aboutsummaryrefslogtreecommitdiff
path: root/hw
AgeCommit message (Collapse)Author
2020-06-12vhost-vsock: add vhost-vsock-common abstractionStefano Garzarella
This patch prepares the introduction of vhost-user-vsock, moving the common code usable for both vhost-vsock and vhost-user-vsock devices, in the new vhost-vsock-common parent class. While moving the code, fixed checkpatch warnings about block comments. Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Message-Id: <20200522122512.87413-2-sgarzare@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-12hw/pci: Fix crash when running QEMU with "-nic model=rocker"Thomas Huth
QEMU currently aborts when being started with "-nic model=rocker" or with "-net nic,model=rocker". This happens because the "rocker" device is not a normal NIC but a switch, which has different properties. Thus we should only consider real NIC devices for "-nic" and "-net". These devices can be identified by the "netdev" property, so check for this property before adding the device to the list. Reported-by: Michael Tokarev <mjt@tls.msk.ru> Fixes: 52310c3fa7dc854d ("net: allow using any PCI NICs in -net or -nic") Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20200527153152.9211-1-thuth@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-12Lift max memory slots limit imposed by vhost-userRaphael Norwitz
Historically, sending all memory regions to vhost-user backends in a single message imposed a limitation on the number of times memory could be hot-added to a VM with a vhost-user device. Now that backends which support the VHOST_USER_PROTOCOL_F_CONFIGURE_SLOTS send memory regions individually, we no longer need to impose this limitation on devices which support this feature. With this change, VMs with a vhost-user device which supports the VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTS can support a configurable number of memory slots, up to the maximum allowed by the target platform. Existing backends which do not support VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTS are unaffected. Signed-off-by: Raphael Norwitz <raphael.norwitz@nutanix.com> Signed-off-by: Peter Turschmid <peter.turschm@nutanix.com> Suggested-by: Mike Cui <cui@nutanix.com> Message-Id: <1588533678-23450-6-git-send-email-raphael.norwitz@nutanix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-06-12Transmit vhost-user memory regions individuallyRaphael Norwitz
With this change, when the VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTS protocol feature has been negotiated, Qemu no longer sends the backend all the memory regions in a single message. Rather, when the memory tables are set or updated, a series of VHOST_USER_ADD_MEM_REG and VHOST_USER_REM_MEM_REG messages are sent to transmit the regions to map and/or unmap instead of sending send all the regions in one fixed size VHOST_USER_SET_MEM_TABLE message. The vhost_user struct maintains a shadow state of the VM’s memory regions. When the memory tables are modified, the vhost_user_set_mem_table() function compares the new device memory state to the shadow state and only sends regions which need to be unmapped or mapped in. The regions which must be unmapped are sent first, followed by the new regions to be mapped in. After all the messages have been sent, the shadow state is set to the current virtual device state. Existing backends which do not support VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTS are unaffected. Signed-off-by: Raphael Norwitz <raphael.norwitz@nutanix.com> Signed-off-by: Swapnil Ingle <swapnil.ingle@nutanix.com> Signed-off-by: Peter Turschmid <peter.turschm@nutanix.com> Suggested-by: Mike Cui <cui@nutanix.com> Message-Id: <1588533678-23450-5-git-send-email-raphael.norwitz@nutanix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-06-12Add VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTSRaphael Norwitz
This change introduces a new feature to the vhost-user protocol allowing a backend device to specify the maximum number of ram slots it supports. At this point, the value returned by the backend will be capped at the maximum number of ram slots which can be supported by vhost-user, which is currently set to 8 because of underlying protocol limitations. The returned value will be stored inside the VhostUserState struct so that on device reconnect we can verify that the ram slot limitation has not decreased since the last time the device connected. Signed-off-by: Raphael Norwitz <raphael.norwitz@nutanix.com> Signed-off-by: Peter Turschmid <peter.turschm@nutanix.com> Message-Id: <1588533678-23450-4-git-send-email-raphael.norwitz@nutanix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-06-11Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20200611.0' ↵Peter Maydell
into staging VFIO update 2020-06-11 - Fix IGD split, include header to honor Kconfig (Thomas Huth) - New VMD device paravirt quirk (Jon Derrick) # gpg: Signature made Thu 11 Jun 2020 19:58:31 BST # gpg: using RSA key 239B9B6E3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>" [full] # gpg: aka "Alex Williamson <alex@shazbot.org>" [full] # gpg: aka "Alex Williamson <alwillia@redhat.com>" [full] # gpg: aka "Alex Williamson <alex.l.williamson@gmail.com>" [full] # Primary key fingerprint: 42F6 C04E 540B D1A9 9E7B 8A90 239B 9B6E 3BB0 8B22 * remotes/awilliam/tags/vfio-update-20200611.0: hw/vfio/pci-quirks: Fix broken legacy IGD passthrough hw/vfio: Add VMD Passthrough Quirk Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-11Merge remote-tracking branch ↵Peter Maydell
'remotes/vivier2/tags/trivial-branch-for-5.1-pull-request' into staging Trivial branch pull request 20200610 Convert DPRINTF() to traces or qemu_logs Use IEC binary prefix definitions Use qemu_semihosting_log_out() in target/unicore32 Some code and doc cleanup # gpg: Signature made Wed 10 Jun 2020 14:08:36 BST # gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C # gpg: issuer "laurent@vivier.eu" # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full] # gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full] # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full] # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/trivial-branch-for-5.1-pull-request: semihosting: remove the pthread include which seems unused hw/openrisc/openrisc_sim: Add assertion to silence GCC warning target/unicore32: Prefer qemu_semihosting_log_out() over curses target/unicore32: Replace DPRINTF() by qemu_log_mask(GUEST_ERROR) target/unicore32: Remove unused headers target/i386/cpu: Use the IEC binary prefix definitions hw/i386/xen/xen-hvm: Use the IEC binary prefix definitions hw/hppa/dino: Use the IEC binary prefix definitions hw/arm/aspeed: Correct DRAM container region size qemu-img: Fix doc typo for 'bitmap' subcommand hw/misc/auxbus: Use qemu_log_mask(UNIMP) instead of debug printf hw/isa/apm: Convert debug printf()s to trace events hw/unicore32/puv3: Use qemu_log_mask(ERROR) instead of debug printf() .mailmap: Update Fred Konrad email address net: Do not include a newline in the id of -nic devices Fix parameter type in vhost migration log path Signed-off-by: Peter Maydell <peter.maydell@linaro.org> # Conflicts: # .mailmap
2020-06-11hw/vfio/pci-quirks: Fix broken legacy IGD passthroughThomas Huth
The #ifdef CONFIG_VFIO_IGD in pci-quirks.c is not working since the required header config-devices.h is not included, so that the legacy IGD passthrough is currently broken. Let's include the right header to fix this issue. Buglink: https://bugs.launchpad.net/qemu/+bug/1882784 Fixes: 29d62771c81d ("hw/vfio: Move the IGD quirk code to a separate file") Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2020-06-11hw/vfio: Add VMD Passthrough QuirkJon Derrick
The VMD endpoint provides a real PCIe domain to the guest, including bridges and endpoints. Because the VMD domain is enumerated by the guest kernel, the guest kernel will assign Guest Physical Addresses to the downstream endpoint BARs and bridge windows. When the guest kernel performs MMIO to VMD sub-devices, MMU will translate from the guest address space to the physical address space. Because the bridges have been programmed with guest addresses, the bridges will reject the transaction containing physical addresses. VMD device 28C0 natively assists passthrough by providing the Host Physical Address in shadow registers accessible to the guest for bridge window assignment. The shadow registers are valid if bit 1 is set in VMD VMLOCK config register 0x70. In order to support existing VMDs, this quirk provides the shadow registers in a vendor-specific PCI capability to the vfio-passthrough device for all VMD device ids which don't natively assist with passthrough. The Linux VMD driver is updated to check for this new vendor-specific capability. Signed-off-by: Jon Derrick <jonathan.derrick@intel.com> Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2020-06-10hw/i386/amd_iommu: Fix the reserved bits definition of IOMMU commandsWei Huang
Many reserved bits of amd_iommu commands are defined incorrectly in QEMU. Because of it, QEMU incorrectly injects lots of illegal commands into guest VM's IOMMU event log. Signed-off-by: Wei Huang <wei.huang2@amd.com> Message-Id: <20200418042845.596457-1-wei.huang2@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10KVM: Kick resamplefd for split kernel irqchipPeter Xu
This is majorly only for X86 because that's the only one that supports split irqchip for now. When the irqchip is split, we face a dilemma that KVM irqfd will be enabled, however the slow irqchip is still running in the userspace. It means that the resamplefd in the kernel irqfds won't take any effect and it will miss to ack INTx interrupts on EOIs. One example is split irqchip with VFIO INTx, which will break if we use the VFIO INTx fast path. This patch can potentially supports the VFIO fast path again for INTx, that the IRQ delivery will still use the fast path, while we don't need to trap MMIOs in QEMU for the device to emulate the EIOs (see the callers of vfio_eoi() hook). However the EOI of the INTx will still need to be done from the userspace by caching all the resamplefds in QEMU and kick properly for IOAPIC EOI broadcast. This is tricky because in this case the userspace ioapic irr & remote-irr will be bypassed. However such a change will greatly boost performance for assigned devices using INTx irqs (TCP_RR boosts 46% after this patch applied). When the userspace is responsible for the resamplefd kickup, don't register it on the kvm_irqfd anymore, because on newer kernels (after commit 654f1f13ea56, 5.2+) the KVM_IRQFD will fail if with both split irqchip and resamplefd. This will make sure that the fast path will work for all supported kernels. https://patchwork.kernel.org/patch/10738541/#22609933 Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20200318145204.74483-5-peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10vfio/pci: Use kvm_irqchip_add_irqfd_notifier_gsi() for irqfdsPeter Xu
VFIO is currently the only one left that is not using the generic function (kvm_irqchip_add_irqfd_notifier_gsi()) to register irqfds. Let VFIO use the common framework too. Follow up patches will introduce extra features for kvm irqfd, so that VFIO can easily leverage that after the switch. Reviewed-by: Eric Auger <eric.auger@redhat.com> Reviewed-by: Cornelia Huck <cohuck@redhat.com> Reviewed-by: Alex Williamson <alex.williamson@redhat.com> Acked-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20200318145204.74483-3-peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Allow QTest use without crashingPhilippe Mathieu-Daudé
Trying libFuzzer on the vmport device, we get: AddressSanitizer:DEADLYSIGNAL ================================================================= ==29476==ERROR: AddressSanitizer: SEGV on unknown address 0x000000008840 (pc 0x56448bec4d79 bp 0x7ffeec9741b0 sp 0x7ffeec9740e0 T0) ==29476==The signal is caused by a READ memory access. #0 0x56448bec4d78 in vmport_ioport_read (qemu-fuzz-i386+0x1260d78) #1 0x56448bb5f175 in memory_region_read_accessor (qemu-fuzz-i386+0xefb175) #2 0x56448bb30c13 in access_with_adjusted_size (qemu-fuzz-i386+0xeccc13) #3 0x56448bb2ea27 in memory_region_dispatch_read1 (qemu-fuzz-i386+0xecaa27) #4 0x56448bb2e443 in memory_region_dispatch_read (qemu-fuzz-i386+0xeca443) #5 0x56448b961ab1 in flatview_read_continue (qemu-fuzz-i386+0xcfdab1) #6 0x56448b96336d in flatview_read (qemu-fuzz-i386+0xcff36d) #7 0x56448b962ec4 in address_space_read_full (qemu-fuzz-i386+0xcfeec4) This is easily reproducible using: $ echo inb 0x5658 | qemu-system-i386 -M isapc,accel=qtest -qtest stdio [I 1589796572.009763] OPENED [R +0.008069] inb 0x5658 Segmentation fault (core dumped) $ coredumpctl gdb -q Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00005605b54d0f21 in vmport_ioport_read (opaque=0x5605b7531ce0, addr=0, size=4) at hw/i386/vmport.c:77 77 eax = env->regs[R_EAX]; (gdb) p cpu $1 = (X86CPU *) 0x0 (gdb) bt #0 0x00005605b54d0f21 in vmport_ioport_read (opaque=0x5605b7531ce0, addr=0, size=4) at hw/i386/vmport.c:77 #1 0x00005605b53db114 in memory_region_read_accessor (mr=0x5605b7531d80, addr=0, value=0x7ffc9d261a30, size=4, shift=0, mask=4294967295, attrs=...) at memory.c:434 #2 0x00005605b53db5d4 in access_with_adjusted_size (addr=0, value=0x7ffc9d261a30, size=1, access_size_min=4, access_size_max=4, access_fn= 0x5605b53db0d2 <memory_region_read_accessor>, mr=0x5605b7531d80, attrs=...) at memory.c:544 #3 0x00005605b53de156 in memory_region_dispatch_read1 (mr=0x5605b7531d80, addr=0, pval=0x7ffc9d261a30, size=1, attrs=...) at memory.c:1396 #4 0x00005605b53de228 in memory_region_dispatch_read (mr=0x5605b7531d80, addr=0, pval=0x7ffc9d261a30, op=MO_8, attrs=...) at memory.c:1424 #5 0x00005605b537c80a in flatview_read_continue (fv=0x5605b7650290, addr=22104, attrs=..., ptr=0x7ffc9d261b4b, len=1, addr1=0, l=1, mr=0x5605b7531d80) at exec.c:3200 #6 0x00005605b537c95d in flatview_read (fv=0x5605b7650290, addr=22104, attrs=..., buf=0x7ffc9d261b4b, len=1) at exec.c:3239 #7 0x00005605b537c9e6 in address_space_read_full (as=0x5605b5f74ac0 <address_space_io>, addr=22104, attrs=..., buf=0x7ffc9d261b4b, len=1) at exec.c:3252 #8 0x00005605b53d5a5d in address_space_read (len=1, buf=0x7ffc9d261b4b, attrs=..., addr=22104, as=0x5605b5f74ac0 <address_space_io>) at include/exec/memory.h:2401 #9 0x00005605b53d5a5d in cpu_inb (addr=22104) at ioport.c:88 X86CPU is NULL because QTest accelerator does not use CPU. Fix by returning default values when QTest accelerator is used. Reported-by: Clang AddressSanitizer Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10megasas: use unsigned type for positive numeric fieldsPrasad J Pandit
Use unsigned type for the MegasasState fields which hold positive numeric values. Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20200513192540.1583887-4-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10megasas: avoid NULL pointer dereferencePrasad J Pandit
While in megasas_handle_frame(), megasas_enqueue_frame() may set a NULL frame into MegasasCmd object for a given 'frame_addr' address. Add check to avoid a NULL pointer dereference issue. Reported-by: Alexander Bulekov <alxndr@bu.edu> Fixes: https://bugs.launchpad.net/qemu/+bug/1878259 Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Acked-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20200513192540.1583887-3-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10megasas: use unsigned type for reply_queue_head and check indexPrasad J Pandit
A guest user may set 'reply_queue_head' field of MegasasState to a negative value. Later in 'megasas_lookup_frame' it is used to index into s->frames[] array. Use unsigned type to avoid OOB access issue. Also check that 'index' value stays within s->frames[] bounds through the while() loop in 'megasas_lookup_frame' to avoid OOB access. Reported-by: Ren Ding <rding@gatech.edu> Reported-by: Hanqing Zhao <hanqing@gatech.edu> Reported-by: Alexander Bulekov <alxndr@bu.edu> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Acked-by: Alexander Bulekov <alxndr@bu.edu> Message-Id: <20200513192540.1583887-2-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10accel: Move Xen accelerator code under accel/xen/Philippe Mathieu-Daudé
This code is not related to hardware emulation. Move it under accel/ with the other hypervisors. Reviewed-by: Paul Durrant <paul@xen.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200508100222.7112-1-philmd@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Assert vmport initialized before registering commandsLiran Alon
vmport_register() is also called from other modules such as vmmouse. Therefore, these modules rely that vmport is realized before those call sites. If this is violated, vmport_register() will NULL-deref. To make such issues easier to debug, assert in vmport_register() that vmport is already realized. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-17-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add support for CMD_GETHZLiran Alon
This command returns to guest information on LAPIC bus frequency and TSC frequency. One can see how this interface is used by Linux vmware_platform_setup() introduced in Linux commit 88b094fb8d4f ("x86: Hypervisor detection and get tsc_freq from hypervisor"). Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-16-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Allow x2apic without IRLiran Alon
Signal to guest that hypervisor supports x2apic without VT-d/IOMMU Interrupt-Remapping support. This allows guest to use x2apic in case all APIC IDs fits in 8-bit (i.e. Max APIC ID < 255). See Linux kernel commit 4cca6ea04d31 ("x86/apic: Allow x2apic without IR on VMware platform") and Linux try_to_enable_x2apic() function. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-14-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add support for CMD_GET_VCPU_INFOLiran Alon
Command currently returns that it is unimplemented by setting the reserved-bit in it's return value. Following patches will return various useful vCPU information to guest. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-13-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add support for CMD_GETBIOSUUIDLiran Alon
This is VMware documented functionallity that some guests rely on. Returns the BIOS UUID of the current virtual machine. Note that we also introduce a new compatability flag "x-cmds-v2" to make sure to expose new VMPort commands only to new machine-types. This flag will also be used by the following patches that will introduce additional VMPort commands. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-10-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Define enum for all commandsLiran Alon
No functional change. Defining an enum for all VMPort commands have the following advantages: * It gets rid of the error-prone requirement to update VMPORT_ENTRIES when new VMPort commands are added to QEMU. * It makes it clear to know by looking at one place at the source, what are all the VMPort commands supported by QEMU. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200312165431.82118-9-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Introduce vmport.hLiran Alon
No functional change. This is mere refactoring. Suggested-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200312165431.82118-8-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Report vmware-vmx-type in CMD_GETVERSIONLiran Alon
As can be seen from VmCheck_GetVersion() in open-vm-tools code, CMD_GETVERSION should return vmware-vmx-type in ECX register. Default is to fake host as VMware ESX server. But user can control this value by "-global vmport.vmware-vmx-type=X". Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-7-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Introduce vmware-vmx-version propertyLiran Alon
vmware-vmx-version is a number returned from CMD_GETVERSION which specifies to guest VMware Tools the the host VMX version. If the host reports a number that is different than what the guest VMware Tools expects, it may force guest to upgrade VMware Tools. (See comment above VERSION_MAGIC and VmCheck_IsVirtualWorld() function in open-vm-tools open-source code). For better readability and allow maintaining compatability for guests which may expect different vmware-vmx-version, make vmware-vmx-version a VMPort object property. This would allow user to control it's value via "-global vmport.vmware-vmx-version=X". Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200312165431.82118-6-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Set EAX to -1 on failed and unsupported commandsLiran Alon
This is used as a signal for VMware Tools to know if a command it attempted to invoke, failed or is unsupported. As a result, VMware Tools will either report failure to user or fallback to another backdoor command in attempt to perform some operation. A few examples: * open-vm-tools TimeSyncReadHost() function fallbacks to CMD_GETTIMEFULL command when CMD_GETTIMEFULL_WITH_LAG fails/unsupported. * open-vm-tools Hostinfo_NestingSupported() function verifies EAX != -1 to check for success. * open-vm-tools Hostinfo_VCPUInfoBackdoor() functions checks if reserved-bit is set to indicate command is unimplemented. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-5-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Propagate IOPort read to vCPU EAX registerLiran Alon
vmport_ioport_read() returns the value that should propagate to vCPU EAX register when guest reads VMPort IOPort (i.e. By x86 IN instruction). However, because vmport_ioport_read() calls cpu_synchronize_state(), the returned value gets overridden by the value in QEMU vCPU EAX register. i.e. cpu->env.regs[R_EAX]. To fix this issue, change vmport_ioport_read() to explicitly override cpu->env.regs[R_EAX] with the value it wish to propagate to vCPU EAX register. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-4-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add device propertiesLiran Alon
No functional change. This is done as a preparation for the following patches that will introduce several device properties. Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com> Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200312165431.82118-3-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hw/i386/vmport: Add reference to VMware open-vm-toolsLiran Alon
This official VMware open-source project can be used as reference to understand how guest code interacts with VMPort virtual device. Thus, providing understanding on how device is expected to behave. Signed-off-by: Liran Alon <liran.alon@oracle.com> Message-Id: <20200312165431.82118-2-liran.alon@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10vmbus: add infrastructure to save/load vmbus requestsJon Doron
This can be allow to include controller-specific data while saving/loading in-flight scsi requests of the vmbus scsi controller. Signed-off-by: Roman Kagan <rkagan@virtuozzo.com> Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com> Signed-off-by: Jon Doron <arilou@gmail.com> Message-Id: <20200424123444.3481728-7-arilou@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10i386: Hyper-V VMBus ACPI DSDT entryJon Doron
Guest OS uses ACPI to discover VMBus presence. Add a corresponding entry to DSDT in case VMBus has been enabled. Experimentally Windows guests were found to require this entry to include two IRQ resources. They seem to never be used but they still have to be there. Make IRQ numbers user-configurable via corresponding properties; use 7 and 13 by default. Signed-off-by: Evgeny Yakovlev <eyakovlev@virtuozzo.com> Signed-off-by: Roman Kagan <rkagan@virtuozzo.com> Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com> Signed-off-by: Jon Doron <arilou@gmail.com> Message-Id: <20200424123444.3481728-6-arilou@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10i386:pc: whitelist dynamic vmbus-bridgeJon Doron
As vmbus-bridge is derived from sysbus device, it has to be whitelisted to be allowed to be created with -device. Signed-off-by: Roman Kagan <rkagan@virtuozzo.com> Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com> Signed-off-by: Jon Doron <arilou@gmail.com> Message-Id: <20200424123444.3481728-5-arilou@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10vmbus: vmbus implementationJon Doron
Add the VMBus infrastructure -- bus, devices, root bridge, vmbus state machine, vmbus channel interactions, etc. VMBus is a collection of technologies. At its lowest layer, it's a message passing and signaling mechanism, allowing efficient passing of messages to and from guest VMs. A layer higher, it's a mechanism for defining channels of communication, where each channel is tagged with a type (which implies a protocol) and a instance ID. A layer higher than that, it's a bus driver, serving as the basis of device enumeration within a VM, where a channel can optionally be exposed as a paravirtual device. When a server-side (paravirtual back-end) component wishes to offer a channel to a guest VM, it does so by specifying a channel type, a mode, and an instance ID. VMBus then exposes this in the guest. More information about VMBus can be found in the file vmbuskernelmodeclientlibapi.h in Microsoft's WDK. TODO: - split into smaller palatable pieces - more comments - check and handle corner cases Kudos to Evgeny Yakovlev (formerly eyakovlev@virtuozzo.com) and Andrey Smetatin (formerly asmetanin@virtuozzo.com) for research and prototyping. Signed-off-by: Roman Kagan <rkagan@virtuozzo.com> Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com> Signed-off-by: Jon Doron <arilou@gmail.com> Message-Id: <20200424123444.3481728-4-arilou@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10hyperv: expose API to determine if synic is enabledJon Doron
Signed-off-by: Jon Doron <arilou@gmail.com> Message-Id: <20200424123444.3481728-2-arilou@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10qom/object: Move Object typedef to 'qemu/typedefs.h'Philippe Mathieu-Daudé
We use the Object type all over the place. Forward declare it in "qemu/typedefs.h". Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200504115656.6045-2-f4bug@amsat.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10numa: prevent usage of -M memory-backend and -numa memdev at the same timeIgor Mammedov
Options -M memory-backend and -numa memdev are mutually exclusive, and if used together, it might lead to a crash in the worst case. For example when the same backend is used with these options together: -m 4G \ -object memory-backend-ram,id=mem0,size=4G \ -M pc,memory-backend=mem0 \ -numa node,memdev=mem0 QEMU will abort with: exec.c:2006: qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed. and following backtrace: abort () qemu_ram_set_idstr () vmstate_register_ram () vmstate_register_ram_global () machine_consume_memdev () numa_init_memdev_container () numa_complete_configuration () machine_run_board_init () add a check to error out in case the user tries to use both options at the same time. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200511141103.43768-3-imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10semihosting: remove the pthread include which seems unusedKONRAD Frederic
This have been introduced by: 8de702cb677c8381fb702cae252d6b69aa4c653b It doesn't seem to be used so remove it. Signed-off-by: KONRAD Frederic <frederic.konrad@adacore.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <1589806958-23511-1-git-send-email-frederic.konrad@adacore.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-06-10hw/openrisc/openrisc_sim: Add assertion to silence GCC warningPhilippe Mathieu-Daudé
When compiling with GCC 10 (Fedora 32) using CFLAGS=-O2 we get: CC or1k-softmmu/hw/openrisc/openrisc_sim.o hw/openrisc/openrisc_sim.c: In function ‘openrisc_sim_init’: hw/openrisc/openrisc_sim.c:87:42: error: ‘cpu_irqs[0]’ may be used uninitialized in this function [-Werror=maybe-uninitialized] 87 | sysbus_connect_irq(s, i, cpu_irqs[i][irq_pin]); | ~~~~~~~~^~~ While humans can tell smp_cpus will always be in the [1, 2] range, (openrisc_sim_machine_init sets mc->max_cpus = 2), the compiler can't. Add an assertion to give the compiler a hint there's no use of uninitialized data. Buglink: https://bugs.launchpad.net/qemu/+bug/1874073 Reported-by: Martin Liška <mliska@suse.cz> Suggested-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Tested-by: Eric Blake <eblake@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: Stafford Horne <shorne@gmail.com> Message-Id: <20200608160611.16966-1-philmd@redhat.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-06-09Merge remote-tracking branch ↵Peter Maydell
'remotes/stsquad/tags/pull-testing-and-misc-080620-1' into staging Various testing and misc fixes: - header cleanups for plugins - support wider watchpoints - tweaks for unreliable and broken CI - docker image fixes and verion bumps - linux-user guest_base fixes - remove flex/bison from various test images # gpg: Signature made Mon 08 Jun 2020 17:16:19 BST # gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full] # Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44 * remotes/stsquad/tags/pull-testing-and-misc-080620-1: scripts/coverity-scan: Remove flex/bison packages cirrus-ci: Remove flex/bison packages tests/vm: Remove flex/bison packages tests/docker: Remove flex/bison packages linux-user: detect overflow of MAP_FIXED mmap tests/tcg: add simple commpage test case linux-user: deal with address wrap for ARM_COMMPAGE on 32 bit linux-user: provide fallback pgd_find_hole for bare chroots hw/virtio/vhost: re-factor vhost-section and allow DIRTY_MEMORY_CODE docker: update Ubuntu to 20.04 tests/docker: fix pre-requisite for debian-tricore-cross .shippable: temporaily disable some cross builds .travis.yml: allow failure for unreliable hosts exec: flush the whole TLB if a watchpoint crosses a page boundary tests/plugin: correctly honour io_count scripts/clean-includes: Mark 'qemu/qemu-plugin.h' as special header qemu-plugin.h: add missing include <stddef.h> to define size_t Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-09Add vhost-user helper to get MemoryRegion dataRaphael Norwitz
When setting the memory tables, qemu uses a memory region's userspace address to look up the region's MemoryRegion struct. Among other things, the MemoryRegion contains the region's offset and associated file descriptor, all of which need to be sent to the backend. With VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTS, this logic will be needed in multiple places, so before feature support is added it should be moved to a helper function. This helper is also used to simplify the vhost_user_can_merge() function. Signed-off-by: Raphael Norwitz <raphael.norwitz@nutanix.com> Message-Id: <1588533678-23450-3-git-send-email-raphael.norwitz@nutanix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-06-09Add helper to populate vhost-user message regionsRaphael Norwitz
When setting vhost-user memory tables, memory region descriptors must be copied from the vhost_dev struct to the vhost-user message. To avoid duplicating code in setting the memory tables, we should use a helper to populate this field. This change adds this helper. Signed-off-by: Raphael Norwitz <raphael.norwitz@nutanix.com> Message-Id: <1588533678-23450-2-git-send-email-raphael.norwitz@nutanix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-06-09vhost-user-blk: delay vhost_user_blk_disconnectDima Stepanov
A socket write during vhost-user communication may trigger a disconnect event, calling vhost_user_blk_disconnect() and clearing all the vhost_dev structures holding data that vhost-user functions expect to remain valid to roll back initialization correctly. Delay the cleanup to keep vhost_dev structure valid. There are two possible states to handle: 1. RUN_STATE_PRELAUNCH: skip bh oneshot call and perform disconnect in the caller routine. 2. RUN_STATE_RUNNING: delay by using bh BH changes are based on the similar changes for the vhost-user-net device: commit e7c83a885f865128ae3cf1946f8cb538b63cbfba "vhost-user: delay vhost_user_stop" Signed-off-by: Dima Stepanov <dimastep@yandex-team.ru> Message-Id: <69b73b94dcd066065595266c852810e0863a0895.1590396396.git.dimastep@yandex-team.ru> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Li Feng <fengli@smartx.com> Reviewed-by: Raphael Norwitz <raphael.norwitz@nutanix.com>
2020-06-09hw/pci-host: Use the IEC binary prefix definitionsPhilippe Mathieu-Daudé
IEC binary prefixes ease code review: the unit is explicit. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200601142930.29408-6-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-06-09hw/pci/pci_bridge: Use the IEC binary prefix definitionsPhilippe Mathieu-Daudé
IEC binary prefixes ease code review: the unit is explicit. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200601142930.29408-5-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-06-09hw/pci/pci_bridge: Correct pci_bridge_io memory region sizePhilippe Mathieu-Daudé
memory_region_set_size() handle the 16 Exabytes limit by special-casing the UINT64_MAX value. This is not a problem for the 32-bit maximum, 4 GiB. By using the UINT32_MAX value, the pci_bridge_io MemoryRegion ends up missing 1 byte: (qemu) info mtree memory-region: pci_bridge_io 0000000000000000-00000000fffffffe (prio 0, i/o): pci_bridge_io 0000000000000060-0000000000000060 (prio 0, i/o): i8042-data 0000000000000064-0000000000000064 (prio 0, i/o): i8042-cmd 00000000000001ce-00000000000001d1 (prio 0, i/o): vbe 0000000000000378-000000000000037f (prio 0, i/o): parallel 00000000000003b4-00000000000003b5 (prio 0, i/o): vga ... Fix by using the correct value. We now have: memory-region: pci_bridge_io 0000000000000000-00000000ffffffff (prio 0, i/o): pci_bridge_io 0000000000000060-0000000000000060 (prio 0, i/o): i8042-data 0000000000000064-0000000000000064 (prio 0, i/o): i8042-cmd ... Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200601142930.29408-4-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-06-09hw/pci-host/prep: Correct RAVEN bus bridge memory region sizePhilippe Mathieu-Daudé
memory_region_set_size() handle the 16 Exabytes limit by special-casing the UINT64_MAX value. This is not a problem for the 32-bit maximum, 4 GiB. By using the UINT32_MAX value, the bm-raven MemoryRegion ends up missing 1 byte: $ qemu-system-ppc -M prep -S -monitor stdio -usb memory-region: bm-raven 0000000000000000-00000000fffffffe (prio 0, i/o): bm-raven 0000000000000000-000000003effffff (prio 0, i/o): alias bm-pci-memory @pci-memory 0000000000000000-000000003effffff 0000000080000000-00000000ffffffff (prio 0, i/o): alias bm-system @system 0000000000000000-000000007fffffff Fix by using the correct value. We now have: memory-region: bm-raven 0000000000000000-00000000ffffffff (prio 0, i/o): bm-raven 0000000000000000-000000003effffff (prio 0, i/o): alias bm-pci-memory @pci-memory 0000000000000000-000000003effffff 0000000080000000-00000000ffffffff (prio 0, i/o): alias bm-system @system 0000000000000000-000000007fffffff Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200601142930.29408-3-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2020-06-09pci: assert configuration access is within boundsPrasad J Pandit
While accessing PCI configuration bytes, assert that 'address + len' is within PCI configuration space. Generally it is within bounds. This is more of a defensive assert, in case a buggy device was to send 'address' which may go out of bounds. Suggested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-Id: <20200604113525.58898-1-ppandit@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09hw/pci/pcie: Move hot plug capability check to pre_plug callbackJulia Suvorova
Check for hot plug capability earlier to avoid removing devices attached during the initialization process. Run qemu with an unattached drive: -drive file=$FILE,if=none,id=drive0 \ -device pcie-root-port,id=rp0,slot=3,bus=pcie.0,hotplug=off Hotplug a block device: device_add virtio-blk-pci,id=blk0,drive=drive0,bus=rp0 If hotplug fails on plug_cb, drive0 will be deleted. Fixes: 0501e1aa1d32a6 ("hw/pci/pcie: Forbid hot-plug if it's disabled on the slot") Acked-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Julia Suvorova <jusual@redhat.com> Message-Id: <20200604125947.881210-1-jusual@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09virtio-balloon: Provide an interface for free page reportingAlexander Duyck
Add support for free page reporting. The idea is to function very similar to how the balloon works in that we basically end up madvising the page as not being used. However we don't really need to bother with any deflate type logic since the page will be faulted back into the guest when it is read or written to. This provides a new way of letting the guest proactively report free pages to the hypervisor, so the hypervisor can reuse them. In contrast to inflate/deflate that is triggered via the hypervisor explicitly. Acked-by: David Hildenbrand <david@redhat.com> Signed-off-by: Alexander Duyck <alexander.h.duyck@linux.intel.com> Message-Id: <20200527041407.12700.73735.stgit@localhost.localdomain>