Commit Graph

97713 Commits

Author SHA1 Message Date
Richard Henderson
f6cce6bcb2 target-arm queue:
* Update Coverity component definitions
  * target/arm: Add MO_128 entry to pred_esz_masks[]
  * configure: Fix portability issues
  * hw/display/bcm2835_fb: Fix framebuffer allocation address
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmLgBfkZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3vFdD/wLVC2gJ4Uxt2Ri5vutF6fl
 RKTNiIhcE/XQNUogQiVIERYJJ9CUOALtg3q/SPCItq0nFgNG4h+sB7Ms+VcYVmNd
 iphbYBF4nFXYsAGlYIiAPU4I5SVnL4ORLMovRmlqMGYO/xlWe4LMIIOI+Iky4z9G
 pgho7n0yuKNPwikFdX1nKH2lYvoh9pn/p8buwre4qg6z/p4XssV295NAWeGvynab
 Sj9cmBvQC9ijKADvWXrfaGbHWQCAOwjRI7su/Ky0QGHjEprBpyCC8QtKEPP0flTh
 ffWCPX/pATwkbOH6m7rVFhIpI0r+6UQaDX/5SWruMNRto6WocNbX3JYT4XzdNln9
 nkVTgqn5PTzfd801RmfhJ/iGV2zf3ZE/Entj3n1RrpxI1gb56Q2tFghJNVgnL4Mq
 eBeODhPUJRqOd2dIcFKQbRhQs4Uaonu4V6QM+F7SekdV7VbU5VbJzB/9IvCkpNJo
 TqHDLp3makEabonal2gucmhxon7+C+4NXv+YMzTQbG2g/lVa4kmXehEA5BDcFScE
 XYKBEXkWsabV2IRVaZybu+0qkD+2PNtWQP3iAqOX8RPCGKieu4fbDTbzaPJAPNTb
 OBgDnzO3tukwI1upHQDIuO06poGfwMjJGKR4IZgCphTzNO7AtzUBFR96wmoaJGfq
 t7VO2lnKf5tGPifFTi/egg==
 =SWMq
 -----END PGP SIGNATURE-----

Merge tag 'pull-target-arm-20220726' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * Update Coverity component definitions
 * target/arm: Add MO_128 entry to pred_esz_masks[]
 * configure: Fix portability issues
 * hw/display/bcm2835_fb: Fix framebuffer allocation address

# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmLgBfkZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3vFdD/wLVC2gJ4Uxt2Ri5vutF6fl
# RKTNiIhcE/XQNUogQiVIERYJJ9CUOALtg3q/SPCItq0nFgNG4h+sB7Ms+VcYVmNd
# iphbYBF4nFXYsAGlYIiAPU4I5SVnL4ORLMovRmlqMGYO/xlWe4LMIIOI+Iky4z9G
# pgho7n0yuKNPwikFdX1nKH2lYvoh9pn/p8buwre4qg6z/p4XssV295NAWeGvynab
# Sj9cmBvQC9ijKADvWXrfaGbHWQCAOwjRI7su/Ky0QGHjEprBpyCC8QtKEPP0flTh
# ffWCPX/pATwkbOH6m7rVFhIpI0r+6UQaDX/5SWruMNRto6WocNbX3JYT4XzdNln9
# nkVTgqn5PTzfd801RmfhJ/iGV2zf3ZE/Entj3n1RrpxI1gb56Q2tFghJNVgnL4Mq
# eBeODhPUJRqOd2dIcFKQbRhQs4Uaonu4V6QM+F7SekdV7VbU5VbJzB/9IvCkpNJo
# TqHDLp3makEabonal2gucmhxon7+C+4NXv+YMzTQbG2g/lVa4kmXehEA5BDcFScE
# XYKBEXkWsabV2IRVaZybu+0qkD+2PNtWQP3iAqOX8RPCGKieu4fbDTbzaPJAPNTb
# OBgDnzO3tukwI1upHQDIuO06poGfwMjJGKR4IZgCphTzNO7AtzUBFR96wmoaJGfq
# t7VO2lnKf5tGPifFTi/egg==
# =SWMq
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 26 Jul 2022 08:19:21 AM PDT
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]

* tag 'pull-target-arm-20220726' of https://git.linaro.org/people/pmaydell/qemu-arm:
  hw/display/bcm2835_fb: Fix framebuffer allocation address
  configure: Avoid '==' bashism
  configure: Drop dead code attempting to use -msmall-data on alpha hosts
  configure: Don't use bash-specific string-replacement syntax
  configure: Add braces to clarify intent of $emu[[:space:]]
  configure: Add missing POSIX-required space
  target/arm: Add MO_128 entry to pred_esz_masks[]
  scripts/coverity-scan/COMPONENTS.md: Update slirp component info
  scripts/coverity-scan/COMPONENTS.md: Add loongarch component

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-07-26 08:32:01 -07:00
Joao Martins
b3e6982b41 i386/pc: restrict AMD only enforcing of 1Tb hole to new machine type
The added enforcing is only relevant in the case of AMD where the
range right before the 1TB is restricted and cannot be DMA mapped
by the kernel consequently leading to IOMMU INVALID_DEVICE_REQUEST
or possibly other kinds of IOMMU events in the AMD IOMMU.

Although, there's a case where it may make sense to disable the
IOVA relocation/validation when migrating from a
non-amd-1tb-aware qemu to one that supports it.

Relocating RAM regions to after the 1Tb hole has consequences for
guest ABI because we are changing the memory mapping, so make
sure that only new machine enforce but not older ones.

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-12-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
8504f12945 i386/pc: relocate 4g start to 1T where applicable
It is assumed that the whole GPA space is available to be DMA
addressable, within a given address space limit, except for a
tiny region before the 4G. Since Linux v5.4, VFIO validates
whether the selected GPA is indeed valid i.e. not reserved by
IOMMU on behalf of some specific devices or platform-defined
restrictions, and thus failing the ioctl(VFIO_DMA_MAP) with
 -EINVAL.

AMD systems with an IOMMU are examples of such platforms and
particularly may only have these ranges as allowed:

        0000000000000000 - 00000000fedfffff (0      .. 3.982G)
        00000000fef00000 - 000000fcffffffff (3.983G .. 1011.9G)
        0000010000000000 - ffffffffffffffff (1Tb    .. 16Pb[*])

We already account for the 4G hole, albeit if the guest is big
enough we will fail to allocate a guest with  >1010G due to the
~12G hole at the 1Tb boundary, reserved for HyperTransport (HT).

[*] there is another reserved region unrelated to HT that exists
in the 256T boundary in Fam 17h according to Errata #1286,
documeted also in "Open-Source Register Reference for AMD Family
17h Processors (PUB)"

When creating the region above 4G, take into account that on AMD
platforms the HyperTransport range is reserved and hence it
cannot be used either as GPAs. On those cases rather than
establishing the start of ram-above-4g to be 4G, relocate instead
to 1Tb. See AMD IOMMU spec, section 2.1.2 "IOMMU Logical
Topology", for more information on the underlying restriction of
IOVAs.

After accounting for the 1Tb hole on AMD hosts, mtree should
look like:

0000000000000000-000000007fffffff (prio 0, i/o):
         alias ram-below-4g @pc.ram 0000000000000000-000000007fffffff
0000010000000000-000001ff7fffffff (prio 0, i/o):
        alias ram-above-4g @pc.ram 0000000080000000-000000ffffffffff

If the relocation is done or the address space covers it, we
also add the the reserved HT e820 range as reserved.

Default phys-bits on Qemu is TCG_PHYS_ADDR_BITS (40) which is enough
to address 1Tb (0xff ffff ffff). On AMD platforms, if a
ram-above-4g relocation is attempted and the CPU wasn't configured
with a big enough phys-bits, an error message will be printed
due to the maxphysaddr vs maxusedaddr check previously added.

Suggested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-11-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
1caab5cf86 i386/pc: bounds check phys-bits against max used GPA
Calculate max *used* GPA against the CPU maximum possible address
and error out if the former surprasses the latter. This ensures
max used GPA is reacheable by configured phys-bits. Default phys-bits
on Qemu is TCG_PHYS_ADDR_BITS (40) which is enough for the CPU to
address 1Tb (0xff ffff ffff) or 1010G (0xfc ffff ffff) in AMD hosts
with IOMMU.

This is preparation for AMD guests with >1010G, where it will want relocate
ram-above-4g to be after 1Tb instead of 4G.

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-10-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
8288a8286d i386/pc: factor out device_memory base/size to helper
Move obtaining hole64_start from device_memory memory region base/size
into an helper alongside correspondent getters in pc_memory_init() when
the hotplug range is unitialized. While doing that remove the memory
region based logic from this newly added helper.

This is the final step that allows pc_pci_hole64_start() to be callable
at the beginning of pc_memory_init() before any memory regions are
initialized.

Cc: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-9-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
1065b21993 i386/pc: handle unitialized mr in pc_get_cxl_range_end()
Remove pc_get_cxl_range_end() dependency on the CXL memory region,
and replace with one that does not require the CXL host_mr to determine
the start of CXL start.

This in preparation to allow pc_pci_hole64_start() to be called early
in pc_memory_init(), handle CXL memory region end when its underlying
memory region isn't yet initialized.

Cc: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Message-Id: <20220719170014.27028-8-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
42bed07127 i386/pc: factor out cxl range start to helper
Factor out the calculation of the base address of the memory region.
It will be used later on for the cxl range end counterpart calculation
and as well in pc_memory_init() CXL memory region initialization, thus
avoiding duplication.

Cc: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-7-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
55668e409b i386/pc: factor out cxl range end to helper
Move calculation of CXL memory region end to separate helper.

This is in preparation to a future change that removes CXL range
dependency on the CXL memory region, with the goal of allowing
pc_pci_hole64_start() to be called before any memory region are
initialized.

Cc: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-6-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
5ff62e2afe i386/pc: factor out above-4g end to an helper
There's a couple of places that seem to duplicate this calculation
of RAM size above the 4G boundary. Move all those to a helper function.

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-5-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
c48eb7a4e8 i386/pc: pass pci_hole64_size to pc_memory_init()
Use the pre-initialized pci-host qdev and fetch the
pci-hole64-size into pc_memory_init() newly added argument.
Use PCI_HOST_PROP_PCI_HOLE64_SIZE pci-host property for
fetching pci-hole64-size.

This is in preparation to determine that host-phys-bits are
enough and for pci-hole64-size to be considered to relocate
ram-above-4g to be at 1T (on AMD platforms).

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-4-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
4876778749 i386/pc: create pci-host qdev prior to pc_memory_init()
At the start of pc_memory_init() we usually pass a range of
0..UINT64_MAX as pci_memory, when really its 2G (i440fx) or
32G (q35). To get the real user value, we need to get pci-host
passed property for default pci_hole64_size. Thus to get that,
create the qdev prior to memory init to better make estimations
on max used/phys addr.

This is in preparation to determine that host-phys-bits are
enough and also for pci-hole64-size to be considered to relocate
ram-above-4g to be at 1T (on AMD platforms).

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-3-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Joao Martins
4ab4c33014 hw/i386: add 4g boundary start to X86MachineState
Rather than hardcoding the 4G boundary everywhere, introduce a
X86MachineState field @above_4g_mem_start and use it
accordingly.

This is in preparation for relocating ram-above-4g to be
dynamically start at 1T on AMD platforms.

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220719170014.27028-2-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Jonathan Cameron
cb70b7e871 hw/cxl: Fix size of constant in interleave granularity function.
Whilst the interleave granularity is always small enough that this isn't
a real problem (much less than 4GiB) let's change the constant
to ULL to fix the coverity warning.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Fixes: 829de299d1 ("hw/cxl/component: Add utils for interleave parameter encoding/decoding")
Fixes: Coverity CID 1488868
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20220701132300.2264-4-Jonathan.Cameron@huawei.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Jonathan Cameron
4a447a710c hw/i386/pc: Always place CXL Memory Regions after device_memory
Previously broken_reserved_end was taken into account, but Igor Mammedov
identified that this could lead to a clash between potential RAM being
mapped in the region and CXL usage. Hence always add the size of the
device_memory memory region.  This only affects the case where the
broken_reserved_end flag was set.

Fixes: 6e4e3ae936 ("hw/cxl/component: Implement host bridge MMIO (8.2.5, table 142)")
Reported-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20220701132300.2264-3-Jonathan.Cameron@huawei.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Jonathan Cameron
71a5f07e75 hw/machine: Clear out left over CXL related pointer from move of state handling to machines.
This got left behind in the move of the CXL setup code from core
files to the machines that support it.

Link: 1ebf9001fb
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20220701132300.2264-2-Jonathan.Cameron@huawei.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:40:58 -04:00
Robert Hoo
e4bcec0c3c acpi/nvdimm: Define trace events for NVDIMM and substitute nvdimm_debug()
Signed-off-by: Robert Hoo <robert.hu@linux.intel.com>
Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
Message-Id: <20220704085852.330005-1-robert.hu@linux.intel.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-07-26 10:37:46 -04:00
Alan Jian
5865d99fe8 hw/display/bcm2835_fb: Fix framebuffer allocation address
This patch fixes the dedicated framebuffer mailbox interface by
removing an unneeded offset.  This means that we pick the framebuffer
address in the same way that we do if the guest code uses the buffer
allocate mechanism of the bcm2835_property interface (case
0x00040001: /* Allocate buffer */ in bcm2835_property.c).

The documentation of this mailbox interface doesn't say anything
about using parts of the request buffer address to affect the
chosen framebuffer address:
https://github.com/raspberrypi/firmware/wiki/Mailbox-framebuffer-interface

Some baremetal applications like the Screen01/Screen02 examples from
Baking Pi tutorial[1] didn't work before this patch.

[1] https://www.cl.cam.ac.uk/projects/raspberrypi/tutorials/os/screen01.html

Signed-off-by: Alan Jian <alanjian85@outlook.com>
Message-id: 20220725145838.8412-1-alanjian85@outlook.com
[PMM: tweaked commit message]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-26 14:09:44 +01:00
Peter Maydell
c5cfdabaf5 configure: Avoid '==' bashism
The '==' operator to test is a bashism; the standard way to copmare
strings is '='. This causes dash to complain:

../../configure: 681: test: linux: unexpected operator

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20220720152631.450903-6-peter.maydell@linaro.org
2022-07-26 13:42:04 +01:00
Peter Maydell
aca5001dab configure: Drop dead code attempting to use -msmall-data on alpha hosts
In commit 823eb01345 we moved the setting of ARCH from configure
to meson.build, but we accidentally left behind one attempt to use
$ARCH in configure, which was trying to add -msmall-data to the
compiler flags on Alpha hosts.  Since ARCH is now never set, the test
always fails and we never add the flag.

There isn't actually any need to use this compiler flag on Alpha:
the original intent was that it would allow us to simplify our TCG
codegen on that platform, but we never actually made the TCG changes
that would rely on -msmall-data.

Drop the effectively-dead code from configure, as we don't need it.

This was spotted by shellcheck:

In ./configure line 2254:
case "$ARCH" in
      ^---^ SC2153: Possible misspelling: ARCH may not be assigned, but arch is.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20220720152631.450903-5-peter.maydell@linaro.org
2022-07-26 13:42:04 +01:00
Peter Maydell
65842b03d1 configure: Don't use bash-specific string-replacement syntax
The variable string-replacement syntax ${var/old/new} is a bashism
(though it is also supported by some other shells), and for instance
does not work with the NetBSD /bin/sh, which complains:
 ../src/configure: 687: Syntax error: Bad substitution

Replace it with a more portable sed-based approach, similar to
what we already do in quote_sh().

Note that shellcheck also diagnoses this:

In ./configure line 687:
    e=${e/'\'/'\\'}
      ^-----------^ SC2039: In POSIX sh, string replacement is undefined.
           ^-- SC1003: Want to escape a single quote? echo 'This is how it'\''s done'.
                ^-- SC1003: Want to escape a single quote? echo 'This is how it'\''s done'.

In ./configure line 688:
    e=${e/\"/'\"'}
      ^----------^ SC2039: In POSIX sh, string replacement is undefined.

Fixes: 8154f5e64b ("meson: Prefix each element of firmware path")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-id: 20220720152631.450903-4-peter.maydell@linaro.org
2022-07-26 13:42:04 +01:00
Peter Maydell
d466d416ed configure: Add braces to clarify intent of $emu[[:space:]]
In shell script syntax, $var[something] is not special for variable
expansion: $var is expanded.  However, as it can look as if it were
intended to be an array element access (the correct syntax for which
is ${var[something]}), shellcheck recommends using explicit braces
around ${var} to clarify the intended expansion.

This fixes the warning:

In ./configure line 2346:
        if "$target_ld" -verbose 2>&1 | grep -q "^[[:space:]]*$emu[[:space:]]*$"; then
                                                              ^-- SC1087: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20220720152631.450903-3-peter.maydell@linaro.org
2022-07-26 13:40:44 +01:00
Peter Maydell
35a7a6fc56 configure: Add missing POSIX-required space
In commit 7d7dbf9dc1 we added a line to the configure script
which is not valid POSIX shell syntax, because it is missing a space
after a '!' character. shellcheck diagnoses this:

if !(GIT="$git" "$source_path/scripts/git-submodule.sh" "$git_submodules_action" "$git_submodules"); then
    ^-- SC1035: You are missing a required space after the !.

and the OpenBSD shell will not correctly handle this without the space.

Fixes: 7d7dbf9dc1 ("configure: replace --enable/disable-git-update with --with-git-submodules")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 20220720152631.450903-2-peter.maydell@linaro.org
2022-07-26 13:40:44 +01:00
Peter Maydell
fca75f60ab target/arm: Add MO_128 entry to pred_esz_masks[]
In commit 7390e0e9ab, we added support for SME loads and stores.
Unlike SVE loads and stores, these include handling of 128-bit
elements.  The SME load/store functions call down into the existing
sve_cont_ldst_elements() function, which uses the element size MO_*
value as an index into the pred_esz_masks[] array.  Because this code
path now has to handle MO_128, we need to add an extra element to the
array.

This bug was spotted by Coverity because it meant we were reading off
the end of the array.

Resolves: Coverity CID 1490539, 1490541, 1490543, 1490544, 1490545,
 1490546, 1490548, 1490549, 1490550, 1490551, 1490555, 1490557,
 1490558, 1490560, 1490561, 1490563
Fixes: 7390e0e9ab ("target/arm: Implement SME LD1, ST1")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220718100144.3248052-1-peter.maydell@linaro.org
2022-07-26 13:38:23 +01:00
Peter Maydell
02b7035d15 scripts/coverity-scan/COMPONENTS.md: Update slirp component info
Update the regex for the slirp component now that it lives
solely inside /slirp/, and note that it should be ignored in
Coverity analysis (because it's a separate upstream project
now, and they run Coverity on it themselves).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20220718142310.16013-3-peter.maydell@linaro.org
2022-07-26 13:37:44 +01:00
Peter Maydell
32226db011 scripts/coverity-scan/COMPONENTS.md: Add loongarch component
Add the component regex for the new loongarch target.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20220718142310.16013-2-peter.maydell@linaro.org
2022-07-26 13:37:44 +01:00
Peter Maydell
d1c912b816 linux-user pull request 20220726
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAmLft30SHGxhdXJlbnRA
 dml2aWVyLmV1AAoJEPMMOL0/L748/OcP/1JBgyZdkSqHCJmpxvj9VALSPhGu6d/e
 i3+FS7rBS7tZyVyoKHn8nNTZ8xHPWU7tucYWhhoCSxO/eLQny9NWrl11Z8hjoaUt
 rjaJFxa26dwpOUaeUQpN5DdAY1pUZBmmPnlgkLz4vUnfLsWFkV6QGP7G//65eS7V
 xMcfrsdtBUrklH/rBx/1CO/Z99poZXRVZPz6bGtFkhwMJCRyVcNc+y1eNfvgN+Tp
 ZpxcRETDdQsp3/z5n5GWZs41tJwhDOlgV2FeCnsy2i4j+egj/Dt3UlD9zednng3B
 CzCwhs/RVTruF140XiQeleBdEqAr46Nc6377oTgT1vkBNmXNSdk8O0ntYQEBpOFp
 ixA91oZjOBFhbKTsRLB9AkaNpbbx1O6ellwcofDeniBpdQ1/KxLU/mWRMr4CJO0l
 Ma4udBdsR+QkwHSrRMlUC4JPRSRb4sv1BAMkOxHSVgfvmhmU6VQjIH4qTST5wRnJ
 nByE1/m/xSfC7LQrehkKVb8Fqh0zyrK33KsCQYqxlWJWWlca4vcueoGduCgGm0G+
 XpcZ+OwhwczxU2MxdnYIDYEK7oquu/H9KWo7LzsylDGYlD2PNtz0h81YHeX7eIHc
 OP1wgVFvyl2IzKDyWBbhN7JsbV+XLSiMywuB48yAUs0s2BVFF/uogwcwo2loxetF
 /0+CP3cS37G9
 =txLL
 -----END PGP SIGNATURE-----

Merge tag 'linux-user-for-7.1-pull-request' of https://gitlab.com/laurent_vivier/qemu into staging

linux-user pull request 20220726

# gpg: Signature made Tue 26 Jul 2022 10:44:29 BST
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* tag 'linux-user-for-7.1-pull-request' of https://gitlab.com/laurent_vivier/qemu:
  linux-user: Use target abi_int type for pipefd[1] in pipe()
  linux-user: Unconditionally use pipe2() syscall
  linux-user/hppa: Fix segfaults on page zero

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-26 13:29:26 +01:00
Peter Maydell
0d0275c31f -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJi36ocAAoJEO8Ells5jWIRuOYH/jtaDNGTBs/h8A041gQaCMmw
 jufUXHCdKGgmZMpJ/AoCUWx4USdx8hEGSt/j4kvSmIPX+VLuCfLefHDlTxndiWAv
 fnUr4NB7LAz2b5D3d5QX1Np+zHG5mHx95KfDIaWdcz9N1HUHlEOakxTDc2EvR1hF
 yh8g2n5xdvzK5kWvPcNgJpU/ezDumOFo04JndBb4fIqDmZfW3hvJQ3IKiS3P1J9C
 Kbb/usoXGrdoZ9T1R2cqtn1CxrgfMlF2pKJFWzs3nU+ewD9C6oKS4rDQCZxx+JEx
 ZvfnSTUPgBBlT4zqZTTjyFQMQdtis5qK5iAKDEENkqVC1iULPhnM9DN0qxcIoQs=
 =SpWG
 -----END PGP SIGNATURE-----

Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into staging

# gpg: Signature made Tue 26 Jul 2022 09:47:24 BST
# gpg:                using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* tag 'net-pull-request' of https://github.com/jasowang/qemu:
  vdpa: Fix memory listener deletions of iova tree
  vhost: Get vring base from vq, not svq
  e1000e: Fix possible interrupt loss when using MSI

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-26 10:31:02 +01:00
Eugenio Pérez
75a8ce64f6 vdpa: Fix memory listener deletions of iova tree
vhost_vdpa_listener_region_del is always deleting the first iova entry
of the tree, since it's using the needle iova instead of the result's
one.

This was detected using a vga virtual device in the VM using vdpa SVQ.
It makes some extra memory adding and deleting, so the wrong one was
mapped / unmapped. This was undetected before since all the memory was
mappend and unmapped totally without that device, but other conditions
could trigger it too:

* mem_region was with .iova = 0, .translated_addr = (correct GPA).
* iova_tree_find_iova returned right result, but does not update
  mem_region.
* iova_tree_remove always removed region with .iova = 0. Right iova were
  sent to the device.
* Next map will fill the first region with .iova = 0, causing a mapping
  with the same iova and device complains, if the next action is a map.
* Next unmap will cause to try to unmap again iova = 0, causing the
  device to complain that no region was mapped at iova = 0.

Fixes: 34e3c94eda ("vdpa: Add custom IOTLB translations to SVQ")
Reported-by: Lei Yang <leiyang@redhat.com>
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-07-26 16:24:19 +08:00
Eugenio Pérez
2fdac348fd vhost: Get vring base from vq, not svq
The SVQ vring used idx usually match with the guest visible one, as long
as all the guest buffers (GPA) maps to exactly one buffer within qemu's
VA. However, as we can see in virtqueue_map_desc, a single guest buffer
could map to many buffers in SVQ vring.

Also, its also a mistake to rewind them at the source of migration.
Since VirtQueue is able to migrate the inflight descriptors, its
responsability of the destination to perform the rewind just in case it
cannot report the inflight descriptors to the device.

This makes easier to migrate between backends or to recover them in
vhost devices that support set in flight descriptors.

Fixes: 6d0b222666 ("vdpa: Adapt vhost_vdpa_get_vring_base to SVQ")
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-07-26 16:23:54 +08:00
Ake Koomsin
dd0ef12866 e1000e: Fix possible interrupt loss when using MSI
Commit "e1000e: Prevent MSI/MSI-X storms" introduced msi_causes_pending
to prevent interrupt storms problem. It was tested with MSI-X.

In case of MSI, the guest can rely solely on interrupts to clear ICR.
Upon clearing all pending interrupts, msi_causes_pending gets cleared.
However, when e1000e_itr_should_postpone() in e1000e_send_msi() returns
true, MSI never gets fired by e1000e_intrmgr_on_throttling_timer()
because msi_causes_pending is still set. This results in interrupt loss.

To prevent this, we need to clear msi_causes_pending when MSI is going
to get fired by the throttling timer. The guest can then receive
interrupts eventually.

Signed-off-by: Ake Koomsin <ake@igel.co.jp>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-07-26 16:23:54 +08:00
Peter Maydell
616a6459d8 * Bug fixes
* Pass random seed to x86 and other FDT platforms
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmLa3dUUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroObpwf/ceqT05kDypSbPmSZPspzfGZimoQL
 9egbI27siFGUYhmZ/odiv5YU82Y44FHaElsmGsKZQAFvJ4JhROR8ZrDIejI/mWhk
 9yCTW5y+DlFHwZbeAfqMQeK1sfI4TvZ70SnBtpFKsA0bkHmYNAtPJZOSL8SEtZJS
 HA0+jOQdk1+ddjQjgy1AOg5R51nHQGELNz29aF2Z3elKN8ZM9BGY2TQzJ+SMfyRW
 +iU2r5teqRzHDK005WFZgaH5OtG5f2t/fgRycG9WDQYiYmna9wZQICyCiwEEgFu+
 G7lqtPR0YRuVgFwqhhHW7i0wg0GvpEjCRyzc3Gets2j4FjYKn66xy2EPSA==
 =OYEp
 -----END PGP SIGNATURE-----

Merge tag 'for-upstream2' of https://gitlab.com/bonzini/qemu into staging

* Bug fixes
* Pass random seed to x86 and other FDT platforms

# gpg: Signature made Fri 22 Jul 2022 18:26:45 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream2' of https://gitlab.com/bonzini/qemu:
  hw/i386: pass RNG seed via setup_data entry
  hw/rx: pass random seed to fdt
  hw/mips: boston: pass random seed to fdt
  hw/nios2: virt: pass random seed to fdt
  oss-fuzz: ensure base_copy is a generic-fuzzer
  oss-fuzz: remove binaries from qemu-bundle tree
  accel/kvm: Avoid Coverity warning in query_stats()
  docs: Add caveats for Windows as the build platform

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-25 13:49:41 +01:00
Helge Deller
6f200f5186 linux-user: Use target abi_int type for pipefd[1] in pipe()
When writing back the fd[1] pipe file handle to emulated userspace
memory, use sizeof(abi_int) as offset insted of the hosts's int type.
There is no functional change in this patch.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

Message-Id: <YtQ3Id6z8slpVr7r@p100>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2022-07-25 10:42:11 +02:00
Helge Deller
499d805537 linux-user: Unconditionally use pipe2() syscall
The pipe2() syscall is available on all Linux platforms since kernel
2.6.27, so use it unconditionally to emulate pipe() and pipe2().

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <YtbZ2ojisTnzxN9Y@p100>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2022-07-25 10:42:11 +02:00
Helge Deller
bd4b7fd6ba linux-user/hppa: Fix segfaults on page zero
This program:

    int main(void) { asm("bv %r0(%r0)"); return 0; }

produces on real hppa hardware the expected segfault:

    SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x3} ---
    killed by SIGSEGV +++
    Segmentation fault

But when run on linux-user you get instead internal qemu errors:

ERROR: linux-user/hppa/cpu_loop.c:172:cpu_loop: code should not be reached
Bail out! ERROR: linux-user/hppa/cpu_loop.c:172:cpu_loop: code should not be reached
ERROR: accel/tcg/cpu-exec.c:933:cpu_exec: assertion failed: (cpu == current_cpu)
Bail out! ERROR: accel/tcg/cpu-exec.c:933:cpu_exec: assertion failed: (cpu == current_cpu)

Fix it by adding the missing case for the EXCP_IMP trap in
cpu_loop() and raise a segfault.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <YtWNC56seiV6VenA@p100>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2022-07-25 10:42:11 +02:00
Jason A. Donenfeld
67f7e426e5 hw/i386: pass RNG seed via setup_data entry
Tiny machines optimized for fast boot time generally don't use EFI,
which means a random seed has to be supplied some other way. For this
purpose, Linux (≥5.20) supports passing a seed in the setup_data table
with SETUP_RNG_SEED, specially intended for hypervisors, kexec, and
specialized bootloaders. The linked commit shows the upstream kernel
implementation.

At Paolo's request, we don't pass these to versioned machine types ≤7.0.

Link: https://git.kernel.org/tip/tip/c/68b8e9713c8
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Eduardo Habkost <eduardo@habkost.net>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Cc: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <20220721125636.446842-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-22 19:26:34 +02:00
Jason A. Donenfeld
c287941a4d hw/rx: pass random seed to fdt
If the FDT contains /chosen/rng-seed, then the Linux RNG will use it to
initialize early. Set this using the usual guest random number
generation function. This FDT node is part of the DT specification.

Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <20220719122033.135902-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-22 19:01:44 +02:00
Jason A. Donenfeld
5e19cc68fb hw/mips: boston: pass random seed to fdt
If the FDT contains /chosen/rng-seed, then the Linux RNG will use it to
initialize early. Set this using the usual guest random number
generation function. This FDT node is part of the DT specification.

I'd do the same for other MIPS platforms but boston is the only one that
seems to use FDT.

Cc: Paul Burton <paulburton@kernel.org>
Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <20220719120843.134392-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-22 19:01:44 +02:00
Jason A. Donenfeld
6b23a67916 hw/nios2: virt: pass random seed to fdt
If the FDT contains /chosen/rng-seed, then the Linux RNG will use it to
initialize early. Set this using the usual guest random number
generation function. This FDT node is part of the DT specification.

Cc: Chris Wulff <crwulff@gmail.com>
Cc: Marek Vasut <marex@denx.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <20220719120113.118034-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-22 19:01:44 +02:00
Alexander Bulekov
7906f11e62 oss-fuzz: ensure base_copy is a generic-fuzzer
Depending on how the target list is sorted in by qemu, the first target
(used as the base copy of the fuzzer, to which all others are linked)
might not be a generic-fuzzer. Since we are trying to only use
generic-fuzz, on oss-fuzz, fix that, to ensure the base copy is a
generic-fuzzer.

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20220720180946.2264253-1-alxndr@bu.edu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-22 19:01:44 +02:00
Paolo Bonzini
d5b5023691 oss-fuzz: remove binaries from qemu-bundle tree
oss-fuzz is finding possible fuzzing targets even under qemu-bundle/.../bin, but they
cannot be used because the required shared libraries are missing.  Since the
fuzzing targets are already placed manually in $OUT, the bindir and libexecdir
subtrees are not needed; remove them.

Cc: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-22 19:01:44 +02:00
Peter Maydell
d12dd9c7ee accel/kvm: Avoid Coverity warning in query_stats()
Coverity complains that there is a codepath in the query_stats()
function where it can leak the memory pointed to by stats_list.  This
can only happen if the caller passes something other than
STATS_TARGET_VM or STATS_TARGET_VCPU as the 'target', which no
callsite does.  Enforce this assumption using g_assert_not_reached(),
so that if we have a future bug we hit the assert rather than
silently leaking memory.

Resolves: Coverity CID 1490140
Fixes: cc01a3f4ca ("kvm: Support for querying fd-based stats")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220719134853.327059-1-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-22 19:01:44 +02:00
Bin Meng
b67de91e0d docs: Add caveats for Windows as the build platform
Commit cf60ccc330 ("cutils: Introduce bundle mechanism") introduced
a Python script to populate a bundle directory using os.symlink() to
point to the binaries in the pc-bios directory of the source tree.
Commit 882084a04a ("datadir: Use bundle mechanism") removed previous
logic in pc-bios/meson.build to create a link/copy of pc-bios binaries
in the build tree so os.symlink() is the way to go.

However os.symlink() may fail [1] on Windows if an unprivileged Windows
user started the QEMU build process, which results in QEMU executables
generated in the build tree not able to load the default BIOS/firmware
images due to symbolic links not present in the bundle directory.

This commits updates the documentation by adding such caveats for users
who want to build QEMU on the Windows platform.

[1] https://docs.python.org/3/library/os.html#os.symlink

Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Message-Id: <20220719135014.764981-1-bmeng.cn@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-22 19:01:44 +02:00
Peter Maydell
5288bee45f * Boolean statistics for KVM
* Fix build on Haiku
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmLWejIUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroOrhggArpe2oZHD0Bi+toGOu4wg0zq9PKZJ
 Mj8v2hjPHbVU0yj1vXbO4skm6OggcH1JgktNZb8vd5QJBiCZorSIR2FPyuTk677U
 tHrOyzw/r+zPk43bEb/r/O4uGCFmlQUYiesayUKViJVqcF3sUGvBS4dMBKiGnPi7
 hyVLelnXqotcQYsURAXVYuVChDVMZs8ACa7vP9WKGEYWEkVdQRSlk9VMmssan0dD
 Ly+Ikw0FPENJYkNHT8+tM6VYv+Fpsi+PBcijUKRyfsfU5qmPm53rZKEAIhw0jCCV
 PsEZhzvAdU+frfOscuYkaUUgCYxy7dnXm90W7uMpLJYMECJgVuYoL4IKNQ==
 =AFZi
 -----END PGP SIGNATURE-----

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* Boolean statistics for KVM
* Fix build on Haiku

# gpg: Signature made Tue 19 Jul 2022 10:32:34 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
  util: Fix broken build on Haiku
  kvm: add support for boolean statistics
  monitor: add support for boolean statistics

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-21 11:13:01 +01:00
Peter Maydell
fe16c833fd Migration pull 2022-07-20
This replaces yesterdays pull and:
   a) Fixes some test build errors without TLS
   b) Reenabled the zlib acceleration on s390
      now that we have Ilya's fix
 
   Hyman's dirty page rate limit set
   Ilya's fix for zlib vs migration
   Peter's postcopy-preempt
   Cleanup from Dan
   zero-copy tidy ups from Leo
   multifd doc fix from Juan
   Revert disable of zlib acceleration on s390x
 
 Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEERfXHG0oMt/uXep+pBRYzHrxb/ecFAmLX5KAACgkQBRYzHrxb
 /ef8KRAAgUYg+vEPYHXFz48vPBQr+bxcf0G8uzKT4S/afY7xdA1W0nsNR97cTtcW
 ofZQAMjDaxMaCR6Xteh4TUiP346AZv7ZeAKbzDMekrqnLJw8x7hcJRTfgHJVFBkd
 GGYOx7mYf0BEZJfykRDG1EbcwMGlGKK+WGV/tQ1/zM6/QOUXJow+Mn+JoSwl9fLH
 QKvQ5uOxrI9gN0bvWyx94zeoMNQmOrO8jq/48dbDZZebwg4fAmoBEAU3dYJ9obaW
 RE9DLywypWJ5ctYbyrwl+gSjo8DRxBUmbqDE8XxoonJQEZ712d66erGT3w4PLyKP
 8RqxE3dduM0IfbvlvoOFyqtxTUN6hzb5cBVSuT5ukKyNWCjvxwXqqXgUkzxmc6JD
 Mgh3WnM1EZwdInG0zzScVN2WwMYhKoW0gb//35Dy/Z6HaWww6SPm21hIqzoINqzI
 FKW41Gp2pdFFl5HAx03IxhZ9aRJKdtKqexvlD5IDPBrBom2QQJ7Bex1najgpK9Y5
 jqYQrAFn72U3Dxm0cRjfoSc6aI6kXu44RO3CyTvl65B6bZY+bZvj4fx+4IVrzm8Q
 PAsLDp+qbY2YKgtFT21csKQe2rux7QuafsREd3oBXOaUHgNv5xQ5nLIL5LhcSGX5
 B9l82uU8ftuD5sMJn5uYQv1/0n5empXTsgl5GXZ3Wfni33v89yA=
 =wiSA
 -----END PGP SIGNATURE-----

Merge tag 'pull-migration-20220720c' of https://gitlab.com/dagrh/qemu into staging

Migration pull 2022-07-20

This replaces yesterdays pull and:
  a) Fixes some test build errors without TLS
  b) Reenabled the zlib acceleration on s390
     now that we have Ilya's fix

  Hyman's dirty page rate limit set
  Ilya's fix for zlib vs migration
  Peter's postcopy-preempt
  Cleanup from Dan
  zero-copy tidy ups from Leo
  multifd doc fix from Juan
  Revert disable of zlib acceleration on s390x

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

# gpg: Signature made Wed 20 Jul 2022 12:18:56 BST
# gpg:                using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" [full]
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* tag 'pull-migration-20220720c' of https://gitlab.com/dagrh/qemu: (30 commits)
  Revert "gitlab: disable accelerated zlib for s390x"
  migration: Avoid false-positive on non-supported scenarios for zero-copy-send
  multifd: Document the locking of MultiFD{Send/Recv}Params
  migration/multifd: Report to user when zerocopy not working
  Add dirty-sync-missed-zero-copy migration stat
  QIOChannelSocket: Fix zero-copy flush returning code 1 when nothing sent
  migration: remove unreachable code after reading data
  tests: Add postcopy preempt tests
  tests: Add postcopy tls recovery migration test
  tests: Add postcopy tls migration test
  tests: Move MigrateCommon upper
  migration: Respect postcopy request order in preemption mode
  migration: Enable TLS for preempt channel
  migration: Export tls-[creds|hostname|authz] params to cmdline too
  migration: Add helpers to detect TLS capability
  migration: Add property x-postcopy-preempt-break-huge
  migration: Create the postcopy preempt channel asynchronously
  migration: Postcopy recover with preempt enabled
  migration: Postcopy preemption enablement
  migration: Postcopy preemption preparation on channel creation
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-20 22:33:35 +01:00
Peter Maydell
8ec4bc3c8c -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJi18PHAAoJEO8Ells5jWIRCEQH+wepXDoT6Q56xmUgxVs+hlAD
 CXGy71/cNV08Yu3PTTXo8SYaw+KXxsA9ECgIr2hsfPXarAdoOpJFpZR0HoqIzaXd
 kpD6bvwN8bEEOlAHxKcb6/VM+VYntZBfkH9m1WLGx3fHILazLblyL8w2Hkp7NK9J
 IBpQQ63uU8Xt0+js96Z/sPOKRjrtbKXFT1bhY2CI8MKZpuqNyED0jZYwbNdnRwZN
 fuKbpsaaT4Wxx+mQMg7H7a0e/xx3DNi2F6cAtGLH98WYzbLFgExSSK8G8jnwEVfM
 EKWfU7N4zmokq7jN99yvGzjIzLrnLX6yn/ifSs+lQOzdtCA9zEbotI+CDCVdPs4=
 =9zus
 -----END PGP SIGNATURE-----

Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into staging

# gpg: Signature made Wed 20 Jul 2022 09:58:47 BST
# gpg:                using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* tag 'net-pull-request' of https://github.com/jasowang/qemu: (25 commits)
  net/colo.c: fix segmentation fault when packet is not parsed correctly
  net/colo.c: No need to track conn_list for filter-rewriter
  net/colo: Fix a "double free" crash to clear the conn_list
  softmmu/runstate.c: add RunStateTransition support form COLO to PRELAUNCH
  vdpa: Add x-svq to NetdevVhostVDPAOptions
  vdpa: Add device migration blocker
  vdpa: Extract get features part from vhost_vdpa_get_max_queue_pairs
  vdpa: Buffer CVQ support on shadow virtqueue
  vdpa: manual forward CVQ buffers
  vhost-net-vdpa: add stubs for when no virtio-net device is present
  vdpa: Export vhost_vdpa_dma_map and unmap calls
  vhost: Add svq avail_handler callback
  vhost: add vhost_svq_poll
  vhost: Expose vhost_svq_add
  vhost: add vhost_svq_push_elem
  vhost: Track number of descs in SVQDescState
  vhost: Add SVQDescState
  vhost: Decouple vhost_svq_add from VirtQueueElement
  vhost: Check for queue full at vhost_svq_add
  vhost: Move vhost_svq_kick call to vhost_svq_add
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-20 16:27:57 +01:00
Peter Maydell
f45fd24c90 * Fixes for s390x floating point vector instructions
-----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmLXq2oRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbVZXA//TPtsWHVXe27FW4nKDXSVspOKZspTl625
 u8412cqv6YVcAkwechNhI96kO5UsjQplkqC/TuSxbqv+zoNicUWe7gm7uF8h8qJI
 D7PkKolBNXrJ+U304x2LyWLaXvFW5hnJQneaALzsQYfI07i6RV0t8FZ4KfYBHFVu
 cmQ3MN5y/lmYBcN1bX+mTwgG5nuKKg78dIRiSFKa3CbT1F83LCQQEPNnOUSDIYnJ
 8kQ+lOs3mRakPlsK4O91f+C2oP3z5ke6xst5Z37w76/V+jMNXIcoAaW09s0DUY+9
 ycO+9iqCGGzVQlu+m3sLSbhNFqtiA/EhyRVOu+JpeZD3fV5HEzGhocXjtQgox7N6
 1gu00Q+blMJXd1uKsWOOpZEluIhdfseiU218YKh02ckxxSPG2OrnJHve8hpUqYv3
 z4ZNCG5N8LfMOJlx5A8xgV2Q0OZiwDgeSINQQcyVkfpXGQJxVbdHfjr+VWVHRp22
 UdoCzxuDF8PQDj73V9bvq/8cBppxPcHaNpgHQ8dO2VOQSs1RN+c04TkUcy5loVrh
 F13AU0pGGuaIRwGN8917kNoJlKGKV5jhoKcU/lZQUsq8AwAuRtFmsKXYJkOOKVxI
 8NrOIBdMNrOtNBuxU6IglLQHUD38JMBwzZAO5+SMQqNHXKwfu3Z8tfImXDZyfKbX
 1qidiHLY8WM=
 =9wL6
 -----END PGP SIGNATURE-----

Merge tag 'pull-request-2022-07-20' of https://gitlab.com/thuth/qemu into staging

* Fixes for s390x floating point vector instructions

# gpg: Signature made Wed 20 Jul 2022 08:14:50 BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2022-07-20' of https://gitlab.com/thuth/qemu:
  tests/tcg/s390x: test signed vfmin/vfmax
  target/s390x: fix NaN propagation rules
  target/s390x: fix handling of zeroes in vfmin/vfmax

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	fpu/softfloat-specialize.c.inc
2022-07-20 14:13:32 +01:00
Dr. David Alan Gilbert
db727a1410 Revert "gitlab: disable accelerated zlib for s390x"
This reverts commit 309df6acb2.
With Ilya's 'multifd: Copy pages before compressing them with zlib'
in the latest migration series, this shouldn't be a problem any more.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2022-07-20 12:15:09 +01:00
Leonardo Bras
90eb69e4f1 migration: Avoid false-positive on non-supported scenarios for zero-copy-send
Migration with zero-copy-send currently has it's limitations, as it can't
be used with TLS nor any kind of compression. In such scenarios, it should
output errors during parameter / capability setting.

But currently there are some ways of setting this not-supported scenarios
without printing the error message:

!) For 'compression' capability, it works by enabling it together with
zero-copy-send. This happens because the validity test for zero-copy uses
the helper unction migrate_use_compression(), which check for compression
presence in s->enabled_capabilities[MIGRATION_CAPABILITY_COMPRESS].

The point here is: the validity test happens before the capability gets
enabled. If all of them get enabled together, this test will not return
error.

In order to fix that, replace migrate_use_compression() by directly testing
the cap_list parameter migrate_caps_check().

2) For features enabled by parameters such as TLS & 'multifd_compression',
there was also a possibility of setting non-supported scenarios: setting
zero-copy-send first, then setting the unsupported parameter.

In order to fix that, also add a check for parameters conflicting with
zero-copy-send on migrate_params_check().

3) XBZRLE is also a compression capability, so it makes sense to also add
it to the list of capabilities which are not supported with zero-copy-send.

Fixes: 1abaec9a1b ("migration: Change zero_copy_send from migration parameter to migration capability")
Signed-off-by: Leonardo Bras <leobras@redhat.com>
Message-Id: <20220719122345.253713-1-leobras@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2022-07-20 12:15:09 +01:00
Juan Quintela
4a8f19c95c multifd: Document the locking of MultiFD{Send/Recv}Params
Reorder the structures so we can know if the fields are:
- Read only
- Their own locking (i.e. sems)
- Protected by 'mutex'
- Only for the multifd channel

Signed-off-by: Juan Quintela <quintela@redhat.com>
Message-Id: <20220531104318.7494-2-quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
  dgilbert: Typo fixes from Chen Zhang
2022-07-20 12:15:09 +01:00
Leonardo Bras
d59c40cc48 migration/multifd: Report to user when zerocopy not working
Some errors, like the lack of Scatter-Gather support by the network
interface(NETIF_F_SG) may cause sendmsg(...,MSG_ZEROCOPY) to fail on using
zero-copy, which causes it to fall back to the default copying mechanism.

After each full dirty-bitmap scan there should be a zero-copy flush
happening, which checks for errors each of the previous calls to
sendmsg(...,MSG_ZEROCOPY). If all of them failed to use zero-copy, then
increment dirty_sync_missed_zero_copy migration stat to let the user know
about it.

Signed-off-by: Leonardo Bras <leobras@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Message-Id: <20220711211112.18951-4-leobras@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2022-07-20 12:15:09 +01:00