Commit Graph

9100 Commits

Author SHA1 Message Date
David Gibson
e594c2ad1c xive: Improve irq claim/free path
spapr_xive_irq_claim() returns a bool to indicate if it succeeded.
But most of the callers and one callee use int return values and/or an
Error * with more information instead.  In any case, ints are a more
common idiom for success/failure states than bools (one never knows
what sense they'll be in).

So instead change to an int return value to indicate presence of error
+ an Error * to describe the details through that call chain.

It also didn't actually check if the irq was already claimed, which is
one of the primary purposes of the claim path, so do that.

spapr_xive_irq_free() also returned a bool... which no callers checked
and was always true, so just drop it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2019-10-04 19:08:23 +10:00
David Gibson
f233cee97b spapr: Handle freeing of multiple irqs in frontend only
spapr_irq_free() can be used to free multiple irqs at once. That's useful
for its callers, but there's no need to make the individual backend hooks
handle this.  We can loop across the irqs in spapr_irq_free() itself and
have the hooks just do one at time.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
2019-10-04 19:08:23 +10:00
David Gibson
14789694cd spapr: Eliminate SpaprIrq:get_nodename method
This method is used to determine the name of the irq backend's node in the
device tree, so that we can find its phandle (after SLOF may have modified
it from the phandle we initially gave it).

But, in the two cases the only difference between the node name is the
presence of a unit address.  Searching for a node name without considering
unit address is standard practice for the device tree, and
fdt_subnode_offset() will do exactly that, making this method unecessary.

While we're there, remove the XICS_NODENAME define.  The name
"interrupt-controller" is required by PAPR (and IEEE1275), and a bunch of
places assume it already.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
2019-10-04 19:08:22 +10:00
David Gibson
af1861511d spapr: Simplify spapr_qirq() handling
Currently spapr_qirq(), whic is used to find the qemu_irq for an spapr
global irq number, redirects through the SpaprIrq::qirq method.  But
the array of qemu_irqs is allocated in the PAPR layer, not the
backends, and so the method implementations all return the same thing,
just differing in the preliminary checks they make.

So, we can remove the method, and just implement spapr_qirq() directly,
including all the relevant checks in one place.  We change all those
checks into assert()s as well, since a failure here indicates an error in
the calling code.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-10-04 19:08:22 +10:00
David Gibson
fe9b61b246 spapr: Eliminate nr_irqs parameter to SpaprIrq::init
The only reason this parameter was needed was to work around the
inconsistent meaning of nr_irqs between xics and xive.  Now that we've
fixed that, we can consistently use the number directly in the SpaprIrq
configuration.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2019-10-04 19:08:22 +10:00
David Gibson
ad8de98636 spapr: Clarify and fix handling of nr_irqs
Both the XICS and XIVE interrupt backends have a "nr-irqs" property, but
it means slightly different things.  For XICS (or, strictly, the ICS) it
indicates the number of "real" external IRQs.  Those start at XICS_IRQ_BASE
(0x1000) and don't include the special IPI vector.  For XIVE, however, it
includes the whole IRQ space, including XIVE's many IPI vectors.

The spapr code currently doesn't handle this sensibly, with the
nr_irqs value in SpaprIrq having different meanings depending on the
backend.  We fix this by renaming nr_irqs to nr_xirqs and making it
always indicate just the number of external irqs, adjusting the value
we pass to XIVE accordingly.  We also move to using common constants
in most of the irq configurations, to make it clearer that the IRQ
space looks the same to the guest (and emulated devices), even if the
backend is different.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
2019-10-04 19:08:22 +10:00
David Gibson
7678b74a94 spapr: Replace spapr_vio_qirq() helper with spapr_vio_irq_pulse() helper
Every caller of spapr_vio_qirq() immediately calls qemu_irq_pulse() with
the result, so we might as well just fold that into the helper.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-10-04 19:08:22 +10:00
David Gibson
258aa5ce1c spapr: Fold spapr_phb_lsi_qirq() into its single caller
No point having a two-line helper that's used exactly once, and not likely
to be used anywhere else in future.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-10-04 19:08:22 +10:00
David Gibson
9db8c551c9 xics: Create sPAPR specific ICS subtype
We create a subtype of TYPE_ICS specifically for sPAPR.  For now all this
does is move the setup of the PAPR specific hcalls and RTAS calls to
the realize() function for this, rather than requiring the PAPR code to
explicitly call xics_spapr_init().  In future it will have some more
function.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2019-10-04 19:08:22 +10:00
David Gibson
642e92719e xics: Merge TYPE_ICS_BASE and TYPE_ICS_SIMPLE classes
TYPE_ICS_SIMPLE is the only subtype of TYPE_ICS_BASE that's ever
instantiated.  The existence of different classes is mostly a hang
over from when we (misguidedly) had separate subtypes for the KVM and
non-KVM version of the device.

There could be some call for an abstract base type for ICS variants
that use a different representation of their state (PowerNV PHB3 might
want this).  The current split isn't really in the right place for
that though.  If we need this in future, we can re-implement it more
in line with what we actually need.

So, collapse the two classes together into just TYPE_ICS.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2019-10-04 19:08:22 +10:00
David Gibson
da2ef5b2f2 xics: Eliminate reset hook
Currently TYPE_XICS_BASE and TYPE_XICS_SIMPLE have their own reset methods,
using the standard technique for having the subtype call the supertype's
methods before doing its own thing.

But TYPE_XICS_SIMPLE is the only subtype of TYPE_XICS_BASE ever
instantiated, so there's no point having the split here.  Merge them
together into just an ics_reset() function.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2019-10-04 19:08:22 +10:00
David Gibson
28976c99cf xics: Rename misleading ics_simple_*() functions
There are a number of ics_simple_*() functions that aren't actually
specific to TYPE_XICS_SIMPLE at all, and are equally valid on
TYPE_XICS_BASE.  Rename them to ics_*() accordingly.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2019-10-04 19:08:22 +10:00
David Gibson
d5803c7319 xics: Eliminate 'reject', 'resend' and 'eoi' class hooks
Currently ics_reject(), ics_resend() and ics_eoi() indirect through
class methods.  But there's only one implementation of each method,
the one in TYPE_ICS_SIMPLE.  TYPE_ICS_BASE has no implementation, but
it's never instantiated, and has no other subtypes.

So clean up by eliminating the method and just having ics_reject(),
ics_resend() and ics_eoi() contain the logic directly.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
2019-10-04 19:08:21 +10:00
David Gibson
00ed3da9b5 xics: Minor fixes for XICSFabric interface
Interface instances should never be directly dereferenced.  So, the common
practice is to make them incomplete types to make sure no-one does that.
XICSFrabric, however, had a dummy type which is less safe.

We were also using OBJECT_CHECK() where we should have been using
INTERFACE_CHECK().

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
2019-10-04 19:08:21 +10:00
Alexey Kardashevskiy
744a928cce spapr: Stop providing RTAS blob
SLOF implements one itself so let's remove it from QEMU. It is one less
image and simpler setup as the RTAS blob never stays in its initial place
anyway as the guest OS always decides where to put it.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-10-04 10:25:23 +10:00
David Gibson
daa36379ce spapr: Simplify handling of pre ISA 3.0 guest workaround handling
Certain old guest versions don't understand the radix MMU introduced with
POWER ISA 3.0, but incorrectly select it if presented with the option at
CAS time.  We workaround this in qemu by explicitly excluding the radix
(and other ISA 3.0 linked) options if the guest doesn't explicitly note
support for ISA 3.0.

This is handled by the 'cas_legacy_guest_workaround' flag, which is pretty
vague.  Rename it to 'cas_pre_isa3_guest' to be clearer about what it's for.

In addition, we unnecessarily call spapr_populate_pa_features() with
different options when initially constructing the device tree and when
adjusting it at CAS time.  At the initial construct time cas_pre_isa3_guest
is already false, so we can still use the flag, rather than explicitly
overriding it to be false at the callsite.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2019-10-04 10:25:23 +10:00
Cédric Le Goater
4a99d40551 spapr/irq: Introduce an ics_irq_free() helper
It will help us to discard interrupt numbers which have not been
claimed in the next patch.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20190911133937.2716-2-clg@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-10-04 10:25:23 +10:00
Balamuruhan S
3887d24123 hw/ppc/pnv_homer: add PowerNV homer device model
add PnvHomer device model to emulate homer memory access
for pstate table, occ-sensors, slw, occ static and dynamic
values for Power8 and Power9 chips.

Signed-off-by: Balamuruhan S <bala24@linux.ibm.com>
Message-Id: <20190912093056.4516-4-bala24@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-10-04 10:25:23 +10:00
Balamuruhan S
f3db82660d hw/ppc/pnv_occ: add sram device model for occ common area
emulate occ common area region with occ sram device model which
occ and skiboot uses it to communicate regarding sensors, slw
and HWMON in PowerNV emulated host.

Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Balamuruhan S <bala24@linux.ibm.com>
Message-Id: <20190912093056.4516-3-bala24@linux.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-10-04 10:25:23 +10:00
Balamuruhan S
7454558c69 hw/ppc/pnv_xscom: retrieve homer/occ base address from PBA BARs
During PowerNV boot skiboot populates the device tree by
retrieving base address of homer/occ common area from
PBA BARs and prd ipoll mask by accessing xscom read/write
accesses.

Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Balamuruhan S <bala24@linux.ibm.com>
Message-Id: <20190912093056.4516-2-bala24@linux.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-10-04 10:25:23 +10:00
Igor Mammedov
023ae9a88a kvm: split too big memory section on several memslots
Max memslot size supported by kvm on s390 is 8Tb,
move logic of splitting RAM in chunks upto 8T to KVM code.

This way it will hide KVM specific restrictions in KVM code
and won't affect board level design decisions. Which would allow
us to avoid misusing memory_region_allocate_system_memory() API
and eventually use a single hostmem backend for guest RAM.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20190924144751.24149-4-imammedo@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:50 +02:00
Peter Maydell
deee6ff7b7 Fixes for TLB_BSWAP
Coversion of NOTDIRTY and ROM handling to cputlb
 Followup cleanups to cputlb
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAl2LtM0dHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV/sZwf/exhxY+VEyK8bFyE7
 DCiVZf7vc0kc1mK79SFN59cGlTx6vtG51ZgmbsrE2niJanrq5oj/iefrzVcP1WQE
 LuMqeTWKUJjpT0Nm7E5QIzMyYELjhE4ldEzzh8meHeqLYWTXdXD3/gHGiJFdqic7
 /2c8zDYpkVp6ss7ryppT7vtfsHhG33TMoKb+TLUgYdr3VU5bfKVmVtXto23YDmp+
 +ZZHczhFy6FB+k3V4+ClyGcaoVwvsVx3AhGIuFDZCS64QuHmWkM4YuWFNjzjX2KV
 EYmp3aK728DWUbLax9LClks9hDSZvuX8m4+dDDt4ykOgwhMzJtYM1e/HgEVWa7bk
 nH/koA==
 =/g/U
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20190925' into staging

Fixes for TLB_BSWAP
Coversion of NOTDIRTY and ROM handling to cputlb
Followup cleanups to cputlb

# gpg: Signature made Wed 25 Sep 2019 19:41:17 BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-tcg-20190925:
  cputlb: Pass retaddr to tb_check_watchpoint
  cputlb: Pass retaddr to tb_invalidate_phys_page_fast
  cputlb: Remove tb_invalidate_phys_page_range is_cpu_write_access
  cputlb: Remove cpu->mem_io_vaddr
  cputlb: Handle TLB_NOTDIRTY in probe_access
  cputlb: Merge and move memory_notdirty_write_{prepare,complete}
  cputlb: Partially inline memory_region_section_get_iotlb
  cputlb: Move NOTDIRTY handling from I/O path to TLB path
  cputlb: Move ROM handling from I/O path to TLB path
  exec: Adjust notdirty tracing
  cputlb: Introduce TLB_BSWAP
  cputlb: Split out load/store_memop
  cputlb: Use qemu_build_not_reached in load/store_helpers
  qemu/compiler.h: Add qemu_build_not_reached
  cputlb: Disable __always_inline__ without optimization
  exec: Use TARGET_PAGE_BITS_MIN for TLB flags

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-27 11:10:49 +01:00
Peter Maydell
1329132d28 vhost: fixes
Misc fixes related to memory region handling.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJdi3mHAAoJECgfDbjSjVRp41wH/3l7E5zcJPJfzr9OTe0UmmtO
 PKzQrvdrUdLPJfxEY2dtTmJ/u3LpBB9PpAjPfEWaxFsI43OCbs7rwrDvgZsnEixI
 Ib1mFk1o8LUH2Df9dvlGXogcX413i/H1UQF3kLte1JL8iyPmo6HUXO8n6GZ6fo6x
 w7sGvC/NO5sNLPVadw2EOVPNSonp58zQFJB7i056cZ81ooUh4Rm09nQzgC2NmIA4
 dRs/HrxM6BUYDRwwUN3x8Z4KMj138PxZ8QvF5DB54a9rX9EpL/iRl14zlYsNwi8D
 V32+FnH5kOrPvA2D2az2e0q//J2DiQu87Rkcv5B2b8Sys1HVnPVF12KD+VHaUTk=
 =C3aK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

vhost: fixes

Misc fixes related to memory region handling.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed 25 Sep 2019 15:28:23 BST
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  vhost: Fix memory region section comparison
  memory: Provide an equality function for MemoryRegionSections
  memory: Align MemoryRegionSections fields

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-26 16:14:03 +01:00
Peter Maydell
eb13d1cf4a Migration pull 2019-09-25
me: test fixes from (should stop hangs in postcopy tests).
   me: An RDMA cleanup hang fix
   Wei: Tidy ups around postcopy
   Marc-Andre: mem leak fix
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEERfXHG0oMt/uXep+pBRYzHrxb/ecFAl2LgN0ACgkQBRYzHrxb
 /efO3hAAjwECXkswTQKSy/pWsTpxIwJaKh0RxYCUMOGW9SPaAZ6eFYYVlgyi6N3Z
 S0ibn3uhTKDm0Zu5yfNrF3BfqCT/H60qyepVX1CN+DBeFtwgpXEnivwnMZV36qnh
 /6PS4afsa/mHUC1TeDls7WZK0LPwSSpZGPdAbedaqzeN9D5ZXXqZ+S8cIyRFMwv/
 36uDXq9GmzwwEeKOTIl45Mn4g1jilcDmCvMuC8M9Ao2b2hoT/Lxb735CGe4P8MYl
 0oP2COrDI1JKWwY+W0iA+m2pkomK+b7f0zGr/3/I/Y+jrfoab+bgcBpvA6PIidmX
 25LHL9D6HfhA0v7Y5K+BOV4TK6hoXFC+RXCYozCJdxKGpa6JkTHZkLgq7wTyn2Zs
 9Gyb6M01Y9XgsG5fS339KFNzzulkWOTNj0EH2Rdg/TYb5SJzxQhM3fEkIf9+/SFb
 WICXnuB8DTWwL20HdMJiNPxgHim6VG9HQFsY5KSXZiVDcga58d+Ij8S8NzeSuHL+
 AIWwwsd6YhmzzVB4QLXct1uwSsepILM+67gxKeuCKZrQfsu4PuZBFVc1vH1OjjjV
 Vfz5pdHiYqP8EGIHDnW/W02EBmfXrXhklB6mUc+Fm9zZA7+gPZl56Qv51KwyUqN3
 qwOuPZftFbzrgZpzD9CrMnrl05m0EE+nY41AkITkFaKafQLzZm8=
 =61eA
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20190925a' into staging

Migration pull 2019-09-25

  me: test fixes from (should stop hangs in postcopy tests).
  me: An RDMA cleanup hang fix
  Wei: Tidy ups around postcopy
  Marc-Andre: mem leak fix

# gpg: Signature made Wed 25 Sep 2019 15:59:41 BST
# gpg:                using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" [full]
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* remotes/dgilbert/tags/pull-migration-20190925a:
  migration/postcopy: Recognise the recovery states as 'in_postcopy'
  tests/migration/postcopy: trim migration bandwidth
  tests/migration: Fail on unexpected migration states
  migration/rdma.c: Swap synchronize_rcu for call_rcu
  migration/rdma: Don't moan about disconnects at the end
  migration: remove sent parameter in get_queued_page_not_dirty
  migration/postcopy: unsentmap is not necessary for postcopy
  migration/postcopy: not necessary to do discard when canonicalizing bitmap
  migration: fix vmdesc leak on vmstate_save() error

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-26 14:23:58 +01:00
Peter Maydell
d4e536f336 nbd patches for 2019-09-24
- Improved error message for plaintext client of encrypted server
 - Fix various assertions when -object iothread is in use
 - Silence a Coverity error for use-after-free on error path
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAl2LbTgACgkQp6FrSiUn
 Q2rw/gf8CiEby+/V5AExRf/CQ9TOqFCcIYwbsMpTbGTUJIrF0N7FH/FT6g6wZUMq
 JYdHDk77ew0ZoQCLkefl8Bj3ddIcfzIkcL4/AYTZ3KUyPTzmwrejckcQ08qlj+dg
 HvnnxmNmtPTi001r4fVLl+OfFVXkw/ACnjoy/tB+UP7ZxV4ADi5UAVyBvnwGFVkP
 n4mf7o3tvM05eVhwkbVUSsEDvN2VCMxrNM2Qm6u5njoPuGi06fLpN/5oVTiipvcA
 xgLSKNzOVyK3v98eGCxUBsYOtTqLphuhSSTpbwEy1uxRRIoBUpFxfazWXpX0pWl9
 m+ibBD5tX6e5sFISMRNu9Q4LrFcutw==
 =GqDl
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-09-24-v2' into staging

nbd patches for 2019-09-24

- Improved error message for plaintext client of encrypted server
- Fix various assertions when -object iothread is in use
- Silence a Coverity error for use-after-free on error path

# gpg: Signature made Wed 25 Sep 2019 14:35:52 BST
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2019-09-24-v2:
  util/qemu-sockets: fix keep_alive handling in inet_connect_saddr
  tests: Use iothreads during iotest 223
  nbd: Grab aio context lock in more places
  nbd/server: attach client channel to the export's AioContext
  nbd/client: Add hint when TLS is missing

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-26 10:13:39 +01:00
Richard Henderson
b56668bbe1 cputlb: Remove cpu->mem_io_vaddr
With the merge of notdirty handling into store_helper,
the last user of cpu->mem_io_vaddr was removed.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:56:28 -07:00
Richard Henderson
707526ad86 cputlb: Merge and move memory_notdirty_write_{prepare,complete}
Since 9458a9a1df, all readers of the dirty bitmaps wait
for the rcu lock, which means that they wait until the end
of any executing TranslationBlock.

As a consequence, there is no need for the actual access
to happen in between the _prepare and _complete.  Therefore,
we can improve things by merging the two functions into
notdirty_write and dropping the NotDirtyInfo structure.

In addition, the only users of notdirty_write are in cputlb.c,
so move the merged function there.  Pass in the CPUIOTLBEntry
from which the ram_addr_t may be computed.

Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:44:29 -07:00
Richard Henderson
8f5db64153 cputlb: Partially inline memory_region_section_get_iotlb
There is only one caller, tlb_set_page_with_attrs.  We cannot
inline the entire function because the AddressSpaceDispatch
structure is private to exec.c, and cannot easily be moved to
include/exec/memory-internal.h.

Compute is_ram and is_romd once within tlb_set_page_with_attrs.
Fold the number of tests against these predicates.  Compute
cpu_physical_memory_is_clean outside of the tlb lock region.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:44:27 -07:00
Richard Henderson
08565552f7 cputlb: Move NOTDIRTY handling from I/O path to TLB path
Pages that we want to track for NOTDIRTY are RAM.  We do not
really need to go through the I/O path to handle them.

Acked-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:43:22 -07:00
Richard Henderson
7b0d792ce1 cputlb: Move ROM handling from I/O path to TLB path
It does not require going through the whole I/O path
in order to discard a write.

Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:42:51 -07:00
Richard Henderson
5b87b3e671 cputlb: Introduce TLB_BSWAP
Handle bswap on ram directly in load/store_helper.  This fixes a
bug with the previous implementation in that one cannot use the
I/O path for RAM.

Fixes: a26fc6f515
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:36:43 -07:00
Richard Henderson
560e36d5a4 qemu/compiler.h: Add qemu_build_not_reached
Use this as a compile-time assert that a particular
code path is not reachable.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:19:57 -07:00
Richard Henderson
c6b716cdc0 cputlb: Disable __always_inline__ without optimization
This forced inlining can result in missing symbols,
which makes a debugging build harder to follow.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:12:33 -07:00
Richard Henderson
1f6f2b34ad exec: Use TARGET_PAGE_BITS_MIN for TLB flags
These bits do not need to vary with the actual page size
used by the guest.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-09-25 10:11:15 -07:00
Wei Yang
1e7cf8c323 migration/postcopy: unsentmap is not necessary for postcopy
Commit f3f491fcd6 ('Postcopy: Maintain unsentmap') introduced
unsentmap to track not yet sent pages.

This is not necessary since:

    * unsentmap is a sub-set of bmap before postcopy start
    * unsentmap is the summation of bmap and unsentmap after canonicalizing

This patch just removes it.

Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190819061843.28642-3-richardw.yang@linux.intel.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-09-25 15:51:19 +01:00
Dr. David Alan Gilbert
9366cf02e4 memory: Provide an equality function for MemoryRegionSections
Provide a comparison function that checks all the fields are the same.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190814175535.2023-3-dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-09-25 10:15:59 -04:00
Dr. David Alan Gilbert
44f85d3276 memory: Align MemoryRegionSections fields
MemoryRegionSection includes an Int128 'size' field;
on some platforms the compiler causes an alignment of this to
a 128bit boundary, leaving 8 bytes of dead space.
This deadspace can be filled with junk.

Move the size field to the top avoiding unnecessary alignment.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190814175535.2023-2-dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-09-25 10:15:59 -04:00
Peter Maydell
4142b011ca QAPI patches for 2019-09-24
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAl2KB7wSHGFybWJydUBy
 ZWRoYXQuY29tAAoJEDhwtADrkYZTHAYP+gJ0rd9PH1rLcUA0UvxIy10sPAw+Oghn
 GtsTlKGZzyD1xLLKSLP+zcsJAAxAW0ixGl41vNnPzYQ7iHtNgZQeZKXErbpSz3/S
 4ubmgAHaEVQ2Jo3wzyqCk+21RtsLDi+i4NLBSwUyIlqHCbHecBuOFzHClzeJldxi
 qws+jFKMQtvOM7ShpM0QC2GSpMeUy4pIEqGG4cJ+IdBuya+qXlc1FDkRgzmUEQI7
 otQ79AAkVBfw9rwQrAKGMZHmJWAWQWPRAf3MwDhJuutgIZn26Vv4DfpsjUz/07WR
 ZTYaMKGY3KqVUDkQIBmZEjJ32Ho529DqkDa24vnvqYIYcfd8FiNMGXzXPfb/2/cU
 gX4Ao7B8G1svMtbRJpSIVgfdQqHGMRDl+OFPTn/r78NKKcwTmmhOCwEIH8+fAyQL
 mqUIABVX/RXSvmeGuhCrUqCCt+23VipIcXUUFFIOvtbpHXjaVKP+RDMjiQwgjYrj
 wYPa+dK1RwKVSH2yxGvLBm2qhkl3XFVsoDiZ2jgOK4vZw1L8ObM9fn04eLvonvXz
 oalfKA28k2ux2FpwYU9Xpc/T4EyRWxhoUKnV6pjZ2Y08jWb1QN+v3T/q8ehxRXJd
 /iVaCaBpIW7fMwC+TceOIWM/iBILgJL5H1IRnPmcs0NExo7RCOtkNEPY0n3WGWKq
 +RRAlYx2I5yk
 =1oxz
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2019-09-24' into staging

QAPI patches for 2019-09-24

# gpg: Signature made Tue 24 Sep 2019 13:10:36 BST
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2019-09-24: (37 commits)
  qapi: Assert .visit() and .check_clash() run only after .check()
  qapi: Fix excessive QAPISchemaEntity.check() recursion
  qapi: Fix to .check() empty structs just once
  qapi: Delete useless check_exprs() code for simple union kind
  qapi: Clean up around check_known_keys()
  qapi: Simplify check_keys()
  qapi: Normalize 'if' in check_exprs(), like other sugar
  qapi: Fix missing 'if' checks in struct, union, alternate 'data'
  qapi: Reject blank 'if' conditions in addition to empty ones
  qapi: Fix broken discriminator error messages
  qapi: Remove null from schema language
  qapi: Improve reporting of lexical errors
  qapi: Use quotes more consistently in frontend error messages
  tests/qapi-schema: Demonstrate suboptimal lexical errors
  tests/qapi-schema: Demonstrate insufficient 'if' checking
  tests/qapi-schema: Demonstrate broken discriminator errors
  tests/qapi-schema: Demonstrate misleading optional tag error
  tests/qapi-schema: Delete two redundant tests
  tests/qapi-schema: Cover unknown pragma
  qapi: Tweak code to match docs/devel/qapi-code-gen.txt
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-25 13:31:21 +01:00
Eric Blake
61bc846d8c nbd: Grab aio context lock in more places
When iothreads are in use, the failure to grab the aio context results
in an assertion failure when trying to unlock things during blk_unref,
when trying to unlock a mutex that was not locked.  In short, all
calls to nbd_export_put need to done while within the correct aio
context.  But since nbd_export_put can recursively reach itself via
nbd_export_close, and recursively grabbing the context would deadlock,
we can't do the context grab directly in those functions, but must do
so in their callers.

Hoist the use of the correct aio_context from nbd_export_new() to its
caller qmp_nbd_server_add().  Then tweak qmp_nbd_server_remove(),
nbd_eject_notifier(), and nbd_esport_close_all() to grab the right
context, so that all callers during qemu now own the context before
nbd_export_put() can call blk_unref().

Remaining uses in qemu-nbd don't matter (since that use case does not
support iothreads).

Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190917023917.32226-1-eblake@redhat.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
2019-09-24 07:30:19 -05:00
Paul Durrant
3809f7583b xen: perform XenDevice clean-up in XenBus watch handler
Cleaning up offline XenDevice objects directly in
xen_device_backend_changed() is dangerous as xen_device_unrealize() will
modify the watch list that is being walked. Even the QLIST_FOREACH_SAFE()
used in notifier_list_notify() is insufficient as *two* notifiers (for
the frontend and backend watches) are removed, thus potentially rendering
the 'next' pointer unsafe.

The solution is to use the XenBus backend_watch handler to do the clean-up
instead, as it is invoked whilst walking a separate watch list.

This patch therefore adds a new 'inactive_devices' list to XenBus, to which
offline devices are added by xen_device_backend_changed(). The XenBus
backend_watch registration is also changed to not only invoke
xen_bus_enumerate() but also a new xen_bus_cleanup() function, which will
walk 'inactive_devices' and perform the necessary actions.
For safety an extra 'online' check is also added to xen_bus_type_enumerate()
to make sure that no attempt is made to create a new XenDevice object for a
backend that is offline.

NOTE: This patch also includes some cosmetic changes:
      - substitute the local variable name 'backend_state'
        in xen_bus_type_enumerate() with 'state', since there
        is no ambiguity with any other state in that context.
      - change xen_device_state_is_active() to
        xen_device_frontend_is_active() (and pass a XenDevice directly)
        since the state tests contained therein only apply to a frontend.
      - use 'state' rather then 'xendev->backend_state' in
        xen_device_backend_changed() to shorten the code.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Message-Id: <20190913082159.31338-4-paul.durrant@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2019-09-24 12:18:47 +01:00
Paul Durrant
d198b711f9 xen: introduce separate XenWatchList for XenDevice objects
This patch uses the XenWatchList abstraction to add a separate watch list
for each device. This is more scalable than walking a single notifier
list for all watches and is also necessary to implement a bug-fix in a
subsequent patch.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony Perard <anthony.perard@citrix.com>
Message-Id: <20190913082159.31338-3-paul.durrant@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2019-09-24 12:18:47 +01:00
Paul Durrant
374752a26b xen / notify: introduce a new XenWatchList abstraction
Xenstore watch call-backs are already abstracted away from XenBus using
the XenWatch data structure but the associated NotifierList manipulation
and file handle registration is still open coded in various xen_bus_...()
functions.
This patch creates a new XenWatchList data structure to allow these
interactions to be abstracted away from XenBus as well. This is in
preparation for a subsequent patch which will introduce separate watch lists
for XenBus and XenDevice objects.

NOTE: This patch also introduces a new notifier_list_empty() helper function
      for the purposes of adding an assertion that a XenWatchList is not
      freed whilst its associated NotifierList is still occupied.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony Perard <anthony.perard@citrix.com>
Message-Id: <20190913082159.31338-2-paul.durrant@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2019-09-24 12:18:47 +01:00
Markus Armbruster
81b49004e0 qapi: Make visit_next_list()'s comment less confusing
visit_next_list() returns non-null on success, null on failure.  The
comment's phrasing "until NULL return or error occurs" is needlessly
confusing.  Scratch the "or error occurs" part.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190802122325.16520-1-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-24 11:03:44 +02:00
Peter Maydell
e446ed5a29 ipmi: Some bug fixes and new interfaces
Some bug fixes for the watchdog and hopeful the BT tests.
 
 Change the IPMI UUID handling to give the user the ability to set it or
 not have it.
 
 Add a PCI interface.
 
 Add an SMBus interfaces.
 
 -corey
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE/Q1c5nzg9ZpmiCaGYfOMkJGb/4EFAl2FJFkACgkQYfOMkJGb
 /4ELTQ//csJVqXnjaeQUO6snd6X2QTBF62349RcVyontNNT5MSNTeyelvNYEZY3W
 I8vSjvaYVwK2XkVMLAw0E1I9HlgLEVJt/Kas7r6Ka7IC7QhyCo6XioQAcWjtjnsK
 LrpKjWfbswlkxeIP+dpzXT1zjiB46CjSApJmlelo3A35iSRLQGJMbohPs0edzeUr
 GtzTkJrOpeSFRmWVKPqpVX5cJUqXrdKgXTnUciSN1uHQqjXDCYlQQqlYuYfAJxbY
 zp9Zli/nJXuTHSGNg7OfTGPqePIUt+U/2bNVM9aT1TgMpedvy4KdUNqebiMhJlE/
 rrylXId9kpGyTYxJLllTyFC03ay3MIn/HeQDFBjlwA1PGH7wrAST4jddiDTuVJEd
 vSbo59Ek6v+1wuIgCZMsof9A/t3G/JmBClnsxS2FA6VNFO3+Y5J94o8Uqz5uZvwZ
 yEMfgGODNqO33VMBlMchyW0flxsn5F3kAKzARZf1ifhJZta8mCnyf7jmJ2A0hROQ
 5LnWn/FUZjQ5kaiNAotzHxF3tWleY0rnp7wgmeQrA+5fJHki0CyMNJ6MNbkDTeW9
 rfI8iHQHp4dQk1ZSq5C6OsEeNfPERgyCRCJdGgh5BACeyZbgAqctxC2hH2iWe89n
 Kc9SiZQrWHsCWWPZIXadTKkbcykLl8CaBVOX9hAz5VdV0qmmx6w=
 =lCyp
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cminyard/tags/ipmi-for-release-2019-09-20' into staging

ipmi: Some bug fixes and new interfaces

Some bug fixes for the watchdog and hopeful the BT tests.

Change the IPMI UUID handling to give the user the ability to set it or
not have it.

Add a PCI interface.

Add an SMBus interfaces.

-corey

# gpg: Signature made Fri 20 Sep 2019 20:11:21 BST
# gpg:                using RSA key FD0D5CE67CE0F59A6688268661F38C90919BFF81
# gpg: Good signature from "Corey Minyard <cminyard@mvista.com>" [unknown]
# gpg:                 aka "Corey Minyard <minyard@acm.org>" [unknown]
# gpg:                 aka "Corey Minyard <corey@minyard.net>" [unknown]
# gpg:                 aka "Corey Minyard <minyard@mvista.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FD0D 5CE6 7CE0 F59A 6688  2686 61F3 8C90 919B FF81

* remotes/cminyard/tags/ipmi-for-release-2019-09-20:
  pc: Add an SMB0 ACPI device to q35
  ipmi: Fix SSIF ACPI handling to use the right CRS
  acpi: Add i2c serial bus CRS handling
  ipmi: Add an SMBus IPMI interface
  ipmi: Add PCI IPMI interfaces
  smbios:ipmi: Ignore IPMI devices with no fwinfo function
  ipmi: Allow a size value to be passed for I/O space
  ipmi: Split out BT-specific code from ISA BT code
  ipmi: Split out KCS-specific code from ISA KCS code
  ipmi: Add a UUID device property
  qdev: Add a no default uuid property
  tests:ipmi: Fix IPMI BT tests
  ipmi: Generate an interrupt on watchdog pretimeout expiry
  ipmi: Fix the get watchdog command
  ipmi: Fix watchdog NMI handling

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-23 10:56:46 +01:00
Corey Minyard
ebe15582ca pc: Add an SMB0 ACPI device to q35
This is so I2C devices can be found in the ACPI namespace.  Currently
that's only IPMI, but devices can be easily added now.

Adding the devices required some PCI information, and the bus itself
to be added to the PCMachineState structure.

Note that this only works on Q35, the ACPI for PIIX4 is not capable
of handling an SMBus device.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2019-09-20 14:09:24 -05:00
Corey Minyard
576d05b67f ipmi: Fix SSIF ACPI handling to use the right CRS
Pass in the CRS so that it can be set to the SMBus for IPMI later.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-09-20 14:08:10 -05:00
Corey Minyard
ef48a8ce41 acpi: Add i2c serial bus CRS handling
This will be required for getting IPMI SSIF (SMBus interface) into
the ACPI tables.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-09-20 14:08:10 -05:00
Corey Minyard
12f983c6aa ipmi: Add PCI IPMI interfaces
Pretty straightforward, just hook the current KCS and BT code into
the PCI system with the proper configuration.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: M: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-09-20 14:08:10 -05:00
Corey Minyard
79d29a9d06 ipmi: Allow a size value to be passed for I/O space
PCI device I/O must be >= 8 bytes in length or they don't work.
Allow the size to be passed in, the default size of 2 or 3
won't work.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-09-20 14:08:10 -05:00
Corey Minyard
1739d54c8b ipmi: Split out BT-specific code from ISA BT code
Get ready for PCI and other BT interfaces.

No functional changes, just split the code into generic BT code
and ISA-specific BT code.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-09-20 14:08:10 -05:00