aboutsummaryrefslogtreecommitdiff
path: root/hw/i386
AgeCommit message (Collapse)Author
2020-06-12Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
virtio,acpi,pci: features, fixes, cleanups, tests Max slots negotiation for vhost-user. Free page reporting for balloon. Partial TPM2 ACPI support for ARM. Support for NVDIMMs having their own proximity domains. New vhost-user-vsock device. Fixes, cleanups in ACPI, PCI, virtio. New tests for TPM ACPI. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Fri 12 Jun 2020 15:18:04 BST # gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469 # gpg: issuer "mst@redhat.com" # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full] # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full] # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: (58 commits) virtio-pci: fix queue_enable write pci: Display PCI IRQ pin in "info pci" Fix parameter type in vhost migration log path acpi: ged: rename event memory region acpi: fadt: add hw-reduced sleep register support acpi: madt: skip pci override on pci-less systems. acpi: create acpi-common.c and move madt code acpi: make build_madt() more generic. virtio: add vhost-user-vsock-pci device virtio: add vhost-user-vsock base device vhost-vsock: add vhost-vsock-common abstraction hw/pci: Fix crash when running QEMU with "-nic model=rocker" libvhost-user: advertise vring features Lift max ram slots limit in libvhost-user Support individual region unmap in libvhost-user Support adding individual regions in libvhost-user Support ram slot configuration in libvhost-user Refactor out libvhost-user fault generation logic Lift max memory slots limit imposed by vhost-user Transmit vhost-user memory regions individually ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-12acpi: madt: skip pci override on pci-less systems.Gerd Hoffmann
Needed for microvm. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200520132003.9492-8-kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-12acpi: create acpi-common.c and move madt codeGerd Hoffmann
We'll need madt support for microvm. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200520132003.9492-7-kraxel@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-12acpi: make build_madt() more generic.Gerd Hoffmann
Remove PCMachineState dependency from build_madt(). Pass AcpiDeviceIf as separate argument instead of depending on PCMachineState->acpi_dev. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200520132003.9492-6-kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-10hw/i386/amd_iommu: Fix the reserved bits definition of IOMMU commandsWei Huang
Many reserved bits of amd_iommu commands are defined incorrectly in QEMU. Because of it, QEMU incorrectly injects lots of illegal commands into guest VM's IOMMU event log. Signed-off-by: Wei Huang <wei.huang2@amd.com> Message-Id: <20200418042845.596457-1-wei.huang2@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Allow QTest use without crashingPhilippe Mathieu-Daudé
Trying libFuzzer on the vmport device, we get: AddressSanitizer:DEADLYSIGNAL ================================================================= ==29476==ERROR: AddressSanitizer: SEGV on unknown address 0x000000008840 (pc 0x56448bec4d79 bp 0x7ffeec9741b0 sp 0x7ffeec9740e0 T0) ==29476==The signal is caused by a READ memory access. #0 0x56448bec4d78 in vmport_ioport_read (qemu-fuzz-i386+0x1260d78) #1 0x56448bb5f175 in memory_region_read_accessor (qemu-fuzz-i386+0xefb175) #2 0x56448bb30c13 in access_with_adjusted_size (qemu-fuzz-i386+0xeccc13) #3 0x56448bb2ea27 in memory_region_dispatch_read1 (qemu-fuzz-i386+0xecaa27) #4 0x56448bb2e443 in memory_region_dispatch_read (qemu-fuzz-i386+0xeca443) #5 0x56448b961ab1 in flatview_read_continue (qemu-fuzz-i386+0xcfdab1) #6 0x56448b96336d in flatview_read (qemu-fuzz-i386+0xcff36d) #7 0x56448b962ec4 in address_space_read_full (qemu-fuzz-i386+0xcfeec4) This is easily reproducible using: $ echo inb 0x5658 | qemu-system-i386 -M isapc,accel=qtest -qtest stdio [I 1589796572.009763] OPENED [R +0.008069] inb 0x5658 Segmentation fault (core dumped) $ coredumpctl gdb -q Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00005605b54d0f21 in vmport_ioport_read (opaque=0x5605b7531ce0, addr=0, size=4) at hw/i386/vmport.c:77 77 eax = env->regs[R_EAX]; (gdb) p cpu $1 = (X86CPU *) 0x0 (gdb) bt #0 0x00005605b54d0f21 in vmport_ioport_read (opaque=0x5605b7531ce0, addr=0, size=4) at hw/i386/vmport.c:77 #1 0x00005605b53db114 in memory_region_read_accessor (mr=0x5605b7531d80, addr=0, value=0x7ffc9d261a30, size=4, shift=0, mask=4294967295, attrs=...) at memory.c:434 #2 0x00005605b53db5d4 in access_with_adjusted_size (addr=0, value=0x7ffc9d261a30, size=1, access_size_min=4, access_size_max=4, access_fn= 0x5605b53db0d2 <memory_region_read_accessor>, mr=0x5605b7531d80, attrs=...) at memory.c:544 #3 0x00005605b53de156 in memory_region_dispatch_read1 (mr=0x5605b7531d80, addr=0, pval=0x7ffc9d261a30, size=1, attrs=...) at memory.c:1396 #4 0x00005605b53de228 in memory_region_dispatch_read (mr=0x5605b7531d80, addr=0, pval=0x7ffc9d261a30, op=MO_8, attrs=...) at memory.c:1424 #5 0x00005605b537c80a in flatview_read_continue (fv=0x5605b7650290, addr=22104, attrs=..., ptr=0x7ffc9d261b4b, len=1, addr1=0, l=1, mr=0x5605b7531d80) at exec.c:3200 #6 0x00005605b537c95d in flatview_read (fv=0x5605b7650290, addr=22104, attrs=..., buf=0x7ffc9d261b4b, len=1) at exec.c:3239 #7 0x00005605b537c9e6 in address_space_read_full (as=0x5605b5f74ac0 <address_space_io>, addr=22104, attrs=..., buf=0x7ffc9d261b4b, len=1) at exec.c:3252 #8 0x00005605b53d5a5d in address_space_read (len=1, buf=0x7ffc9d261b4b, attrs=..., addr=22104, as=0x5605b5f74ac0 <address_space_io>) at include/exec/memory.h:2401 #9 0x00005605b53d5a5d in cpu_inb (addr=22104) at ioport.c:88 X86CPU is NULL because QTest accelerator does not use CPU. Fix by returning default values when QTest accelerator is used. Reported-by: Clang AddressSanitizer Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10accel: Move Xen accelerator code under accel/xen/Philippe Mathieu-Daudé
This code is not related to hardware emulation. Move it under accel/ with the other hypervisors. Reviewed-by: Paul Durrant <paul@xen.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200508100222.7112-1-philmd@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Assert vmport initialized before registering commandsLiran Alon
vmport_register() is also called from other modules such as vmmouse. Therefore, these modules rely that vmport is realized before those call sites. If this is violated, vmport_register() will NULL-deref. To make such issues easier to debug, assert in vmport_register() that vmport is already realized. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-17-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add support for CMD_GETHZLiran Alon
This command returns to guest information on LAPIC bus frequency and TSC frequency. One can see how this interface is used by Linux vmware_platform_setup() introduced in Linux commit 88b094fb8d4f ("x86: Hypervisor detection and get tsc_freq from hypervisor"). Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-16-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Allow x2apic without IRLiran Alon
Signal to guest that hypervisor supports x2apic without VT-d/IOMMU Interrupt-Remapping support. This allows guest to use x2apic in case all APIC IDs fits in 8-bit (i.e. Max APIC ID < 255). See Linux kernel commit 4cca6ea04d31 ("x86/apic: Allow x2apic without IR on VMware platform") and Linux try_to_enable_x2apic() function. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-14-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add support for CMD_GET_VCPU_INFOLiran Alon
Command currently returns that it is unimplemented by setting the reserved-bit in it's return value. Following patches will return various useful vCPU information to guest. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-13-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add support for CMD_GETBIOSUUIDLiran Alon
This is VMware documented functionallity that some guests rely on. Returns the BIOS UUID of the current virtual machine. Note that we also introduce a new compatability flag "x-cmds-v2" to make sure to expose new VMPort commands only to new machine-types. This flag will also be used by the following patches that will introduce additional VMPort commands. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-10-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Define enum for all commandsLiran Alon
No functional change. Defining an enum for all VMPort commands have the following advantages: * It gets rid of the error-prone requirement to update VMPORT_ENTRIES when new VMPort commands are added to QEMU. * It makes it clear to know by looking at one place at the source, what are all the VMPort commands supported by QEMU. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200312165431.82118-9-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Introduce vmport.hLiran Alon
No functional change. This is mere refactoring. Suggested-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200312165431.82118-8-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Report vmware-vmx-type in CMD_GETVERSIONLiran Alon
As can be seen from VmCheck_GetVersion() in open-vm-tools code, CMD_GETVERSION should return vmware-vmx-type in ECX register. Default is to fake host as VMware ESX server. But user can control this value by "-global vmport.vmware-vmx-type=X". Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-7-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Introduce vmware-vmx-version propertyLiran Alon
vmware-vmx-version is a number returned from CMD_GETVERSION which specifies to guest VMware Tools the the host VMX version. If the host reports a number that is different than what the guest VMware Tools expects, it may force guest to upgrade VMware Tools. (See comment above VERSION_MAGIC and VmCheck_IsVirtualWorld() function in open-vm-tools open-source code). For better readability and allow maintaining compatability for guests which may expect different vmware-vmx-version, make vmware-vmx-version a VMPort object property. This would allow user to control it's value via "-global vmport.vmware-vmx-version=X". Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200312165431.82118-6-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Set EAX to -1 on failed and unsupported commandsLiran Alon
This is used as a signal for VMware Tools to know if a command it attempted to invoke, failed or is unsupported. As a result, VMware Tools will either report failure to user or fallback to another backdoor command in attempt to perform some operation. A few examples: * open-vm-tools TimeSyncReadHost() function fallbacks to CMD_GETTIMEFULL command when CMD_GETTIMEFULL_WITH_LAG fails/unsupported. * open-vm-tools Hostinfo_NestingSupported() function verifies EAX != -1 to check for success. * open-vm-tools Hostinfo_VCPUInfoBackdoor() functions checks if reserved-bit is set to indicate command is unimplemented. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-5-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Propagate IOPort read to vCPU EAX registerLiran Alon
vmport_ioport_read() returns the value that should propagate to vCPU EAX register when guest reads VMPort IOPort (i.e. By x86 IN instruction). However, because vmport_ioport_read() calls cpu_synchronize_state(), the returned value gets overridden by the value in QEMU vCPU EAX register. i.e. cpu->env.regs[R_EAX]. To fix this issue, change vmport_ioport_read() to explicitly override cpu->env.regs[R_EAX] with the value it wish to propagate to vCPU EAX register. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-4-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add device propertiesLiran Alon
No functional change. This is done as a preparation for the following patches that will introduce several device properties. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200312165431.82118-3-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add reference to VMware open-vm-toolsLiran Alon
This official VMware open-source project can be used as reference to understand how guest code interacts with VMPort virtual device. Thus, providing understanding on how device is expected to behave. Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-2-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10i386: Hyper-V VMBus ACPI DSDT entryJon Doron
Guest OS uses ACPI to discover VMBus presence. Add a corresponding entry to DSDT in case VMBus has been enabled. Experimentally Windows guests were found to require this entry to include two IRQ resources. They seem to never be used but they still have to be there. Make IRQ numbers user-configurable via corresponding properties; use 7 and 13 by default. Signed-off-by: Evgeny Yakovlev <eyakovlev@virtuozzo.com> Signed-off-by: Roman Kagan <rkagan@virtuozzo.com> Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com> Signed-off-by: Jon Doron <arilou@gmail.com> Message-Id: <20200424123444.3481728-6-arilou@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10i386:pc: whitelist dynamic vmbus-bridgeJon Doron
As vmbus-bridge is derived from sysbus device, it has to be whitelisted to be allowed to be created with -device. Signed-off-by: Roman Kagan <rkagan@virtuozzo.com> Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com> Signed-off-by: Jon Doron <arilou@gmail.com> Message-Id: <20200424123444.3481728-5-arilou@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-09hw/i386/xen/xen-hvm: Use the IEC binary prefix definitionsPhilippe Mathieu-Daudé
IEC binary prefixes ease code review: the unit is explicit. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Paul Durrant <paul@xen.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20200601142930.29408-8-f4bug@amsat.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-06-09acpi: Move build_tpm2() in the generic partEric Auger
We plan to build the TPM2 table on ARM too. In order to reuse the generation code, let's move build_tpm2() to aml-build.c. No change in the implementation. Signed-off-by: Eric Auger <eric.auger@redhat.com> Message-Id: <20200601095737.32671-3-eric.auger@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09acpi: Convert build_tpm2() to build_append* APIEric Auger
In preparation of its move to the generic acpi code, let's convert build_tpm2() to use build_append API. This latter now is prefered in place of direct ACPI struct field settings with manual endianness conversion. Signed-off-by: Eric Auger <eric.auger@redhat.com> Message-Id: <20200601095737.32671-2-eric.auger@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09acpi: tpm: Do not build TCPA table for TPM 2Stefan Berger
Do not build a TCPA table for TPM 2 anymore but create the log area when building the TPM2 table. The TCPA table is only needed for TPM 1.2. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09acpi: move aml builder code for parallel deviceGerd Hoffmann
Also adds support for multiple LPT devices. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200515150421.25479-8-kraxel@redhat.com>
2020-06-09acpi: parallel: don't use _STA methodGerd Hoffmann
The _STA method dates back to the days where we had a static DSDT. The device is listed in the DSDT table unconditionally and the _STA method checks a bit in the isa bridge pci config space to figure whenever a given is isa device is present or not, then evaluates to 0x0f (present) or 0x00 (absent). These days the DSDT is generated by qemu anyway, so if a device is not present we can simply drop it from the DSDT instead. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200515150421.25479-7-kraxel@redhat.com>
2020-06-09acpi: move aml builder code for serial deviceGerd Hoffmann
The code uses the isa_serial_io array to figure what the device uid is. Side effect is that acpi antries are not limited to port 1+2 any more, we'll also get entries for ports 3+4. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200515150421.25479-6-kraxel@redhat.com>
2020-06-09acpi: serial: don't use _STA methodGerd Hoffmann
The _STA method dates back to the days where we had a static DSDT. The device is listed in the DSDT table unconditionally and the _STA method checks a bit in the isa bridge pci config space to figure whenever a given is isa device is present or not, then evaluates to 0x0f (present) or 0x00 (absent). These days the DSDT is generated by qemu anyway, so if a device is not present we can simply drop it from the DSDT instead. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200515150421.25479-5-kraxel@redhat.com>
2020-06-09acpi: move aml builder code for rtc deviceGerd Hoffmann
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200515150421.25479-3-kraxel@redhat.com>
2020-06-09hw/acpi/nvdimm: add a helper to augment SRAT generationVishal Verma
NVDIMMs can belong to their own proximity domains, as described by the NFIT. In such cases, the SRAT needs to have Memory Affinity structures in the SRAT for these NVDIMMs, otherwise Linux doesn't populate node data structures properly during NUMA initialization. See the following for an example failure case. https://lore.kernel.org/linux-nvdimm/20200416225438.15208-1-vishal.l.verma@intel.com/ Introduce a new helper, nvdimm_build_srat(), and call it for both the i386 and arm versions of 'build_srat()' to augment the SRAT with memory affinity information for NVDIMMs. The relevant command line options to exercise this are below. Nodes 0-1 contain CPUs and regular memory, and nodes 2-3 are the NVDIMM address space. -object memory-backend-ram,id=mem0,size=2048M -numa node,nodeid=0,memdev=mem0, -numa cpu,node-id=0,socket-id=0 -object memory-backend-ram,id=mem1,size=2048M -numa node,nodeid=1,memdev=mem1, -numa cpu,node-id=1,socket-id=1 -numa node,nodeid=2, -object memory-backend-file,id=nvmem0,share,mem-path=nvdimm-0,size=16384M,align=1G -device nvdimm,memdev=nvmem0,id=nv0,label-size=2M,node=2 -numa node,nodeid=3, -object memory-backend-file,id=nvmem1,share,mem-path=nvdimm-1,size=16384M,align=1G -device nvdimm,memdev=nvmem1,id=nv1,label-size=2M,node=3 Cc: Jingqi Liu <jingqi.liu@intel.com> Cc: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Jingqi Liu <jingqi.liu@intel.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Vishal Verma <vishal.l.verma@intel.com> Message-Id: <20200606000911.9896-3-vishal.l.verma@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-05-18hw: Use QEMU_IS_ALIGNED() on parallel flash block sizePhilippe Mathieu-Daudé
Use the QEMU_IS_ALIGNED() macro to verify the flash block size is properly aligned. It is quicker to process when reviewing. Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200511205246.24621-1-philmd@redhat.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-15qom: Drop @errp parameter of object_property_del()Markus Armbruster
Same story as for object_property_add(): the only way object_property_del() can fail is when the property with this name does not exist. Since our property names are all hardcoded, failure is a programming error, and the appropriate way to handle it is passing &error_abort. Most callers do that, the commit before previous fixed one that didn't (and got the error handling wrong), and the two remaining exceptions ignore errors. Drop the @errp parameter. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20200505152926.18877-19-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-05-15qdev: Unrealize must not failMarkus Armbruster
Devices may have component devices and buses. Device realization may fail. Realization is recursive: a device's realize() method realizes its components, and device_set_realized() realizes its buses (which should in turn realize the devices on that bus, except bus_set_realized() doesn't implement that, yet). When realization of a component or bus fails, we need to roll back: unrealize everything we realized so far. If any of these unrealizes failed, the device would be left in an inconsistent state. Must not happen. device_set_realized() lets it happen: it ignores errors in the roll back code starting at label child_realize_fail. Since realization is recursive, unrealization must be recursive, too. But how could a partly failed unrealize be rolled back? We'd have to re-realize, which can fail. This design is fundamentally broken. device_set_realized() does not roll back at all. Instead, it keeps unrealizing, ignoring further errors. It can screw up even for a device with no buses: if the lone dc->unrealize() fails, it still unregisters vmstate, and calls listeners' unrealize() callback. bus_set_realized() does not roll back either. Instead, it stops unrealizing. Fortunately, no unrealize method can fail, as we'll see below. To fix the design error, drop parameter @errp from all the unrealize methods. Any unrealize method that uses @errp now needs an update. This leads us to unrealize() methods that can fail. Merely passing it to another unrealize method cannot cause failure, though. Here are the ones that do other things with @errp: * virtio_serial_device_unrealize() Fails when qbus_set_hotplug_handler() fails, but still does all the other work. On failure, the device would stay realized with its resources completely gone. Oops. Can't happen, because qbus_set_hotplug_handler() can't actually fail here. Pass &error_abort to qbus_set_hotplug_handler() instead. * hw/ppc/spapr_drc.c's unrealize() Fails when object_property_del() fails, but all the other work is already done. On failure, the device would stay realized with its vmstate registration gone. Oops. Can't happen, because object_property_del() can't actually fail here. Pass &error_abort to object_property_del() instead. * spapr_phb_unrealize() Fails and bails out when remove_drcs() fails, but other work is already done. On failure, the device would stay realized with some of its resources gone. Oops. remove_drcs() fails only when chassis_from_bus()'s object_property_get_uint() fails, and it can't here. Pass &error_abort to remove_drcs() instead. Therefore, no unrealize method can fail before this patch. device_set_realized()'s recursive unrealization via bus uses object_property_set_bool(). Can't drop @errp there, so pass &error_abort. We similarly unrealize with object_property_set_bool() elsewhere, always ignoring errors. Pass &error_abort instead. Several unrealize methods no longer handle errors from other unrealize methods: virtio_9p_device_unrealize(), virtio_input_device_unrealize(), scsi_qdev_unrealize(), ... Much of the deleted error handling looks wrong anyway. One unrealize methods no longer ignore such errors: usb_ehci_pci_exit(). Several realize methods no longer ignore errors when rolling back: v9fs_device_realize_common(), pci_qdev_unrealize(), spapr_phb_realize(), usb_qdev_realize(), vfio_ccw_realize(), virtio_device_realize(). Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20200505152926.18877-17-armbru@redhat.com>
2020-05-15qom: Drop parameter @errp of object_property_add() & friendsMarkus Armbruster
The only way object_property_add() can fail is when a property with the same name already exists. Since our property names are all hardcoded, failure is a programming error, and the appropriate way to handle it is passing &error_abort. Same for its variants, except for object_property_add_child(), which additionally fails when the child already has a parent. Parentage is also under program control, so this is a programming error, too. We have a bit over 500 callers. Almost half of them pass &error_abort, slightly fewer ignore errors, one test case handles errors, and the remaining few callers pass them to their own callers. The previous few commits demonstrated once again that ignoring programming errors is a bad idea. Of the few ones that pass on errors, several violate the Error API. The Error ** argument must be NULL, &error_abort, &error_fatal, or a pointer to a variable containing NULL. Passing an argument of the latter kind twice without clearing it in between is wrong: if the first call sets an error, it no longer points to NULL for the second call. ich9_pm_add_properties(), sparc32_ledma_realize(), sparc32_dma_realize(), xilinx_axidma_realize(), xilinx_enet_realize() are wrong that way. When the one appropriate choice of argument is &error_abort, letting users pick the argument is a bad idea. Drop parameter @errp and assert the preconditions instead. There's one exception to "duplicate property name is a programming error": the way object_property_add() implements the magic (and undocumented) "automatic arrayification". Don't drop @errp there. Instead, rename object_property_add() to object_property_try_add(), and add the obvious wrapper object_property_add(). Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20200505152926.18877-15-armbru@redhat.com> [Two semantic rebase conflicts resolved]
2020-05-15qom: Drop object_property_set_description() parameter @errpMarkus Armbruster
object_property_set_description() and object_class_property_set_description() fail only when property @name is not found. There are 85 calls of object_property_set_description() and object_class_property_set_description(). None of them can fail: * 84 immediately follow the creation of the property. * The one in spapr_rng_instance_init() refers to a property created in spapr_rng_class_init(), from spapr_rng_properties[]. Every one of them still gets to decide what to pass for @errp. 51 calls pass &error_abort, 32 calls pass NULL, one receives the error and propagates it to &error_abort, and one propagates it to &error_fatal. I'm actually surprised none of them violates the Error API. What are we gaining by letting callers handle the "property not found" error? Use when the property is not known to exist is simpler: you don't have to guard the call with a check. We haven't found such a use in 5+ years. Until we do, let's make life a bit simpler and drop the @errp parameter. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20200505152926.18877-8-armbru@redhat.com> [One semantic rebase conflict resolved]
2020-05-06hw: add compat machines for 5.1Cornelia Huck
Add 5.1 machine types for arm/i440fx/q35/s390x/spapr. Acked-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com> Message-id: 20200429144605.7262-1-cohuck@redhat.com
2020-05-04hw/i386: Make vmmouse helpers staticPhilippe Mathieu-Daudé
The vmmouse helpers are only used in hw/i386/vmmouse.c, make them static. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200504083342.24273-5-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-05-04hw/i386: Add 'vmport.h' local headerPhilippe Mathieu-Daudé
Move 'vmport' related declarations in a target-specific header. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200504083342.24273-4-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-05-04hw/i386/vmport: Remove unused 'hw/input/i8042.h' includePhilippe Mathieu-Daudé
Remove unused "hw/input/i8042.h" include. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200504083342.24273-3-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-05-04hw/i386/pc: Create 'vmport' device in placePhilippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200504083342.24273-2-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-05-04acpi: Add Windows ACPI Emulated Device Table (WAET)Liran Alon
Microsoft introduced this ACPI table to avoid Windows guests performing various workarounds for device erratas. As the virtual device emulated by VMM may not have the errata. Currently, WAET allows hypervisor to inform guest about two specific behaviors: One for RTC and the other for ACPI PM timer. Support for WAET have been introduced since Windows Vista. This ACPI table is also exposed by other common hypervisors by default, including: VMware, GCP and AWS. This patch adds WAET ACPI Table to QEMU. We set "ACPI PM timer good" bit in "Emualted Device Flags" field to indicate that the ACPI PM timer has been enhanced to not require multiple reads to obtain a reliable value. This results in improving the performance of Windows guests that use ACPI PM timer by avoiding unnecessary VMExits caused by these multiple reads. Co-developed-by: Elad Gabay <elad.gabay@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200313145009.144820-3-liran.alon@oracle.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2020-05-04nvdimm: Use configurable ACPI IO base and sizeKwangwoo Lee
This patch makes IO base and size configurable to create NPIO AML for ACPI NFIT. Since a different architecture like AArch64 does not use port-mapped IO, a configurable IO base is required to create correct mapping of ACPI IO address and size. Signed-off-by: Kwangwoo Lee <kwangwoo.lee@sk.com> Signed-off-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Shameer Kolothum <shameerali.kolothum.thodi@huawei.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200421125934.14952-3-shameerali.kolothum.thodi@huawei.com> Acked-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Eric Auger <eric.auger@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-05-04acpi: add ISADeviceClass->build_aml()Gerd Hoffmann
Also add isa_aml_build() function which walks all isa devices. This allows to move aml builder code to isa devices. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200429140003.7336-6-kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-05-04acpi: drop pointless _STA methodGerd Hoffmann
When returning a constant there is no point in having a method in the first place, _STA can be a simple integer instead. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200429140003.7336-5-kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-04-13Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
pc: bugfixes, maintainers A couple of bugfixes. Add a new vhost-user-blk maintainer. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Mon 13 Apr 2020 11:57:17 BST # gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469 # gpg: issuer "mst@redhat.com" # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full] # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full] # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: exec: Fix for qemu_ram_resize() callback fw_cfg: Migrate ACPI table mr sizes separately acpi: Use macro for table-loader file name MAINTAINERS: Add myself as vhost-user-blk maintainer Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-04-13acpi: Use macro for table-loader file nameShameer Kolothum
Use macro for "etc/table-loader" and move it to the header file similar to ACPI_BUILD_TABLE_FILE/ACPI_BUILD_RSDP_FILE etc. Signed-off-by: Shameer Kolothum <shameerali.kolothum.thodi@huawei.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200403101827.30664-2-shameerali.kolothum.thodi@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-04-11piix: fix xenfv regression, add compat machine xenfv-4.2Olaf Hering
With QEMU 4.0 an incompatible change was added to pc_piix, which makes it practical impossible to migrate domUs started with qemu2 or qemu3 to newer qemu versions. Commit 7fccf2a06890e3bc3b30e29827ad3fb93fe88fea added and enabled a new member "smbus_no_migration_support". In commit 4ab2f2a8aabfea95cc53c64e13b3f67960b27fdf the vmstate_acpi got new elements, which are conditionally filled. As a result, an incoming migration expected smbus related data unless smbus migration was disabled for a given MachineClass. Since first commit forgot to handle 'xenfv', domUs started with QEMU 4.x are incompatible with their QEMU siblings. Using other existing machine types, such as 'pc-i440fx-3.1', is not possible because 'xenfv' creates the 'xen-platform' PCI device at 00:02.0, while all other variants to run a domU would create it at 00:04.0. To cover both the existing and the broken case of 'xenfv' in a single qemu binary, a new compatibility variant of 'xenfv-4.2' must be added which targets domUs started with qemu 4.2. The existing 'xenfv' restores compatibility of QEMU 5.x with qemu 3.1. Host admins who started domUs with QEMU 4.x (preferrable QEMU 4.2) have to use a wrapper script which appends '-machine xenfv-4.2' to the device-model command line. This is only required if there is no maintenance window which allows to temporary shutdown the domU and restart it with a fixed device-model. The wrapper script is as simple as this: #!/bin/sh exec /usr/bin/qemu-system-i386 "$@" -machine xenfv-4.2 With xl this script will be enabled with device_model_override=, see xl.cfg(5). To live migrate a domU, adjust the existing domU.cfg and pass it to xl migrate or xl save/restore: xl migrate -C new-domU.cfg domU remote-host xl save domU CheckpointFile new-domU.cfg xl restore new-domU.cfg CheckpointFile With libvirt this script will be enabled with the <emulator> element in domU.xml. Use 'virsh edit' prior 'virsh migrate' to replace the existing <emulator> element to point it to the wrapper script. Signed-off-by: Olaf Hering <olaf@aepfle.de> Message-Id: <20200327151841.13877-1-olaf@aepfle.de> [Adjust tests for blacklisted machine types, simplifying the one in qom-test. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-03-31i386: Fix pkg_id offset for EPYC cpu modelsBabu Moger
If the system is numa configured the pkg_offset needs to be adjusted for EPYC cpu models. Fix it calling the model specific handler. Signed-off-by: Babu Moger <babu.moger@amd.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Message-Id: <158396725589.58170.16424607815207074485.stgit@naples-babu.amd.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>