/tcg: MVZ: Fault-safe handling
We can process a maximum of 256 bytes, crossing two pages.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
ab8bab68bb s390x/tcg: MVN: Fault-safe handling
We can process a maximum of 256 bytes, crossing two pages.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
65a27df927 s390x/tcg: MVCIN: Fault-safe handling
We can process a maximum of 256 bytes, crossing two pages. Calculate the
accessed range upfront - src is accessed right-to-left.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
4d78c68baf s390x/tcg: NC: Fault-safe handling
We can process a maximum of 256 bytes, crossing two pages.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
a8821dd56e s390x/tcg: XC: Fault-safe handling
We can process a maximum of 256 bytes, crossing two pages. While at it,
increment the length once.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
8c4a732076 s390x/tcg: OC: Fault-safe handling
We can process a maximum of 256 bytes, crossing two pages.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
b8e7b2fe1d s390x/tcg: MVCLU: Fault-safe handling
The last remaining bit is padding with two bytes.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
b7809f3692 s390x/tcg: MVC: Fault-safe handling on destructive overlaps
The last remaining bit for MVC is handling destructive overlaps in a
fault-safe way.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
efb1a76ef9 s390x/tcg: MVCS/MVCP: Use access_memmove()
As we are moving between address spaces, we can use access_memmove()
without checking for destructive overlaps (especially of real storage
locations):
    "Each storage operand is processed left to right. The
    storage-operand-consistency rules are the same as
    for MOVE (MVC), except that when the operands
    overlap in real storage, the use of the common real-
    storage locations is not necessarily recognized."

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
b6c636f2cd s390x/tcg: Fault-safe memmove
Replace fast_memmove() variants by access_memmove() variants, that
first try to probe access to all affected pages (maximum is two pages).

Introduce access_get_byte()/access_set_byte(). We might be able to speed
up memmove in special cases even further (do single-byte access, use
memmove() for remaining bytes in page), however, we'll skip that for now.

In MVCOS, simply always call access_memmove_as() and drop the TODO
about LAP. LAP is already handled in the MMU.

Get rid of adj_len_to_page(), which is now unused.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
70ebd9ce1c s390x/tcg: Fault-safe memset
Replace fast_memset() by access_memset(), that first tries to probe
access to all affected pages (maximum is two). We'll use the same
mechanism for other types of accesses soon.

Only in very rare cases (especially TLB_NOTDIRTY), we'll have to
fallback to ld/st helpers. Try to speed up that case as suggested by
Richard.

We'll rework most involved handlers soon to do all accesses via new
fault-safe helpers, especially MVC.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
817791e839 s390x/tcg: Always use MMU_USER_IDX for CONFIG_USER_ONLY
Although we basically ignore the index all the time for CONFIG_USER_ONLY,
let's simply skip all the checks and always return MMU_USER_IDX in
cpu_mmu_index() and get_mem_index().

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
2bb525e20d s390x/tcg: MVST: Fix storing back the addresses to registers
24 and 31-bit address space handling is wrong when it comes to storing
back the addresses to the register.

While at it, read gprs 0 implicitly.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
087b8193ed s390x/tcg: MVST: Check for specification exceptions
Bit position 32-55 of general register 0 must be zero.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00
David Hildenbrand
373290d8a8 s390x/tcg: MVCS/MVCP: Properly wrap the length
... and don't perform any move in case the length is zero.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
2019-09-23 09:28:29 +02:00