aboutsummaryrefslogtreecommitdiff
path: root/include/hw
AgeCommit message (Collapse)Author
2023-06-01tcg: remove the final vestiges of dstateAlex Bennée
Now we no longer have dynamic state affecting things we can remove the additional fields in cpu.h and simplify the TB hash calculation. For the benchmark: hyperfine -w 2 -m 20 \ "./arm-softmmu/qemu-system-arm -cpu cortex-a15 \ -machine type=virt,highmem=off \ -display none -m 2048 \ -serial mon:stdio \ -netdev user,id=unet,hostfwd=tcp::2222-:22 \ -device virtio-net-pci,netdev=unet \ -device virtio-scsi-pci \ -blockdev driver=raw,node-name=hd,discard=unmap,file.driver=host_device,file.filename=/dev/zen-disk/debian-bullseye-armhf \ -device scsi-hd,drive=hd -smp 4 \ -kernel /home/alex/lsrc/linux.git/builds/arm/arch/arm/boot/zImage \ -append 'console=ttyAMA0 root=/dev/sda2 systemd.unit=benchmark.service' \ -snapshot" It has a marginal effect on runtime, before: Time (mean ± σ): 26.279 s ± 2.438 s [User: 41.113 s, System: 1.843 s] Range (min … max): 24.420 s … 32.565 s 20 runs after: Time (mean ± σ): 24.440 s ± 2.885 s [User: 34.474 s, System: 2.028 s] Range (min … max): 21.663 s … 29.937 s 20 runs Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1358 Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 20230526165401.574474-10-alex.bennee@linaro.org Message-Id: <20230524133952.3971948-9-alex.bennee@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2023-05-30Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into stagingRichard Henderson
Block layer patches - Fix blockdev-create with iothreads - Remove aio_disable_external() API # -----BEGIN PGP SIGNATURE----- # # iQJFBAABCAAvFiEE3D3rFZqa+V09dFb+fwmycsiPL9YFAmR2JIARHGt3b2xmQHJl # ZGhhdC5jb20ACgkQfwmycsiPL9brtA/9HVdAdtJxW78J60TE2lTqE9XlqMOEHBZl # 8GN72trjP2geY/9mVsv/XoFie4ecqFsYjwAWWUuXZwLgAo53jh7oFN7gBH5iGyyD # +EukYEfjqoykX5BkoK0gbMZZUe5Y4Dr2CNXYw4bNg8kDzj2RLifGA1XhdL3HoiVt # PHZrhwBR7ddww6gVOnyJrfGL8fMkW/ZNeKRhrTZuSP+63oDOeGTsTumD+YKJzfPs # p5WlwkuPjcqbO+w32FeVOHVhNI4swkN5svz3fkr8NuflfA7kH6nBQ5wymObbaTLc # Erx03lrtP1+6nw43V11UnYt6iDMg4EBUQwtzNaKFnk3rMIdjoQYxIM5FTBWL2rYD # Dg6PhkncXQ1WNWhUaFqpTFLB52XAYsSa4/y2QAGP6nWbqAUAUknQ3exaMvWiq7Z0 # nZeyyhIWvpJIHGCArWRdqqh+zsBdsmUVuPGyZnZgL/cXoJboYiHMyMJSUWE0XxML # NGrncwxdsBXkVGGwTdHpBT64dcu3ENRgwtraqRLQm+tp5MKNTJB/+Ug2/p1vonHT # UOoHz//UPskn8sHIyevoHXeu2Ns0uIHzrAXr+7Ay+9UYyIH6a07F4b2BGqkfyi/i # 8wQsDmJ/idx5C4q1+jS+GuIbpnjIx6nxXwXMqpscUXZmM4Am8OMkiKxQAa1wExGF # paId+HHwyks= # =yuER # -----END PGP SIGNATURE----- # gpg: Signature made Tue 30 May 2023 09:29:52 AM PDT # gpg: using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6 # gpg: issuer "kwolf@redhat.com" # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full] * tag 'for-upstream' of https://repo.or.cz/qemu/kevin: (32 commits) aio: remove aio_disable_external() API virtio: do not set is_external=true on host notifiers virtio-scsi: implement BlockDevOps->drained_begin() virtio-blk: implement BlockDevOps->drained_begin() virtio: make it possible to detach host notifier from any thread block/fuse: do not set is_external=true on FUSE fd block/export: don't require AioContext lock around blk_exp_ref/unref() block/export: rewrite vduse-blk drain code hw/xen: do not set is_external=true on evtchn fds xen-block: implement BlockDevOps->drained_begin() block: drain from main loop thread in bdrv_co_yield_to_drain() block: add blk_in_drain() API hw/xen: do not use aio_set_fd_handler(is_external=true) in xen_xenstore block/export: stop using is_external in vhost-user-blk server block/export: wait for vhost-user-blk requests when draining util/vhost-user-server: rename refcount to in_flight counter virtio-scsi: stop using aio_disable_external() during unplug virtio-scsi: avoid race between unplug and transport event hw/qdev: introduce qdev_is_realized() helper block-backend: split blk_do_set_aio_context() ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-05-30virtio-scsi: implement BlockDevOps->drained_begin()Stefan Hajnoczi
The virtio-scsi Host Bus Adapter provides access to devices on a SCSI bus. Those SCSI devices typically have a BlockBackend. When the BlockBackend enters a drained section, the SCSI device must temporarily stop submitting new I/O requests. Implement this behavior by temporarily stopping virtio-scsi virtqueue processing when one of the SCSI devices enters a drained section. The new scsi_device_drained_begin() API allows scsi-disk to message the virtio-scsi HBA. scsi_device_drained_begin() uses a drain counter so that multiple SCSI devices can have overlapping drained sections. The HBA only sees one pair of .drained_begin/end() calls. After this commit, virtio-scsi no longer depends on hw/virtio's ioeventfd aio_set_event_notifier(is_external=true). This commit is a step towards removing the aio_disable_external() API. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20230516190238.8401-19-stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2023-05-30hw/qdev: introduce qdev_is_realized() helperStefan Hajnoczi
Add a helper function to check whether the device is realized without requiring the Big QEMU Lock. The next patch adds a second caller. The goal is to avoid spreading DeviceState field accesses throughout the code. Suggested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230516190238.8401-3-stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2023-05-30hw/arm/smmuv3: Add knob to choose translation stage and enable stage-2Mostafa Saleh
As everything is in place, we can use a new system property to advertise which stage is supported and remove bad_ste from STE stage2 config. The property added arm-smmuv3.stage can have 3 values: - "1": Stage-1 only is advertised. - "2": Stage-2 only is advertised. If not passed or an unsupported value is passed, it will default to stage-1. Advertise VMID16. Don't try to decode CD, if stage-2 is configured. Reviewed-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Mostafa Saleh <smostafa@google.com> Tested-by: Eric Auger <eric.auger@redhat.com> Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Message-id: 20230516203327.2051088-11-smostafa@google.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-30hw/arm/smmuv3: Add CMDs related to stage-2Mostafa Saleh
CMD_TLBI_S2_IPA: As S1+S2 is not enabled, for now this can be the same as CMD_TLBI_NH_VAA. CMD_TLBI_S12_VMALL: Added new function to invalidate TLB by VMID. For stage-1 only commands, add a check to throw CERROR_ILL if used when stage-1 is not supported. Reviewed-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Mostafa Saleh <smostafa@google.com> Tested-by: Eric Auger <eric.auger@redhat.com> Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Message-id: 20230516203327.2051088-9-smostafa@google.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-30hw/arm/smmuv3: Add VMID to TLB taggingMostafa Saleh
Allow TLB to be tagged with VMID. If stage-1 is only supported, VMID is set to -1 and ignored from STE and CMD_TLBI_NH* cmds. Update smmu_iotlb_insert trace event to have vmid. Signed-off-by: Mostafa Saleh <smostafa@google.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Message-id: 20230516203327.2051088-8-smostafa@google.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-30hw/arm/smmuv3: Parse STE config for stage-2Mostafa Saleh
Parse stage-2 configuration from STE and populate it in SMMUS2Cfg. Validity of field values are checked when possible. Only AA64 tables are supported and Small Translation Tables (STT) are not supported. According to SMMUv3 UM(IHI0070E) "5.2 Stream Table Entry": All fields with an S2 prefix (with the exception of S2VMID) are IGNORED when stage-2 bypasses translation (Config[1] == 0). Which means that VMID can be used(for TLB tagging) even if stage-2 is bypassed, so we parse it unconditionally when S2P exists. Otherwise it is set to -1.(only S1P) As stall is not supported, if S2S is set the translation would abort. For S2R, we reuse the same code used for stage-1 with flag record_faults. However when nested translation is supported we would need to separate stage-1 and stage-2 faults. Fix wrong shift in STE_S2HD, STE_S2HA, STE_S2S. Signed-off-by: Mostafa Saleh <smostafa@google.com> Tested-by: Eric Auger <eric.auger@redhat.com> Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Reviewed-by: Eric Auger <eric.auger@redhat.com> Message-id: 20230516203327.2051088-6-smostafa@google.com [PMM: fixed format string] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-30hw/arm/smmuv3: Refactor stage-1 PTWMostafa Saleh
In preparation for adding stage-2 support, rename smmu_ptw_64 to smmu_ptw_64_s1 and refactor some of the code so it can be reused in stage-2 page table walk. Remove AA64 check from PTW as decode_cd already ensures that AA64 is used, otherwise it faults with C_BAD_CD. A stage member is added to SMMUPTWEventInfo to differentiate between stage-1 and stage-2 ptw faults. Add stage argument to trace_smmu_ptw_level be consistent with other trace events. Signed-off-by: Mostafa Saleh <smostafa@google.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Message-id: 20230516203327.2051088-4-smostafa@google.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-30hw/arm/smmuv3: Update translation config to hold stage-2Mostafa Saleh
In preparation for adding stage-2 support, add a S2 config struct(SMMUS2Cfg), composed of the following fields and embedded in the main SMMUTransCfg: -tsz: Size of IPA input region (S2T0SZ) -sl0: Start level of translation (S2SL0) -affd: AF Fault Disable (S2AFFD) -record_faults: Record fault events (S2R) -granule_sz: Granule page shift (based on S2TG) -vmid: Virtual Machine ID (S2VMID) -vttb: Address of translation table base (S2TTB) -eff_ps: Effective PA output range (based on S2PS) They will be used in the next patches in stage-2 address translation. The fields in SMMUS2Cfg, are reordered to make the shared and stage-1 fields next to each other, this reordering didn't change the struct size (104 bytes before and after). Stage-1 only fields: aa64, asid, tt, ttb, tbi, record_faults, oas. oas is stage-1 output address size. However, it is used to check input address in case stage-1 is unimplemented or bypassed according to SMMUv3 manual IHI0070.E "3.4. Address sizes" Shared fields: stage, disabled, bypassed, aborted, iotlb_*. No functional change intended. Reviewed-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Mostafa Saleh <smostafa@google.com> Tested-by: Eric Auger <eric.auger@redhat.com> Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Message-id: 20230516203327.2051088-3-smostafa@google.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-30fsl-imx6: Add SNVS support for i.MX6 boardsVitaly Cheptsov
SNVS is supported on both i.MX6 and i.MX6UL and is needed to support shutdown on the board. Cc: Peter Maydell <peter.maydell@linaro.org> (odd fixer:SABRELITE / i.MX6) Cc: Jean-Christophe Dubois <jcd@tribudubois.net> (reviewer:SABRELITE / i.MX6) Cc: qemu-arm@nongnu.org (open list:SABRELITE / i.MX6) Cc: qemu-devel@nongnu.org (open list:All patches CC here) Signed-off-by: Vitaly Cheptsov <cheptsov@ispras.ru> Message-id: 20230515095015.66860-1-cheptsov@ispras.ru Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-29Merge tag 'pull-ppc-20230528' of https://gitlab.com/danielhb/qemu into stagingRichard Henderson
ppc patch queue for 2023-05-28: This queue includes several assorted fixes for PowerPC SPR emulation, a change in the default Pegasos2 CPU, the addition of AIL mode 3 for spapr, a PIC->CPU interrupt fix for prep and performance enhancements in fpu_helper.c. # -----BEGIN PGP SIGNATURE----- # # iIwEABYKADQWIQQX6/+ZI9AYAK8oOBk82cqW3gMxZAUCZHOFiRYcZGFuaWVsaGI0 # MTNAZ21haWwuY29tAAoJEDzZypbeAzFkVZ0BAMV+9RlHKRlldOSPMEWCWo6hmA/U # 9SMyJsZPY3OpDbE3AP9XOQR1boqyT5MJXoeOUq1OLlFm6mY7UA300kBZ7wxVCw== # =IGNT # -----END PGP SIGNATURE----- # gpg: Signature made Sun 28 May 2023 09:47:05 AM PDT # gpg: using EDDSA key 17EBFF9923D01800AF2838193CD9CA96DE033164 # gpg: issuer "danielhb413@gmail.com" # gpg: Good signature from "Daniel Henrique Barboza <danielhb413@gmail.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 17EB FF99 23D0 1800 AF28 3819 3CD9 CA96 DE03 3164 * tag 'pull-ppc-20230528' of https://gitlab.com/danielhb/qemu: ppc/pegasos2: Change default CPU to 7457 target/ppc: Add POWER9 DD2.2 model target/ppc: Merge COMPUTE_CLASS and COMPUTE_FPRF pnv_lpc: disable reentrancy detection for lpc-hc target/ppc: Use SMT4 small core chip type in POWER9/10 PVRs hw/ppc/prep: Fix wiring of PIC -> CPU interrupt spapr: Add SPAPR_CAP_AIL_MODE_3 for AIL mode 3 support for H_SET_MODE hcall target/ppc: Alignment faults do not set DSISR in ISA v3.0 onward target/ppc: Fix width of some 32-bit SPRs target/ppc: Fix fallback to MFSS for MFFS* instructions on pre 3.0 ISAs Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-05-28target/ppc: Add POWER9 DD2.2 modelNicholas Piggin
POWER9 DD2.1 and earlier had significant limitations when running KVM, including lack of "mixed mode" MMU support (ability to run HPT and RPT mode on threads of the same core), and a translation prefetch issue which is worked around by disabling "AIL" mode for the guest. These processors are not widely available, and it's difficult to deal with all these quirks in qemu +/- KVM, so create a POWER9 DD2.2 CPU and make it the default POWER9 CPU. Signed-off-by: Nicholas Piggin <npiggin@gmail.com> Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com> Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com> Message-Id: <20230515160201.394587-1-npiggin@gmail.com> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2023-05-28spapr: Add SPAPR_CAP_AIL_MODE_3 for AIL mode 3 support for H_SET_MODE hcallNicholas Piggin
The behaviour of the Address Translation Mode on Interrupt resource is not consistently supported by all CPU versions or all KVM versions: KVM HV does not support mode 2, and does not support mode 3 on POWER7 or early POWER9 processesors. KVM PR only supports mode 0. TCG supports all modes (0, 2, 3) on CPUs with support for the corresonding LPCR[AIL] mode. This leads to inconsistencies in guest behaviour and could cause problems migrating guests. This was not noticable for Linux guests for a long time because the kernel only uses modes 0 and 3, and it used to consider AIL-3 to be advisory in that it would always keep the AIL-0 vectors around, so it did not matter whether or not interrupts were delivered according to the AIL mode. Recent Linux guests depend on AIL mode 3 working as specified in order to support the SCV facility interrupt. If AIL-3 can not be provided, then H_SET_MODE must return an error to Linux so it can disable the SCV facility (failure to do so can lead to userspace being able to crash the guest kernel). Add the ail-mode-3 capability to specify that AIL-3 is supported. AIL-0 is implied as the baseline, and AIL-2 is no longer supported by spapr. AIL-2 is not known to be used by any software, but support in TCG could be restored with an ail-mode-2 capability quite easily if a regression is reported. Modify the H_SET_MODE Address Translation Mode on Interrupt resource handler to check capabilities and correctly return error if not supported. KVM has a cap to advertise support for AIL-3. Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Nicholas Piggin <npiggin@gmail.com> Message-Id: <20230515160216.394612-1-npiggin@gmail.com> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2023-05-28virtio-input: add a virtio-mulitouch deviceSergio Lopez
Add a virtio-multitouch device to the family of devices emulated by virtio-input implementing the Multi-touch protocol as descripted here: https://www.kernel.org/doc/html/latest/input/multi-touch-protocol.html?highlight=multi+touch This patch just add the device itself, without connecting it to any backends. The following patches will add a PCI-based multitouch device, some helpers in "ui" and will enable the GTK3 backend to transpose multi-touch events from the host to the guest. Signed-off-by: Sergio Lopez <slp@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20230526112925.38794-4-slp@redhat.com>
2023-05-22hw/char/parallel: Move TYPE_ISA_PARALLEL to the header fileThomas Huth
We are going to require the macro from other files, too, so move this #define to the header file. Message-Id: <20230512124033.502654-9-thuth@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-05-22hw: Move the default NIC machine class setting from the x86 to the generic oneThomas Huth
We are going to re-use this setting for other targets, so let's move this to the main MachineClass. Message-Id: <20230512124033.502654-4-thuth@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-05-19hw/i386/pc: No need for rtc_state to be an out-parameterBernhard Beschow
Now that the RTC is created as part of the southbridges it doesn't need to be an out-parameter any longer. Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20230519084734.220480-3-shentey@gmail.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19hw/i386/pc: Create RTC controllers in south bridgesBernhard Beschow
Just like in the real hardware (and in PIIX4), create the RTC controllers in the south bridges. Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20230519084734.220480-2-shentey@gmail.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19hw/cxl: Introduce cxl_device_get_timestamp() utility functionIra Weiny
There are new users of this functionality coming shortly so factor it out from the GET_TIMESTAMP mailbox command handling. Signed-off-by: Ira Weiny <ira.weiny@intel.com> Reviewed-by: Fan Ni <fan.ni@samsung.com> Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Message-Id: <20230423162013.4535-3-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19virtio-pci: add handling of PCI ATS and Device-TLB enable/disableViktor Prutyanov
According to PCIe Address Translation Services specification 5.1.3., ATS Control Register has Enable bit to enable/disable ATS. Guest may enable/disable PCI ATS and, accordingly, Device-TLB for the VirtIO PCI device. So, raise/lower a flag and call a trigger function to pass this event to a device implementation. Signed-off-by: Viktor Prutyanov <viktor@daynix.com> Message-Id: <20230512135122.70403-2-viktor@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19hw/pci-host/pam: Make init_pam() usage more readableBernhard Beschow
Unlike pam_update() which takes the subject -- PAMMemoryRegion -- as first argument, init_pam() takes it as fifth (!) argument. This makes it quite hard to figure out what an init_pam() invocation actually initializes. By moving the subject to the front this should become clearer. While at it, lower the DeviceState parameter to Object, also communicating more clearly that this parameter is just the owner rather than some (heavy?) dependency. Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20230213162004.2797-8-shentey@gmail.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19hw/i386/pc: Initialize ram_memory variable directlyBernhard Beschow
Going through pc_memory_init() seems quite complicated for a simple assignment. Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20230213162004.2797-7-shentey@gmail.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19vhost-vdpa: Add support for vIOMMU.Cindy Lu
1. The vIOMMU support will make vDPA can work in IOMMU mode. This will fix security issues while using the no-IOMMU mode. To support this feature we need to add new functions for IOMMU MR adds and deletes. Also since the SVQ does not support vIOMMU yet, add the check for IOMMU in vhost_vdpa_dev_start, if the SVQ and IOMMU enable at the same time the function will return fail. 2. Skip the iova_max check vhost_vdpa_listener_skipped_section(). While MR is IOMMU, move this check to vhost_vdpa_iommu_map_notify() Verified in vp_vdpa and vdpa_sim_net driver Signed-off-by: Cindy Lu <lulu@redhat.com> Message-Id: <20230510054631.2951812-5-lulu@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19vhost: expose function vhost_dev_has_iommu()Cindy Lu
To support vIOMMU in vdpa, need to exposed the function vhost_dev_has_iommu, vdpa will use this function to check if vIOMMU enable. Signed-off-by: Cindy Lu <lulu@redhat.com> Message-Id: <20230510054631.2951812-2-lulu@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19hw/pci: Disable PCI_ERR_UNCOR_MASK register for machine type < 8.0Leonardo Bras
Since it's implementation on v8.0.0-rc0, having the PCI_ERR_UNCOR_MASK set for machine types < 8.0 will cause migration to fail if the target QEMU version is < 8.0.0 : qemu-system-x86_64: get_pci_config_device: Bad config data: i=0x10a read: 40 device: 0 cmask: ff wmask: 0 w1cmask:0 qemu-system-x86_64: Failed to load PCIDevice:config qemu-system-x86_64: Failed to load e1000e:parent_obj qemu-system-x86_64: error while loading state for instance 0x0 of device '0000:00:02.0/e1000e' qemu-system-x86_64: load of migration failed: Invalid argument The above test migrated a 7.2 machine type from QEMU master to QEMU 7.2.0, with this cmdline: ./qemu-system-x86_64 -M pc-q35-7.2 [-incoming XXX] In order to fix this, property x-pcie-err-unc-mask was introduced to control when PCI_ERR_UNCOR_MASK is enabled. This property is enabled by default, but is disabled if machine type <= 7.2. Fixes: 010746ae1d ("hw/pci/aer: Implement PCI_ERR_UNCOR_MASK register") Suggested-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Leonardo Bras <leobras@redhat.com> Message-Id: <20230503002701.854329-1-leobras@redhat.com> Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Reviewed-by: Peter Xu <peterx@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Fixes: https://gitlab.com/qemu-project/qemu/-/issues/1576 Tested-by: Fiona Ebner <f.ebner@proxmox.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-19hw/cxl: Multi-Region CXL Type-3 Devices (Volatile and Persistent)Gregory Price
This commit enables each CXL Type-3 device to contain one volatile memory region and one persistent region. Two new properties have been added to cxl-type3 device initialization: [volatile-memdev] and [persistent-memdev] The existing [memdev] property has been deprecated and will default the memory region to a persistent memory region (although a user may assign the region to a ram or file backed region). It cannot be used in combination with the new [persistent-memdev] property. Partitioning volatile memory from persistent memory is not yet supported. Volatile memory is mapped at DPA(0x0), while Persistent memory is mapped at DPA(vmem->size), per CXL Spec 8.2.9.8.2.0 - Get Partition Info. Signed-off-by: Gregory Price <gregory.price@memverge.com> Reviewed-by: Davidlohr Bueso <dave@stgolabs.net> Reviewed-by: Fan Ni <fan.ni@samsung.com> Tested-by: Fan Ni <fan.ni@samsung.com> Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Message-Id: <20230421160827.2227-4-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-05-16cpu: Introduce a wrapper for being able to use TARGET_NAME in common codeThomas Huth
In some spots, it would be helpful to be able to use TARGET_NAME in common (target independent) code, too. Thus introduce a wrapper that can be called from common code, too, just like we already have one for target_words_bigendian(). Message-Id: <20230424160434.331175-3-thuth@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-05-16hw/core: Use a callback for target specific query-cpus-fast informationThomas Huth
For being able to create a universal QEMU binary one day, core files like machine-qmp-cmds.c must not contain any "#ifdef TARGET_..." parts. Thus let's provide the target specific function via a function pointer in CPUClass instead, as a first step towards making this file target independent. Message-Id: <20230424160434.331175-2-thuth@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-05-16s390x/pv: Fix spurious warning with asynchronous teardownClaudio Imbrenda
Kernel commit 292a7d6fca33 ("KVM: s390: pv: fix asynchronous teardown for small VMs") causes the KVM_PV_ASYNC_CLEANUP_PREPARE ioctl to fail if the VM is not larger than 2GiB. QEMU would attempt it and fail, print an error message, and then proceed with a normal teardown. Avoid attempting to use asynchronous teardown altogether when the VM is not larger than 2 GiB. This will avoid triggering the error message and also avoid pointless overhead; normal teardown is fast enough for small VMs. Reported-by: Marc Hartmayer <mhartmay@linux.ibm.com> Fixes: c3a073c610 ("s390x/pv: Add support for asynchronous teardown for reboot") Link: https://lore.kernel.org/all/20230421085036.52511-2-imbrenda@linux.ibm.com/ Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com> Message-Id: <20230510105531.30623-2-imbrenda@linux.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> [thuth: Fix inline function parameter in pv.h] Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-05-16hw/pci-bridge: Fix release ordering by embedding PCIBridgeWindows within ↵Jonathan Cameron
PCIBridge The lifetime of the PCIBridgeWindows instance accessed via the windows pointer in struct PCIBridge is managed separately from the PCIBridge itself. Triggered by ./qemu-system-x86_64 -M x-remote -display none -monitor stdio QEMU monitor: device_add cxl-downstream In some error handling paths (such as the above due to attaching a cxl-downstream port anything other than a cxl-upstream port) the g_free() of the PCIBridge windows in pci_bridge_region_cleanup() is called before the final call of flatview_uref() in address_space_set_flatview() ultimately from drain_call_rcu() At one stage this resulted in a crash, currently can still be observed using valgrind which records a use after free. When present, only one instance is allocated. pci_bridge_update_mappings() can operate directly on an instance rather than creating a new one and swapping it in. Thus there appears to be no reason to not directly couple the lifetimes of the two structures by embedding the PCIBridgeWindows within the PCIBridge removing the need for the problematic separate free. Patch is same as was posted deep in the discussion. https://lore.kernel.org/qemu-devel/20230403171232.000020bb@huawei.com/ Reported-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Message-Id: <20230421122550.28234-1-Jonathan.Cameron@huawei.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-05-15hw/loongarch/virt: Set max 256 cpus support on loongarch virt machineSong Gao
Add separate macro EXTIOI_CPUS for extioi interrupt controller, extioi only supports 4 cpu. And set macro LOONGARCH_MAX_CPUS as 256 so that loongarch virt machine supports more cpus. Interrupts from external devices can only be routed cpu 0-3 because of extioi limits, cpu internal interrupt such as timer/ipi can be triggered on all cpus. Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Song Gao <gaosong@loongson.cn> Message-Id: <20230512100421.1867848-3-gaosong@loongson.cn>
2023-05-15hw/loongarch/virt: Modify ipi as percpu deviceSong Gao
ipi is used to communicate between cpus, this patch modified loongarch ipi device as percpu device, so that there are 2 MemoryRegions with ipi device, rather than 2*cpus MemoryRegions, which may be large than QDEV_MAX_MMIO if more cpus are added on loongarch virt machine. Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Song Gao <gaosong@loongson.cn> Message-Id: <20230512100421.1867848-2-gaosong@loongson.cn>
2023-05-05hw/riscv: Add signature dump function for spike to run ACT testsWeiwei Li
Add signature and signature-granularity properties in spike to specify the target signatrue file and the line size for signature data. Recgonize the signature section between begin_signature and end_signature symbols when loading elf of ACT tests. Then dump signature data in signature section just before the ACT tests exit. Signed-off-by: Weiwei Li <liweiwei@iscas.ac.cn> Signed-off-by: Junqiang Wang <wangjunqiang@iscas.ac.cn> Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230405095720.75848-2-liweiwei@iscas.ac.cn> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-05-02hw/arm/boot: Make write_bootloader() public as arm_write_bootloader()Cédric Le Goater
The arm boot.c code includes a utility function write_bootloader() which assists in writing a boot-code fragment into guest memory, including handling endianness and fixing it up with entry point addresses and similar things. This is useful not just for the boot.c code but also in board model code, so rename it to arm_write_bootloader() and make it globally visible. Since we are making it public, make its API a little neater: move the AddressSpace* argument to be next to the hwaddr argument, and allow the fixupcontext array to be const, since we never modify it in this function. Cc: qemu-stable@nongnu.org Signed-off-by: Cédric Le Goater <clg@kaod.org> Tested-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20230424152717.1333930-2-peter.maydell@linaro.org [PMM: Split out from another patch by Cédric, added doc comment] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-02hw/arm/bcm2835_property: Implement "get command line" messageDaniel Bertalan
This query copies the kernel command line into the message buffer. It was previously stubbed out to return empty, this commit makes it reflect the arguments specified with `-append`. I observed the following peculiarities on my Pi 3B+: - If the buffer is shorter than the string, the response header gives the full length, but no data is actually copied. - No NUL terminator is added: even if the buffer is long enough to fit one, the buffer's original contents are preserved past the string's end. - The VC firmware adds the following extra parameters beside the user-supplied ones (via /boot/cmdline.txt): `video`, `vc_mem.mem_base` and `vc_mem.mem_size`. This is currently not implemented in qemu. Signed-off-by: Daniel Bertalan <dani@danielbertalan.dev> Message-id: 20230425103250.56653-1-dani@danielbertalan.dev Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: added comment about NUL and short-buffer behaviour] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-04-28memory: prevent dma-reentracy issuesAlexander Bulekov
Add a flag to the DeviceState, when a device is engaged in PIO/MMIO/DMA. This flag is set/checked prior to calling a device's MemoryRegion handlers, and set when device code initiates DMA. The purpose of this flag is to prevent two types of DMA-based reentrancy issues: 1.) mmio -> dma -> mmio case 2.) bh -> dma write -> mmio case These issues have led to problems such as stack-exhaustion and use-after-frees. Summary of the problem from Peter Maydell: https://lore.kernel.org/qemu-devel/CAFEAcA_23vc7hE3iaM-JVA6W38LK4hJoWae5KcknhPRD5fPBZA@mail.gmail.com Resolves: https://gitlab.com/qemu-project/qemu/-/issues/62 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/540 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/541 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/556 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/557 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/827 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1282 Resolves: CVE-2023-0330 Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20230427211013.2994127-2-alxndr@bu.edu> [thuth: Replace warn_report() with warn_report_once()] Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-04-25Merge tag 'for_upstream' of https://git.kernel.org/pub/scm/virt/kvm/mst/qemu ↵Richard Henderson
into staging virtio,pc,pci: fixes, features, cleanups Mostly just fixes, cleanups all over the place. Some optimizations. More control over slot_reserved_mask. More feature bits supported for SVQ. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # -----BEGIN PGP SIGNATURE----- # # iQFDBAABCAAtFiEEXQn9CHHI+FuUyooNKB8NuNKNVGkFAmRHQvAPHG1zdEByZWRo # YXQuY29tAAoJECgfDbjSjVRpQc0H/RD+RXy7IAnmhkdCyjj0hM8pftPTwCJfrSCW # DLHP4c5jiKO5ngUoAv3YJdM77TBCXlJn6gceeKBrzhGUTtJ7dTLC+Udeq/jW43EF # /E2ldLLbTNFyUqW8yX7D+EVio7Jy4zXTHpczKCF5vO7MaVWS/b3QdCpmjXpEHLNb # janv24vQHHgmRwK96uIdIauJJT8aqYW0arn1po8anxuFS8ok9Tf8LTEF5uBHokJP # MriTwMaqMgRK+4rzh+b6wc7QC5GqIr44gFrsfFYuNOUY0+BizvGvUAtMt+B/XZwt # OF4RSShUh2bhsQoYwgvShfEsR/vWwOl3yMAhcsB+wMgMzMG8MUQ= # =e8DF # -----END PGP SIGNATURE----- # gpg: Signature made Tue 25 Apr 2023 04:03:12 AM BST # gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469 # gpg: issuer "mst@redhat.com" # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [undefined] # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [undefined] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * tag 'for_upstream' of https://git.kernel.org/pub/scm/virt/kvm/mst/qemu: (31 commits) hw/pci-bridge: Make PCIe and CXL PXB Devices inherit from TYPE_PXB_DEV hw/pci-bridge: pci_expander_bridge fix type in pxb_cxl_dev_reset() docs/specs: Convert pci-testdev.txt to rst docs/specs: Convert pci-serial.txt to rst docs/specs/pci-ids: Convert from txt to rST acpi: pcihp: allow repeating hot-unplug requests virtio: i2c: Check notifier helpers for VIRTIO_CONFIG_IRQ_IDX docs: Remove obsolete descriptions of SR-IOV support intel_iommu: refine iotlb hash calculation docs/cxl: Fix sentence MAINTAINERS: Add Eugenio Pérez as vhost-shadow-virtqueue reviewer tests: bios-tables-test: replace memset with initializer hw/acpi: limit warning on acpi table size to pc machines older than version 2.3 Add my old and new work email mapping and use work email to support acpi vhost-user-blk-server: notify client about disk resize pci: avoid accessing slot_reserved_mask directly outside of pci.c hw: Add compat machines for 8.1 hw/i386/amd_iommu: Factor amdvi_pci_realize out of amdvi_sysbus_realize hw/i386/amd_iommu: Set PCI static/const fields via PCIDeviceClass hw/i386/amd_iommu: Move capab_offset from AMDVIState to AMDVIPCIState ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-04-24hw/pci-bridge: Make PCIe and CXL PXB Devices inherit from TYPE_PXB_DEVJonathan Cameron
Previously, PXB_CXL_DEVICE, PXB_PCIE_DEVICE and PXB_DEVICE all have PCI_DEVICE as their direct parent but share a common state struct PXBDev. convert_to_pxb() is used to get the PXBDev instance from which ever of these types it is called on. This patch switches to an explicit hierarchy based on shared functionality. To allow use of OBJECT_DECLARE_SIMPLE_TYPE() whilst minimizing code changes, all types are renamed to have the postfix _DEV rather than _DEVICE. The new heirarchy has PXB_CXL_DEV with parent PXB_PCIE_DEV which in turn has parent PXB_DEV which continues to have parent PCI_DEVICE. This allows simple use of PXB_DEV() etc rather than a custom function + removal of duplicated properties and moving the CXL specific elements out of struct PXBDev. Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Message-Id: <20230420142750.6950-3-Jonathan.Cameron@huawei.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-04-24hw/acpi: limit warning on acpi table size to pc machines older than version 2.3Ani Sinha
i440fx machine versions 2.3 and newer supports dynamic ram resizing. See commit a1666142db6233 ("acpi-build: make ROMs RAM blocks resizeable") . Currently supported all q35 machine types (versions 2.4 and newer) supports resizable RAM/ROM blocks.Therefore the warning generated when the ACPI table size exceeds a pre-defined value does not apply to those machine versions. Add a check limiting the warning message to only those machines that does not support expandable ram blocks (that is, i440fx machines with version 2.2 and older). Signed-off-by: Ani Sinha <anisinha@redhat.com> Message-Id: <20230329045726.14028-1-anisinha@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-04-22Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into stagingRichard Henderson
* Optional use of Meson wrap for slirp * Coverity fixes * Avoid -Werror=maybe-uninitialized * Mark coroutine QMP command functions as coroutine_fn * Mark functions that suspend as coroutine_mixed_fn * target/i386: Fix SGX CPUID leaf * First batch of qatomic_mb_read() removal * Small atomic.rst improvement * NBD cleanup * Update libvirt-ci submodule # -----BEGIN PGP SIGNATURE----- # # iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmRBAzwUHHBib256aW5p # QHJlZGhhdC5jb20ACgkQv/vSX3jHroP64gf+NzLW95tylCfhKuuLq/TjuOTQqHCD # KVLlA1I3pwJfk4SUuigrnaJtwfa/tBiWxfaivUdPAzPzeXyxcVSOps0neohrmFBh # 2e3ylBWWz22K0gkLtrFwJT99TVy6w6Xhj9SX8HPRfxl4k8yMPrUJNW78hh6APAwq # /etZY6+ieHC7cwG4xluhxsHnxnBYBYD+18hUd+b5LchD/yvCSCNNiursutpa0Ar/ # r/HtDwNFKlaApO3sU4R3yYgdS1Fvcas4tDZaumADsQlSG5z+UeJldc98LiRlFrAA # gnskBSaaly/NgWqY3hVCYaBGyjD4lWPkX/FEChi0XX6Fl1P0umQAv/7z3w== # =XSAs # -----END PGP SIGNATURE----- # gpg: Signature made Thu 20 Apr 2023 10:17:48 AM BST # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [undefined] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [undefined] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (25 commits) tests: lcitool: Switch to OpenSUSE Leap 15.4 tests: libvirt-ci: Update to commit '2fa24dce8bc' configure: Honour cross-prefix when finding ObjC compiler coverity: unify Fedora dockerfiles nbd: a BlockExport always has a BlockBackend docs: explain effect of smp_read_barrier_depends() on modern architectures qemu-coroutine: remove qatomic_mb_read() postcopy-ram: do not use qatomic_mb_read block-backend: remove qatomic_mb_read() target/i386: Change wrong XFRM value in SGX CPUID leaf monitor: mark mixed functions that can suspend migration: mark mixed functions that can suspend io: mark mixed functions that can suspend qapi-gen: mark coroutine QMP command functions as coroutine_fn target/mips: tcg: detect out-of-bounds accesses to cpu_gpr and cpu_gpr_hi coverity: update COMPONENTS.md lasi: fix RTC migration target/i386: Avoid unreachable variable declaration in mmu_translate() configure: Avoid -Werror=maybe-uninitialized tests: bios-tables-test: replace memset with initializer ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-04-21Merge tag 'pull-tpm-2023-04-20-1' of ↵Richard Henderson
https://github.com/stefanberger/qemu-tpm into staging Merge tpm 2023/04/20 v1 # -----BEGIN PGP SIGNATURE----- # # iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmRBLgoACgkQda1lgCoL # QhEPyQf/WfEg8k2hDLExobsSgup1IsnT+mHHTBOZVJvq2efg2YXUTHA56fmD9X6d # crqTq68L5oaMES5iYEZhA7EAgfk3RvxDQGrlXBByPzrc6SSwEHHMR4Zzi5zrbCoW # t6TmaKQrlQqYwkhhsbyqnG46bj0ugCDagkBLfJdVl96fjkYgTspcDxaNwqwy/DPn # GTmQlvdRY09D1nylIdtcLBIfsM+sIkRslyngbUEIy+Bx8EWRy2a8Qw0BdY9g1XoE # e0CaRaFMpju1KOIjq0YSIzt0LSQDFfPc1IlUAC0ZALhNmp+PPNtr4E7+4kFfO2ym # 1sT2w25ho8dYDdm/m8tIauCdGoHw4A== # =ML27 # -----END PGP SIGNATURE----- # gpg: Signature made Thu 20 Apr 2023 01:20:26 PM BST # gpg: using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211 # gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: B818 B9CA DF90 89C2 D5CE C66B 75AD 6580 2A0B 4211 * tag 'pull-tpm-2023-04-20-1' of https://github.com/stefanberger/qemu-tpm: qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it qtest: Add functions for accessing devices on Aspeed I2C controller tests/avocado/aspeed: Add TPM TIS I2C test tpm: Add support for TPM device over I2C bus tpm: Extend common APIs to support TPM TIS I2C docs: Add support for TPM devices over I2C bus Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-04-21Merge tag 'pull-request-2023-04-20' of https://gitlab.com/thuth/qemu into ↵Richard Henderson
staging * Compat machines for version 8.1 * Allow setting a chardev input file on the command line * Fix .travis.yml to work with non-public Travis instances, too * Move a lot of code from specifc_ss into softmmu_ss * Add a test case for TPM TIS I2C connected to Aspeed I2C controller * Update tests/vm/freebsd to version 13 * Some more misc minor fixes here and there # -----BEGIN PGP SIGNATURE----- # # iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmRBDtMRHHRodXRoQHJl # ZGhhdC5jb20ACgkQLtnXdP5wLbXfjw//UYytlyZsDOLAMfFNGQViMmVf29KbrDRe # doDh4Nl1oZLNKm9C5XlQExhsRbLm6Hi9nyQvSCJs4CvZ1jBY6U7GfgMNIaozXWb3 # 4gQyJb9ACe/z8bQmPUVF2sdW1QZ9zpf8LWpCOTGUZiI2Tevzkz7b/F5ZxiQiseG6 # dXe8UIwdZhG4jz2+6viqjHiGlKoBkegGYoJthcwnR07aRz2woiNr7rKRiJEiv2G7 # UfMVB96uLkpEhaDoohz440/rjviazO1nt6HDvgEajXT1X5P/8phT9IvT7olAZXZH # R2Qm6YyYcSWavoPms3AryAWG8FjomcyBjuebfAVW5/x+fl/401sn9quBMoZrYPEX # dfzF64vVokdXNQEH6+qc95PdB6/+d0CZPY8ilMRtAttf2sMw7IgqhG3zDLbj9t6R # dns2/DY9zu2pp07IEAXn/iVbW4rl2HADUQncr6B/cPy++lYiFvv7LX8OE+YWOsk0 # gvxzYx6rRhr5j7xT1sP30pLwsG3mX7qRDfba1Bt19CzSbu7UGN+w+S1xclgZDoqE # 0AZIeVUuqqNTEoBLoa2xHUDGs9NjeI2+qIh0R5csS/bqDscLXj0cOluvJO48n4Rt # +SGQSCSmU/lxn6EbBz4tw3orlp0clBH9fEaSg9lYxuUTYvQOpdYS7u4d63VQFvzp # dwQ9LRDFNsA= # =8ZFL # -----END PGP SIGNATURE----- # gpg: Signature made Thu 20 Apr 2023 11:07:15 AM BST # gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5 # gpg: issuer "thuth@redhat.com" # gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [undefined] # gpg: aka "Thomas Huth <thuth@redhat.com>" [undefined] # gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown] # gpg: aka "Thomas Huth <huth@tuxfamily.org>" [undefined] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5 * tag 'pull-request-2023-04-20' of https://gitlab.com/thuth/qemu: (23 commits) tests/vm/freebsd: Update to FreeBSD 13.2 qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it qtest: Add functions for accessing devices on Aspeed I2C controller MAINTAINERS: Add Juan Quintela to developer guides review cpu: Remove parameter of list_cpus() hw/core: Move numa.c into the target independent source set softmmu: Move dirtylimit.c into the target independent source set hw/display: Compile vga.c as target-independent code softmmu: Make qtest.c target independent include/exec: Provide the tswap() functions for target independent code, too softmmu/qtest: Move the target-specific pseries RTAS code out of qtest.c hw/char: Move two more files from specific_ss to softmmu_ss target/i386: Set family/model/stepping of the "max" CPU according to LM bit tests/migration: Only run auto_converge in slow mode travis.yml: Add missing 'flex', 'bison' packages to 'GCC (user)' job travis.yml: Add missing clang-10 package to the 'Clang (disable-tcg)' job chardev: Allow setting file chardev input file on the command line qtest: Don't assert on "-qtest chardev:myid" test: Fix test-crypto-secret when compiling without keyring support ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-04-21pci: avoid accessing slot_reserved_mask directly outside of pci.cChuck Zmudzinski
This patch provides accessor functions as replacements for direct access to slot_reserved_mask according to the comment at the top of include/hw/pci/pci_bus.h which advises that data structures for PCIBus should not be directly accessed but instead be accessed using accessor functions in pci.h. Three accessor functions can conveniently replace all direct accesses of slot_reserved_mask. With this patch, the new accessor functions are used in hw/sparc64/sun4u.c and hw/xen/xen_pt.c and pci_bus.h is removed from the included header files of the same two files. No functional change intended. Signed-off-by: Chuck Zmudzinski <brchuckz@aol.com> Message-Id: <b1b7f134883cbc83e455abbe5ee225c71aa0e8d0.1678888385.git.brchuckz@aol.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> [sun4u]
2023-04-21hw: Add compat machines for 8.1Cornelia Huck
Add 8.1 machine types for arm/i440fx/m68k/q35/s390x/spapr. Signed-off-by: Cornelia Huck <cohuck@redhat.com> Message-Id: <20230314173009.152667-1-cohuck@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-04-21virtio-balloon: optimize the virtio-balloon on the ARM platformYangming
Optimize the virtio-balloon feature on the ARM platform by adding a variable to keep track of the current hot-plugged pc-dimm size, instead of traversing the virtual machine's memory modules to count the current RAM size during the balloon inflation or deflation process. This variable can be updated only when plugging or unplugging the device, which will result in an increase of approximately 60% efficiency of balloon process on the ARM platform. We tested the total amount of time required for the balloon inflation process on ARM: inflate the balloon to 64GB of a 128GB guest under stress. Before: 102 seconds After: 42 seconds Signed-off-by: Qi Xi <xiqi2@huawei.com> Signed-off-by: Ming Yang yangming73@huawei.com Message-Id: <e13bc78f96774bfab4576814c293aa52@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: David Hildenbrand <david@redhat.com>
2023-04-21virtio: refresh vring region cache after updating a virtqueue sizeCarlos López
When a virtqueue size is changed by the guest via virtio_queue_set_num(), its region cache is not automatically updated. If the size was increased, this could lead to accessing the cache out of bounds. For example, in vring_get_used_event(): static inline uint16_t vring_get_used_event(VirtQueue *vq) { return vring_avail_ring(vq, vq->vring.num); } static inline uint16_t vring_avail_ring(VirtQueue *vq, int i) { VRingMemoryRegionCaches *caches = vring_get_region_caches(vq); hwaddr pa = offsetof(VRingAvail, ring[i]); if (!caches) { return 0; } return virtio_lduw_phys_cached(vq->vdev, &caches->avail, pa); } vq->vring.num will be greater than caches->avail.len, which will trigger a failed assertion down the call path of virtio_lduw_phys_cached(). Fix this by calling virtio_init_region_cache() after virtio_queue_set_num() if we are not already calling virtio_queue_set_rings(). In the legacy path this is already done by virtio_queue_update_rings(). Signed-off-by: Carlos López <clopez@suse.de> Message-Id: <20230317002749.27379-1-clopez@suse.de> Reviewed-by: Cornelia Huck <cohuck@redhat.com> Acked-by: Halil Pasic <pasic@linux.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-04-20qtest: Add functions for accessing devices on Aspeed I2C controllerStefan Berger
Add read and write functions for accessing registers of I2C devices connected to the Aspeed I2C controller. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Ninad Palsule <ninad@linux.ibm.com> Acked-by: Thomas Huth <thuth@redhat.com> Message-id: 20230331173051.3857801-2-stefanb@linux.ibm.com
2023-04-20tpm: Extend common APIs to support TPM TIS I2CNinad Palsule
Qemu already supports devices attached to ISA and sysbus. This drop adds support for the I2C bus attached TPM devices. This commit includes changes for the common code. - Added support for the new checksum registers which are required for the I2C support. The checksum calculation is handled in the qemu common code. - Added wrapper function for read and write data so that I2C code can call it without MMIO interface. The TPM TIS I2C spec describes in the table in section "Interface Locality Usage per Register" that the TPM_INT_ENABLE and TPM_INT_STATUS registers must be writable for any locality even if the locality is not the active locality. Therefore, remove the checks whether the writing locality is the active locality for these registers. Signed-off-by: Ninad Palsule <ninad@linux.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Joel Stanley <joel@jms.id.au> Tested-by: Joel Stanley <joel@jms.id.au> Message-id: 20230414220754.1191476-3-ninadpalsule@us.ibm.com
2023-04-20fsl-imx7: Add fec[12]-phy-connected propertiesGuenter Roeck
Add fec[12]-phy-connected properties and use it to set phy-connected and phy-consumer properties for imx_fec. Signed-off-by: Guenter Roeck <linux@roeck-us.net> Message-id: 20230315145248.1639364-5-linux@roeck-us.net Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>