Commit Graph

89419 Commits

Author SHA1 Message Date
Klaus Jensen
9631a8ab21 tests/qtest/nvme-test: add mmio read test
Add a regression test for mmio read on big-endian hosts.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
2021-07-26 21:09:39 +02:00
Klaus Jensen
49e03457f1 hw/nvme: fix mmio read
The new PMR test unearthed a long-standing issue with MMIO reads on
big-endian hosts.

Fix this by unconditionally storing all controller registers in little
endian.

Cc: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 21:09:39 +02:00
Klaus Jensen
5029de44b5 hw/nvme: fix out-of-bounds reads
Peter noticed that mmio access may read into the NvmeParams member in
the NvmeCtrl struct.

Fix the bounds check.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 21:09:39 +02:00
Klaus Jensen
a316aa50e6 hw/nvme: use symbolic names for registers
Add the NvmeBarRegs enum and use these instead of explicit register
offsets.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
2021-07-26 21:09:38 +02:00
Klaus Jensen
5d45edbeac hw/nvme: split pmrmsc register into upper and lower
The specification uses a set of 32 bit PMRMSCL and PMRMSCU registers to
make up the 64 bit logical PMRMSC register.

Make it so.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
2021-07-26 21:09:38 +02:00
Klaus Jensen
5ffbaeed16 hw/nvme: fix controller hot unplugging
Prior to this patch the nvme-ns devices are always children of the
NvmeBus owned by the NvmeCtrl. This causes the namespaces to be
unrealized when the parent device is removed. However, when subsystems
are involved, this is not what we want since the namespaces may be
attached to other controllers as well.

This patch adds an additional NvmeBus on the subsystem device. When
nvme-ns devices are realized, if the parent controller device is linked
to a subsystem, the parent bus is set to the subsystem one instead. This
makes sure that namespaces are kept alive and not unrealized.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Gollu Appalanaidu
51e90178f7 tests/qtest/nvme-test: add persistent memory region test
This will test the PMR functionality.

Signed-off-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
[k.jensen: replaced memory-backend-file with memory-backend-ram]
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Padmakar Kalghatgi
234214734f hw/nvme: error handling for too many mappings
If the number of PRP/SGL mappings exceed 1024, reads and writes will
fail because of an internal QEMU limitation of max 1024 vectors.

Signed-off-by: Padmakar Kalghatgi <p.kalghatgi@samsung.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
[k.jensen: changed the error message to be more generic]
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Klaus Jensen
b0fde9e861 hw/nvme: unregister controller with subsystem at exit
Make sure the controller is unregistered from the subsystem when device
is removed.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Klaus Jensen
cc6fb6bc50 hw/nvme: mark nvme-subsys non-hotpluggable
We currently lack the infrastructure to handle subsystem hotplugging, so
disable it.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Klaus Jensen
5e4f6bcc29 hw/nvme: remove NvmeCtrl parameter from ns setup/check functions
The nvme_ns_setup and nvme_ns_check_constraints should not depend on the
controller state. Refactor and remove it.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Peter Maydell
76bf66b913 Pull request
Phil's block/nvme.c ENOSPC fix for newer Linux kernels that return this errno.
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmD+d+0ACgkQnKSrs4Gr
 c8j+YwgAuo2jX4ugUo4DDORe2EYNYBAGAklhW/mSkwuibT2qfgUAwrXSE3gDjSXA
 RKxIusQFTiK2sov/bscr2u5pHz4HCA441qTlTOnnv6CVJNFRG5RTRnZMD+pMDSY1
 WNkG1t8hN5cUxXSzd+F7cCe9pVl0kzAuSPp7vKSZ7tTaQPAW/eD0W1/8Xaulysst
 o/64VqyEKxz3bWdr0FBfyMtEwwwVo7YGS9y6Ea4z6jJj6/r9fKA9qH2jUNcVM0rc
 2PDcb4Lfr6IO9w6dZOmcDV58u8L8ihrBlB2JAy8IK6Ow+vkBW6mYkapFHqqBHqPS
 wt2veksFYhjzCpHzG6IfEkRpZ0J1aA==
 =YOYQ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha-gitlab/tags/block-pull-request' into staging

Pull request

Phil's block/nvme.c ENOSPC fix for newer Linux kernels that return this errno.

# gpg: Signature made Mon 26 Jul 2021 09:53:01 BST
# gpg:                using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full]
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>" [full]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha-gitlab/tags/block-pull-request:
  block/nvme: Fix VFIO_MAP_DMA failed: No space left on device

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 19:19:36 +01:00
Richard Henderson
2bf07e788e tests/unit: Remove unused variable from test_io
From clang-13:
tests/unit/test-iov.c:161:26: error: variable 't' set but not used \
    [-Werror,-Wunused-but-set-variable]

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:28 -10:00
Richard Henderson
211364c21e linux-user/syscall: Remove unused variable from execve
From clang-13:
linux-user/syscall.c:8503:17: error: variable 'total_size' set but not used \
    [-Werror,-Wunused-but-set-variable]

Acked-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:28 -10:00
Richard Henderson
984178d86b hw/pci-hist/pnv_phb4: Fix typo in pnv_phb4_ioda_write
From clang-13:
hw/pci-host/pnv_phb4.c:375:18: error: variable 'v' set but not used \
    [-Werror,-Wunused-but-set-variable]

It's pretty clear that we meant to write back 'v' after
all that computation and not 'val'.

Acked-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:07 -10:00
Richard Henderson
2d758274ee hw/ppc/spapr_events: Remove unused variable from check_exception
From clang-13:
hw/ppc/spapr_events.c:937:14: error: variable 'xinfo' set but not used \
    [-Werror,-Wunused-but-set-variable]

Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:07 -10:00
Richard Henderson
79fe9e4313 hw/audio/adlib: Remove unused variable in adlib_callback
From clang-13:
hw/audio/adlib.c:189:18: error: variable 'net' set but not used \
    [-Werror,-Wunused-but-set-variable]

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:07 -10:00
Richard Henderson
fe4bd9170c net/checksum: Remove unused variable in net_checksum_add_iov
From clang-13:
../qemu/net/checksum.c:189:23: error: variable 'buf_off' set but not used \
    [-Werror,-Wunused-but-set-variable]

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:06:58 -10:00
Richard Henderson
53645dc4cb util/selfmap: Discard mapping on error
From clang-13:
util/selfmap.c:26:21: error: variable 'errors' set but not used \
    [-Werror,-Wunused-but-set-variable]

Quite right of course, but there's no reason not to check errors.

First, incrementing errors is incorrect, because qemu_strtoul
returns an errno not a count -- just or them together so that
we have a non-zero value at the end.

Second, if we have an error, do not add the struct to the list,
but free it instead.

Cc: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:06:49 -10:00
Richard Henderson
2521c775bd accel/tcg: Remove unused variable in cpu_exec
From clang-13:
accel/tcg/cpu-exec.c:783:15: error: variable 'cc' set but not used \
    [-Werror,-Wunused-but-set-variable]

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:06:49 -10:00
Richard Henderson
cd1675f8d7 nbd/server: Mark variable unused in nbd_negotiate_meta_queries
From clang-13:
nbd/server.c:976:22: error: variable 'bitmaps' set but not used \
    [-Werror,-Wunused-but-set-variable]

which is incorrect; see //bugs.llvm.org/show_bug.cgi?id=3888.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:06:25 -10:00
Mark Cave-Ayland
2f0e10a486 bitops.h: revert db1ffc32dd ("qemu/bitops.h: add bitrev8 implementation")
Commit db1ffc32dd ("qemu/bitops.h: add bitrev8 implementation") introduced
a bitrev8() function to reverse the bit ordering required for storing the
MAC address in the q800 PROM.

This function is not required since QEMU implements its own revbit8()
function which does exactly the same thing. Remove the extraneous
bitrev8() function and switch its only caller in hw/m68k/q800.c to
use revbit8() instead.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210725110557.3007-1-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 06:56:41 -10:00
Peter Maydell
c8cf47a946 accel/tcg: Remove unnecessary check on icount_extra in cpu_loop_exec_tb()
In cpu_loop_exec_tb(), we decide whether to look for a TB with
exactly insns_left instructions in it using the condition
 (!cpu->icount_extra && insns_left > 0 && insns_left < tb->icount)

The check for icount_extra == 0 is unnecessary, because we just set
  insns_left = MIN(0xffff, cpu->icount_budget);
  icount_extra = icount_budget - insns_left;
and so icount_extra can only be non-zero if icount_budget > 0xffff
and insns_left == 0xffff. But in that case insns_left >= tb->icount
because 0xffff is much larger than TCG_MAX_INSNS, so the condition
will be false anyway.

Remove the unnecessary check, and instead assert:
 * that we are only going to execute a partial TB here if the
   icount budget has run out (ie icount_extra == 0)
 * that the number of insns we're going to execute does fit into
   the CF_COUNT_MASK

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210725174405.24568-3-peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 06:56:03 -10:00
Peter Maydell
df3a2de51a accel/tcg: Don't use CF_COUNT_MASK as the max value of icount_decr.u16.low
In cpu_loop_exec_tb() we were bounding the number of insns we might
try to execute in a TB using CF_COUNT_MASK.  This is incorrect,
because we can validly put up to 0xffff into icount_decr.u16.low.  In
particular, since commit 78ff82bb1b reduced CF_COUNT_MASK to
511 this meant that we would incorrectly only try to execute 511
instructions in a 512-instruction TB, which could result in QEMU
hanging when in icount mode.

Use the actual maximum value, which is 0xffff. (This brings this code
in to line with the similar logic in icount_prepare_for_run() in
tcg-accel-ops-icount.c.)

Fixes: 78ff82bb1b
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/499
Message-Id: <20210725174405.24568-2-peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 06:55:53 -10:00
Peter Maydell
1d6f147f04 The Hexagon target was silently failing the SIGSEGV test because
the signal handler was not called.
 
 Patch 1/2 fixes the Hexagon target
 Patch 2/2 drops include qemu.h from target/hexagon/op_helper.c
 
 **** Changes in v2 ****
 Drop changes to linux-test.c due to intermittent failures on riscv
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJg/doaAAoJEHsCRPsS3kQi/gIH+gJ6GBmIb7NNDt+tRYjsnOpZ
 QgmkM/cvOBhqo+dUkxWIDXA7i7ZzytBHHG5GoplVkZjm/S+e5aEsuEyqwL6KbcK7
 kB6NvnHA3n9npf5MGcUduHlvPPzDsO7Z4SLrfwkIliiWL/AJ4FzKqEGoviWv2YnN
 k+29YDSv11B1jgXriADBJVnWtCf2CGPsF7BiKMcguZ6Bj+q+fH1cPpe2EWN8R8n2
 D+La/M5qWEC2FcWPCkrCs61Pi/cV+L4M0IA6JAEm8K+MtoDWmsCNWaVsakiNWWg+
 FRiHg45z3cCBvQ+SLQQ4SvsaQriI3M/yIKD6ABNgAfurIiTj4YbHAbeTmfEFYOs=
 =YdBn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/quic/tags/pull-hex-20210725' into staging

The Hexagon target was silently failing the SIGSEGV test because
the signal handler was not called.

Patch 1/2 fixes the Hexagon target
Patch 2/2 drops include qemu.h from target/hexagon/op_helper.c

**** Changes in v2 ****
Drop changes to linux-test.c due to intermittent failures on riscv

# gpg: Signature made Sun 25 Jul 2021 22:39:38 BST
# gpg:                using RSA key 7B0244FB12DE4422
# gpg: Good signature from "Taylor Simpson (Rock on) <tsimpson@quicinc.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3635 C788 CE62 B91F D4C5  9AB4 7B02 44FB 12DE 4422

* remotes/quic/tags/pull-hex-20210725:
  target/hexagon: Drop include of qemu.h
  Hexagon (target/hexagon) remove put_user_*/get_user_*

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 13:36:51 +01:00
Wei Wang
3143577d6a migration: clear the memory region dirty bitmap when skipping free pages
When skipping free pages to send, their corresponding dirty bits in the
memory region dirty bitmap need to be cleared. Otherwise the skipped
pages will be sent in the next round after the migration thread syncs
dirty bits from the memory region dirty bitmap.

Cc: David Hildenbrand <david@redhat.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Reported-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Wei Wang <wei.w.wang@intel.com>
Message-Id: <20210722083055.23352-1-wei.w.wang@intel.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-07-26 12:50:13 +01:00
Peter Xu
39675ffffb migration: Move the yank unregister of channel_close out
It's efficient, but hackish to call yank unregister calls in channel_close(),
especially it'll be hard to debug when qemu crashed with some yank function
leaked.

Remove that hack, but instead explicitly unregister yank functions at the
places where needed, they are:

  (on src)
  - migrate_fd_cleanup
  - postcopy_pause

  (on dst)
  - migration_incoming_state_destroy
  - postcopy_pause_incoming

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20210722175841.938739-6-peterx@redhat.com>
Reviewed-by: Lukas Straub <lukasstraub2@web.de>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-07-26 12:45:03 +01:00
Peter Xu
c6ad5be7ae migration: Teach QEMUFile to be QIOChannel-aware
migration uses QIOChannel typed qemufiles.  In follow up patches, we'll need
the capability to identify this fact, so that we can get the backing QIOChannel
from a QEMUFile.

We can also define types for QEMUFile but so far since we only need to be able
to identify QIOChannel, introduce a boolean which is simpler.

Introduce another helper qemu_file_get_ioc() to return the ioc backend of a
qemufile if has_ioc is set.

No functional change.

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20210722175841.938739-5-peterx@redhat.com>
Reviewed-by: Lukas Straub <lukasstraub2@web.de>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-07-26 12:44:59 +01:00
Peter Xu
18711405b5 migration: Introduce migration_ioc_[un]register_yank()
There're plenty of places in migration/* that checks against either socket or
tls typed ioc for yank operations.  Provide two helpers to hide all these
information.

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20210722175841.938739-4-peterx@redhat.com>
Reviewed-by: Lukas Straub <lukasstraub2@web.de>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-07-26 12:44:54 +01:00
Peter Xu
43044ac0ee migration: Make from_dst_file accesses thread-safe
Accessing from_dst_file is potentially racy in current code base like below:

  if (s->from_dst_file)
    do_something(s->from_dst_file);

Because from_dst_file can be reset right after the check in another
thread (rp_thread).  One example is migrate_fd_cancel().

Use the same qemu_file_lock to protect it too, just like to_dst_file.

When it's safe to access without lock, comment it.

There's one special reference in migration_thread() that can be replaced by
the newly introduced rp_thread_created flag.

Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Lukas Straub <lukasstraub2@web.de>
Message-Id: <20210722175841.938739-3-peterx@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
  with Peter's fixup
2021-07-26 12:44:46 +01:00
Peter Xu
53021ea165 migration: Fix missing join() of rp_thread
It's possible that the migration thread skip the join() of the rp_thread in
below race and crash on src right at finishing migration:

       migration_thread                     rp_thread
       ----------------                     ---------
    migration_completion()
                                        (before rp_thread quits)
                                        from_dst_file=NULL
                                        [thread got scheduled out]
      s->rp_state.from_dst_file==NULL
        (skip join() of rp_thread)
    migrate_fd_cleanup()
      qemu_fclose(s->to_dst_file)
      yank_unregister_instance()
        assert(yank_find_entry())  <------- crash

It could mostly happen with postcopy, but that shouldn't be required, e.g., I
think it could also trigger with MIGRATION_CAPABILITY_RETURN_PATH set.

It's suspected that above race could be the root cause of a recent (but rare)
migration-test break reported by either Dave or PMM:

https://lore.kernel.org/qemu-devel/YPamXAHwan%2FPPXLf@work-vm/

The issue is: from_dst_file is reset in the rp_thread, so if the thread reset
it to NULL fast enough then the migration thread will assume there's no
rp_thread at all.

This could potentially cause more severe issue (e.g. crash) after the yank code.

Fix it by using a boolean to keep "whether we've created rp_thread".

Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20210722175841.938739-2-peterx@redhat.com>
Reviewed-by: Lukas Straub <lukasstraub2@web.de>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-07-26 12:44:26 +01:00
Dr. David Alan Gilbert
5e32ffd346 tests/qtest/migration-test.c: use 127.0.0.1 instead of 0
OpenBSD doesn't like :0 as an address, switch to using 127.0.0.1
in baddest; it's really testing the :0 port number that isn't allowed
on anything.

(The test doesn't currently run anyway because of the userfault
problem that Peter noticed, but this gets us closer to being able to
reenable it)

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20210719185217.122105-1-dgilbert@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-07-26 12:17:16 +01:00
Peter Maydell
34fd92ab41 Doc, metadata, plugin and testing updates for 6.1-rc1:
- git ignore some file editor detritus
   - add overview on device emulation terminology
   - remove needless if leg in configure custom devices logic
   - numerous gitdm/mailmap updates
   - fix plugin_exit race for linux-user
   - fix a few bugs in cache modelling plugin
   - fix plugin calculation of physical address
   - handle pure assembler/linker tcg tests outside of docker
   - add tricore build to gitlab
   - remove superfluous MacOSX task
   - generalise the OpenBSI gitlab rules
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmD67ioACgkQ+9DbCVqe
 KkTKcwf/UlEl2wlYrvymoJy7caasD/UrlNwpaK90zRTxuofJjG2bXX/58EGBlgxe
 cjbX3841702HXAFDxzswmWX3yeXQVgNiXrEy5FapB7L3h/qC/BDVS4pz987TITNW
 b4lw/d05bQVGavcdJXPnX0CdV8IK4hpieDkdh/LGj5+CSAC39jvyVGTYBpfLKl8D
 cps5qcJcJuQjz4hatB1haZOV1WHLyw8KI0srfcEqkh3IImZFZ09frs3qqAxrYRqE
 Y62d7SIN5TX1XgWuTaf1mmaMVmbNi9DTdCxWpGYr4ZBLhhzKeljQvKbF45ZGQ0z9
 eBVBdxGJTX/WAKrimcbHxLo43pCo2Q==
 =7vzj
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stsquad/tags/pull-for-6.1-rc1-230721-1' into staging

Doc, metadata, plugin and testing updates for 6.1-rc1:

  - git ignore some file editor detritus
  - add overview on device emulation terminology
  - remove needless if leg in configure custom devices logic
  - numerous gitdm/mailmap updates
  - fix plugin_exit race for linux-user
  - fix a few bugs in cache modelling plugin
  - fix plugin calculation of physical address
  - handle pure assembler/linker tcg tests outside of docker
  - add tricore build to gitlab
  - remove superfluous MacOSX task
  - generalise the OpenBSI gitlab rules

# gpg: Signature made Fri 23 Jul 2021 17:28:26 BST
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8  DF35 FBD0 DB09 5A9E 2A44

* remotes/stsquad/tags/pull-for-6.1-rc1-230721-1: (28 commits)
  gitlab-ci: Extract OpenSBI job rules to reusable section
  gitlab-ci: Remove the second superfluous macos task
  gitlab: enable a very minimal build with the tricore container
  tests/tcg/configure.sh: add handling for assembler only builds
  plugins: Fix physical address calculation for IO regions
  plugins/cache: Fixed "function decl. is not a prototype" warnings
  plugins/cache: limited the scope of a mutex lock
  plugins/cache: Fixed a bug with destroying FIFO metadata
  tcg/plugins: implement a qemu_plugin_user_exit helper
  contrib/gitdm: add more individual contributor entries.
  contrib/gitdm: add a new interns group-map for GSoC/Outreachy work
  contrib/gitdm: add an explicit academic entry for BU
  contrib/gitdm: add group-map for Netflix
  contrib/gitdm: add domain-map for NVIDIA
  contrib/gitdm: add domain-map for Crudebyte
  contrib/gitdm: un-ironically add a mapping for LWN
  contrib/gitdm: add domain-map/group-map for Wind River
  contrib/gitdm: add domain-map for Eldorado
  contrib/gitdm: add domain-map/group-map mappings for Samsung
  gitdm.config: sort the corporate GroupMap entries
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 11:00:15 +01:00
Philippe Mathieu-Daudé
15a730e7a3 block/nvme: Fix VFIO_MAP_DMA failed: No space left on device
When the NVMe block driver was introduced (see commit bdd6a90a9e,
January 2018), Linux VFIO_IOMMU_MAP_DMA ioctl was only returning
-ENOMEM in case of error. The driver was correctly handling the
error path to recycle its volatile IOVA mappings.

To fix CVE-2019-3882, Linux commit 492855939bdb ("vfio/type1: Limit
DMA mappings per container", April 2019) added the -ENOSPC error to
signal the user exhausted the DMA mappings available for a container.

The block driver started to mis-behave:

  qemu-system-x86_64: VFIO_MAP_DMA failed: No space left on device
  (qemu)
  (qemu) info status
  VM status: paused (io-error)
  (qemu) c
  VFIO_MAP_DMA failed: No space left on device
  (qemu) c
  VFIO_MAP_DMA failed: No space left on device

(The VM is not resumable from here, hence stuck.)

Fix by handling the new -ENOSPC error (when DMA mappings are
exhausted) without any distinction to the current -ENOMEM error,
so we don't change the behavior on old kernels where the CVE-2019-3882
fix is not present.

An easy way to reproduce this bug is to restrict the DMA mapping
limit (65535 by default) when loading the VFIO IOMMU module:

  # modprobe vfio_iommu_type1 dma_entry_limit=666

Cc: qemu-stable@nongnu.org
Cc: Fam Zheng <fam@euphon.net>
Cc: Maxim Levitsky <mlevitsk@redhat.com>
Cc: Alex Williamson <alex.williamson@redhat.com>
Reported-by: Michal Prívozník <mprivozn@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20210723195843.1032825-1-philmd@redhat.com
Fixes: bdd6a90a9e ("block: Add VFIO based NVMe driver")
Buglink: https://bugs.launchpad.net/qemu/+bug/1863333
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/65
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-07-26 09:38:12 +01:00
Volker Rümelin
584af1f1d9 ui/gtk: add a keyboard fifo to the VTE consoles
Since commit 8eb13bbbac ("ui/gtk: vte: fix sending multiple
characeters") it's very easy to lock up QEMU with the GTK ui.
If you configure a guest with a serial device and the guest
doesn't listen on this device, QEMU will lock up after
entering two characters in the serial console. That's because
current code uses a busy loop for the chardev write retries
and the busy loop doesn't terminate in this case.

To fix this problem add a fifo to the VTE consoles and use the
chr_accept_input() callback function to write the remaining
characters in the queue to the chardev.

The fifo has a size of 4096 bytes, so one can copy and paste
a fairly large URL or file path.

Fixes: 8eb13bbbac ("ui/gtk: vte: fix sending multiple characeters")
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20210725165039.5242-1-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-07-26 10:24:49 +02:00
Akihiko Odaki
d4a1210480 ui: update keycodemapdb submodule commit
The change of ui/keycodemapdb effective on QEMU is only commit
d21009b1c9f94b740ea66be8e48a1d8ad8124023, which adds mappings for key
codes added in commit d7696ff884.

d21009b1c9f94b740ea66be8e48a1d8ad8124023 Add QEMU QKeyCode "lang1" and "lang2"
320f92c36a80bfafc5d57834592a7be5fd79f104 rust: fix cargo clippy
e62d42f0fd76f7bb8bf78385a83c060e66ff52b0 tests: add rust test
3e25e1ca1772fc3f2039f739f8f920450dc68e50 gen: add --lang rust
9133a0b8022d1fb063a81cc2ba3b627c14ccdfd1 tests: fix argument order

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Message-Id: <20210705075912.2280-1-akihiko.odaki@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-07-26 10:24:49 +02:00
Akihiko Odaki
40a9aadbc9 ui/cocoa: Fix the type of main's argv
Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210708165619.29299-1-akihiko.odaki@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-07-26 10:24:49 +02:00
Akihiko Odaki
074c0653c2 ui/egl-headless: Remove a check for CONFIG_OPENGL
ui/egl-headless is only built when CONFIG_OPENGL is defined because it
depends on CONFIG_OPENGL without condition. Remove a redundant
conditonal in ui/egl-headless.c

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20210714055646.85952-1-akihiko.odaki@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-07-26 10:24:49 +02:00
Akihiko Odaki
9a6c69d389 ui/spice: Use HAVE_SPICE_GL for OpenGL checks
Some code in ui/spice used CONFIG_OPENGL for OpenGL conditionals, but
SPICE also depends on CONFIG_GBM and SPICE server whose version is
0.13.1 or later for OpenGL. Always use HAVE_SPICE_GL, which defines the
precise condition.

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20210714055735.86050-1-akihiko.odaki@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-07-26 10:24:49 +02:00
Dennis Wölfing
cd6c768f6a ui/gtk: Fix relative mouse with multiple monitors
To handle relative mouse input the event handler needs to move the mouse
away from the screen edges. Failing to do so results in the mouse
getting stuck at invisible walls. However the current implementation for
this is broken on hosts with multiple monitors.

With multiple monitors the mouse can be located outside of the current
monitor which is not handled by the current code. Also the monitor
itself might be located at coordinates different from (0, 0).

Signed-off-by: Dennis Wölfing <denniswoelfing@gmx.de>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20210720143940.291413-1-denniswoelfing@gmx.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-07-26 10:24:49 +02:00
Peter Maydell
a2376507f6 Bugfixes.
-----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmD7rwYUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroPukQf/RzEvwGEv2iafRcR7SjPflrGviUNJ
 ckiAiOIkEi17Ff/39m+nK6e3GNVgZeRTOvDUP2mMoVtOP2idIt/oPcNRXE4zhF3F
 hzrJkbeHusatkgSnfNdCXoXYqyadiZs7coWjwDhEjV4ks+eODt0L01NWDh3kZ2Sd
 NCyazWvxRET6LpX2mnhu+B6e+TEKNIke+rhisKvk+rfp61IML2hadcpcSt1USj4O
 aIj3hANRe2ZjUnB7Z10iyqahjblOwyhwcDwHGlidJEpt3/c0MWjJ7AOFaRauHbej
 C7wULX15/1limjW0l2WnqjwOF2SjV4WoZLf3gzm3LC2o7A0pwGm1Cdlsvg==
 =TrLY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

Bugfixes.

# gpg: Signature made Sat 24 Jul 2021 07:11:18 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream:
  qom: use correct field name when getting/setting alias properties
  qapi: introduce forwarding visitor
  gitlab: only let pages be published from default branch
  MAINTAINERS: Add memory_mapping.h and memory_mapping.c to "Memory API"
  MAINTAINERS: Add Peter Xu and myself as co-maintainer of "Memory API"
  MAINTAINERS: Replace Eduardo as "Host Memory Backends" maintainer
  i386: do not call cpudef-only models functions for max, host, base
  target/i386: Added consistency checks for CR3
  meson: fix dependencies for modinfo #2

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-24 11:04:57 +01:00
Philippe Mathieu-Daudé
0a9487d80a gitlab-ci: Extract OpenSBI job rules to reusable section
All jobs depending on 'docker-opensbi' job must use at most all
the rules that triggers it. The simplest way to ensure that
is to always use the same rules. Extract all the rules to a
reusable section, and include this section (with the 'extends'
keyword) in both 'docker-opensbi' and 'build-opensbi' jobs.

The problem was introduced in commit c6fc0fc1a7 ("gitlab-ci.yml:
Add jobs to build OpenSBI firmware binaries"), but was revealed in
commit 91e9c47e50 ("docker: OpenSBI build job depends on OpenSBI
container").

This fix is similar to the one used with the EDK2 firmware job in
commit ac0595cf6b ("gitlab-ci: Extract EDK2 job rules to reusable
section").

Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-Id: <20210720164829.3949558-1-philmd@redhat.com>
Message-Id: <20210720232703.10650-30-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00
Thomas Huth
e90c3c3c87 gitlab-ci: Remove the second superfluous macos task
While there might have been bigger differnces between the -base and
the -xcode images in the beginning, they almost vanished in the
current builds, e.g. when comparing the output of the "configure"
step after cleaning up the differences due to temporary path names,
I only get:

  $ diff -u /tmp/base.txt /tmp/xcode.txt
  --- /tmp/base.txt	2021-07-16 09:16:24.211427940 +0200
  +++ /tmp/xcode.txt	2021-07-16 09:16:43.029684274 +0200
  @@ -19,14 +19,14 @@
   Build type: native build
   Project name: qemu
   Project version: 6.0.50
  -C compiler for the host machine: cc (clang 12.0.0 "Apple clang version 12.0.0 (clang-1200.0.32.29)")
  +C compiler for the host machine: cc (clang 12.0.0 "Apple clang version 12.0.0 (clang-1200.0.32.28)")
   C linker for the host machine: cc ld64 609.8
   Host machine cpu family: x86_64
   Host machine cpu: x86_64
   Program sh found: YES (/bin/sh)
   Program python3 found: YES (/usr/local/opt/python@3.9/bin/python3.9)
   Program bzip2 found: YES (/usr/bin/bzip2)
  -C++ compiler for the host machine: c++ (clang 12.0.0 "Apple clang version 12.0.0 (clang-1200.0.32.29)")
  +C++ compiler for the host machine: c++ (clang 12.0.0 "Apple clang version 12.0.0 (clang-1200.0.32.28)")
   C++ linker for the host machine: c++ ld64 609.8
   Objective-C compiler for the host machine: clang (clang 12.0.0)
   Objective-C linker for the host machine: clang ld64 609.8

Since we're not using Xcode itself at all, it seems like it does not
make much sense anymore to waste compute cycles with two images here.
Thus let's delete the -xcode job now.

[AJB: fix up commit formatting which trips up b4]

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210719073051.1559348-1-thuth@redhat.com>
Message-Id: <20210720232703.10650-29-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00
Alex Bennée
39ce923732 gitlab: enable a very minimal build with the tricore container
Rather than base of the shared Debian 10 container which would require
us to bring in even more dependencies just bring in what is needed for
building tricore-softmmu in GitLab. We don't even remove the container
from the DOCKER_PARTIAL_IMAGES lest we cause more confusion.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-Id: <20210720232703.10650-28-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00
Alex Bennée
c56f1ee668 tests/tcg/configure.sh: add handling for assembler only builds
Up until this point we only handled local compilers or assumed we had
everything in the container. This falls down when we are building QEMU
inside the container.

This special handling only affects tricore for now but I put it in a
case just in case we add any other "special" targets. Setting
CROSS_CC_GUEST is a bit of a hack just to ensure the test runs as we
gate on a detected compiler even though the Makefile won't actually
use it. It also means we display something sane in the configure
output.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210720232703.10650-27-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00
Aaron Lindsay
2da42253ef plugins: Fix physical address calculation for IO regions
The address calculation for IO regions introduced by

commit 787148bf92
Author: Aaron Lindsay <aaron@os.amperecomputing.com>
    plugins: Expose physical addresses instead of device offsets

is not always accurate. Use the more correct
MemoryRegionSection.offset_within_address_space.

Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210720195735.3934473-1-aaron@os.amperecomputing.com>
Message-Id: <20210720232703.10650-25-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00
Mahmoud Mandour
c2888a679d plugins/cache: Fixed "function decl. is not a prototype" warnings
Signed-off-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210714172151.8494-7-ma.mandourr@gmail.com>
Message-Id: <20210720232703.10650-24-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00
Mahmoud Mandour
072c444b0d plugins/cache: limited the scope of a mutex lock
It's not necessary to lock the address translation portion of the
vcpu_mem_access callback.

Signed-off-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210714172151.8494-3-ma.mandourr@gmail.com>
Message-Id: <20210720232703.10650-23-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00
Mahmoud Mandour
de9fc40f36 plugins/cache: Fixed a bug with destroying FIFO metadata
This manifests itself when associativity degree is greater than the
number of sets and FIFO is used, otherwise it's also a memory leak
whenever FIFO was used.

Signed-off-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210714172151.8494-2-ma.mandourr@gmail.com>
Message-Id: <20210720232703.10650-22-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00
Alex Bennée
f7e68c9c99 tcg/plugins: implement a qemu_plugin_user_exit helper
In user-mode emulation there is a small race between preexit_cleanup
and exit_group() which means we may end up calling instrumented
instructions before the kernel reaps child threads. To solve this we
implement a new helper which ensures the callbacks are flushed along
with any translations before we let the host do it's a thing.

While we are at it make the documentation of
qemu_plugin_register_atexit_cb clearer as to what the user can expect.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Acked-by: Warner Losh <imp@bsdimp.com>
Message-Id: <20210720232703.10650-21-alex.bennee@linaro.org>
2021-07-23 17:22:16 +01:00