Commit Graph

56006 Commits

Author SHA1 Message Date
Lukáš Doktor
2d853c70a2 qemu.py: Pylint/style fixes
No actual code changes, just several pylint/style fixes and docstring
clarifications.

Signed-off-by: Lukáš Doktor <ldoktor@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20170818142613.32394-2-ldoktor@redhat.com>
Reviewed-by: Cleber Rosa <crosa@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-09-15 20:12:00 -03:00
Peter Maydell
11dd4b89d0 pull-seccomp-20170915
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJZu417AAoJEN8y58Dw//miaFMIAIBmWaUzxvNpgcwtj3XGPvhw
 NRdCNNFd9rfAQX74jRaTf42hO7zkA7XM8Phz+Yx0WBWoKgiEX2g6t/Bd5Vv3fFU4
 XcCNzO3X/3TKByI1rkHA+ANoLriBX068ZMFX41Cl8FltHCQsgH8vCrHUP4jQphJb
 dUbg9OZ9arz2hIfH5vJKjDjNeoFptSJeHe5vNuuoQgLxrC07mdd/B+5caM593P4o
 OmCJDqhvBcu+SAb7gfGc2C4SGmIILIsIPcHeHfel+WwIXnQ554cUcFl++NPHkMXQ
 enZgNR3R+UELZzoD7vo2qMMVuQnFz1IUaQ60BH2GNEQdi13wC8Dgmvbd6/93FqQ=
 =XH5t
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20170915' into staging

pull-seccomp-20170915

# gpg: Signature made Fri 15 Sep 2017 09:21:15 BST
# gpg:                using RSA key 0xDF32E7C0F0FFF9A2
# gpg: Good signature from "Eduardo Otubo (Senior Software Engineer) <otubo@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: D67E 1B50 9374 86B4 0723  DBAB DF32 E7C0 F0FF F9A2

* remotes/otubo/tags/pull-seccomp-20170915:
  buildsys: Move seccomp cflags/libs to per object
  seccomp: add resourcecontrol argument to command line
  seccomp: add spawn argument to command line
  seccomp: add elevateprivileges argument to command line
  seccomp: add obsolete argument to command line
  seccomp: changing from whitelist to blacklist

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-15 22:34:08 +01:00
Peter Maydell
5faf2d376a Some fixes and improvements for various qtests by Eric and me.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJZu4MxAAoJEC7Z13T+cC21D/AQAJUxgGbNwos+hzxrXnzQCj6K
 EqC0pqyUE/XkxZvy3/HjSt4VzecHDS59i8hNEo0+wyb/Wt/RV4lTkedZye8P3VO1
 OdhPw2cMB18MtHPG+tuGMjj6wySqn67cV4Y1swNl34N//9PebcsYVLVrNWgz3bSw
 +U7023ztWbHF7MebzOt6JaKZPTej4S1aQoSGVQs7S4hj1ydIOur3vRCpdTmsGbts
 VcDbsVANFNYszP9y/EVU+z30s03iJzDdw2GRCr9C1JOwQbbpNB3onqbr9j2XA9uI
 dI6KkO+T02azKAgsJ4F8mqD3wm8dFjxY/CZGN//G1eQEWW2by2wiQcTbR5rm457T
 mbt5evqLQG8SmZsvrepKeM99JFKRzkoBloAOul8wGzK+7yG0vJVGw0dCwkjLWxW1
 DgiHKn4dcilLi2ybXvB7vK62dE5z3qk391YpZI/0gh1XOaNlc8/CnX93z9oFgpdP
 ZhUxzO4cWRRGw7rx49Skt6zg6JSvbgmjbpG7BJ0jjZhJt42I8d3/GtVDWkZ7XJI7
 AlNukRy/norwXOiTcT6OMiQe1/ZBkNbqxhgdJ2bhRQQ/sqrEV6B0vPGgb36qKwPc
 9abVsycIVWc5NNqV4zH8hS72lBb8UKwpl2gZUqM8TFwG9uv6y+KO0Z4eTgW/z0HD
 EfaZknpeBQzlt6srXKaB
 =9guJ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth/tags/check-20170915' into staging

Some fixes and improvements for various qtests by Eric and me.

# gpg: Signature made Fri 15 Sep 2017 08:37:21 BST
# gpg:                using RSA key 0x2ED9D774FE702DB5
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>"
# gpg:                 aka "Thomas Huth <thuth@redhat.com>"
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>"
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>"
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth/tags/check-20170915:
  qtest: Avoid passing raw strings through hmp()
  libqtest: Remove dead qtest_instances variable
  numa-test: Use hmp()
  qtest: Don't perform side effects inside assertion
  test-qga: Kill broken and dead QGA_TEST_SIDE_EFFECTING code
  tests: Fix broken ivshmem-server-msi/-irq tests
  tests/libqtest: Use a proper error message if QTEST_QEMU_BINARY is missing
  tests/test-hmp: Remove puv3 and tricore_testboard from the blacklist
  tests: Introduce generic device hot-plug/hot-unplug functions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-15 20:29:44 +01:00
Peter Maydell
d535f5d363 ppc patch queue 2017-09-15
Here's the current batch of accumulated ppc patches.  These are all
 pretty simple bugfixes or cleanups, no big new features here.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlm7TegACgkQbDjKyiDZ
 s5K7AhAAiGS7MOhaaA7a/TC4ekYbfxRKH7tE/FB+xvJg4NXp/f1/gj1ZuU4mAZcP
 LVKwTtoNzUjPUputlMafJrFvCAHdDwBzJ1CBSd3H9WCDFDRy/QZH7on7JJQKZwnQ
 Ls33PL5UMkhzsEW7XOb2HHni6VPYtw+Fr6fLLea/6xa+L5qPlsKMN7r8zhoqKnRj
 qkLSwgR64NqaQCTazhL5kty0JcyMivRHRIEqKaDLrs5zDeeP8yvMDr9ZfY+ri+DN
 LnC4u+2b4rSFaL7352i9TVUvFFXSNs45TruMLTAF5d8AwTrYe9yu1BD/Q/bTRszr
 aBAdOQApsPEbBk+TqnHQ+l231ihZpnbTmCc5EsNGYXSBm4P6ealIv3pkzYpAaU0m
 x9LdGbMwiqriGi/70sNpIkyzowNW0UCoKAXjxdNzYethczI08EGyvrjGfPsrU6n4
 w3HLFI+iGD5iFweW5sUbB2puybo32gAKs3j2NO4B1G6NI8NVgKnAFUkkkiM2e8Y8
 Xp8luUacL7x+PB9aAs+QpR2kqbbU1vvEOtQ2LkEQfQ5zJNdAtp3imdhKuFQT+cX+
 7FTvzpDzKThdtdTtizQ8JCoA2Z+LLZlR8wJ76oVe1CSyK0+xxvclipD5MPaSowqW
 UBV47+EuKOkCCNEBn3xxbx08bcTR1OqTaW+xIIdFm2Rdyt0SMDM=
 =GAd3
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.11-20170915' into staging

ppc patch queue 2017-09-15

Here's the current batch of accumulated ppc patches.  These are all
pretty simple bugfixes or cleanups, no big new features here.

# gpg: Signature made Fri 15 Sep 2017 04:50:00 BST
# gpg:                using RSA key 0x6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.11-20170915:
  ppc/kvm: use kvm_vm_check_extension() in kvmppc_is_pr()
  spapr_events: use QTAILQ_FOREACH_SAFE() in spapr_clear_pending_events()
  spapr_cpu_core: cleaning up qdev_get_machine() calls
  spapr_pci: don't create 64-bit MMIO window if we don't need to
  spapr_pci: convert sprintf() to g_strdup_printf()
  spapr_cpu_core: fail gracefully with non-pseries machine types
  xics: fix several error leaks
  vfio, spapr: Fix levels calculation
  spapr_pci: handle FDT creation errors with _FDT()
  spapr_pci: use the common _FDT() helper
  spapr: fix CAS-generated reset
  ppc/xive: fix OV5_XIVE_EXPLOIT bits
  spapr: only update SDR1 once per-cpu during CAS
  spapr_pci: use g_strdup_printf()
  spapr_pci: drop useless check in spapr_populate_pci_child_dt()
  spapr_pci: drop useless check in spapr_phb_vfio_get_loc_code()
  hw/ppc/spapr.c: cleaning up qdev_get_machine() calls
  net: Add SunGEM device emulation as found on Apple UniNorth

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-15 19:00:16 +01:00
Lluís Vilanova
f99b38fc7c trace: Immediately apply per-vCPU state changes if a vCPU is being created
Right now, function trace_event_set_vcpu_state_dynamic() asynchronously enables
events in the case a vCPU is executing TCG code. If the vCPU is being created
this makes some events like "guest_cpu_enter" to not be traced.

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Reviewed-by: Emilio G. Cota <cota@braap.org>
Message-id: 150525662577.19850.13767570977540117247.stgit@frigg.lan
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-09-15 14:25:22 +01:00
Fam Zheng
c3883e1f93 buildsys: Move seccomp cflags/libs to per object
Like many other libraries, libseccomp cflags and libs should only apply
to the building of necessary objects. Do so in the usual way with the
help of per object variables.

Signed-off-by: Fam Zheng <famz@redhat.com>
2017-09-15 10:16:05 +02:00
Eduardo Otubo
24f8cdc572 seccomp: add resourcecontrol argument to command line
This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It
blacklists all process affinity and scheduler priority system calls to
avoid any bigger of the process.

Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15 10:15:06 +02:00
Eduardo Otubo
995a226f88 seccomp: add spawn argument to command line
This patch adds [,spawn=deny] argument to `-sandbox on' option. It
blacklists fork and execve system calls, avoiding Qemu to spawn new
threads or processes.

Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15 10:15:06 +02:00
Eduardo Otubo
73a1e64725 seccomp: add elevateprivileges argument to command line
This patch introduces the new argument
[,elevateprivileges=allow|deny|children] to the `-sandbox on'. It allows
or denies Qemu process to elevate its privileges by blacklisting all
set*uid|gid system calls. The 'children' option will let forks and
execves run unprivileged.

Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15 10:15:06 +02:00
Eduardo Otubo
2b716fa6d6 seccomp: add obsolete argument to command line
This patch introduces the argument [,obsolete=allow] to the `-sandbox on'
option. It allows Qemu to run safely on old system that still relies on
old system calls.

Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15 10:15:05 +02:00
Eduardo Otubo
1bd6152ae2 seccomp: changing from whitelist to blacklist
This patch changes the default behavior of the seccomp filter from
whitelist to blacklist. By default now all system calls are allowed and
a small black list of definitely forbidden ones was created.

Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15 10:13:35 +02:00
Eric Blake
7b899f4dd5 qtest: Avoid passing raw strings through hmp()
hmp() passes its string argument through the sprintf() family;
with a proper attribute, gcc -Wformat warns us when we do something
dangerous like passing a non-constant format string.  Fortunately,
all our strings were safe, but checking whether the string can
contain an unintended % is easy to avoid and therefore worth doing.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:19 +02:00
Eric Blake
4fb609adc9 libqtest: Remove dead qtest_instances variable
Prior to commit 063c23d9, we were tracking a list of parallel
qtest objects, in order to safely clean up a SIGABRT handler
only after the last connection quits.  But when we switched to
more of glib's infrastructure, the list became dead code that
is never assigned to.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:19 +02:00
Eric Blake
e8fc894b67 numa-test: Use hmp()
Don't open-code something that has a convenient helper available.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:19 +02:00
Eric Blake
147731258d qtest: Don't perform side effects inside assertion
Assertions should be separate from the side effects, since in
theory, g_assert() can be disabled (in practice, we can't really
ever do that).

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:19 +02:00
Eric Blake
f94b3f64e6 test-qga: Kill broken and dead QGA_TEST_SIDE_EFFECTING code
Back when the test was introduced, in commit 62c39b307, the
test was set up to run qemu-ga directly on the host performing
the test, and defaults to limiting itself to safe commands.  At
the time, it was envisioned that setting QGA_TEST_SIDE_EFFECTING
in the environment could cover a few more commands, while noting
the potential danger of those side effects running in the host.

But this has NEVER been tested: if you enable the environment
variable, the test WILL fail.  One obvious reason: if you are not
running as root, you'll probably get a permission failure when
trying to freeze the file systems, or when changing system time.
Less obvious: if you run the test as root (wow, you're brave), you
could end up hanging if the test tries to log things to a
temporarily frozen filesystem.  But the cutest reason of all: if
you get past the above hurdles, the test uses invalid JSON in
test_qga_fstrim() (missing '' around the dictionary key 'minimum'),
and will thus fail an assertion in qmp_fd().

Rather than leave this untested time-bomb in place, rip it out.
Hopefully, as originally envisioned, we can find an opportunity
to test an actual sandboxed guest where the guest-agent has
full permissions and will not unduly affect the host running
the test - if so, 'git revert' can be used if desired, for
salvaging any useful parts of this attempt.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:18 +02:00
Thomas Huth
4446158a1a tests: Fix broken ivshmem-server-msi/-irq tests
Broken with commit b4ba67d9a7 ("libqos: Change PCI accessors to take
opaque BAR handle") a while ago, but nobody noticed since the tests are
not run by default: The msix_pba_bar is not correctly initialized
anymore if bir_pba has the same value as bir_table. With this fix,
"make check SPEED=slow" should work fine again.

Fixes: b4ba67d9a7
Tested-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:18 +02:00
Thomas Huth
db221e66d8 tests/libqtest: Use a proper error message if QTEST_QEMU_BINARY is missing
The user can currently still cause an abort() if running certain tests
(like the prom-env-test) without setting the QTEST_QEMU_BINARY first.
A similar problem has been fixed with commit 7c933ad61b
already, but forgot to also take care of the qtest_get_arch() function,
so let's introduce a proper wrapper around getenv("QTEST_QEMU_BINARY")
that can be used in both locations now.

Buglink: https://bugs.launchpad.net/qemu/+bug/1713434
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:18 +02:00
Thomas Huth
33ea6cf712 tests/test-hmp: Remove puv3 and tricore_testboard from the blacklist
The problem with puv3 has been fixed with 0ac241bcf9
('unicore32: abort when entering "x 0" on the monitor') and the problem
with tricore_testboard has been fixed with b190f477e2
('qemu-system-tricore: segfault when entering "x 0" on the monitor').

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:18 +02:00
Thomas Huth
acd80015fb tests: Introduce generic device hot-plug/hot-unplug functions
A lot of tests provide code for adding and removing a device via the
device_add and device_del QMP commands. Maintaining this code in so many
places is cumbersome and error-prone (some of the code parts check the
responses for device deletion in an incorrect way, for example, we've got
to deal with both, error code and DEVICE_DEL event here). So let's provide
some proper generic functions for adding and removing a device instead.

The code for correctly unplugging a device has been taken from a patch
from Peter Xu.

Reviewed-by: Peter Xu <peterx@redhat.com>
Tested-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2017-09-15 09:05:18 +02:00
Greg Kurz
70a0c19e83 ppc/kvm: use kvm_vm_check_extension() in kvmppc_is_pr()
If the host has both KVM PR and KVM HV loaded and we pass:

	-machine pseries,accel=kvm,kvm-type=PR

the kvmppc_is_pr() returns false instead of true. Since the helper
is mostly used as fallback, it doesn't have any real impact with
recent kernels. A notable exception is the workaround to allow
migration between compatible hosts with different PVRs (eg, POWER8
and POWER8E), since KVM still doesn't provide a way to check if a
specific PVR is supported (see commit c363a37a45 for details).

According to the official KVM API documentation [1], KVM_PPC_GET_PVINFO
is "vm ioctl", but we check it as a global ioctl. The following function
in KVM is hence called with kvm == NULL and considers we're in HV mode.

int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
{
	int r;
	/* Assume we're using HV mode when the HV module is loaded */
	int hv_enabled = kvmppc_hv_ops ? 1 : 0;

	if (kvm) {
		/*
		 * Hooray - we know which VM type we're running on. Depend on
		 * that rather than the guess above.
		 */
		hv_enabled = is_kvmppc_hv_enabled(kvm);
	}

Let's use kvm_vm_check_extension() to fix the issue.

[1] https://www.kernel.org/doc/Documentation/virtual/kvm/api.txt

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
d492a75cfe spapr_events: use QTAILQ_FOREACH_SAFE() in spapr_clear_pending_events()
QTAILQ_FOREACH_SAFE() must be used when removing the current element
inside the loop block.

This fixes a user-after-free error introduced by commit 5625817423
and reported by Coverity (CID 1381017).

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
3b2fcedd52 spapr_cpu_core: cleaning up qdev_get_machine() calls
This patch removes the qdev_get_machine() calls that are made
in spapr_cpu_core.c in situations where we can get an existing
pointer for the MachineState by either passing it as an argument
to the function or by using other already available pointers.

Credits to Daniel Henrique Barboza for the idea and the changelog
text.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
96dbc9af35 spapr_pci: don't create 64-bit MMIO window if we don't need to
When running a pseries-2.2 or older machine type, we get the following
lines in info mtree:

address-space: memory
...
ffffffffffffffff-ffffffffffffffff (prio 0, i/o): alias
 pci@800000020000000.mmio64-alias @pci@800000020000000.mmio
  ffffffffffffffff-ffffffffffffffff

address-space: cpu-memory
...
ffffffffffffffff-ffffffffffffffff (prio 0, i/o): alias
 pci@800000020000000.mmio64-alias @pci@800000020000000.mmio
  ffffffffffffffff-ffffffffffffffff

The same thing occurs when running a pseries-2.7 with

    -global spapr-pci-host-bridge.mem_win_size=2147483648

This happens because we always create a 64-bit MMIO window, even if
we didn't explicitely requested it (ie, mem64_win_size == 0) and the
32-bit window is below 2GiB. It doesn't seem to have an impact on the
guest though because spapr_populate_pci_dt() doesn't advertise the
bogus windows when mem64_win_size == 0.

Since these memory regions don't induce any state, we can safely
choose to not create them when their address is equal to -1,
without breaking migration from existing setups.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
1d36da769a spapr_pci: convert sprintf() to g_strdup_printf()
In order to follow a QEMU common practice.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
1bbadc759e spapr_cpu_core: fail gracefully with non-pseries machine types
Since commit 7cca3e466e ("ppc: spapr: Move VCPU ID calculation into
sPAPR"), QEMU aborts when started with a *-spapr-cpu-core device and
a non-pseries machine.

Let's rely on the already existing call to object_dynamic_cast() instead
of using the SPAPR_MACHINE() macro.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
a1a6bbde4f xics: fix several error leaks
If object_property_get_link() fails then it allocates an error, which
must be freed before returning. The error_get_pretty() function is
merely an accessor to the error message and doesn't free anything.

The error.h header indicates how to do it right:

 * Pass an existing error to the caller with the message modified:
 *     error_propagate(errp, err);
 *     error_prepend(errp, "Could not frobnicate '%s': ", name);

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Alexey Kardashevskiy
e100161b69 vfio, spapr: Fix levels calculation
The existing tries to round up the number of pages but @pages is always
calculated as the rounded up value minus one  which makes ctz64() always
return 0 and have create.levels always set 1.

This removes wrong "-1" and allows having more than 1 levels. This becomes
handy for >128GB guests with standard 64K pages as this requires blocks
with zone order 9 and the popular limit of CONFIG_FORCE_MAX_ZONEORDER=9
means that only blocks up to order 8 are allowed.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
9ba255365e spapr_pci: handle FDT creation errors with _FDT()
libfdt failures when creating the FDT should cause QEMU to terminate.

Let's use the _FDT() macro which does just that instead of propagating
the error to the caller. spapr_populate_pci_child_dt() no longer needs
to return a value in this case.

Note that, on the way, this get rids of the following nonsensical lines:

    g_assert(!ret);
    if (ret) {

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
99372e785e spapr_pci: use the common _FDT() helper
All other users in hw/ppc already consider an error when building
the FDT to be fatal, even on hotplug paths. There's no valid reason
for spapr_pci to behave differently. So let's used the common _FDT()
helper which terminates QEMU when libfdt fails.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Cédric Le Goater
30bf9ed168 spapr: fix CAS-generated reset
The OV5_MMU_RADIX_300 requires special handling in the CAS negotiation
process. It is cleared from the option vector of the guest before
evaluating the changes and re-added later. But, when testing for a
possible CAS reset :

    spapr->cas_reboot = spapr_ovec_diff(ov5_updates,
                                        ov5_cas_old, spapr->ov5_cas);

the bit OV5_MMU_RADIX_300 will each time be seen as removed from the
previous OV5 set, hence generating a reset loop.

Fix this problem by also clearing the same bit in the ov5_cas_old set.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Cédric Le Goater
21f3f8db0e ppc/xive: fix OV5_XIVE_EXPLOIT bits
On POWER9, the Client Architecture Support (CAS) negotiation process
determines whether the guest operates in XIVE Legacy compatibility or
in XIVE exploitation mode. Now that we have initial guest support for
the XIVE interrupt controller, let's fix the bits definition which have
evolved in the latest specs.

The platform advertises the XIVE Exploitation Mode support using the
property "ibm,arch-vec-5-platform-support-vec-5", byte 23 bits 0-1 :

 - 0b00 XIVE legacy mode Only
 - 0b01 XIVE exploitation mode Only
 - 0b10 XIVE legacy or exploitation mode

The OS asks for XIVE Exploitation Mode support using the property
"ibm,architecture-vec-5", byte 23 bits 0-1:

 - 0b00 XIVE legacy mode Only
 - 0b01 XIVE exploitation mode Only

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
4c563d9df5 spapr: only update SDR1 once per-cpu during CAS
Commit b55d295e3e added the possibility to support HPT resizing with KVM.
In the case of PR, we need to pass the userspace address of the HPT to KVM
using the SDR1 slot.
This is handled by kvmppc_update_sdr1() which uses CPU_FOREACH() to update
all CPUs. It is hence not needed to call kvmppc_update_sdr1() for each CPU.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
549ce59e2b spapr_pci: use g_strdup_printf()
Building strings with g_strdup_printf() instead of snprintf() is
a QEMU common practice.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
d049bde69d spapr_pci: drop useless check in spapr_populate_pci_child_dt()
spapr_phb_get_loc_code() either returns a non-null pointer, or aborts
if g_strdup_printf() failed to allocate memory.

Signed-off-by: Greg Kurz <groug@kaod.org>
[dwg: Grammatical fix to commit message]
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Greg Kurz
8f68760561 spapr_pci: drop useless check in spapr_phb_vfio_get_loc_code()
g_strdup_printf() either returns a non-null pointer, or aborts if it
failed to allocate memory.

Signed-off-by: Greg Kurz <groug@kaod.org>
[dwg: Grammatical fix to commit message]
Acked-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Daniel Henrique Barboza
c86c1affae hw/ppc/spapr.c: cleaning up qdev_get_machine() calls
This patch removes the qdev_get_machine() calls that are made in
spapr.c in situations where we can get an existing pointer for
the MachineState by either passing it as an argument to the function
or by using other already available pointers.

The following changes were made:

- spapr_node0_size: static function that is called two times:
at spapr_setup_hpt_and_vrma and ppc_spapr_init. In both cases we can
pass an existing MachineState pointer to it.

- spapr_build_fdt: MachineState pointer can be retrieved from
the existing sPAPRMachineState pointer.

- spapr_boot_set: the opaque in the first arg is a sPAPRMachineState
pointer as we can see inside ppc_spapr_init:

    qemu_register_boot_set(spapr_boot_set, spapr);

We can get a MachineState pointer from it.

- spapr_machine_device_plug and spapr_machine_device_unplug_request: the
MachineState, sPAPRMachineState, MachineClass and sPAPRMachineClass pointers
can all be retrieved from the HotplugHandler pointer.

Signed-off-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Benjamin Herrenschmidt
f85504b23a net: Add SunGEM device emulation as found on Apple UniNorth
This adds a simplistic emulation of the Sun GEM ethernet controller
found in Apple ASICs.

Currently we only support the Apple UniNorth 1.x variant, but the
other Apple or Sun variants should mostly be a matter of adding
PCI IDs options.

We have a very primitive emulation of a single Broadcom 5201 PHY
which is supported by the MacOS driver.

This model brings out-of-the-box networking to MacOS 9, and all
versions of OS X I tried with the mac99 platform.

Further improvements from Mark:
- Remove sungem.h file, moving constants into sungem.c as required
- Switch to using tracepoints for debugging
- Split register blocks into separate memory regions
- Use arrays in SunGEMState to hold register values
- Add state-saving support

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-09-15 10:29:48 +10:00
Peter Maydell
d28e29a925 target-arm queue:
* v7M: various code cleanups
  * v7M: set correct BFSR bits on bus fault
  * v7M: clear exclusive monitor on reset and exception entry/exit
  * v7M: don't apply priority mask to negative priorities
  * zcu102: support 'secure' and 'virtualization' machine properties
  * aarch64: fix ERET single stepping
  * gpex: implement PCI INTx routing
  * mps2-an511: fix UART overflow interrupt line wiring
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJZusF4AAoJEDwlJe0UNgze0TIP/RQQJiw1n9TavSjEm5QoNvMM
 h7IgoCkS1OYTaNqb1iTb4kYRKqWL5eKDXMIQL5pvEVVPrd7ETOV0EZaJUNs7UltR
 Huw3wEIGta+SCnBDYW7bKBqK469KVgizKlLRbrO4JjaFumhAZ99OrC8coGkLA3nH
 YGZC/mlbZTu3rrrNIGmyiAWz8xMjSsMCiat00SRnhqLXboH5qXmpX8RdeTLoeouo
 UwfN6jlbPq7pehiN2R+suRG6MNGwknglu0KoHK1qG3GW/6dIS0RXIa59zvXqoZBe
 8IuXKyCky8Js9YrgVLZ02MZ4aRN2woS0l5Uykr710BZHXioQMjvEYHM2BPTkjxcA
 jrGKkvFbSYPEhAxcxm/hN65Quh7vTWpJP6s0Xqcq5hh39fO2ZxNzhJ14UvcquBua
 VBYOk83dsK1WMflhxoCAeKjso4FARsjPTaXNR7xZCM4SXDneaIy0kemgvtKd7ehV
 gaDd0tP6P2ZEIJD3THWDF5lGbSTi/0WcedNQ0NJz+CkuOsS6lcAZvezbY2g7nIoP
 Bv0rcJd9KoeAiGL2LhcCz0OfSgd0iEBSohbsF2JLseiodI58wdLNxQeOCRplZeUy
 5hOm+oNVN8f6XRUGTexE4vmptrSIMRsOA4UlNfujx+uQlgpXsUEvjuGOfPCCY35k
 0998S19KxutBDl5PMkF1
 =iCz5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20170914' into staging

target-arm queue:
 * v7M: various code cleanups
 * v7M: set correct BFSR bits on bus fault
 * v7M: clear exclusive monitor on reset and exception entry/exit
 * v7M: don't apply priority mask to negative priorities
 * zcu102: support 'secure' and 'virtualization' machine properties
 * aarch64: fix ERET single stepping
 * gpex: implement PCI INTx routing
 * mps2-an511: fix UART overflow interrupt line wiring

# gpg: Signature made Thu 14 Sep 2017 18:50:48 BST
# gpg:                using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20170914:
  mps2-an511: Fix wiring of UART overflow interrupt lines
  hw/pci-host/gpex: Implement PCI INTx routing
  hw/arm/virt: Set INTx/gsi mapping
  hw/pci-host/gpex: Set INTx index/gsi mapping
  target/arm: Avoid an extra temporary for store_exclusive
  AArch64: Fix single stepping of ERET instruction
  xlnx-zcu102: Mark the EP108 machine as deprecated
  xlnx-zcu102: Add a machine level virtualization property
  xlnx-zcu102: Add a machine level secure property
  xlnx-zcu102: Manually create the machines
  xlnx-ep108: Rename to ZCU102
  target/arm: Rename 'type' to 'excret' in do_v7m_exception_exit()
  target/arm: Add and use defines for EXCRET constants
  target/arm: Remove unnecessary '| 0xf0000000' from do_v7m_exception_exit()
  nvic: Don't apply group priority mask to negative priorities
  target/arm: Get PRECISERR and IBUSERR the right way round
  target/arm: Clear exclusive monitor on v7M reset, exception entry/exit
  target/arm: Use M_REG_NUM_BANKS rather than hardcoding 2

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:54:09 +01:00
Peter Maydell
ce3bc112cd mps2-an511: Fix wiring of UART overflow interrupt lines
Fix an error that meant we were wiring every UART's overflow
interrupts into the same inputs 0 and 1 of the OR gate,
rather than giving each its own input.

Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 1505232834-20890-1-git-send-email-peter.maydell@linaro.org
2017-09-14 18:43:19 +01:00
Pranavkumar Sawargaonkar
d464814ae7 hw/pci-host/gpex: Implement PCI INTx routing
Now we are able to retrieve the gsi from the INTx pin, let's
enable intx_to_irq routing. From that point on, irqfd becomes
usable along with INTx when assigning a PCIe device.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Tushar Jagad <tushar.jagad@linaro.org>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Tested-by: Feng Kan <fkan@apm.com>
Message-id: 1505296004-6798-4-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:19 +01:00
Pranavkumar Sawargaonkar
c9bb8e1608 hw/arm/virt: Set INTx/gsi mapping
Let's provide the GPEX host bridge with the INTx/gsi mapping. This is
needed for INTx/gsi routing.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Tushar Jagad <tushar.jagad@linaro.org>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Tested-by: Feng Kan <fkan@apm.com>
Message-id: 1505296004-6798-3-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:19 +01:00
Pranavkumar Sawargaonkar
70bfdce6a1 hw/pci-host/gpex: Set INTx index/gsi mapping
To implement INTx to gsi routing we need to pass the gpex host
bridge the gsi associated to each INTx index. Let's introduce
irq_num array and gpex_set_irq_num setter function.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Tushar Jagad <tushar.jagad@linaro.org>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Feng Kan <fkan@apm.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 1505296004-6798-2-git-send-email-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:18 +01:00
Richard Henderson
37e29a6425 target/arm: Avoid an extra temporary for store_exclusive
Instead of copying addr to a local temp, reuse the value (which we
have just compared as equal) already saved in cpu_exclusive_addr.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 20170908163859.29820-1-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:18 +01:00
Jaroslaw Pelczar
dddbba9943 AArch64: Fix single stepping of ERET instruction
Previously when single stepping through ERET instruction via GDB
would result in debugger entering the "next" PC after ERET instruction.
When debugging in kernel mode, this will also cause unintended behavior,
because debugger will try to access memory from EL0 point of view.

Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Message-id: 001c01d32895$483027f0$d89077d0$@samsung.com
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:18 +01:00
Alistair Francis
da69de0076 xlnx-zcu102: Mark the EP108 machine as deprecated
The EP108 is the same as the ZCU102, mark it as deprecated as we don't
need two machines.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:18 +01:00
Alistair Francis
1946809ece xlnx-zcu102: Add a machine level virtualization property
Add a machine level virtualization property. This defaults to false and can be
set to true using this machine command line argument:
    -machine xlnx-zcu102,virtualization=on

This follows what the ARM virt machine does.

This property only applies to the ZCU102 machine. The EP108 machine does
not have this property.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:18 +01:00
Alistair Francis
b7436e94de xlnx-zcu102: Add a machine level secure property
Add a machine level secure property. This defaults to false and can be
set to true using this machine command line argument:
    -machine xlnx-zcu102,secure=on

This follows what the ARM virt machine does.

This property only applies to the ZCU102 machine. The EP108 machine does
not have this property.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:18 +01:00
Alistair Francis
b70cf33f03 xlnx-zcu102: Manually create the machines
In preperation for future work let's manually create the Xilnx machines.
This will allow us to set properties for the machines in the future.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:18 +01:00
Alistair Francis
aff3f0f150 xlnx-ep108: Rename to ZCU102
The EP108 is a early access development board. Now that silicon is in
production people have access to the ZCU102. Let's rename the internal
QEMU files and variables to use the ZCU102.

There is no functional change here as the EP108 is still a valid board
option.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-09-14 18:43:17 +01:00