Commit Graph

79671 Commits

Author SHA1 Message Date
Helge Deller
95aad497d9 hw/display/artist: Verify artist screen resolution
Artist hardware is limited to 2048 x 2048 pixels.
STI ROMs allow at minimum 640 x 480 pixels.

Qemu users can adjust the screen size on the command line with:
 -global artist.width=800 -global artist.height=600
but we need to ensure that the screen size stays inside the given
boundaries, otherwise print an error message and adjust.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-09-03 17:30:04 +02:00
Helge Deller
3b65b74254 target/hppa: Fix boot with old Linux installation CDs
The current qemu hppa emulation emulates a PA1.1 CPU, which can only execute
the 32-bit instruction set. For unknown 64-bit instructions, a instruction trap
is sent to the virtual CPU.
This behaviour is correct in the sense that we emulate what the PA1.1
specification says.

But when trying to boot older Linux installation images, e.g.
ftp://parisc.parisc-linux.org/debian-cd/debian-5.0/lenny-5.0.10-hppa-iso-cd/cdimage.debian.org/debian-5010-hppa-netinst.iso
one finds that qemu fails to boot those images.
The problem is, that in the Linux kernel (e.g. 2.6.26) of those old images
64-bit instructions were used by mistake in the fault handlers. The relevant
instructions (the ",*" indicates that it's a 64-bit instruction) I see are:
   0:   09 3e 04 29     sub,* sp,r9,r9
   0:   08 3d 06 3d     add,* ret1,r1,ret1
   0:   0a 09 02 61     or,* r9,r16,r1
   0:   0a ba 00 3a     andcm,* r26,r21,r26
   0:   08 33 02 33     and,* r19,r1,r19

The interesting part is, that real physical 32-bit machines (like the 700/64
and B160L - which is the one we emulate) do boot those images and thus seem to
simply ignore the 64-bit flag on those instructions.

The patch below modifies the qemu instruction decoder to ignore the 64-bit flag
too - which is what real 32-bit hardware seems to do.  With this modification
qemu now successfully boots those older images too.

I suggest to apply the patch below - even if it does not reflect what the SPEC
says.  Instead it increases the compatibility to really existing hardware and
seem to not create problems if we add real PA2.0 support anytime later.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-09-02 23:16:57 +02:00
Helge Deller
b28c4a6497 hw/hppa: Add power button emulation
Emulate a power button switch, tell SeaBIOS the address via fw_cfg and
bind the power button to the qemu UI.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-09-02 23:16:52 +02:00
Helge Deller
245760074a hw/hppa: Tell SeaBIOS port address of fw_cfg
Change QEMU_FW_CFG_IO_BASE to shorter variant FW_CFG_IO_BASE and hand
over the actual port address in %r19 to SeaBIOS.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-09-02 23:16:51 +02:00
Helge Deller
34743e9633 hw/hppa: Change fw_cfg port address
Devices on hppa occupy at least 4k starting at the HPA, so MEMORY_HPA+4k is
blocked (by Linux) for the memory module.  I noticed this when testing the new
Linux kernel patch to let the fw_cfg entries show up in Linux under /proc.
The Linux kernel driver could not allocate the region for fw_cfg.
This new base address seems to not conflict.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-09-02 23:16:50 +02:00
Helge Deller
32ff8bf248 hw/hppa: Store boot device in fw_cfg section
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Helge Deller <deller@gmx.de>
2020-09-02 23:16:49 +02:00
Helge Deller
df5c6a5094 hw/hppa: Make number of TLB and BTLB entries configurable
Until now the TLB size was fixed at 256 entries. To allow operating
systems to utilize more TLB entries in the future, we need to tell
firmware how many TLB entries we actually support in the emulation.
Firmware then reports this to the operating system via the
PDC_CACHE_INFO call.

This patch simply does the preparation to allow more TLB entries.

Signed-off-by: Helge Deller <deller@gmx.de>
2020-09-02 23:16:48 +02:00
Helge Deller
009673edd9 seabios-hppa: Update SeaBIOS to hppa-qemu-5.2-2 tag
Changes:
* If only one bootable device is available, boot from it.
* Silence PDC warnings with HP-UX 11.11
* Inform Linux about fw_cfg port addresses
* Make power switch button configurable from qemu
* Clear screen on machine reset
* Add fw_cfg option to enable runtime debug info
* Fix panic on OpenBSD/6.7 regarding STI console
* Set text planes and used_bits in STI fields
* Fix mon_tbl entries
* Convert sti_region_list to an initialized struct

Signed-off-by: Helge Deller <deller@gmx.de>
2020-09-01 18:29:59 +02:00
Peter Maydell
ac8b279f13 - document s390x boot devices
- bug fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAl9HpCkSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+v3fUP/2o4ARBR2WeopsJQTqL543CTMKPVUzs5
 P9280lP2pG0zrpZ//HIGrFv2SWEizXvhXqagX0SJhWWp4wLNFsXdQSdn3HNWGsWR
 6kMEI2AfoJO9Z1pR+UCEbXnhMrl+FX2pd6mewUROZuhnTm8ktOlgrCOc+QGMrPZI
 BRU0q4fWcD/HDS6JEfIJw6jqCyE55+jlI53FH9apgLHOqqF+bbw4nwvsYXL9q0D9
 YQPFyy9w8Q3mwLdznrYuxfwnSJfyxB5irD/iOZbjDUB4b2Gv09+bD2E3OG08leyu
 Q3Fj8AWkZYkD8k9gjbnijbhGSOI/TS1kjrTTWh68p6M/YWDp+BlLJRs0V6wDCDnz
 eRXG+Rf0qxKozVv70yFo7vUS2HZiE//qN/gQhiVzkFND+9/5rjpGiStRkzbDF9O6
 TAD6XbAUJ3wXCBwmEpmmzLjF31zngCFtAqaPKRvkL0644KWxHG8FRgMhcKBuvn9g
 CaCnKkQUt3ryAKZqX39TOh9qR72b4K1UZtwz0HWgjN3beewTnYH8t7GFVt9GyUQ2
 xwnrm6P0q43UJITOU0Ag2YL3d3ZLzc7rOzoBpZwmlt5/Sl7MzIte03i4JxuF9yj/
 cPBT9l7SPWkRwiqsIpE1ukZcBhxWGlp4or7yGM5dMM2GAg2tWA2S/n9UNuGGC6TK
 jwi361KSy4W/
 =PCke
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20200827' into staging

- document s390x boot devices
- bug fixes

# gpg: Signature made Thu 27 Aug 2020 13:16:41 BST
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20200827:
  hw/vfio/ap: Plug memleak in vfio_ap_get_group()
  docs/system/s390x: Add a chapter about s390x boot devices
  virtio-ccw-input: fix description

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-27 13:48:12 +01:00
Pan Nengyuan
0216b18b79 hw/vfio/ap: Plug memleak in vfio_ap_get_group()
Missing g_error_free() in vfio_ap_get_group() error path. Fix that.

Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
Reviewed-by: Pierre Morel <pmorel@linux.ibm.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Message-Id: <20200814160241.7915-3-pannengyuan@huawei.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2020-08-27 12:37:03 +02:00
Thomas Huth
70c04a7ca2 docs/system/s390x: Add a chapter about s390x boot devices
Booting on s390x is a little bit different compared to other architectures.
Let's add some information for people who are not yet used to this.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20200806150507.12073-1-thuth@redhat.com>
[CH: minor wording tweaks]
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2020-08-27 12:37:03 +02:00
Cornelia Huck
de345260c5 virtio-ccw-input: fix description
Fix a copy/paste error.

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20200728102820.273598-1-cohuck@redhat.com>
2020-08-27 12:37:03 +02:00
Peter Maydell
8e49197ca5 artist out of bounds fixes
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQS86RI+GtKfB8BJu973ErUQojoPXwUCX0bPowAKCRD3ErUQojoP
 X43sAPwP4Prb0NQTw68l5oSwOoIcuWb4GZBjxOPecDis/0K2ogD/WswDJ8qk3RAQ
 7XYGY8LuMdhwfcsx15TsuB/HAUie3QM=
 =wIGS
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/hdeller/tags/target-hppa-v3-pull-request' into staging

artist out of bounds fixes

# gpg: Signature made Wed 26 Aug 2020 22:09:55 BST
# gpg:                using EDDSA key BCE9123E1AD29F07C049BBDEF712B510A23A0F5F
# gpg: Good signature from "Helge Deller <deller@gmx.de>" [unknown]
# gpg:                 aka "Helge Deller <deller@kernel.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 4544 8228 2CD9 10DB EF3D  25F8 3E5F 3D04 A7A2 4603
#      Subkey fingerprint: BCE9 123E 1AD2 9F07 C049  BBDE F712 B510 A23A 0F5F

* remotes/hdeller/tags/target-hppa-v3-pull-request:
  hw/display/artist: Fix invalidation of lines near screen border
  hw/display/artist: Fix invalidation of lines in artist_draw_line()
  hw/display/artist: Unbreak size mismatch memory accesses
  hw/display/artist: Prevent out of VRAM buffer accesses
  Revert "hw/display/artist: Avoid drawing line when nothing to display"
  hw/display/artist: Refactor artist_rop8() to avoid buffer over-run
  hw/display/artist: Check offset in draw_line to avoid buffer over-run
  hw/hppa/lasi: Don't abort on invalid IMR value
  hw/display/artist.c: fix out of bounds check
  hw/hppa: Implement proper SeaBIOS version check
  seabios-hppa: Update to SeaBIOS hppa version 1
  hw/hppa: Sync hppa_hardware.h file with SeaBIOS sources

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-26 22:23:53 +01:00
Sven Schnelle
2f8cd51547 hw/display/artist: Fix invalidation of lines near screen border
If parts of the invalidated screen lines are outside of the VRAM buffer,
the code skips the whole invalidate. This is incorrect when only parts
of the buffer are invisble - which is the case when the mouse cursor is
located near the screen border.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Signed-off-by: Helge Deller <deller@gmx.de>
2020-08-26 23:04:00 +02:00
Sven Schnelle
f9e9f71490 hw/display/artist: Fix invalidation of lines in artist_draw_line()
The old code didn't invalidate correctly when vertical lines were drawn.
Fix this and move the invalidation out of the loop.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Signed-off-by: Helge Deller <deller@gmx.de>
2020-08-26 23:04:00 +02:00
Helge Deller
e0cf02ce68 hw/display/artist: Unbreak size mismatch memory accesses
Commit 5d971f9e67 ("memory: Revert "memory: accept mismatching sizes
in memory_region_access_valid") broke the artist driver in a way that
the dtwm window manager on HP-UX rendered wrong.

Fixes: 5d971f9e67 ("memory: Revert "memory: accept mismatching sizes in memory_region_access_valid")
Signed-off-by: Sven Schnelle <svens@stackframe.org>
Signed-off-by: Helge Deller <deller@gmx.de>
2020-08-26 23:04:00 +02:00
Helge Deller
a501bfc917 hw/display/artist: Prevent out of VRAM buffer accesses
Simplify various bounds checks by changing parameters like row and column
numbers to become unsigned instead of signed.
With that we can check if the calculated offset is bigger than the size of the
VRAM region and bail out if not.

Reported-by: LLVM libFuzzer
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Buglink: https://bugs.launchpad.net/qemu/+bug/1880326
Buglink: https://bugs.launchpad.net/qemu/+bug/1890310
Buglink: https://bugs.launchpad.net/qemu/+bug/1890311
Buglink: https://bugs.launchpad.net/qemu/+bug/1890312
Buglink: https://bugs.launchpad.net/qemu/+bug/1890370
Acked-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Helge Deller <deller@gmx.de>
2020-08-26 23:04:00 +02:00
Helge Deller
8bd0d5b5ef Revert "hw/display/artist: Avoid drawing line when nothing to display"
This reverts commit b0f6455fea.
It's wrong. A line could even be a dot.

Signed-off-by: Helge Deller <deller@gmx.de>
2020-08-26 23:04:00 +02:00
Philippe Mathieu-Daudé
84a7b7741a hw/display/artist: Refactor artist_rop8() to avoid buffer over-run
Invalid I/O writes can craft an offset out of the vram_buffer range.
Instead of passing an unsafe pointer to artist_rop8(), pass the vram_buffer and
the offset. We can now check if the offset is in range before accessing it.

We avoid:

  Program terminated with signal SIGSEGV, Segmentation fault.
  284             *dst &= ~plane_mask;
  (gdb) bt
  #0  0x000056367b2085c0 in artist_rop8 (s=0x56367d38b510, dst=0x7f9f972fffff <error: Cannot access memory at address 0x7f9f972fffff>, val=0 '\000') at hw/display/artist.c:284
  #1  0x000056367b209325 in draw_line (s=0x56367d38b510, x1=-20480, y1=-1, x2=0, y2=17920, update_start=true, skip_pix=-1, max_pix=-1) at hw/display/artist.c:646

Reported-by: LLVM libFuzzer
Buglink: https://bugs.launchpad.net/qemu/+bug/1880326
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Helge Deller <deller@gmx.de>
2020-08-26 23:04:00 +02:00
Philippe Mathieu-Daudé
b87a7355de hw/display/artist: Check offset in draw_line to avoid buffer over-run
Invalid I/O writes can craft an offset out of the vram_buffer range.

We avoid:

  Program terminated with signal SIGSEGV, Segmentation fault.
  284             *dst &= ~plane_mask;
  (gdb) bt
  #0  0x000055d5dccdc5c0 in artist_rop8 (s=0x55d5defee510, dst=0x7f8e84ed8216 <error: Cannot access memory at address 0x7f8e84ed8216>, val=0 '\000') at hw/display/artist.c:284
  #1  0x000055d5dccdcf83 in fill_window (s=0x55d5defee510, startx=22, starty=5674, width=65, height=5697) at hw/display/artist.c:551
  #2  0x000055d5dccddfb9 in artist_reg_write (opaque=0x55d5defee510, addr=1051140, val=4265537, size=4) at hw/display/artist.c:902
  #3  0x000055d5dcb42a7c in memory_region_write_accessor (mr=0x55d5defeea10, addr=1051140, value=0x7ffe57db08c8, size=4, shift=0, mask=4294967295, attrs=...) at memory.c:483

Reported-by: LLVM libFuzzer
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Helge Deller <deller@gmx.de>
2020-08-26 23:04:00 +02:00
Helge Deller
b899fe41ce hw/hppa/lasi: Don't abort on invalid IMR value
NetBSD initializes the LASI IMR value with 0xffffffff to disable all LASI
interrupts. This triggered an assert() and stopped the emulation.  By replacing
the check with a warning in the guest log we now allow NetBSD to boot again.

Signed-off-by: Helge Deller <deller@gmx.de>
2020-08-26 23:04:00 +02:00
Peter Maydell
25f6dc28a3 Block patches:
- qcow2 subclusters (extended L2 entries)
 -----BEGIN PGP SIGNATURE-----
 
 iQFGBAABCAAwFiEEkb62CjDbPohX0Rgp9AfbAGHVz0AFAl9GESASHG1yZWl0ekBy
 ZWRoYXQuY29tAAoJEPQH2wBh1c9AKNsH/1iG6YVi9c25BoE/3nnu1yJSQiVqpjzt
 hRsV0LzqqaUd3r/yLx5wyFpmcOC+iqJsNrrJCMR9GqMCXyOiH2S9xZs9rVnL44dr
 gt8bhbAfLTQr6ix9rzJUekRHWa0oeoECS6FLdkAnc6xB5Tf5YwOXdX8FYGiR6M9Q
 mibqBIRbQX10ptdZjRpQaDNiTAGMoXfXa1YxTfeFuvW/vwnP34mT+K1B6o1CxDdL
 G9mG9atF0Zu5qjovapw0a/lnEppyxIJXSpU0s6s7dGbuAzw8IRM5utJLSNu4hL/c
 fTxmAnhcB6bFPaMHHMP4izQFds1M1NBZFX/4ji+u0cE8CgTGSqmupRA=
 =j4jq
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2020-08-26' into staging

Block patches:
- qcow2 subclusters (extended L2 entries)

# gpg: Signature made Wed 26 Aug 2020 08:37:04 BST
# gpg:                using RSA key 91BEB60A30DB3E8857D11829F407DB0061D5CF40
# gpg:                issuer "mreitz@redhat.com"
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>" [full]
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1  1829 F407 DB00 61D5 CF40

* remotes/maxreitz/tags/pull-block-2020-08-26: (34 commits)
  iotests: Add tests for qcow2 images with extended L2 entries
  qcow2: Assert that expand_zero_clusters_in_l1() does not support subclusters
  qcow2: Allow preallocation and backing files if extended_l2 is set
  qcow2: Add the 'extended_l2' option and the QCOW2_INCOMPAT_EXTL2 bit
  qcow2: Add prealloc field to QCowL2Meta
  qcow2: Add subcluster support to qcow2_measure()
  qcow2: Add subcluster support to qcow2_co_pwrite_zeroes()
  qcow2: Add subcluster support to handle_alloc_space()
  qcow2: Clear the L2 bitmap when allocating a compressed cluster
  qcow2: Update L2 bitmap in qcow2_alloc_cluster_link_l2()
  qcow2: Add subcluster support to check_refcounts_l2()
  qcow2: Add subcluster support to discard_in_l2_slice()
  qcow2: Add subcluster support to zero_in_l2_slice()
  qcow2: Add subcluster support to qcow2_get_host_offset()
  qcow2: Add subcluster support to calculate_l2_meta()
  qcow2: Handle QCOW2_SUBCLUSTER_UNALLOCATED_ALLOC
  qcow2: Replace QCOW2_CLUSTER_* with QCOW2_SUBCLUSTER_*
  qcow2: Add cluster type parameter to qcow2_get_host_offset()
  qcow2: Add qcow2_cluster_is_allocated()
  qcow2: Add qcow2_get_subcluster_range_type()
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-26 10:28:36 +01:00
Alberto Garcia
a5d3cfa2dc iotests: Add tests for qcow2 images with extended L2 entries
Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-Id: <e6dd0429cafe84ca603179c298a8703bddca2904.1594396418.git.berto@igalia.com>
[mreitz: Use env in shebang line]
Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-08-26 08:49:51 +02:00
Peter Maydell
78dca230c9 This pull request first adds support for multi-socket NUMA RISC-V
machines. The Spike and Virt machines both support NUMA sockets.
 
 This PR also updates the current experimental Hypervisor support to the
 v0.6.1 spec.
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAl9FXM0ACgkQIeENKd+X
 cFRuPgf6A7yfDjapdHIJlX+wr8O2QEVKSL59+t/TgJRv+0CsmP4MdkYE2g0zA7zy
 mstYAgZNXTYE6Ee+WnOLcP7chAsdTjFyAnsUgNOXDToVEQQykm6XdaPsZsRJNnTG
 AcAPN6+s9kBvh9NUTfQHb4tEvvD/mGk5wsT58ciYWl8islpCADcYgAtboTSLY/gA
 qTex0McllG+y4coJudubi+uv46BeaetgQ59cBb4K65zsSM9fesRz8dUvSyXyFv10
 CUFpQLxX410wvBlTV3I5L7bwOT5OdFjw1dzwE6VET+tu9YlLOOHuRuptnDhdTHgu
 Dkxx4YB7SRBiF+/JUvxJ559Ez106pw==
 =TQFe
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-20200825' into staging

This pull request first adds support for multi-socket NUMA RISC-V
machines. The Spike and Virt machines both support NUMA sockets.

This PR also updates the current experimental Hypervisor support to the
v0.6.1 spec.

# gpg: Signature made Tue 25 Aug 2020 19:47:41 BST
# gpg:                using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full]
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8  CE8F 21E1 0D29 DF97 7054

* remotes/alistair/tags/pull-riscv-to-apply-20200825:
  target/riscv: Support the Virtual Instruction fault
  target/riscv: Return the exception from invalid CSR accesses
  target/riscv: Support the v0.6 Hypervisor extension CRSs
  target/riscv: Only support little endian guests
  target/riscv: Only support a single VSXL length
  target/riscv: Update the CSRs to the v0.6 Hyp extension
  target/riscv: Update the Hypervisor trap return/entry
  target/riscv: Fix the interrupt cause code
  target/riscv: Convert MSTATUS MTL to GVA
  target/riscv: Don't allow guest to write to htinst
  target/riscv: Do two-stage lookups on hlv/hlvx/hsv instructions
  target/riscv: Allow generating hlv/hlvx/hsv instructions
  target/riscv: Allow setting a two-stage lookup in the virt status
  hw/riscv: virt: Allow creating multiple NUMA sockets
  hw/riscv: spike: Allow creating multiple NUMA sockets
  hw/riscv: Add helpers for RISC-V multi-socket NUMA machines
  hw/riscv: Allow creating multiple instances of PLIC
  hw/riscv: Allow creating multiple instances of CLINT

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-25 22:50:42 +01:00
Alistair Francis
e39a8320b0 target/riscv: Support the Virtual Instruction fault
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 4c744dce9b0b057cbb5cc0f4d4ac75cda682a8af.1597259519.git.alistair.francis@wdc.com
Message-Id: <4c744dce9b0b057cbb5cc0f4d4ac75cda682a8af.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
57cb2083e6 target/riscv: Return the exception from invalid CSR accesses
When performing a CSR access let's return a negative exception value on
an error instead of -1. This will allow us to specify the exception in
future patches.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: a487dad60c9b8fe7a2b992c5e0dcc2504a9000a7.1597259519.git.alistair.francis@wdc.com
Message-Id: <a487dad60c9b8fe7a2b992c5e0dcc2504a9000a7.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
83028098f4 target/riscv: Support the v0.6 Hypervisor extension CRSs
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 644b6c114b1a81adbee0ab8c9c66a8672059ec96.1597259519.git.alistair.francis@wdc.com
Message-Id: <644b6c114b1a81adbee0ab8c9c66a8672059ec96.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
30f663b16f target/riscv: Only support little endian guests
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 93e5d4f13eca0d2a588e407187f33c6437aeaaf9.1597259519.git.alistair.francis@wdc.com
Message-Id: <93e5d4f13eca0d2a588e407187f33c6437aeaaf9.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
f8dc878efc target/riscv: Only support a single VSXL length
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: f3f4fd2ec22a07cc1d750e96895d6813f131de4d.1597259519.git.alistair.francis@wdc.com
Message-Id: <f3f4fd2ec22a07cc1d750e96895d6813f131de4d.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
543ba53157 target/riscv: Update the CSRs to the v0.6 Hyp extension
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 4f227b30cb1816795296c0994f1123fab143666a.1597259519.git.alistair.francis@wdc.com
Message-Id: <4f227b30cb1816795296c0994f1123fab143666a.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
f2d5850f71 target/riscv: Update the Hypervisor trap return/entry
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: e7e4e801234f2934306e734f65860f601a5745bd.1597259519.git.alistair.francis@wdc.com
Message-Id: <e7e4e801234f2934306e734f65860f601a5745bd.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
84b1c04bba target/riscv: Fix the interrupt cause code
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 85b7fdba8abd87adb83275cdc3043ce35a1ed5c3.1597259519.git.alistair.francis@wdc.com
Message-Id: <85b7fdba8abd87adb83275cdc3043ce35a1ed5c3.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
9034e90ad9 target/riscv: Convert MSTATUS MTL to GVA
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 9308432988946de550a68524ed76e4b8683f10e2.1597259519.git.alistair.francis@wdc.com
Message-Id: <9308432988946de550a68524ed76e4b8683f10e2.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
e2eb5ca8f6 target/riscv: Don't allow guest to write to htinst
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: ca5359fec6b2aff851eef3b3bc4b53cb5d4ad194.1597259519.git.alistair.francis@wdc.com
Message-Id: <ca5359fec6b2aff851eef3b3bc4b53cb5d4ad194.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
29b3361b14 target/riscv: Do two-stage lookups on hlv/hlvx/hsv instructions
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 024ad8a594fb2feaf0950fbfad1508cfa82ce7f0.1597259519.git.alistair.francis@wdc.com
Message-Id: <024ad8a594fb2feaf0950fbfad1508cfa82ce7f0.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Alistair Francis
8c5362acb5 target/riscv: Allow generating hlv/hlvx/hsv instructions
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 477c864312280ea55a98dc84cb01d826751b6c14.1597259519.git.alistair.francis@wdc.com
Message-Id: <477c864312280ea55a98dc84cb01d826751b6c14.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Alistair Francis
5a894dd770 target/riscv: Allow setting a two-stage lookup in the virt status
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 08cdefb171b1bdb0c9e3151c509aaadefc3dcd3e.1597259519.git.alistair.francis@wdc.com
Message-Id: <08cdefb171b1bdb0c9e3151c509aaadefc3dcd3e.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Anup Patel
18df0b4695 hw/riscv: virt: Allow creating multiple NUMA sockets
We extend RISC-V virt machine to allow creating a multi-socket
machine. Each RISC-V virt machine socket is a NUMA node having
a set of HARTs, a memory instance, a CLINT instance, and a PLIC
instance. Other devices are shared between all sockets. We also
update the generated device tree accordingly.

By default, NUMA multi-socket support is disabled for RISC-V virt
machine. To enable it, users can use "-numa" command-line options
of QEMU.

Example1: For two NUMA nodes with 2 CPUs each, append following
to command-line options: "-smp 4 -numa node -numa node"

Example2: For two NUMA nodes with 1 and 3 CPUs, append following
to command-line options:
"-smp 4 -numa node -numa node -numa cpu,node-id=0,core-id=0 \
-numa cpu,node-id=1,core-id=1 -numa cpu,node-id=1,core-id=2 \
-numa cpu,node-id=1,core-id=3"

The maximum number of sockets in a RISC-V virt machine is 8
but this limit can be changed in future.

Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Message-Id: <20200616032229.766089-6-anup.patel@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Anup Patel
a7172791e3 hw/riscv: spike: Allow creating multiple NUMA sockets
We extend RISC-V spike machine to allow creating a multi-socket
machine. Each RISC-V spike machine socket is a NUMA node having
a set of HARTs, a memory instance, and a CLINT instance. Other
devices are shared between all sockets. We also update the
generated device tree accordingly.

By default, NUMA multi-socket support is disabled for RISC-V spike
machine. To enable it, users can use "-numa" command-line options
of QEMU.

Example1: For two NUMA nodes with 2 CPUs each, append following
to command-line options: "-smp 4 -numa node -numa node"

Example2: For two NUMA nodes with 1 and 3 CPUs, append following
to command-line options:
"-smp 4 -numa node -numa node -numa cpu,node-id=0,core-id=0 \
-numa cpu,node-id=1,core-id=1 -numa cpu,node-id=1,core-id=2 \
-numa cpu,node-id=1,core-id=3"

The maximum number of sockets in a RISC-V spike machine is 8
but this limit can be changed in future.

Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Message-Id: <20200616032229.766089-5-anup.patel@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Anup Patel
83fcaefd9d hw/riscv: Add helpers for RISC-V multi-socket NUMA machines
We add common helper routines which can be shared by RISC-V
multi-socket NUMA machines.

We have two types of helpers:
1. riscv_socket_xyz() - These helper assist managing multiple
   sockets irrespective whether QEMU NUMA is enabled/disabled
2. riscv_numa_xyz() - These helpers assist in providing
   necessary QEMU machine callbacks for QEMU NUMA emulation

Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Message-Id: <20200616032229.766089-4-anup.patel@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Anup Patel
c9270e10a5 hw/riscv: Allow creating multiple instances of PLIC
We extend PLIC emulation to allow multiple instances of PLIC in
a QEMU RISC-V machine. To achieve this, we remove first HART id
zero assumption from PLIC emulation.

Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200616032229.766089-3-anup.patel@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Anup Patel
3bf03f0899 hw/riscv: Allow creating multiple instances of CLINT
We extend CLINT emulation to allow multiple instances of CLINT in
a QEMU RISC-V machine. To achieve this, we remove first HART id
zero assumption from CLINT emulation.

Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Message-Id: <20200616032229.766089-2-anup.patel@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Peter Maydell
d1a2b51f86 Add support for UNIX sockets in the abstract namespace
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAl9E7WYACgkQvobrtBUQ
 T9/XWQ//XG8gyxkqBitG2q2cLkg2JqXnVJnFQevc6Lw8GuBHGyLwrUqGk0rciNJS
 VWDnqPgxTWudcJddWqdbnMe1NiTH3n15Hk6ypbjpfiIk011tAQTqiDFECSMJZKUR
 XTUOb0rf0CBEBFoaCl8srnkXGz8d7Bo2EcjCTrl/tPrLF51onlxFp+bVA5r1kHSe
 6+M72KdcLj9JeMQiM3StfwnaPA6lOpxpJDKoSATncvCyS+KmDDNFwVPmpX6kcIXp
 IxRmw4jB6i+QB9JGJ/xGUAawmtcPCI7cSFZTOJKKqqbNzAuuTFhfnMsEX7XJBtlZ
 c3DyIjXPgSiOYIuO0yjFl5EpAMwax81K+9nIimBHTjZoslWhaNO8J1eIA24X9w1Q
 0mn8++vx/CoI6lCv+Xr3/aH3lhKR3WfoXYr66K+x5vCSPXUXkVsyovf6UfvYcxhI
 VEKo5vpfGVNEieDhvKoPWmVcyEfQWMgk6SQF/WNpN/SsW7eevmJ1r3To7i2hcsaj
 JpN85JdPe4dBLoMhJB7Ebto/dy7DR1FxBdrVa36zugxrHvm2tDNjPJNQ8bwqYw9G
 uaT4uO0TtylmcbppG7tWpa6MJF3YRMEHMUNsAMKOP6KgrHkqQicN7vGcCgtalyOi
 eKZX/zeAXq3gklExbQ94PpH0IgXGhxOxnlS/tzyGsy2Mzbksl4Y=
 =U3Ad
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/socket-next-pull-request' into staging

Add support for UNIX sockets in the abstract namespace

# gpg: Signature made Tue 25 Aug 2020 11:52:22 BST
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/socket-next-pull-request:
  tests: fix a memory in test_socket_unix_abstract_good

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-25 15:01:43 +01:00
Li Qiang
74a57ddc02 tests: fix a memory in test_socket_unix_abstract_good
After build qemu with '-fsanitize=address' extra-cflags,
'make check' show following leak:

=================================================================
==44580==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 2500 byte(s) in 1 object(s) allocated from:
    #0 0x7f1b5a8b8d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f1b5a514b10 in g_malloc0 (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51b10)
    #2 0xd79ea4e4c0ad31c3  (<unknown module>)

SUMMARY: AddressSanitizer: 2500 byte(s) leaked in 1 allocation(s).

Call 'g_rand_free' in the end of function to avoid this.

Fixes: 4d3a329af59("tests/util-sockets: add abstract unix socket cases")
Signed-off-by: Li Qiang <liq3ea@163.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by:  xiaoqiang zhao <zxq_yx_007@163.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-08-25 11:49:49 +01:00
Peter Maydell
7774e403f2 meson: keymap fixes
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABCgAGBQJfRK1jAAoJEEy22O7T6HE4iyQP/10/we5cHC9s0ctlWn6JoLWG
 MPVqONEQJwgPNTejTttYiXYJIwPJVgL3T6hlhGepEnRQiMTDfQFebXev1zISUUsy
 1+8LkMlF1Ny8Je4IWacfIklRRAyUihPXzcFMs3CIIR6LVqdU/p9riSAh3kOa8+C+
 mLsLX+9GDmIw7yHROrAGcmK4kmkg1L3gpKRlU4b2g36KgW/GCS4mQSjKY0qhsDR9
 a0f3V1slTp6nF6EDwC2s+bQojBBmt917mnB0r5Mj+9Gux9sTGIaecD5K5/8ePzE1
 AIB3twStsnu9GRlf8GF+i6El4l2nLPV/q1Wq5QV7SOPO/KWiW4PpoOPMN48DNoW2
 Ya/t3EYTUDl39MvOSWu6wpZD/kNbD8rFq0aH8y57/mfmJVieFPPgnv6fkJh0t1Ql
 0LvrEzrh2fdGuwenj2x0hB1m+BJ+THXI3krFlyi4EDJI91ZXI0Vll/8IAmVeitz5
 rQi12q8tAhdPVWC7kapJuxHXm7PWcUC4KDNo2XfKXNmHhlr8KI76umasMEp+BicK
 Gr839VyNY8Khb0CAqPYwRGwBgA+eRyhH2w6lvr/O9fvWS6JCDFwwXzJJOy5kXfoc
 UrpD5xR/ApAshEBvwiJwFu7IQQ4b6OaB085hskI8b7wqZ66qgjX0rQ6zSyTVOXTm
 6lMQLgTJpz2eCz14AJfs
 =mzHK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/fixes-20200825-pull-request' into staging

meson: keymap fixes

# gpg: Signature made Tue 25 Aug 2020 07:19:15 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/fixes-20200825-pull-request:
  meson: avoid compiling qemu-keymap by default
  meson: move xkbcommon to meson
  meson: drop keymaps symlink

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-25 10:54:51 +01:00
Alberto Garcia
7bbb59202a qcow2: Assert that expand_zero_clusters_in_l1() does not support subclusters
This function is only used by qcow2_expand_zero_clusters() to
downgrade a qcow2 image to a previous version. This would require
transforming all extended L2 entries into normal L2 entries but this
is not a simple task and there are no plans to implement this at the
moment.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-Id: <15e65112b4144381b4d8c0bdf8fb76b0d813e3d1.1594396418.git.berto@igalia.com>
[mreitz: Fixed comment style]
Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-08-25 10:20:15 +02:00
Alberto Garcia
2118771ddf qcow2: Allow preallocation and backing files if extended_l2 is set
Traditional qcow2 images don't allow preallocation if a backing file
is set. This is because once a cluster is allocated there is no way to
tell that its data should be read from the backing file.

Extended L2 entries have individual allocation bits for each
subcluster, and therefore it is perfectly possible to have an
allocated cluster with all its subclusters unallocated.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-Id: <6d5b0f38e7dc5f2f31d8cab1cb92044e9909aece.1594396418.git.berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-08-25 09:20:04 +02:00
Alberto Garcia
7be2025258 qcow2: Add the 'extended_l2' option and the QCOW2_INCOMPAT_EXTL2 bit
Now that the implementation of subclusters is complete we can finally
add the necessary options to create and read images with this feature,
which we call "extended L2 entries".

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-Id: <6476caaa73216bd05b7bb2d504a20415e1665176.1594396418.git.berto@igalia.com>
[mreitz: %s/5\.1/5.2/; fixed 302's and 303's reference output]
Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-08-25 09:19:55 +02:00
Alberto Garcia
40dee94320 qcow2: Add prealloc field to QCowL2Meta
This field allows us to indicate that the L2 metadata update does not
come from a write request with actual data but from a preallocation
request.

For traditional images this does not make any difference, but for
images with extended L2 entries this means that the clusters are
allocated normally in the L2 table but individual subclusters are
marked as unallocated.

This will allow preallocating images that have a backing file.

There is one special case: when we resize an existing image we can
also request that the new clusters are preallocated. If the image
already had a backing file then we have to hide any possible stale
data and zero out the new clusters (see commit 955c7d6687 for more
details).

In this case the subclusters cannot be left as unallocated so the L2
bitmap must be updated.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-Id: <960d4c444a4f5a870e2b47e5da322a73cd9a2f5a.1594396418.git.berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-08-25 08:33:20 +02:00
Alberto Garcia
0dd07b298f qcow2: Add subcluster support to qcow2_measure()
Extended L2 entries are bigger than normal L2 entries so this has an
impact on the amount of metadata needed for a qcow2 file.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-Id: <7efae2efd5e36b42d2570743a12576d68ce53685.1594396418.git.berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-08-25 08:33:20 +02:00