Commit Graph

79194 Commits

Author SHA1 Message Date
Alexey Kardashevskiy
b25fbd6a13 pseries: Update SLOF firmware image
This adds tcgbios (this was posted earlier [1] but got lost)
and fixes FDT update at ibm,client-architecture-support
for huge guests.

The full list of changes:

Alexey Kardashevskiy (4):
      make: Define default rule for .c when V=1 or V=2
      version: update to 20200513
      fdt: Avoid recursion when traversing tree
      version: update to 20200717

Gustavo Romero (1):
      board-qemu: Fix comment about SLOF start address

Stefan Berger (6):
      tcgbios: Only write logs for PCRs that are allocated
      tcgbios: Fix the vendorInfoSize to be of type uint8_t
      tcgbios: Add support for SHA3 type of algorithms
      elf: Implement elf_get_file_size to determine size of an ELF image
      tcgbios: Implement tpm_hash_log_extend_event_buffer
      tcgbios: Measure the bootloader file read from disk

[1] https://patchwork.ozlabs.org/project/qemu-devel/patch/20200513024355.121476-1-aik@ozlabs.ru/

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-07-20 09:21:39 +10:00
Reza Arbab
a6030d7e0b spapr: Add a new level of NUMA for GPUs
NUMA nodes corresponding to GPU memory currently have the same
affinity/distance as normal memory nodes. Add a third NUMA associativity
reference point enabling us to give GPU nodes more distance.

This is guest visible information, which shouldn't change under a
running guest across migration between different qemu versions, so make
the change effective only in new (pseries > 5.0) machine types.

Before, `numactl -H` output in a guest with 4 GPUs (nodes 2-5):

node distances:
node   0   1   2   3   4   5
  0:  10  40  40  40  40  40
  1:  40  10  40  40  40  40
  2:  40  40  10  40  40  40
  3:  40  40  40  10  40  40
  4:  40  40  40  40  10  40
  5:  40  40  40  40  40  10

After:

node distances:
node   0   1   2   3   4   5
  0:  10  40  80  80  80  80
  1:  40  10  80  80  80  80
  2:  80  80  10  80  80  80
  3:  80  80  80  10  80  80
  4:  80  80  80  80  10  80
  5:  80  80  80  80  80  10

These are the same distances as on the host, mirroring the change made
to host firmware in skiboot commit f845a648b8cb ("numa/associativity:
Add a new level of NUMA for GPU's").

Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Message-Id: <20200716225655.24289-1-arbab@linux.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-07-20 09:21:39 +10:00
Greg Kurz
a4beb5f5d4 spapr_pci: Robustify support of PCI bridges
Some recent error handling cleanups unveiled issues with our support of
PCI bridges:

1) QEMU aborts when using non-standard PCI bridge types,
   unveiled by commit 7ef1553dac "spapr_pci: Drop some dead error handling"

$ qemu-system-ppc64 -M pseries -device pcie-pci-bridge
Unexpected error in object_property_find() at qom/object.c:1240:
qemu-system-ppc64: -device pcie-pci-bridge: Property '.chassis_nr' not found
Aborted (core dumped)

This happens because we assume all PCI bridge types to have a "chassis_nr"
property. This property only exists with the standard PCI bridge type
"pci-bridge" actually. We could possibly revert 7ef1553dac but it seems
much simpler to check the presence of "chassis_nr" earlier.

2) QEMU abort if same "chassis_nr" value is used several times,
   unveiled by commit d2623129a7 "qom: Drop parameter @errp of
   object_property_add() & friends"

$ qemu-system-ppc64 -M pseries -device pci-bridge,chassis_nr=1 \
                        -device pci-bridge,chassis_nr=1
Unexpected error in object_property_try_add() at qom/object.c:1167:
qemu-system-ppc64: -device pci-bridge,chassis_nr=1: attempt to add duplicate property '40000100' to object (type 'container')
Aborted (core dumped)

This happens because we assume that "chassis_nr" values are unique, but
nobody enforces that and we end up generating duplicate DRC ids. The PCI
code doesn't really care for duplicate "chassis_nr" properties since it
is only used to initialize the "Chassis Number Register" of the bridge,
with no functional impact on QEMU. So, even if passing the same value
several times might look weird, it never broke anything before, so
I guess we don't necessarily want to enforce strict checking in the PCI
code now.

Workaround both issues in the PAPR code: check that the bridge has a
unique and non null "chassis_nr" when plugging it into its parent bus.

Fixes: 05929a6c5d ("spapr: Don't use bus number for building DRC ids")
Fixes: 7ef1553dac ("spapr_pci: Drop some dead error handling")
Fixes: d2623129a7 ("qom: Drop parameter @errp of object_property_add() & friends")
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159431476748.407044.16711294833569014964.stgit@bahia.lan>
[dwg: Move check slightly to a better place]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-07-20 09:21:39 +10:00
Greg Kurz
14de3d4ac5 ppc/pnv: Make PSI device types not user creatable
QEMU aborts with -device pnv-psi-POWER8:

$ qemu-system-ppc64 -device pnv-psi-POWER8
qemu-system-ppc64: hw/intc/xics.c:605: ics_realize: Assertion
`ics->xics' failed.
Aborted (core dumped)

The Processor Service Interface Controller is an internal device.
It should only be instantiated by the chip, which takes care of
configuring the link required by the ICS object in the case of
POWER8. It doesn't make sense for a user to specify it on the
command line.

Note that the PSI model for POWER8 was added 3 yrs ago but the
devices weren't available on the command line because of a bug
that was fixed by recent commit 2f35254aa0 ("pnv/psi: Correct
the pnv-psi* devices not to be sysbus devices").

Fixes: 54f59d786c ("ppc/pnv: Add cut down PSI bridge model and hookup external interrupt")
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159413975752.169116.5808968580649255382.stgit@bahia.lan>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-07-20 09:21:39 +10:00
Peter Maydell
9fc8711100 Fix vector min/max fallback expansion
Fix singlestep from exception and interrupt
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAl8R6kwdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+EjAf+MmvNERfpAYSHsK6U
 EuFYDKayYtL5rKbhc5LtXcRC9MduYYadGoJnrcqNswf+Jce44FmdtXsZe1KQ5IkX
 yqu8ZQOJoBx228xq3ksW1TrWkWt48P+g7ud5OI6Dw7fs9AW7hQOptE6aSGtznCkU
 yhLqkAwutmSkaAzDI5oYviHT39UZXGBlMB/1h9L23b/n9NzapAPe/PesH2CMoK0r
 EKRi5nwzlrw4CDcWEwqr56dCGa5NV47uIC3B0L6EKVmoJLupNEoz+QaKafbHL8o6
 uJsyqatLvfqDARZv8lJbs4fKHou+j0y8EHE3a7+XDsO+vk9nRACHGQ3j7EefKO6F
 UrxnbA==
 =X7BM
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20200717' into staging

Fix vector min/max fallback expansion
Fix singlestep from exception and interrupt

# gpg: Signature made Fri 17 Jul 2020 19:13:32 BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-tcg-20200717:
  tcg/cpu-exec: precise single-stepping after an interrupt
  tcg/cpu-exec: precise single-stepping after an exception
  tcg: Save/restore vecop_list around minmax fallback

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-19 10:29:05 +01:00
Peter Maydell
b442119329 Man page update and new set sensor command
Some minor man page updates for fairly obvious things.
 
 The set sensor command addition has been in the Power group's tree for a
 long time and I have neglected to submit it.
 
 -corey
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE/Q1c5nzg9ZpmiCaGYfOMkJGb/4EFAl8R1awACgkQYfOMkJGb
 /4FtGRAAjYz9JP2yzbzWn7y/c0PqZy5MJKR5BayObD/ZjjUQjfGMUa/1nEixvwXC
 HznS7zWOpnEzdqmlZaMSvoSDd8+DwNfj8Ekp5Uvvdef2GPCrZk/SX0qZWjj2dAPY
 CUHZRSjMU27Q3vft9DDDAaGYTEDAMBg4WFOipvor3+saHETCK2WIhMHRlRrko8o6
 FbVKT4lw84xe36q7dEZVTO62etyTETE7NbBwO9TWpxV1mYM5QCY5U6XjpjUluy1g
 G61zogYI93Cg+9mQLb2Q7BS1umCDkwv+dCdzeulriEbJ3TaU590Mt5fuxy1pMGgx
 NjUWmBs7PV9w1Qg10AFqSNQeEQgx4MnL2otARMmFoCiGLK8YtafGQc9Ym644D9H5
 WVLdXMJFw/Vddyg4GS9CY9o4gnR2ySZCCajq31uuqH+kQaHlMFUnN4Op6NYGb+y0
 pop/BzyN4SI5vALL4L2cdVaynlKRdf8DcSwH7HjIiZPGGn4OG4QI1lEM/XBL+Hb1
 pBeoBcGJA3pNTVFgSOseNKSJpxHR0S4SC4NwZ3zS4LHthr3K36905OaKvLVxxbt4
 gxc1vWQklCd/BercTRTDOh2QfbIERVPFRxxBHJu8fL/94oRSszjqMdLB5dG2gTGF
 31FlIxA5I/rE5rzU/QYOHDDvVkuYZM3kapSAoMQiTGY8DoqfpdA=
 =VTO7
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cminyard/tags/for-qemu-ipmi-5' into staging

Man page update and new set sensor command

Some minor man page updates for fairly obvious things.

The set sensor command addition has been in the Power group's tree for a
long time and I have neglected to submit it.

-corey

# gpg: Signature made Fri 17 Jul 2020 17:45:32 BST
# gpg:                using RSA key FD0D5CE67CE0F59A6688268661F38C90919BFF81
# gpg: Good signature from "Corey Minyard <cminyard@mvista.com>" [unknown]
# gpg:                 aka "Corey Minyard <minyard@acm.org>" [unknown]
# gpg:                 aka "Corey Minyard <corey@minyard.net>" [unknown]
# gpg:                 aka "Corey Minyard <minyard@mvista.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FD0D 5CE6 7CE0 F59A 6688  2686 61F3 8C90 919B FF81

* remotes/cminyard/tags/for-qemu-ipmi-5:
  ipmi: add SET_SENSOR_READING command
  ipmi: Fix a man page entry
  ipmi: Add man page pieces for the IPMI PCI devices

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-18 23:59:03 +01:00
Peter Maydell
939ab64b40 bitmaps patches for 2020-07-17
- improve corner-case of bitmap migration
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAl8Rv08ACgkQp6FrSiUn
 Q2qkJQf+JV4Q/Wl3obSn5k2ClH2NbsEsd/sYwheb2ZKZHWf/oV2M5/YPwDgCIoNC
 ahj7qJzTl+E8zlf6YgfRhopNMOd8Mg1gcqTegeAOmlKZ03xy6rFOcl94Osi+jFeH
 edOyjvjfSGXLZxFzFr9/YMe/P0E+gLWQ5hb9a5uSISZdSvAIx/S97hyYizzsdWK6
 Fe2nq/VcI7uHoO+25wtS/y3vgr72TGmg1PnEwSoKEg8ogyD6aNhnpmtNygrRPQGV
 0bDr23i5A7/pleESCXSrXp/sW2yehTuPChcUqQZnxU1wHLIMsRyFE2tFJg9yMxB6
 FLt9AVcGKmVeAHx4k9GpUox06mmmHw==
 =dnzH
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-bitmaps-2020-07-17' into staging

bitmaps patches for 2020-07-17

- improve corner-case of bitmap migration

# gpg: Signature made Fri 17 Jul 2020 16:10:07 BST
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-bitmaps-2020-07-17:
  migration/block-dirty-bitmap: fix add_bitmaps_to_list

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-18 22:24:34 +01:00
Peter Maydell
97f750beca Fix typo in newly added documentation.
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAl8RrYwSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vtBAP/jMEmJ79h+jYbaDldAGw4Kw5e+bi6+Wv
 CGkc0bggINLiqK3D/Pas/cU3t/CdqOhnmGrE0s02kjCWb14jkg0WMaO6ciXdMkkY
 JpWy8F0zhjTpYCbW+b1hiQMNb/LqwFjnm8e8vO1XnI7jq452VKPAeZzjb6xwxBE8
 gaDym9obLdBZxaP/oxGNcHOjf95v39xavsZGw+53pO4A309xDtaQ7i0O2yt+thvT
 5NGnWqWqIgidCroh407Zmm8pUcG+bOciAExZRWvDhAwR+2gfwOFu8cQHiW45GGWA
 BTYddw7BvzLlCJ27ZD0sBswr9jmmbTW7ClR5tVnnxD9OKZI0PpV+FsPkSndma4s4
 VR5f5KF/2cB9lvFTFfjpVzrzpYO3JqGYv0eRq6WcqI1F80QYfQxzKQvFp+Cxpejo
 XGV/43uwnRchdbxlRHRZ9WnKQ/tVkI34y/jOP3uLGTQNPMT0ircXmsQ9PTKZkpgw
 NyzA5q12h560weuC0vUxsw6zx8fItSRgfRL9fCHIs2nTzqRuq5vvDGlB36lsV0Yj
 h5iYL2DjdZ145EBA4mgr8x1C1Qd5x40CUa+jgDVuNmc+WULlRQdknfmNlGBj/GcN
 bPX6Uo38GwFN8kXu7vh/TCS+3us7Y6CDB1N2OFxaLTLlaGMXBqdMbHEwhHAaMIWD
 kFfJ8akc1Jso
 =DLb/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20200717' into staging

Fix typo in newly added documentation.

# gpg: Signature made Fri 17 Jul 2020 14:54:20 BST
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [marginal]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [marginal]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [marginal]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20200717:
  docs/s390x: fix vfio-ccw type

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-18 17:27:34 +01:00
Richard Henderson
ba3c35d9c4 tcg/cpu-exec: precise single-stepping after an interrupt
When single-stepping with a debugger attached to QEMU, and when an
interrupt is raised, the debugger misses the first instruction after
the interrupt.

Tested-by: Luc Michel <luc.michel@greensocs.com>
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
Buglink: https://bugs.launchpad.net/qemu/+bug/757702
Message-Id: <20200717163029.2737546-1-richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2020-07-17 11:09:34 -07:00
Cédric Le Goater
e3f7320caa ipmi: add SET_SENSOR_READING command
SET_SENSOR_READING is a complex IPMI command (see IPMI spec 35.17)
which enables the host software to set the reading value and the event
status of sensors supporting it.

Below is a proposal for all the operations (reading, assert, deassert,
event data) with the following limitations :

 - No event are generated for threshold-based sensors.
 - The case in which the BMC needs to generate its own events is not
   supported.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Corey Minyard <cminyard@mvista.com>
Message-Id: <20191118092429.16149-1-clg@kaod.org>
[Moved the break statement for case SENSOR_GEN_EVENT_DATA above the
 closing brace to keep the indention consistent.]
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-17 11:39:46 -05:00
Corey Minyard
789101b73d ipmi: Fix a man page entry
The line was too long, and some of the entries were wrong (fur instead
of fru).  Just use the prop=val thing tha other entries use.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-17 11:39:46 -05:00
Corey Minyard
323679da77 ipmi: Add man page pieces for the IPMI PCI devices
This was forgotten when the devices were added.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-17 11:39:46 -05:00
Peter Maydell
920d213cb2 Block layer patches:
- file-posix: Fix read-only Linux block devices with auto-read-only
 - Require aligned image size with O_DIRECT to avoid assertion failure
 - Allow byte-aligned direct I/O on NFS instead of guessing 4k alignment
 - Fix nbd_export_close_all() crash
 - Fix race in iotests case 030
 - qemu-img resize: Require --shrink for shrinking all image formats
 - crypto: use a stronger private key for tests
 - Remove VXHS block device
 - MAINTAINERS: vvfat: set status to odd fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEE3D3rFZqa+V09dFb+fwmycsiPL9YFAl8RmhYRHGt3b2xmQHJl
 ZGhhdC5jb20ACgkQfwmycsiPL9adtA//ZfPLfZoNmo/G7tEiiuiVxPfxn3AP50dg
 E5m+3RjyTlw2ss7G9rh09DD1mY2NCO3dPWkTvmYio1mgsYA4FeSsK2Zk4gIQtGEA
 5dKjKVQ7rNqvHp1hqbUWuBF0RoRzRd8shm5y8WZWds/fVWG6gp5+Ydyulb7WqIN1
 moSK/lBAURm18EcGBB1HCkYzd+pp6VgvcpMkeDXr9SYC9JL8eualNgwchvWgl1f0
 sXD3GspKhpDE8rihm4EzQHFe5Q4X35YNlKAZ0gqC5jewlWVLmFJMjaW9icoS5Z9j
 W/Y3gVQ0tSwzXJZrfy9Q8XBJj80lnOntBF3j9xG94J6ubaDRiYdIszTxExomylkF
 wEGwfKJdfKu2DZSrxjBPdtGs1fgf9upm+rR3KKZuT4qc7mVv4xoyEAgzhJg0oPtR
 153jmb3n2SYNJTybqkLA+UIpf4xeHVcJbXy6C7om4mg+UQRzYgqd6jQUNpoT5Eix
 BbnfefsGwATgJJdYW7h5fBim6r93QWaTj2+j19PG6XVAyLhK2aEGrpZveECJm/Wl
 hzc0EaSxCYJB9l0JlHSDJ690tCX0mjh7qcBxNBLXwbp9+BdBmKfTBhaSu0dxSIth
 OW9D0Ky8k5edMeLGoQvophOsa9ktctNbZtFZfWI6QZEvMxzk/+7pNWOdUCsFVLzV
 BsIEN7gOQsE=
 =ijIG
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- file-posix: Fix read-only Linux block devices with auto-read-only
- Require aligned image size with O_DIRECT to avoid assertion failure
- Allow byte-aligned direct I/O on NFS instead of guessing 4k alignment
- Fix nbd_export_close_all() crash
- Fix race in iotests case 030
- qemu-img resize: Require --shrink for shrinking all image formats
- crypto: use a stronger private key for tests
- Remove VXHS block device
- MAINTAINERS: vvfat: set status to odd fixes

# gpg: Signature made Fri 17 Jul 2020 13:31:18 BST
# gpg:                using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg:                issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  file-posix: Fix leaked fd in raw_open_common() error path
  file-posix: Fix check_hdev_writable() with auto-read-only
  file-posix: Move check_hdev_writable() up
  file-posix: Allow byte-aligned O_DIRECT with NFS
  block: Require aligned image size to avoid assertion failure
  iotests: test shutdown when bitmap is exported through NBD
  nbd: make nbd_export_close_all() synchronous
  iotests/030: Reduce job speed to make race less likely
  crypto: use a stronger private key for tests
  qemu-img resize: Require --shrink for shrinking all image formats
  Remove VXHS block device
  vvfat: set status to odd fixes

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-17 14:58:13 +01:00
Vladimir Sementsov-Ogievskiy
7cb015197b migration/block-dirty-bitmap: fix add_bitmaps_to_list
We shouldn't fail when finding an unnamed bitmap in a unnamed node or
node with auto-generated node name, as bitmap migration ignores such
bitmaps in the first place.

Fixes: 82640edb88
Fixes: 4ff5cc121b
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200626130658.76498-1-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: commit message grammar tweaks]
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-07-17 08:18:51 -05:00
Kevin Wolf
a8c5cf27c9 file-posix: Fix leaked fd in raw_open_common() error path
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200717105426.51134-4-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Kevin Wolf
bca5283bd4 file-posix: Fix check_hdev_writable() with auto-read-only
For Linux block devices, being able to open the device read-write
doesn't necessarily mean that the device is actually writable (one
example is a read-only LV, as you get with lvchange -pr <device>). We
have check_hdev_writable() to check this condition and fail opening the
image read-write if it's not actually writable.

However, this check doesn't take auto-read-only into account, but
results in a hard failure instead of downgrading to read-only where
possible.

Fix this and do the writable check not based on BDRV_O_RDWR, but only
when this actually results in opening the file read-write. A second
check is inserted in raw_reconfigure_getfd() to have the same check when
dynamic auto-read-only upgrades an image file from read-only to
read-write.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200717105426.51134-3-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Kevin Wolf
20eaf1bf6e file-posix: Move check_hdev_writable() up
We'll need to call it in raw_open_common(), so move the function to
avoid a forward declaration.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200717105426.51134-2-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Kevin Wolf
5edc85571e file-posix: Allow byte-aligned O_DIRECT with NFS
Since commit a6b257a08e ('file-posix: Handle undetectable alignment'),
we assume that if we open a file with O_DIRECT and alignment probing
returns 1, we just couldn't find out the real alignment requirement
because some filesystems make the requirement only for allocated blocks.
In this case, a safe default of 4k is used.

This is too strict for NFS, which does actually allow byte-aligned
requests even with O_DIRECT. Because we can't distinguish both cases
with generic code, let's just look at the file system magic and disable
s->needs_alignment for NFS. This way, O_DIRECT can still be used on NFS
for images that are not aligned to 4k.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200716142601.111237-3-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Kevin Wolf
9c60a5d197 block: Require aligned image size to avoid assertion failure
Unaligned requests will automatically be aligned to bl.request_alignment
and we can't extend write requests to access space beyond the end of the
image without resizing the image, so if we have the WRITE permission,
but not the RESIZE one, it's required that the image size is aligned.

Failing to meet this requirement could cause assertion failures like
this if RESIZE permissions weren't requested:

qemu-img: block/io.c:1910: bdrv_co_write_req_prepare: Assertion `end_sector <= bs->total_sectors || child->perm & BLK_PERM_RESIZE' failed.

This was e.g. triggered by qemu-img converting to a target image with 4k
request alignment when the image was only aligned to 512 bytes, but not
to 4k.

Turn this into a graceful error in bdrv_check_perm() so that WRITE
without RESIZE can only be taken if the image size is aligned. If a user
holds both permissions and drops only RESIZE, the function will return
an error, but bdrv_child_try_set_perm() will ignore the failure silently
if permissions are only requested to be relaxed and just keep both
permissions while returning success.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200716142601.111237-2-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Vladimir Sementsov-Ogievskiy
d047cfa78d iotests: test shutdown when bitmap is exported through NBD
Test shutdown when bitmap is exported through NBD and active client
exists. The previous patch fixes a crash, provoked by this scenario.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Tested-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200714162234.13113-3-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Vladimir Sementsov-Ogievskiy
453cc6be0a nbd: make nbd_export_close_all() synchronous
Consider nbd_export_close_all(). The call-stack looks like this:
 nbd_export_close_all() -> nbd_export_close -> call client_close() for
each client.

client_close() doesn't guarantee that client is closed: nbd_trip()
keeps reference to it. So, nbd_export_close_all() just reduce
reference counter on export and removes it from the list, but doesn't
guarantee that nbd_trip() finished neither export actually removed.

Let's wait for all exports actually removed.

Without this fix, the following crash is possible:

- export bitmap through internal Qemu NBD server
- connect a client
- shutdown Qemu

On shutdown nbd_export_close_all is called, but it actually don't wait
for nbd_trip() to finish and to release its references. So, export is
not release, and exported bitmap remains busy, and on try to remove the
bitmap (which is part of bdrv_close()) the assertion fails:

bdrv_release_dirty_bitmap_locked: Assertion `!bdrv_dirty_bitmap_busy(bitmap)' failed

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200714162234.13113-2-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Kevin Wolf
f21f12936f iotests/030: Reduce job speed to make race less likely
It can happen that the throttling of the stream job doesn't make it slow
enough that we can be sure that it still exists when it is referenced
again. Just use a much smaller speed to make this very unlikely to
happen again.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200716132829.20127-1-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Daniel P. Berrangé
3e018afbfe crypto: use a stronger private key for tests
The unit tests using the x509 crypto functionality have started
failing in Fedora 33 rawhide with a message like

      The certificate uses an insecure algorithm

This is result of Fedora changes to support strong crypto [1]. RSA
with 1024 bit key is viewed as legacy and thus insecure. Generate
a new private key which is 3072 bits long and reasonable future
proof.

[1] https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200715154701.1041325-1-berrange@redhat.com>
Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Kevin Wolf
1c404d756f qemu-img resize: Require --shrink for shrinking all image formats
QEMU 2.11 introduced the --shrink option for qemu-img resize to avoid
accidentally shrinking images (commit 4ffca8904a). However, for
compatibility reasons, it was not enforced for raw images yet, but only
a deprecation warning was printed. This warning has existed for long
enough that we can now finally require --shrink for raw images, too, and
error out if it's not given.

Documentation already describes the state as it is after this patch.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200710121717.28339-1-kwolf@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Marc-André Lureau
a08464521c Remove VXHS block device
The vxhs code doesn't compile since v2.12.0. There's no point in fixing
and then adding CI for a config that our users have demonstrated that
they do not use; better to just remove it.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200711065926.2204721-1-marcandre.lureau@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Prasad J Pandit
4b7c5bc447 vvfat: set status to odd fixes
Virtual VFAT driver is quite old and rarely used. Set its status
to Odd Fixes.

Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20200710190451.761286-1-ppandit@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Peter Maydell
b7bda69c4e * Leak fixes
* One fix for running with --enable-werror on macOS
 * Add fuzzer test to the Gitlab-CI
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAl8RdQMRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbU7zg//S4nRm6tatTzkOX3ceg8T+2Qm/VV7Li9u
 JKJMkYtralSoY66McSsMezXzEJB2d5pFkxuKIfR8SrJOjvo0qUUlkimgg2EatXcG
 nryuz6gQhUfLXm7jegsi8KkFDd8K3YT1t6AtMF146GMuJCB/kCasCMMakU4K+/Bx
 4qxYKNRNXHlxke5Ik17W6bFDaJ1PWL/aKbc10g7KZwnYkmpZOkHKxJrxAI56Rzte
 5M1GHpJ1EzqN+x4iRpG2kYh7wsN13Jiq6aTY3HqUZnS9ZUBg7zbDjJhTaPMxd7FJ
 OXEvGBBnEW1tQyk2c/Qe7o4jL1feto3TUGGtTaacAhaxNDB8MBF6lgXAN7MOS1zo
 U819K+1A72FL+6m9+LG/bmaJ1LOkYkG53L0qU3ReooMGNBKBwzSADHlxETJ9bqlm
 UHrgo61zeQ5mNYUWzQrTzwFQ5Eg9FfNADWhPITBALH/5CMu63bVpNudo7m5hlwvW
 O+h+upit9Jd6zK8vvprNJ8h4KbfQskKWjWLQ1gXrfXWohfkoqKFmOrN6X3cOfTzl
 2tsiKT9hH6ut4vIVeNgFVaOLaaLdYlP+34Xh/ooCJ+mGUD8TxsaIYP19/LHL8vdu
 fO8w1qWILOLQ78h82H+q5TVyH210ODQUPRUDBaLzqIaxch43sV+sFkq4b76dFIRV
 UQVccfhQRJE=
 =YG6q
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-07-17' into staging

* Leak fixes
* One fix for running with --enable-werror on macOS
* Add fuzzer test to the Gitlab-CI

# gpg: Signature made Fri 17 Jul 2020 10:53:07 BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2020-07-17:
  gitlab-ci.yml: Add fuzzer tests
  qom: Plug memory leak in "info qom-tree"
  configure: Fix for running with --enable-werror on macOS
  fuzz: Expect the cmdline in a freeable GString
  tests: qmp-cmd-test: fix memory leak
  qtest: bios-tables-test: fix a memory leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-17 12:06:02 +01:00
Cornelia Huck
9ece07d7a3 docs/s390x: fix vfio-ccw type
Fix the type name in the mdevctl example.

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Eric Farman <farman@linux.ibm.com>
Message-Id: <20200716145031.771476-1-cohuck@redhat.com>
2020-07-17 12:56:22 +02:00
Thomas Huth
b610eba335 gitlab-ci.yml: Add fuzzer tests
So far we neither compile-tested nor run any of the new fuzzers in our CI,
which led to some build failures of the fuzzer code in the past weeks.
To avoid this problem, add a job to compile the fuzzer code and run some
loops (which likely don't find any new bugs via fuzzing, but at least we
know that the code can still be run).

A nice side-effect of this test is that the leak tests are enabled here,
so we should now notice some of the memory leaks in our code base earlier.

Message-Id: <20200716100950.27396-1-thuth@redhat.com>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-07-17 10:44:23 +02:00
Markus Armbruster
ab2d185d6b qom: Plug memory leak in "info qom-tree"
Commit e8c9e65816 "qom: Make "info qom-tree" show children sorted"
created a memory leak, because I didn't realize
object_get_canonical_path_component()'s value needs to be freed.

Reproducer:

    $ qemu-system-x86_64 -nodefaults -display none -S -monitor stdio
    QEMU 5.0.50 monitor - type 'help' for more information
    (qemu) info qom-tree

This leaks some 4500 path components, 12-13 characters on average,
i.e. roughly 100kBytes depending on the allocator.  A couple of
hundred "info qom-tree" here, a couple of hundred there, and soon
enough we're talking about real memory.

Plug the leak.

Fixes: e8c9e65816
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reported-by: Reviewed-by: Li Qiang <liq3ea@gmail.com> [sent same patch]
Message-Id: <20200714160202.3121879-3-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-07-17 10:44:23 +02:00
Thomas Huth
12a9b8d824 configure: Fix for running with --enable-werror on macOS
The configure script currently refuses to succeed when run on macOS
with --enable-werror:

 ERROR: configure test passed without -Werror but failed with -Werror.

The information in config.log indicates:

 config-temp/qemu-conf.c:3:55: error: control reaches end of non-void
 function [-Werror,-Wreturn-type]
 static void *f(void *p) { pthread_setname_np("QEMU"); }
                                                      ^
And indeed, the return statement is missing here.

Fixes: 479a57475e ("util: Implement debug-threads for macOS")
Message-Id: <20200716055655.24507-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-07-17 10:44:23 +02:00
Alexander Bulekov
f5ec79f5e0 fuzz: Expect the cmdline in a freeable GString
In the initial FuzzTarget, get_init_cmdline returned a char *. With this
API, we had no guarantee about where the string came from. For example,
i440fx-qtest-reboot-fuzz simply returned a pointer to a string literal,
while the QOS-based targets build the arguments out in a GString an
return the gchar *str pointer. Since we did not try to free the cmdline,
we have a leak for any targets that do not simply return string
literals. Clean up this mess by forcing fuzz-targets to return
a GString, that we can free.

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20200714174616.20709-1-alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-07-17 10:44:23 +02:00
Li Qiang
15c51f724e tests: qmp-cmd-test: fix memory leak
Properly free each test response to avoid memory leak and separate
qtest_qmp() calls with spare lines, in a consistent manner.

Fixes: 5b88849e7b9("tests/qmp-cmd-test: Add qmp/object-add-failure-modes")
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Li Qiang <liq3ea@163.com>
Message-Id: <20200715154117.15456-1-liq3ea@163.com>
Fixes: 9fc719b869 ("tests/qmp-cmd-test: Add qmp/object-add-duplicate-id")
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-07-17 10:44:23 +02:00
Li Qiang
82e258db15 qtest: bios-tables-test: fix a memory leak
Fixes: 5da7c35e25a("bios-tables-test: Add Q35/TPM-TIS test")
Signed-off-by: Li Qiang <liq3ea@163.com>
Message-Id: <20200714153536.66060-1-liq3ea@163.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-07-17 10:44:23 +02:00
Luc Michel
a7ba744f40 tcg/cpu-exec: precise single-stepping after an exception
When single-stepping with a debugger attached to QEMU, and when an
exception is raised, the debugger misses the first instruction after the
exception:

$ qemu-system-aarch64 -M virt -display none -cpu cortex-a53 -s -S

$ aarch64-linux-gnu-gdb
GNU gdb (GDB) 9.2
[...]
(gdb) tar rem :1234
Remote debugging using :1234
warning: No executable has been specified and target does not support
determining executable automatically.  Try using the "file" command.
0x0000000000000000 in ?? ()
(gdb) # writing nop insns to 0x200 and 0x204
(gdb) set *0x200 = 0xd503201f
(gdb) set *0x204 = 0xd503201f
(gdb) # 0x0 address contains 0 which is an invalid opcode.
(gdb) # The CPU should raise an exception and jump to 0x200
(gdb) si
0x0000000000000204 in ?? ()

With this commit, the same run steps correctly on the first instruction
of the exception vector:

(gdb) si
0x0000000000000200 in ?? ()

Buglink: https://bugs.launchpad.net/qemu/+bug/757702
Signed-off-by: Luc Michel <luc.michel@greensocs.com>
Message-Id: <20200716193947.3058389-1-luc.michel@greensocs.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2020-07-16 14:08:29 -07:00
Peter Maydell
151f76c689 x86 fixes for -rc1
Fixes for x86 that missed hard freeze:
 * Don't trigger warnings for features set by
   CPU model versions (Xiaoyao Li)
 * Missing features in Icelake-Server, Skylake-Server,
   Cascadelake-Server CPU models (Chenyi Qiang)
 * Fix hvf x86_64 guest boot crash (Roman Bolshakov)
 -----BEGIN PGP SIGNATURE-----
 
 iQJIBAABCAAyFiEEWjIv1avE09usz9GqKAeTb5hNxaYFAl8Qma4UHGVoYWJrb3N0
 QHJlZGhhdC5jb20ACgkQKAeTb5hNxaZ1vA/5AdOkD/TbRJV43KSVWA2MQ+ztelzu
 v5MHztOEYr0LHWi8H00k7MNuPKRUc+aMqi9NjW5i1VRwXMK4RoSKp8q5GRiHrggr
 IdIZ/Zy2ld1VpCS5pZDZnCgeaMGxBvDMwGat+jORw/LWKjWts+I4KZpI3rpIxFFu
 tq9lnEj0l/ZJRihmvzvfgimr8XNO3sEal2cEFeZQkr+pnHtbgdE/TlImWmtWg9dK
 afVdAM9/xOrTVilHGTMfu3zWqvDiRSERcvUoEzthQiNP2TdfU3t2hPvlzOOZsVHI
 XFTMEyIXFD+FDT8ixSGN77c4r+HA4H2rKO4k7ytbRtlAoqYfzKJ1dADdHt5o48de
 qCfEgaBTk1TqFQ3wDS2B7h70tl2WYKacVEDlObs0+2yMazjkG/3Pbc5T9v3o6nEo
 0hCBtNV5j9KpQDIr2rIXz6gJPXdPo5TRlg9uP85LScRChO2MAUmxMjwGVjEBVXlC
 oraxmu+TdxBNe8iHPCrK/2WfKdApg/EBinws8nEUzD2+7AmHAZYd4l+q61w89XtC
 0XdScHcTt9aK3WW+v0WLe8wYHtCtzNF2XmtG/TT47QXYlvbRkpG/wrwqrPftQksH
 T3uXIfldPCnO/65PvguUO1bjqlnMid6LL3mmE5AcOR5rZSR8+KU7uhbhNL/TlLZa
 mQ0KmpxdRAmjOHg=
 =17fk
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' into staging

x86 fixes for -rc1

Fixes for x86 that missed hard freeze:
* Don't trigger warnings for features set by
  CPU model versions (Xiaoyao Li)
* Missing features in Icelake-Server, Skylake-Server,
  Cascadelake-Server CPU models (Chenyi Qiang)
* Fix hvf x86_64 guest boot crash (Roman Bolshakov)

# gpg: Signature made Thu 16 Jul 2020 19:17:18 BST
# gpg:                using RSA key 5A322FD5ABC4D3DBACCFD1AA2807936F984DC5A6
# gpg:                issuer "ehabkost@redhat.com"
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full]
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/x86-next-pull-request:
  i386: hvf: Explicitly set CR4 guest/host mask
  target/i386: add the missing vmx features for Skylake-Server and Cascadelake-Server CPU models
  target/i386: fix model number and add missing features for Icelake-Server CPU model
  target/i386: add fast short REP MOV support
  i386/cpu: Don't add unavailable_features to env->user_features
  i368/cpu: Clear env->user_features after loading versioned CPU model

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-16 21:46:18 +01:00
Richard Henderson
69c918d2ef tcg: Save/restore vecop_list around minmax fallback
Forgetting this asserts when tcg_gen_cmp_vec is called from
within tcg_gen_cmpsel_vec.

Fixes: 72b4c792c7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2020-07-16 13:09:22 -07:00
Roman Bolshakov
818b9f111d i386: hvf: Explicitly set CR4 guest/host mask
Removal of register reset omitted initialization of CR4 guest/host mask.
x86_64 guests aren't booting without it.

Fixes: 5009ef22c6 ("i386: hvf: Don't duplicate register reset")
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200714090726.41082-1-r.bolshakov@yadro.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 14:15:13 -04:00
Peter Maydell
95d1fbabae fixes: usb storage regression, vfio display ramfb bug
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABCgAGBQJfEB5SAAoJEEy22O7T6HE4AYgQAL5t2uLGVrXaZG2lSKoUFQOs
 paU4OjyZyea2A1s7p5VsUM+mbymq+7nnUL/47Smb9EOSzcV62sTorQPH3IGOqn51
 IjjbJA7t6DJX+Re/bGH+xlf5cICUyvWG8KRRfZYT9Gco8GnSdv68Q4XfYahOQ14r
 xIyNtO/QT/otEnXahoz4wQphFSTGnkngJKdMinwvVH1xCo6uz5nA1uzvpcP46cxE
 4UJws0v9H6jSG9OreufVwawTRsgoAvwRDQLZdF0tYWKJmO+CLUtYYdCRiXqRfdVT
 yBK285rOUMi5NWgjAL1iFETpbcvNTq5Z+2i72/Z0nf9zt2B8sppR9nl69sDySLQu
 PJFzPfPeN5h4s5rt4zgo1l07WYU6jkd4ivkFNd6kgG1ilgmKCXB59wac51bO1ChS
 sHDJJ6ohnTmQg96zpCRPi4YiSkGOTc1QXplInrmelYKqZFNMCkZMoxesV2CfcTl4
 +AwZnqXXSKc7+L47wGZWuVisFADiUtw2xMST3IhYplZIZcPoBdn+MTx+OXblAtnd
 LPBbd+m4GImmnwf64t4l2luaFCFrb7HyHhtakyOd06xTb1HhCj2AQR+NwYEZOkUP
 rnHB6GOixc4VCThY7SRtkjqCSN5Jm2pGM4YBz+0HqxBeXAE9JMAxdutqtARScJMZ
 fvkjvrkRuSllUBo1TEo1
 =6gmV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/fixes-20200716-pull-request' into staging

fixes: usb storage regression, vfio display ramfb bug

# gpg: Signature made Thu 16 Jul 2020 10:30:58 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/fixes-20200716-pull-request:
  usb: fix storage regression
  vfio: fix use-after-free in display

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-16 18:50:51 +01:00
Philippe Mathieu-Daudé
73d5f22ecb hw/i2c: Document the I2C qdev helpers
In commit d88c42ff2c we added new prototype but neglected to
add their documentation. Fix that.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200705224154.16917-6-f4bug@amsat.org>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-16 12:30:54 -05:00
Philippe Mathieu-Daudé
1373b15bb5 hw/i2c: Rename i2c_create_slave() as i2c_slave_create_simple()
We use "create_simple" names for functions that allocate, initialize,
configure and realize device objects: pci_create_simple(),
isa_create_simple(), usb_create_simple(). For consistency, rename
i2c_create_slave() as i2c_slave_create_simple(). Since we have
to update all the callers, also let it return a I2CSlave object.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200705224154.16917-5-f4bug@amsat.org>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-16 12:30:54 -05:00
Philippe Mathieu-Daudé
2616f57231 hw/i2c: Rename i2c_realize_and_unref() as i2c_slave_realize_and_unref()
The other i2c functions are called i2c_slave_FOO(). Rename as
i2c_slave_realize_and_unref() to be consistent.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200705224154.16917-4-f4bug@amsat.org>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-16 12:30:54 -05:00
Philippe Mathieu-Daudé
db437ca6df hw/i2c: Rename i2c_try_create_slave() as i2c_slave_new()
We use "new" names for functions that allocate and initialize
device objects: pci_new(), isa_new(), usb_new().
Let's call this one i2c_slave_new(). Since we have to update
all the callers, also let it return a I2CSlave object.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200705224154.16917-3-f4bug@amsat.org>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-16 12:30:54 -05:00
Philippe Mathieu-Daudé
7a204cbdc2 hw/i2c/aspeed_i2c: Simplify aspeed_i2c_get_bus()
All the callers of aspeed_i2c_get_bus() have a AspeedI2CState and
cast it to a DeviceState with DEVICE(), then aspeed_i2c_get_bus()
cast the DeviceState to an AspeedI2CState with ASPEED_I2C()...

Simplify aspeed_i2c_get_bus() callers by using AspeedI2CState
argument.

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200705224154.16917-2-f4bug@amsat.org>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-16 12:30:54 -05:00
Philippe Mathieu-Daudé
ae163b8d95 hw/i2c/Kconfig: Add an entry for the SMBus
The System Management Bus is more or less a derivative of the I2C
bus, thus the Kconfig entry depends of I2C.
Not all boards providing an I2C bus support SMBus.
Use two different Kconfig entries to be able to select I2C without
selecting SMBus.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20191231183216.6781-6-philmd@redhat.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2020-07-16 12:30:54 -05:00
Chenyi Qiang
644e3c5d81 target/i386: add the missing vmx features for Skylake-Server and Cascadelake-Server CPU models
Add the missing vmx features in Skylake-Server and Cascadelake-Server
CPU models based on the output of Paolo's script.

Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20200714084148.26690-4-chenyi.qiang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:05:03 -04:00
Chenyi Qiang
e0013791b9 target/i386: fix model number and add missing features for Icelake-Server CPU model
Add the missing features(sha_ni, avx512ifma, rdpid, fsrm,
vmx-rdseed-exit, vmx-pml, vmx-eptp-switching) and change the model
number to 106 in the Icelake-Server-v4 CPU model.

Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20200714084148.26690-3-chenyi.qiang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:05:03 -04:00
Chenyi Qiang
5cb287d2bd target/i386: add fast short REP MOV support
For CPUs support fast short REP MOV[CPUID.(EAX=7,ECX=0):EDX(bit4)], e.g
Icelake and Tigerlake, expose it to the guest VM.

Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20200714084148.26690-2-chenyi.qiang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:05:03 -04:00
Xiaoyao Li
f9f08e7cae i386/cpu: Don't add unavailable_features to env->user_features
Features unavailable due to absent of their dependent features should
not be added to env->user_features. env->user_features only contains the
feature explicity specified with -feature/+feature by user.

Fixes: 99e24dbdaa ("target/i386: introduce generic feature dependency mechanism")
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Message-Id: <20200713174436.41070-3-xiaoyao.li@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:04:42 -04:00
Xiaoyao Li
1f43671a0d i368/cpu: Clear env->user_features after loading versioned CPU model
Features defined in versioned CPU model are recorded in env->user_features
since they are updated as property. It's unwated because they are not
user specified.

Simply clear env->user_features as a fix. It won't clear user specified
features because user specified features are filled to
env->user_features later in x86_cpu_expand_features().

Cc: Chenyi Qiang <chenyi.qiang@intel.com>
Suggested-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Message-Id: <20200713174436.41070-2-xiaoyao.li@intel.com>
[ehabkost: fix coding style]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:04:42 -04:00