aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-11-05Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
pc,pci,vhost,virtio: fixes Lots of fixes all over the place. virtio-mem and virtio-iommu patches are kind of fixes but it seems better to just make them behave sanely than try to educate users about the limitations ... Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Wed 04 Nov 2020 18:40:03 GMT # gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469 # gpg: issuer "mst@redhat.com" # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full] # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full] # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: (31 commits) contrib/vhost-user-blk: fix get_config() information leak block/export: fix vhost-user-blk get_config() information leak block/export: make vhost-user-blk config space little-endian configure: introduce --enable-vhost-user-blk-server libvhost-user: follow QEMU comment style vhost-blk: set features before setting inflight feature Revert "vhost-blk: set features before setting inflight feature" net: Add vhost-vdpa in show_netdevs() vhost-vdpa: Add qemu_close in vhost_vdpa_cleanup vfio: Don't issue full 2^64 unmap virtio-iommu: Set supported page size mask vfio: Set IOMMU page size as per host supported page size memory: Add interface to set iommu page size mask virtio-iommu: Add notify_flag_changed() memory region callback virtio-iommu: Add replay() memory region callback virtio-iommu: Call memory notifiers in attach/detach virtio-iommu: Add memory notifiers for map/unmap virtio-iommu: Store memory region in endpoint struct virtio-iommu: Fix virtio_iommu_mr() hw/smbios: Fix leaked fd in save_opt_one() error path ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-05Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into ↵Peter Maydell
staging Doc and bug fixes # gpg: Signature made Wed 04 Nov 2020 17:01:29 GMT # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini-gitlab/tags/for-upstream: qapi, qemu-options: make all parsing visitors parse boolean options the same qtest: escape device name in device-introspect-test ivshmem-test: do not use short-form boolean option semihosting: fix order of initialization functions fuzz: fuzz offsets within pio/mmio regions fuzz: check the MR in the DMA callback fuzz: fix writing DMA patterns tests/qtest: Fix potential NULL pointer dereference in qos_build_main_args() configure: fix gio_libs reference meson: fix warning for bad sphinx-build tests/qtest/libqos/ahci.c: Avoid NULL dereference in ahci_exec() tests/qtest/libqtest.c: Check for setsockopt() failure meson: vhost-user-gpu/virtiofsd: use absolute path meson: use b_staticpic=false for meson >=0.56.0 qtest: add a reproducer for LP#1878642 hw/isa/lpc_ich9: Ignore reserved/invalid SCI IRQ scripts/oss-fuzz: rename bin/qemu-fuzz-i386 exec: Remove dead code (CID 1432876) docs: expand sourceset documentation cutils: replace strdup with g_strdup Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-04Merge remote-tracking branch ↵Peter Maydell
'remotes/kraxel/tags/fixes-20201104-pull-request' into staging misc bugfixes for 5.2 # gpg: Signature made Wed 04 Nov 2020 15:46:33 GMT # gpg: using RSA key 4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/fixes-20201104-pull-request: roms/Makefile: Add qboot to .PHONY list ati: check x y display parameter values vnc: fix resource leak when websocket channel error Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-04qapi, qemu-options: make all parsing visitors parse boolean options the samePaolo Bonzini
OptsVisitor, StringInputVisitor and the keyval visitor have three different ideas of how a human could write the value of a boolean option. Pay homage to the backwards-compatibility gods and make the new common helper accept all four sets (on/off, true/false, y/n and yes/no), but remove case-insensitivity. Since OptsVisitor is supposed to match qemu-options, adjust it as well. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20201103161339.447118-1-pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-11-04qtest: escape device name in device-introspect-testPaolo Bonzini
device-introspect-test uses HMP, so it should escape the device name properly. Because of this, a few devices that had commas in their names were escaping testing. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-11-04ivshmem-test: do not use short-form boolean optionPaolo Bonzini
This QemuOpts idiom will be deprecated, so get rid of it in the tests. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-11-04Merge remote-tracking branch 'remotes/kraxel/tags/ui-20201104-pull-request' ↵Peter Maydell
into staging ui: run screendump in coroutine # gpg: Signature made Wed 04 Nov 2020 13:53:50 GMT # gpg: using RSA key 4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/ui-20201104-pull-request: console: make QMP/HMP screendump run in coroutine console: modify ppm_save to take a pixman image ref coroutine: let CoQueue wake up outside a coroutine Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-04Merge remote-tracking branch 'remotes/kraxel/tags/usb-20201104-pull-request' ↵Peter Maydell
into staging usb: bugfixes for usb-serial # gpg: Signature made Wed 04 Nov 2020 12:13:05 GMT # gpg: using RSA key 4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/usb-20201104-pull-request: dev-serial: store flow control and xon/xoff characters dev-serial: add support for setting data_bits in QEMUSerialSetParams dev-serial: add always-plugged property to ensure USB device is always attached dev-serial: replace DeviceOutVendor/DeviceInVendor with equivalent macros from usb.h dev-serial: add trace-events for baud rate and data parameters dev-serial: convert from DPRINTF to trace-events dev-serial: use USB_SERIAL QOM macro for USBSerialState assignments dev-serial: style changes to improve readability and checkpatch fixes Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-04Merge remote-tracking branch ↵Peter Maydell
'remotes/philmd-gitlab/tags/mips-fixes-20201103' into staging MIPS patches queue - Removal of the 'r4k' machine (deprecated before 5.0) - Fix LGPL license text (Chetan Pant) - Support unaligned accesses on Loongson-3 (Huacai Chen) - Fix out-of-bound access in Loongson-3 embedded I/O interrupt controller (Alex Chen) CI jobs results: . https://cirrus-ci.com/build/6324890389184512 . https://gitlab.com/philmd/qemu/-/pipelines/211275262 . https://travis-ci.org/github/philmd/qemu/builds/741188958 # gpg: Signature made Tue 03 Nov 2020 17:30:30 GMT # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd-gitlab/tags/mips-fixes-20201103: target/mips: Add unaligned access support for MIPS64R6 and Loongson-3 target/mips: Fix Lesser GPL version number hw/intc/loongson: Fix incorrect 'core' calculation in liointc_read/write hw/mips/boston: Fix Lesser GPL version number hw/mips: Fix Lesser GPL version number hw/mips: Remove the 'r4k' machine Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-04roms/Makefile: Add qboot to .PHONY listBruce Rogers
Adding qboot to the .PHONY directive will allow a make -C roms qboot invocation to work as expected Signed-off-by: Bruce Rogers <brogers@suse.com> Message-id: 20201020152512.837769-1-brogers@suse.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04ati: check x y display parameter valuesPrasad J Pandit
The source and destination x,y display parameters in ati_2d_blt() may run off the vga limits if either of s->regs.[src|dst]_[xy] is zero. Check the parameter values to avoid potential crash. Reported-by: Gaoning Pan <pgn@zju.edu.cn> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-id: 20201021103818.1704030-1-ppandit@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04vnc: fix resource leak when websocket channel errorDing Hui
When we connect to vnc by websocket channel, and disconnect (maybe by some network exception) before handshake, qemu will left CLOSE_WAIT socket and never close it After 04d2529da2 ("ui: convert VNC server to use QIOChannelSocket") and dd154c4d9f ("io: fix handling of EOF / error conditions in websock GSource"), the vnc call qio_channel_add_watch only care about G_IO_IN, but mising G_IO_HUP and G_IO_ERR. When the websocket channel get EOF or error, it cannot callback, because the caller ignore the event, that leads to resource leak We need handle G_IO_HUP and G_IO_ERR event, then cleanup the channel Fixes: 04d2529da2 ("ui: convert VNC server to use QIOChannelSocket") Fixes: dd154c4d9f ("io: fix handling of EOF / error conditions in websock GSource") Cc: qemu-stable@nongnu.org Signed-off-by: Ding Hui <dinghui@sangfor.com.cn> Message-id: 20201029032241.11040-1-dinghui@sangfor.com.cn Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04console: make QMP/HMP screendump run in coroutineMarc-André Lureau
Thanks to the monitors' coroutine support (merge commit b7092cda1b3), the screendump handler can trigger a graphic_hw_update(), yield and let the main loop run until update is done. Then the handler is resumed, and ppm_save() will write the screen image to disk in the coroutine context. The IO is still blocking though, as the file is set blocking so far, this could be addressed by some future change (with other caveats). Related to: https://bugzilla.redhat.com/show_bug.cgi?id=1230527 Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-id: 20201027133602.3038018-4-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04console: modify ppm_save to take a pixman image refMarc-André Lureau
The function is going to be called from a coroutine, and may yield. Let's ensure our image reference doesn't change over time (due to resize etc) by keeping a ref. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 20201027133602.3038018-3-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04coroutine: let CoQueue wake up outside a coroutineMarc-André Lureau
The assert() was added in commit b681a1c73e15 ("block: Repair the throttling code."), when the qemu_co_queue_do_restart() function required to be running in a coroutine. It was later made unnecessary in commit a9d9235567e7 ("coroutine-lock: reschedule coroutine on the AioContext it was running on"). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 20201027133602.3038018-2-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04dev-serial: store flow control and xon/xoff charactersMark Cave-Ayland
Note that whilst the device does not do anything with these values, they are logged with trace events and stored to allow future implementation. The default flow control is set to none at reset as documented in the Linux ftdi_sio.h header file. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-id: 20201027150456.24606-9-mark.cave-ayland@ilande.co.uk Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04dev-serial: add support for setting data_bits in QEMUSerialSetParamsMark Cave-Ayland
Also implement the behaviour reported in Linux's ftdi_sio.c whereby if an invalid data_bits value is provided then the hardware defaults to using 8. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20201027150456.24606-8-mark.cave-ayland@ilande.co.uk Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04dev-serial: add always-plugged property to ensure USB device is always attachedMark Cave-Ayland
Some operating systems will generate a new device ID when a USB device is unplugged and then replugged into the USB. If this is done whilst switching between multiple applications over a virtual serial port, the change of device ID requires going back into the OS/application to locate the new device accordingly. Add a new always-plugged property that if specified will ensure that the device always remains attached to the USB regardless of the state of the backend chardev. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-id: 20201027150456.24606-7-mark.cave-ayland@ilande.co.uk Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04dev-serial: replace DeviceOutVendor/DeviceInVendor with equivalent macros ↵Mark Cave-Ayland
from usb.h The DeviceOutVendor and DeviceInVendor macros can be replaced with their equivalent VendorDeviceOutRequest and VendorDeviceRequest macros from usb.h. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20201027150456.24606-6-mark.cave-ayland@ilande.co.uk Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04dev-serial: add trace-events for baud rate and data parametersMark Cave-Ayland
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20201027150456.24606-5-mark.cave-ayland@ilande.co.uk Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04dev-serial: convert from DPRINTF to trace-eventsMark Cave-Ayland
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20201027150456.24606-4-mark.cave-ayland@ilande.co.uk Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04dev-serial: use USB_SERIAL QOM macro for USBSerialState assignmentsMark Cave-Ayland
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20201027150456.24606-3-mark.cave-ayland@ilande.co.uk Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-04dev-serial: style changes to improve readability and checkpatch fixesMark Cave-Ayland
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-id: 20201027150456.24606-2-mark.cave-ayland@ilande.co.uk Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2020-11-03contrib/vhost-user-blk: fix get_config() information leakStefan Hajnoczi
Refuse get_config() in excess of sizeof(struct virtio_blk_config). Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20201027173528.213464-6-stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03block/export: fix vhost-user-blk get_config() information leakStefan Hajnoczi
Refuse get_config() requests in excess of sizeof(struct virtio_blk_config). Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20201027173528.213464-5-stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03block/export: make vhost-user-blk config space little-endianStefan Hajnoczi
VIRTIO 1.0 devices have little-endian configuration space. The vhost-user-blk-server.c code already uses little-endian for virtqueue processing but not for the configuration space fields. Fix this so the vhost-user-blk export works on big-endian hosts. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20201027173528.213464-4-stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03configure: introduce --enable-vhost-user-blk-serverStefan Hajnoczi
Make it possible to compile out the vhost-user-blk server. It is enabled by default on Linux. Note that vhost-user-server.c depends on libvhost-user, which requires CONFIG_LINUX. The CONFIG_VHOST_USER dependency was erroneous since that option controls vhost-user frontends (previously known as "master") and not device backends (previously known as "slave"). Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20201027173528.213464-3-stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03libvhost-user: follow QEMU comment styleStefan Hajnoczi
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20201027173528.213464-2-stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03vhost-blk: set features before setting inflight featureJin Yu
Virtqueue has split and packed, so before setting inflight, you need to inform the back-end virtqueue format. Signed-off-by: Jin Yu <jin.yu@intel.com> Acked-by: Raphael Norwitz <raphael.norwitz@nutanix.com> Message-Id: <20201103123617.28256-1-jin.yu@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03Revert "vhost-blk: set features before setting inflight feature"Stefan Hajnoczi
This reverts commit adb29c027341ba095a3ef4beef6aaef86d3a520e. The commit broke -device vhost-user-blk-pci because the vhost_dev_prepare_inflight() function it introduced segfaults in vhost_dev_set_features() when attempting to access struct vhost_dev's vdev pointer before it has been assigned. To reproduce the segfault simply launch a vhost-user-blk device with the contrib vhost-user-blk device backend: $ build/contrib/vhost-user-blk/vhost-user-blk -s /tmp/vhost-user-blk.sock -r -b /var/tmp/foo.img $ build/qemu-system-x86_64 \ -device vhost-user-blk-pci,id=drv0,chardev=char1,addr=4.0 \ -object memory-backend-memfd,id=mem,size=1G,share=on \ -M memory-backend=mem,accel=kvm \ -chardev socket,id=char1,path=/tmp/vhost-user-blk.sock Segmentation fault (core dumped) Cc: Jin Yu <jin.yu@intel.com> Cc: Raphael Norwitz <raphael.norwitz@nutanix.com> Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20201102165709.232180-1-stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03net: Add vhost-vdpa in show_netdevs()Cindy Lu
Fix the bug that while Check qemu supported netdev, there is no vhost-vdpa Signed-off-by: Cindy Lu <lulu@redhat.com> Message-Id: <20201016030909.9522-2-lulu@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03vhost-vdpa: Add qemu_close in vhost_vdpa_cleanupCindy Lu
fix the bug that fd will still open after the cleanup Signed-off-by: Cindy Lu <lulu@redhat.com> Message-Id: <20201016030909.9522-1-lulu@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03vfio: Don't issue full 2^64 unmapJean-Philippe Brucker
IOMMUs may declare memory regions spanning from 0 to UINT64_MAX. When attempting to deal with such region, vfio_listener_region_del() passes a size of 2^64 to int128_get64() which throws an assertion failure. Even ignoring this, the VFIO_IOMMU_DMA_MAP ioctl cannot handle this size since the size field is 64-bit. Split the request in two. Acked-by: Alex Williamson <alex.williamson@redhat.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Message-Id: <20201030180510.747225-11-jean-philippe@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-11-03Update version for v5.2.0-rc0 releasev5.2.0-rc0Peter Maydell
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-03semihosting: fix order of initialization functionsPaolo Bonzini
qemu_semihosting_console_init uses semihosting.chardev which is set by qemu_semihosting_connect_chardevs. Thus qemu_semihosting_connect_chardevs has to be called first. Both have to be called after processing -serial and friends though, so that the semihosting console can connect to a multiplexer as in "-serial mon:stdio -semihosting-config chardev=serial0" Suggested-by: Alex Bennée <alex.bennee@linaro.org> Fixes: 619985e937 ("semihosting: defer connect_chardevs a little more to use serialx", 2020-07-27) Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-11-03fuzz: fuzz offsets within pio/mmio regionsAlexander Bulekov
The code did not add offsets to FlatRange bases, so we did not fuzz offsets within device MemoryRegions. Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20201029172901.534442-4-alxndr@bu.edu> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-11-03fuzz: check the MR in the DMA callbackAlexander Bulekov
We should be checking that the device is trying to read from RAM, before filling the region with data. Otherwise, we will try to populate nonsensical addresses in RAM for callbacks on PIO/MMIO reads. We did this originally, however the final version I sent had the line commented out.. Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20201029172901.534442-3-alxndr@bu.edu> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-11-03fuzz: fix writing DMA patternsAlexander Bulekov
This code had all sorts of issues. We used a loop similar to address_space_write_rom, but I did not remove a "break" that only made sense in the context of the switch statement in the original code. Then, after the loop, we did a separate qtest_memwrite over the entire DMA access range, defeating the purpose of the loop. Additionally, we increment the buf pointer, and then try to g_free() it. Fix these problems. Reported-by: OSS-Fuzz (Issue 26725) Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reported-by: OSS-Fuzz (Issue 26691) Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20201029172901.534442-2-alxndr@bu.edu> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-11-03Merge remote-tracking branch ↵Peter Maydell
'remotes/alistair/tags/pull-riscv-to-apply-20201103' into staging This series adds support for migration to RISC-V QEMU and expands the Microchip PFSoC to allow unmodified HSS and Linux boots. # gpg: Signature made Tue 03 Nov 2020 15:19:45 GMT # gpg: using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054 # gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full] # Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054 * remotes/alistair/tags/pull-riscv-to-apply-20201103: target/riscv/csr.c : add space before the open parenthesis '(' hw/riscv: microchip_pfsoc: Hook the I2C1 controller hw/riscv: microchip_pfsoc: Correct DDR memory map hw/riscv: microchip_pfsoc: Map the reserved memory at address 0 hw/riscv: microchip_pfsoc: Connect the SYSREG module hw/misc: Add Microchip PolarFire SoC SYSREG module support hw/riscv: microchip_pfsoc: Connect the IOSCB module hw/misc: Add Microchip PolarFire SoC IOSCB module support hw/riscv: microchip_pfsoc: Connect DDR memory controller modules hw/misc: Add Microchip PolarFire SoC DDR Memory Controller support hw/riscv: microchip_pfsoc: Document where to look at the SoC memory maps target/riscv: Add sifive_plic vmstate target/riscv: Add V extension state description target/riscv: Add H extension state description target/riscv: Add PMP state description target/riscv: Add basic vmstate description of CPU target/riscv: Merge m/vsstatus and m/vsstatush into one uint64_t unit hw/riscv: virt: Allow passing custom DTB hw/riscv: sifive_u: Allow passing custom DTB Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-03Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into stagingPeter Maydell
Block layer patches: - iotests: Fix pylint/mypy warnings with Python 3.9 - qmp: fix aio_poll() assertion failure on Windows - Some minor fixes # gpg: Signature made Tue 03 Nov 2020 15:25:01 GMT # gpg: using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6 # gpg: issuer "kwolf@redhat.com" # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full] # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: block/vvfat: Fix bad printf format specifiers iotests: Use Python 3 style super() iotests: Disable unsubscriptable-object in pylint iotests.py: Fix type check errors in wait_migration() qemu-img convert: Free @sn_opts in all error cases qmp: fix aio_poll() assertion failure on Windows Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-11-03target/mips: Add unaligned access support for MIPS64R6 and Loongson-3Huacai Chen
MIPSR6 (not only MIPS32R6) processors support unaligned access in hardware, so set MO_UNALN in their default_tcg_memop_mask. Btw, new Loongson-3 (such as Loongson-3A4000) also support unaligned access, since both old and new Loongson-3 use the same binaries, we can simply set MO_UNALN for all Loongson-3 processors. Signed-off-by: Huacai Chen <chenhc@lemote.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <1604053541-27822-3-git-send-email-chenhc@lemote.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-11-03target/mips: Fix Lesser GPL version numberChetan Pant
There is no "version 2" of the "Lesser" General Public License. It is either "GPL version 2.0" or "Lesser GPL version 2.1". This patch replaces all occurrences of "Lesser GPL version 2" with "Lesser GPL version 2.1" in comment section. Signed-off-by: Chetan Pant <chetan4windows@gmail.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20201016143509.26692-1-chetan4windows@gmail.com> [PMD: Split hw/ vs target/] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-11-03hw/intc/loongson: Fix incorrect 'core' calculation in liointc_read/writeAlexChen
According to the loongson spec (http://www.loongson.cn/uploadfile/cpu/3B1500/Loongson_3B1500_cpu_user_1.pdf) and the macro definition(#define R_PERCORE_ISR(x) (0x40 + 0x8 * x)), we know that the ISR size per CORE is 8, so here we need to divide (addr - R_PERCORE_ISR(0)) by 8, not 4. Reported-by: Euler Robot <euler.robot@huawei.com> Signed-off-by: Alex Chen <alex.chen@huawei.com> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <5FA12391.8090400@huawei.com> [PMD: Shortened subject] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-11-03hw/mips/boston: Fix Lesser GPL version numberChetan Pant
There is no "version 2" of the "Lesser" General Public License. It is either "GPL version 2.0" or "Lesser GPL version 2.1". This patch replaces all occurrences of "Lesser GPL version 2" with "Lesser GPL version 2.1" in comment section. Signed-off-by: Chetan Pant <chetan4windows@gmail.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20201023122633.19466-1-chetan4windows@gmail.com> [PMD: Added hw/mips/ prefix in subject] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-11-03hw/mips: Fix Lesser GPL version numberChetan Pant
There is no "version 2" of the "Lesser" General Public License. It is either "GPL version 2.0" or "Lesser GPL version 2.1". This patch replaces all occurrences of "Lesser GPL version 2" with "Lesser GPL version 2.1" in comment section. Signed-off-by: Chetan Pant <chetan4windows@gmail.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20201016143509.26692-1-chetan4windows@gmail.com> [PMD: Split hw/ vs target/] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-11-03hw/mips: Remove the 'r4k' machinePhilippe Mathieu-Daudé
We deprecated the support for the 'r4k' machine for the 5.0 release (commit d32dc61421), which means that our deprecation policy allows us to drop it in release 5.2. Remove the code. To repeat the rationale from the deprecation note: - this virtual machine has no specification - the Linux kernel dropped support for it 10 years ago Users are recommended to use the Malta board instead. Acked-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Thomas Huth <thuth@redhat.com> ACKed-by: Peter Krempa <pkrempa@redhat.com> Message-Id: <20201102201311.2220005-1-f4bug@amsat.org>
2020-11-03block/vvfat: Fix bad printf format specifiersAlexChen
We should use printf format specifier "%u" instead of "%d" for argument of type "unsigned int". In addition, fix two error format problems found by checkpatch.pl: ERROR: space required after that ',' (ctx:VxV) + fprintf(stderr,"%s attributes=0x%02x begin=%u size=%d\n", ^ ERROR: line over 90 characters + fprintf(stderr, "%d, %s (%u, %d)\n", i, commit->path ? commit->path : "(null)", commit->param.rename.cluster, commit->action); Reported-by: Euler Robot <euler.robot@huawei.com> Signed-off-by: Alex Chen <alex.chen@huawei.com> Message-Id: <5FA12620.6030705@huawei.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-11-03iotests: Use Python 3 style super()Kevin Wolf
pylint complains about the use of super with the current class and instance as arguments in VM.__init__(): iotests.py:546:8: R1725: Consider using Python 3 style super() without arguments (super-with-arguments) No reason not to follow the advice and make it happy, so let's do this. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20201027163806.290960-4-kwolf@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-11-03iotests: Disable unsubscriptable-object in pylintKevin Wolf
When run with Python 3.9, pylint incorrectly warns about things like Optional[foo] because it doesn't recognise Optional as unsubscriptable. This is a known pylint bug: https://github.com/PyCQA/pylint/issues/3882 Just disable this check to get rid of the warnings. Disabling this shouldn't make us miss any real bug because mypy also has a similar check ("... is not indexable"). Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20201027163806.290960-3-kwolf@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-11-03iotests.py: Fix type check errors in wait_migration()Kevin Wolf
Commit 1847a4a8c20 clarified that event_wait() can return None (though only with timeout=0) and commit f12a282ff47 annotated it as returning Optional[QMPMessage]. Type checks in wait_migration() fail because of the unexpected optional return type: iotests.py:750: error: Value of type variable "Msg" of "log" cannot be "Optional[Dict[str, Any]]" iotests.py:751: error: Value of type "Optional[Dict[str, Any]]" is not indexable iotests.py:754: error: Value of type "Optional[Dict[str, Any]]" is not indexable Fortunately, the non-zero default timeout is used in the event_wait() call, so we can make mypy happy by just asserting this. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20201027163806.290960-2-kwolf@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>