aboutsummaryrefslogtreecommitdiff
path: root/include
AgeCommit message (Collapse)Author
2019-11-18nbd: Don't send oversize stringsEric Blake
Qemu as server currently won't accept export names larger than 256 bytes, nor create dirty bitmap names longer than 1023 bytes, so most uses of qemu as client or server have no reason to get anywhere near the NBD spec maximum of a 4k limit per string. However, we weren't actually enforcing things, ignoring when the remote side violates the protocol on input, and also having several code paths where we send oversize strings on output (for example, qemu-nbd --description could easily send more than 4k). Tighten things up as follows: client: - Perform bounds check on export name and dirty bitmap request prior to handing it to server - Validate that copied server replies are not too long (ignoring NBD_INFO_* replies that are not copied is not too bad) server: - Perform bounds check on export name and description prior to advertising it to client - Reject client name or metadata query that is too long - Adjust things to allow full 4k name limit rather than previous 256 byte limit Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20191114024635.11363-4-eblake@redhat.com> Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-11-18bitmap: Enforce maximum bitmap name lengthEric Blake
We document that for qcow2 persistent bitmaps, the name cannot exceed 1023 bytes. It is inconsistent if transient bitmaps do not have to abide by the same limit, and it is unlikely that any existing client even cares about using bitmap names this long. It's time to codify that ALL bitmaps managed by qemu (whether persistent in qcow2 or not) have a documented maximum length. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20191114024635.11363-3-eblake@redhat.com> Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-11-18nbd/server: Prefer heap over stack for parsing client namesEric Blake
As long as we limit NBD names to 256 bytes (the bare minimum permitted by the standard), stack-allocation works for parsing a name received from the client. But as mentioned in a comment, we eventually want to permit up to the 4k maximum of the NBD standard, which is too large for stack allocation; so switch everything in the server to use heap allocation. For now, there is no change in actually supported name length. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20191114024635.11363-2-eblake@redhat.com> [eblake: fix uninit variable compile failure] Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-11-18Merge remote-tracking branch 'remotes/vivier2/tags/ppc-for-4.2-pull-request' ↵Peter Maydell
into staging ppc patch queue 2019-11-15 Several fixes for 4.2.0-rc2: fix mos6522 performance issue, xive/xics issues, fix /chosen device-tree on reset and KVM default cpu-model for all machine classes # gpg: Signature made Mon 18 Nov 2019 10:52:19 GMT # gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C # gpg: issuer "lvivier@redhat.com" # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full] # gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full] # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full] # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/ppc-for-4.2-pull-request: mos6522: fix T1 and T2 timers spapr/kvm: Set default cpu model for all machine classes spapr: Add /chosen to FDT only at reset time to preserve kernel and initramdisk ppc: Skip partially initialized vCPUs in 'info pic' xive, xics: Fix reference counting on CPU objects ppc: Add intc_destroy() handlers to SpaprInterruptController/PnvChip Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-11-18ppc: Add intc_destroy() handlers to SpaprInterruptController/PnvChipGreg Kurz
SpaprInterruptControllerClass and PnvChipClass have an intc_create() method that calls the appropriate routine, ie. icp_create() or xive_tctx_create(), to establish the link between the VCPU and the presenter component of the interrupt controller during realize. There aren't any symmetrical call to be called when the VCPU gets unrealized though. It is assumed that object_unparent() is the only thing to do. This is questionable because the parenting logic around the CPU and presenter objects is really an implementation detail of the interrupt controller. It shouldn't be open-coded in the machine code. Fix this by adding an intc_destroy() method that undoes what was done in intc_create(). Also NULLify the presenter pointers to avoid having stale pointers around. This will allow to reliably check if a vCPU has a valid presenter. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <157192724208.3146912.7254684777515287626.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Laurent Vivier <lvivier@redhat.com>
2019-11-12tcg plugins: expose an API version conceptAlex Bennée
This is a very simple versioning API which allows the plugin infrastructure to check the API a plugin was built against. We also expose a min/cur API version to the plugin via the info block in case it wants to avoid using old deprecated APIs in the future. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Robert Foley <robert.foley@linaro.org>
2019-11-11hw/arm/boot: Set NSACR.{CP11, CP10} in dummy SMC setup routineClement Deschamps
The boot.c code usually puts the CPU into NS mode directly when it is booting a kernel. Since fc1120a7f5f2d4b6 this has included a requirement to set NSACR to give NS state access to the FPU; we fixed that for the usual code path in ece628fcf6. However, it is also possible for a board model to request an alternative mode of booting, where its 'board_setup' code hook runs in Secure state and is responsible for doing the S->NS transition after it has done whatever work it must do in Secure state. In this situation the board_setup code now also needs to update NSACR. This affects all boards which set info->secure_board_setup, which is currently the 'raspi' and 'highbank' families. They both use the common arm_write_secure_board_setup_dummy_smc(). Set the NSACR CP11 and CP10 bits in the code written by that function, to allow FPU access in Non-Secure state when using dummy SMC setup routine. Otherwise an AArch32 kernel booted on the highbank or raspi boards will UNDEF as soon as it tries to use the FPU. Update the comment describing secure_board_setup to note the new requirements on users of it. This fixes a kernel panic when booting raspbian on raspi2. Successfully tested with: 2017-01-11-raspbian-jessie-lite.img 2018-11-13-raspbian-stretch-lite.img 2019-07-10-raspbian-buster-lite.img Fixes: fc1120a7f5 Signed-off-by: Clement Deschamps <clement.deschamps@greensocs.com> Tested-by: Laurent Bonnans <laurent.bonnans@here.com> Message-id: 20191104151137.81931-1-clement.deschamps@greensocs.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: updated comment to boot.h to note new requirement on users of secure_board_setup; edited/rewrote commit message] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-11-11Remove unassigned_access CPU hookPeter Maydell
All targets have now migrated away from the old unassigned_access hook to the new do_transaction_failed hook. This means we can remove the core-code infrastructure for that hook and the code that calls it. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-id: 20191108173732.11816-1-peter.maydell@linaro.org
2019-11-11ptimer: Remove old ptimer_init_with_bh() APIPeter Maydell
Now all the users of ptimers have converted to the transaction-based API, we can remove ptimer_init_with_bh() and all the code paths that are used only by bottom-half based ptimers, and tidy up the documentation comments to consider the transaction-based API the only possibility. The code changes result from: * s->bh no longer exists * s->callback is now always non-NULL Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20191025142411.17085-1-peter.maydell@linaro.org
2019-11-07Merge remote-tracking branch ↵Peter Maydell
'remotes/vivier2/tags/trivial-branch-pull-request' into staging Trivial fixes (20191105-v3) v3: remove disas/libvixl/vixl/invalset.h changes v2: remove patch from Greg that has lines with more than 80 columns # gpg: Signature made Wed 06 Nov 2019 16:23:45 GMT # gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C # gpg: issuer "laurent@vivier.eu" # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full] # gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full] # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full] # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/trivial-branch-pull-request: global: Squash 'the the' hw/misc/grlib_ahb_apb_pnp: Fix 8-bit accesses hw/misc/grlib_ahb_apb_pnp: Avoid crash when writing to PnP registers Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-11-07Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
virtio, pci: fixes A couple of bugfixes. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Wed 06 Nov 2019 12:00:19 GMT # gpg: using RSA key 281F0DB8D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full] # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full] # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: virtio: notify virtqueue via host notifier when available hw/i386: AMD-Vi IVRS DMA alias support pci: Use PCI aliases when determining device IOMMU address space Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-11-06Merge remote-tracking branch 'remotes/philmd-gitlab/tags/mips-next-20191105' ↵Peter Maydell
into staging The i440FX northbridge is only used by the PC machine, while the PIIX southbridge is also used by the Malta MIPS machine. Split the PIIX3 southbridge from i440FX northbridge. # gpg: Signature made Tue 05 Nov 2019 22:48:12 GMT # gpg: using RSA key 89C1E78F601EE86C867495CBA2A3FD6EDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (Phil) <philmd@redhat.com>" [marginal] # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 89C1 E78F 601E E86C 8674 95CB A2A3 FD6E DEAD C0DE * remotes/philmd-gitlab/tags/mips-next-20191105: (21 commits) hw/pci-host/i440fx: Remove the last PIIX3 traces hw/pci-host: Rename incorrectly named 'piix' as 'i440fx' hw/pci-host/piix: Extract PIIX3 functions to hw/isa/piix3.c hw/pci-host/piix: Fix code style issues hw/pci-host/piix: Move i440FX declarations to hw/pci-host/i440fx.h hw/pci-host/piix: Define and use the PIIX IRQ Route Control Registers hw/pci-host/piix: Move RCR_IOPORT register definition hw/pci-host/piix: Extract piix3_create() hw/i386: Remove obsolete LoadStateHandler::load_state_old handlers hw/isa/piix4: Move piix4_create() to hw/isa/piix4.c hw/mips/mips_malta: Extract the PIIX4 creation code as piix4_create() hw/mips/mips_malta: Create IDE hard drive array dynamically piix4: Add a MC146818 RTC Controller as specified in datasheet piix4: Add an i8254 PIT Controller as specified in datasheet piix4: Add an i8257 DMA Controller as specified in datasheet piix4: Rename PIIX4 object to piix4-isa Revert "irq: introduce qemu_irq_proxy()" piix4: Add an i8259 Interrupt Controller as specified in datasheet piix4: Add the Reset Control Register MAINTAINERS: Keep PIIX4 South Bridge separate from PC Chipsets ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-11-06global: Squash 'the the'Dr. David Alan Gilbert
'the' has a tendency to double up; squash them back down. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20191104185202.102504-1-dgilbert@redhat.com> [lv: removed disas/libvixl/vixl/invalset.h change] Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-11-06virtio: notify virtqueue via host notifier when availableStefan Hajnoczi
Host notifiers are used in several cases: 1. Traditional ioeventfd where virtqueue notifications are handled in the main loop thread. 2. IOThreads (aio_handle_output) where virtqueue notifications are handled in an IOThread AioContext. 3. vhost where virtqueue notifications are handled by kernel vhost or a vhost-user device backend. Most virtqueue notifications from the guest use the ioeventfd mechanism, but there are corner cases where QEMU code calls virtio_queue_notify(). This currently honors the host notifier for the IOThreads aio_handle_output case, but not for the vhost case. The result is that vhost does not receive virtqueue notifications from QEMU when virtio_queue_notify() is called. This patch extends virtio_queue_notify() to set the host notifier whenever it is enabled instead of calling the vq->(aio_)handle_output() function directly. We track the host notifier state for each virtqueue separately since some devices may use it only for certain virtqueues. This fixes the vhost case although it does add a trip through the eventfd for the traditional ioeventfd case. I don't think it's worth adding a fast path for the traditional ioeventfd case because calling virtio_queue_notify() is rare when ioeventfd is enabled. Reported-by: Felipe Franciosi <felipe@nutanix.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20191105140946.165584-1-stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-11-05hw/pci-host/i440fx: Remove the last PIIX3 tracesPhilippe Mathieu-Daudé
The PIIX3 is not tied to the i440FX and can even be used without it. Move its creation to the machine code (pc_piix.c). We have now removed the last trace of southbridge code in the i440FX northbridge. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-05hw/pci-host/piix: Extract PIIX3 functions to hw/isa/piix3.cPhilippe Mathieu-Daudé
Move all the PIIX3 functions to a new file: hw/isa/piix3.c. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-05hw/pci-host/piix: Move i440FX declarations to hw/pci-host/i440fx.hPhilippe Mathieu-Daudé
The hw/pci-host/piix.c contains a mix of PIIX3 and i440FX chipsets functions. To be able to split it, we need to export some declarations first. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-05hw/pci-host/piix: Define and use the PIIX IRQ Route Control RegistersPhilippe Mathieu-Daudé
The IRQ Route Control registers definitions belong to the PIIX chipset. We were only defining the 'A' register. Define the other B, C and D registers, and use them. Acked-by: Paul Durrant <paul@xen.org> Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-05hw/pci-host/piix: Move RCR_IOPORT register definitionPhilippe Mathieu-Daudé
The RCR_IOPORT register belongs to the PIIX chipset. Move the definition to "piix.h", and prepend the PIIX prefix. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-05hw/isa/piix4: Move piix4_create() to hw/isa/piix4.cPhilippe Mathieu-Daudé
Now that we properly refactored the piix4_create() function, let's move it to hw/isa/piix4.c where it belongs, so it can be reused on other places. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-05piix4: Add a MC146818 RTC Controller as specified in datasheetPhilippe Mathieu-Daudé
Remove mc146818rtc instanciated in malta board, to not have it twice. Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Message-Id: <20171216090228.28505-13-hpoussin@reactos.org> [PMD: rebased, set RTC base_year to 2000] Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-05piix4: Rename PIIX4 object to piix4-isaHervé Poussineau
Other piix4 parts are already named piix4-ide and piix4-usb-uhci. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Message-Id: <20171216090228.28505-15-hpoussin@reactos.org> Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Reviewed-by: Li Qiang <liq3ea@gmail.com> Reviewed-by: Esteban Bosse <estebanbosse@gmail.com> [PMD: rebased] Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-05Revert "irq: introduce qemu_irq_proxy()"Philippe Mathieu-Daudé
This function isn't used anymore. This reverts commit 22ec3283efba9ba0792790da786d6776d83f2a92. Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Li Qiang <liq3ea@gmail.com> Reviewed-by: Esteban Bosse <estebanbosse@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2019-11-05piix4: Add an i8259 Interrupt Controller as specified in datasheetHervé Poussineau
Add ISA irqs as piix4 gpio in, and CPU interrupt request as piix4 gpio out. Remove i8259 instanciated in malta board, to not have it twice. We can also remove the now unused piix4_init() function. Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Message-Id: <20171216090228.28505-8-hpoussin@reactos.org> Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> [PMD: rebased, updated includes, use ISA_NUM_IRQS in for loop] Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-11-04block: Add bdrv_co_get_self_request()Max Reitz
Cc: qemu-stable@nongnu.org Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20191101152510.11719-3-mreitz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2019-11-04block: Make wait/mark serialising requests publicMax Reitz
Make both bdrv_mark_request_serialising() and bdrv_wait_serialising_requests() public so they can be used from block drivers. Cc: qemu-stable@nongnu.org Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20191101152510.11719-2-mreitz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2019-11-04nvme: fix NSSRS offset in CAP registerKlaus Jensen
Fix the offset of the NSSRS field the CAP register. From NVME 1.4, section 3 ("Controller Registers"), subsection 3.1.1 ("Offset 0h: CAP – Controller Capabilities") CAP_NSSRS_SHIFT is bit 36, not 33. Signed-off-by: Klaus Jensen <k.jensen@samsung.com> Reported-by: Javier Gonzalez <javier.gonz@samsung.com> Message-id: 20191023073315.446534-1-its@irrelevant.dk Reviewed-by: John Snow <jsnow@redhat.com> [mreitz: Added John's note on the location in the specification where this information can be found] Signed-off-by: Max Reitz <mreitz@redhat.com>
2019-11-01target/arm/cpu64: max cpu: Introduce sve<N> propertiesAndrew Jones
Introduce cpu properties to give fine control over SVE vector lengths. We introduce a property for each valid length up to the current maximum supported, which is 2048-bits. The properties are named, e.g. sve128, sve256, sve384, sve512, ..., where the number is the number of bits. See the updates to docs/arm-cpu-features.rst for a description of the semantics and for example uses. Note, as sve-max-vq is still present and we'd like to be able to support qmp_query_cpu_model_expansion with guests launched with e.g. -cpu max,sve-max-vq=8 on their command lines, then we do allow sve-max-vq and sve<N> properties to be provided at the same time, but this is not recommended, and is why sve-max-vq is not mentioned in the document. If sve-max-vq is provided then it enables all lengths smaller than and including the max and disables all lengths larger. It also has the side-effect that no larger lengths may be enabled and that the max itself cannot be disabled. Smaller non-power-of-two lengths may, however, be disabled, e.g. -cpu max,sve-max-vq=4,sve384=off provides a guest the vector lengths 128, 256, and 512 bits. This patch has been co-authored with Richard Henderson, who reworked the target/arm/cpu64.c changes in order to push all the validation and auto-enabling/disabling steps into the finalizer, resulting in a nice LOC reduction. Signed-off-by: Andrew Jones <drjones@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com> Reviewed-by: Beata Michalska <beata.michalska@linaro.org> Message-id: 20191031142734.8590-5-drjones@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-10-31bootdevice: FW_CFG interface for LCHS valuesSam Eiderman
Using fw_cfg, supply logical CHS values directly from QEMU to the BIOS. Non-standard logical geometries break under QEMU. A virtual disk which contains an operating system which depends on logical geometries (consistent values being reported from BIOS INT13 AH=08) will most likely break under QEMU/SeaBIOS if it has non-standard logical geometries - for example 56 SPT (sectors per track). No matter what QEMU will report - SeaBIOS, for large enough disks - will use LBA translation, which will report 63 SPT instead. In addition we cannot force SeaBIOS to rely on physical geometries at all. A virtio-blk-pci virtual disk with 255 phyiscal heads cannot report more than 16 physical heads when moved to an IDE controller, since the ATA spec allows a maximum of 16 heads - this is an artifact of virtualization. By supplying the logical geometries directly we are able to support such "exotic" disks. We serialize this information in a similar way to the "bootorder" interface. The new fw_cfg entry is "bios-geometry". Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com> Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com> Signed-off-by: Sam Eiderman <sameid@google.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: John Snow <jsnow@redhat.com>
2019-10-31scsi: Propagate unrealize() callback to scsi-hdSam Eiderman
We will need to add LCHS removal logic to scsi-hd's unrealize() in the next commit. Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com> Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com> Signed-off-by: Sam Eiderman <sameid@google.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: John Snow <jsnow@redhat.com>
2019-10-31bootdevice: Add interface to gather LCHSSam Eiderman
Add an interface to provide direct logical CHS values for boot devices. We will use this interface in the next commits. Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com> Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com> Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com> Signed-off-by: Sam Eiderman <sameid@google.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: John Snow <jsnow@redhat.com>
2019-10-31block: Support providing LCHS from userSam Eiderman
Add logical geometry variables to BlockConf. A user can now supply "lcyls", "lheads" & "lsecs" for any HD device that supports CHS ("cyls", "heads", "secs"). These devices include: * ide-hd * scsi-hd * virtio-blk-pci In future commits we will use the provided LCHS and pass it to the BIOS through fw_cfg to be supplied using INT13 routines. Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com> Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com> Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com> Signed-off-by: Sam Eiderman <sameid@google.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: John Snow <jsnow@redhat.com>
2019-10-31block: Refactor macros - fix tabbingSam Eiderman
Fixing tabbing in block related macros. Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com> Signed-off-by: Sam Eiderman <sameid@google.com> Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com> Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: John Snow <jsnow@redhat.com>
2019-10-30Merge remote-tracking branch ↵Peter Maydell
'remotes/stsquad/tags/pull-tcg-plugins-281019-4' into staging TCG Plugins initial implementation - use --enable-plugins @ configure - low impact introspection (-plugin empty.so to measure overhead) - plugins cannot alter guest state - example plugins included in source tree (tests/plugins) - -d plugin to enable plugin output in logs - check-tcg runs extra tests when plugins enabled - documentation in docs/devel/plugins.rst # gpg: Signature made Mon 28 Oct 2019 15:13:23 GMT # gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full] # Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44 * remotes/stsquad/tags/pull-tcg-plugins-281019-4: (57 commits) travis.yml: enable linux-gcc-debug-tcg cache MAINTAINERS: add me for the TCG plugins code scripts/checkpatch.pl: don't complain about (foo, /* empty */) .travis.yml: add --enable-plugins tests include/exec: wrap cpu_ldst.h in CONFIG_TCG accel/stubs: reduce headers from tcg-stub tests/plugin: add hotpages to analyse memory access patterns tests/plugin: add instruction execution breakdown tests/plugin: add a hotblocks plugin tests/tcg: enable plugin testing tests/tcg: drop test-i386-fprem from TESTS when not SLOW tests/tcg: move "virtual" tests to EXTRA_TESTS tests/tcg: set QEMU_OPTS for all cris runs tests/tcg/Makefile.target: fix path to config-host.mak tests/plugin: add sample plugins linux-user: support -plugin option vl: support -plugin option plugin: add qemu_plugin_outs helper plugin: add qemu_plugin_insn_disas helper plugin: expand the plugin_init function to include an info block ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-10-29net/virtio: add failover supportJens Freimann
This patch adds support to handle failover device pairs of a virtio-net device and a (vfio-)pci device, where the virtio-net acts as the standby device and the (vfio-)pci device as the primary. The general idea is that we have a pair of devices, a (vfio-)pci and a emulated (virtio-net) device. Before migration the vfio device is unplugged and data flows to the emulated device, on the target side another (vfio-)pci device is plugged in to take over the data-path. In the guest the net_failover module will pair net devices with the same MAC address. To achieve this we need: 1. Provide a callback function for the should_be_hidden DeviceListener. It is called when the primary device is plugged in. Evaluate the QOpt passed in to check if it is the matching primary device. It returns if the device should be hidden or not. When it should be hidden it stores the device options in the VirtioNet struct and the device is added once the VIRTIO_NET_F_STANDBY feature is negotiated during virtio feature negotiation. If the virtio-net devices are not realized at the time the (vfio-)pci devices are realized, we need to connect the devices later. This way we make sure primary and standby devices can be specified in any order. 2. Register a callback for migration status notifier. When called it will unplug its primary device before the migration happens. 3. Register a callback for the migration code that checks if a device needs to be unplugged from the guest. Signed-off-by: Jens Freimann <jfreimann@redhat.com> Message-Id: <20191029114905.6856-11-jfreimann@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-10-29migration: add new migration state wait-unplugJens Freimann
This patch adds a new migration state called wait-unplug. It is entered after the SETUP state if failover devices are present. It will transition into ACTIVE once all devices were succesfully unplugged from the guest. So if a guest doesn't respond or takes long to honor the unplug request the user will see the migration state 'wait-unplug'. In the migration thread we query failover devices if they're are still pending the guest unplug. When all are unplugged the migration continues. If one device won't unplug migration will stay in wait_unplug state. Signed-off-by: Jens Freimann <jfreimann@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <20191029114905.6856-9-jfreimann@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-10-29migration: allow unplug during migration for failover devicesJens Freimann
In "b06424de62 migration: Disable hotplug/unplug during migration" we added a check to disable unplug for all devices until we have figured out what works. For failover primary devices qdev_unplug() is called from the migration handler, i.e. during migration. This patch adds a flag to DeviceState which is set to false for all devices and makes an exception for PCI devices that are also primary devices in a failover pair. Signed-off-by: Jens Freimann <jfreimann@redhat.com> Message-Id: <20191029114905.6856-8-jfreimann@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-10-29pci: mark devices partially unpluggedJens Freimann
Only the guest unplug request was triggered. This is needed for the failover feature. In case of a failed migration we need to plug the device back to the guest. Signed-off-by: Jens Freimann <jfreimann@redhat.com> Message-Id: <20191029114905.6856-4-jfreimann@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-10-29pci: add option for net failoverJens Freimann
This patch adds a failover_pair_id property to PCIDev which is used to link the primary device in a failover pair (the PCI dev) to a standby (a virtio-net-pci) device. It only supports ethernet devices. Also currently it only supports PCIe devices. The requirement for PCIe is because it doesn't support other hotplug controllers at the moment. The failover functionality can be added to other hotplug controllers like ACPI, SHCP,... later on. Signed-off-by: Jens Freimann <jfreimann@redhat.com> Message-Id: <20191029114905.6856-3-jfreimann@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-10-29qdev/qbus: add hidden device supportJens Freimann
This adds support for hiding a device to the qbus and qdev APIs. The first user of this will be the virtio-net failover feature but the API introduced with this patch could be used to implement other features as well, for example hiding pci devices when a pci bus is powered off. qdev_device_add() is modified to check for a failover_pair_id argument in the option string. A DeviceListener callback should_be_hidden() is added. It can be used by a standby device to inform qdev that this device should not be added now. The standby device handler can store the device options to plug the device in at a later point in time. One reason for hiding the device is that we don't want to expose both devices to the guest kernel until the respective virtio feature bit VIRTIO_NET_F_STANDBY was negotiated and we know that the devices will be handled correctly by the guest. More information on the kernel feature this is using: https://www.kernel.org/doc/html/latest/networking/net_failover.html An example where the primary device is a vfio-pci device and the standby device is a virtio-net device: A device is hidden when it has an "failover_pair_id" option, e.g. -device virtio-net-pci,...,failover=on,... -device vfio-pci,...,failover_pair_id=net1,... Signed-off-by: Jens Freimann <jfreimann@redhat.com> Message-Id: <20191029114905.6856-2-jfreimann@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-10-29Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into ↵Peter Maydell
staging # gpg: Signature made Tue 29 Oct 2019 02:33:36 GMT # gpg: using RSA key EF04965B398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal] # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: COLO-compare: Fix incorrect `if` logic virtio-net: prevent offloads reset on migration virtio: new post_load hook net: add tulip (dec21143) driver Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-10-29Merge remote-tracking branch 'remotes/vivier/tags/q800-branch-pull-request' ↵Peter Maydell
into staging Add Macintosh Quadra 800 machine in hw/m68k # gpg: Signature made Mon 28 Oct 2019 18:14:25 GMT # gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C # gpg: issuer "laurent@vivier.eu" # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full] # gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full] # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full] # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier/tags/q800-branch-pull-request: BootLinuxConsoleTest: Test the Quadra 800 hw/m68k: define Macintosh Quadra 800 hw/m68k: add a dummy SWIM floppy controller hw/m68k: add Nubus macfb video card hw/m68k: add Nubus support hw/m68k: implement ADB bus support for via hw/m68k: add VIA support dp8393x: manage big endian bus esp: add pseudo-DMA as used by Macintosh esp: move get_cmd() post-DMA code to get_cmd_cb() esp: move handle_ti_cmd() cleanup code to esp_do_dma(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-10-29Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20191028' into stagingPeter Maydell
Improvements for TARGET_PAGE_BITS_VARY Fix for TCI ld16u_i64. Fix for segv on icount execute from i/o memory. Two misc cleanups. # gpg: Signature made Mon 28 Oct 2019 14:55:08 GMT # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * remotes/rth/tags/pull-tcg-20191028: translate-all: Remove tb_alloc translate-all: fix uninitialized tb->orig_tb cputlb: Fix tlb_vaddr_to_host exec: Cache TARGET_PAGE_MASK for TARGET_PAGE_BITS_VARY exec: Promote TARGET_PAGE_MASK to target_long exec: Restrict TARGET_PAGE_BITS_VARY assert to CONFIG_DEBUG_TCG exec: Use const alias for TARGET_PAGE_BITS_VARY configure: Detect compiler support for __attribute__((alias)) exec: Split out variable page size support to exec-vary.c cpu: use ROUND_UP() to define xxx_PAGE_ALIGN cputlb: ensure _cmmu helper functions follow the naming standard tci: Add implementation for INDEX_op_ld16u_i64 Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-10-29virtio-net: prevent offloads reset on migrationMikhail Sennikovsky
Currently offloads disabled by guest via the VIRTIO_NET_CTRL_GUEST_OFFLOADS_SET command are not preserved on VM migration. Instead all offloads reported by guest features (via VIRTIO_PCI_GUEST_FEATURES) get enabled. What happens is: first the VirtIONet::curr_guest_offloads gets restored and offloads are getting set correctly: #0 qemu_set_offload (nc=0x555556a11400, csum=1, tso4=0, tso6=0, ecn=0, ufo=0) at net/net.c:474 #1 virtio_net_apply_guest_offloads (n=0x555557701ca0) at hw/net/virtio-net.c:720 #2 virtio_net_post_load_device (opaque=0x555557701ca0, version_id=11) at hw/net/virtio-net.c:2334 #3 vmstate_load_state (f=0x5555569dc010, vmsd=0x555556577c80 <vmstate_virtio_net_device>, opaque=0x555557701ca0, version_id=11) at migration/vmstate.c:168 #4 virtio_load (vdev=0x555557701ca0, f=0x5555569dc010, version_id=11) at hw/virtio/virtio.c:2197 #5 virtio_device_get (f=0x5555569dc010, opaque=0x555557701ca0, size=0, field=0x55555668cd00 <__compound_literal.5>) at hw/virtio/virtio.c:2036 #6 vmstate_load_state (f=0x5555569dc010, vmsd=0x555556577ce0 <vmstate_virtio_net>, opaque=0x555557701ca0, version_id=11) at migration/vmstate.c:143 #7 vmstate_load (f=0x5555569dc010, se=0x5555578189e0) at migration/savevm.c:829 #8 qemu_loadvm_section_start_full (f=0x5555569dc010, mis=0x5555569eee20) at migration/savevm.c:2211 #9 qemu_loadvm_state_main (f=0x5555569dc010, mis=0x5555569eee20) at migration/savevm.c:2395 #10 qemu_loadvm_state (f=0x5555569dc010) at migration/savevm.c:2467 #11 process_incoming_migration_co (opaque=0x0) at migration/migration.c:449 However later on the features are getting restored, and offloads get reset to everything supported by features: #0 qemu_set_offload (nc=0x555556a11400, csum=1, tso4=1, tso6=1, ecn=0, ufo=0) at net/net.c:474 #1 virtio_net_apply_guest_offloads (n=0x555557701ca0) at hw/net/virtio-net.c:720 #2 virtio_net_set_features (vdev=0x555557701ca0, features=5104441767) at hw/net/virtio-net.c:773 #3 virtio_set_features_nocheck (vdev=0x555557701ca0, val=5104441767) at hw/virtio/virtio.c:2052 #4 virtio_load (vdev=0x555557701ca0, f=0x5555569dc010, version_id=11) at hw/virtio/virtio.c:2220 #5 virtio_device_get (f=0x5555569dc010, opaque=0x555557701ca0, size=0, field=0x55555668cd00 <__compound_literal.5>) at hw/virtio/virtio.c:2036 #6 vmstate_load_state (f=0x5555569dc010, vmsd=0x555556577ce0 <vmstate_virtio_net>, opaque=0x555557701ca0, version_id=11) at migration/vmstate.c:143 #7 vmstate_load (f=0x5555569dc010, se=0x5555578189e0) at migration/savevm.c:829 #8 qemu_loadvm_section_start_full (f=0x5555569dc010, mis=0x5555569eee20) at migration/savevm.c:2211 #9 qemu_loadvm_state_main (f=0x5555569dc010, mis=0x5555569eee20) at migration/savevm.c:2395 #10 qemu_loadvm_state (f=0x5555569dc010) at migration/savevm.c:2467 #11 process_incoming_migration_co (opaque=0x0) at migration/migration.c:449 Fix this by preserving the state in saved_guest_offloads field and pushing out offload initialization to the new post load hook. Cc: qemu-stable@nongnu.org Signed-off-by: Mikhail Sennikovsky <mikhail.sennikovskii@cloud.ionos.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-10-29virtio: new post_load hookMichael S. Tsirkin
Post load hook in virtio vmsd is called early while device is processed, and when VirtIODevice core isn't fully initialized. Most device specific code isn't ready to deal with a device in such state, and behaves weirdly. Add a new post_load hook in a device class instead. Devices should use this unless they specifically want to verify the migration stream as it's processed, e.g. for bounds checking. Cc: qemu-stable@nongnu.org Suggested-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Mikhail Sennikovsky <mikhail.sennikovskii@cloud.ionos.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-10-29net: add tulip (dec21143) driverSven Schnelle
This adds the basic functionality to emulate a Tulip NIC. Implemented are: - RX and TX functionality - Perfect Frame Filtering - Big/Little Endian descriptor support - 93C46 EEPROM support - LXT970 PHY Not implemented, mostly because i had no OS using these functions: - Imperfect frame filtering - General Purpose Timer - Transmit automatic polling - Boot ROM support - SIA interface - Big/Little Endian data buffer conversion Successfully tested with the following Operating Systems: - MSDOS with Microsoft Network Client 3.0 and DEC ODI drivers - HPPA Linux - Windows XP - HP-UX Signed-off-by: Sven Schnelle <svens@stackframe.org> Message-Id: <20191022155413.4619-1-svens@stackframe.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-10-28Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-4.2-sf2' ↵Peter Maydell
into staging RISC-V Patches for the 4.2 Soft Freeze, Part 2 This patch set contains a handful of small fixes for RISC-V targets that I'd like to target for the 4.2 soft freeze. They include: * A fix to allow the debugger to access the state of all privilege modes, as opposed to just the currently executing one. * A pair of cleanups to implement cpu_do_transaction_failed. * Fixes to the device tree. * The addition of various memory regions to make the sifive_u machine more closely match the HiFive Unleashed board. * Fixes to our GDB interface to allow CSRs to be accessed. * A fix to a memory leak pointed out by coverity. * A fix that prevents PMP checks from firing incorrectly. This passes "make chcek" and boots Open Embedded for me. # gpg: Signature made Mon 28 Oct 2019 15:47:52 GMT # gpg: using RSA key 00CE76D1834960DFCE886DF8EF4CA1502CCBAB41 # gpg: issuer "palmer@dabbelt.com" # gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>" [unknown] # gpg: aka "Palmer Dabbelt <palmer@sifive.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41 * remotes/palmer/tags/riscv-for-master-4.2-sf2: target/riscv: PMP violation due to wrong size parameter riscv/boot: Fix possible memory leak target/riscv: Make the priv register writable by GDB target/riscv: Expose "priv" register for GDB for reads target/riscv: Tell gdbstub the correct number of CSRs riscv/virt: Jump to pflash if specified riscv/virt: Add the PFlash CFI01 device riscv/virt: Manually define the machine riscv/sifive_u: Add the start-in-flash property riscv/sifive_u: Manually define the machine riscv/sifive_u: Add QSPI memory region riscv/sifive_u: Add L2-LIM cache memory linux-user/riscv: Propagate fault address riscv: sifive_u: Add ethernet0 to the aliases node riscv: hw: Drop "clock-frequency" property of cpu nodes RISC-V: Implement cpu_do_transaction_failed RISC-V: Handle bus errors in the page table walker riscv: Skip checking CSR privilege level in debugger mode Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-10-28hw/m68k: add a dummy SWIM floppy controllerLaurent Vivier
SWIM (Sander-Wozniak Integrated Machine) is the floppy controller of the 680x0 Macintosh. This patch introduces only the basic support: it allows to switch from IWM (Integrated WOZ Machine) mode to the SWIM mode and makes the linux driver happy. It cannot read any floppy image. Co-developed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Hervé Poussineau <hpoussin@reactos.org> Message-Id: <20191026164546.30020-10-laurent@vivier.eu>
2019-10-28hw/m68k: add Nubus macfb video cardLaurent Vivier
This patch adds support for a graphic framebuffer device. This device can be added as a sysbus device or as a NuBus device. It is accessed as a framebuffer but the color palette can be set. Co-developed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Hervé Poussineau <hpoussin@reactos.org> Reviewed-by: Thomas Huth <huth@tuxfamily.org> Message-Id: <20191026164546.30020-9-laurent@vivier.eu>
2019-10-28hw/m68k: add Nubus supportLaurent Vivier
This patch adds basic support for the NuBus bus. This is used by 680x0 Macintosh. Co-developed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Thomas Huth <huth@tuxfamily.org> Message-Id: <20191026164546.30020-8-laurent@vivier.eu>