aboutsummaryrefslogtreecommitdiff
path: root/target/i386
AgeCommit message (Collapse)Author
2023-03-01i386/kvm: Set Xen vCPU ID in KVMDavid Woodhouse
There are (at least) three different vCPU ID number spaces. One is the internal KVM vCPU index, based purely on which vCPU was chronologically created in the kernel first. If userspace threads are all spawned and create their KVM vCPUs in essentially random order, then the KVM indices are basically random too. The second number space is the APIC ID space, which is consistent and useful for referencing vCPUs. MSIs will specify the target vCPU using the APIC ID, for example, and the KVM Xen APIs also take an APIC ID from userspace whenever a vCPU needs to be specified (as opposed to just using the appropriate vCPU fd). The third number space is not normally relevant to the kernel, and is the ACPI/MADT/Xen CPU number which corresponds to cs->cpu_index. But Xen timer hypercalls use it, and Xen timer hypercalls *really* want to be accelerated in the kernel rather than handled in userspace, so the kernel needs to be told. Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Paul Durrant <paul@xen.org>
2023-03-01i386/kvm: handle Xen HVM cpuid leavesJoao Martins
Introduce support for emulating CPUID for Xen HVM guests. It doesn't make sense to advertise the KVM leaves to a Xen guest, so do Xen unconditionally when the xen-version machine property is set. Signed-off-by: Joao Martins <joao.m.martins@oracle.com> [dwmw2: Obtain xen_version from KVM property, make it automatic] Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Paul Durrant <paul@xen.org>
2023-03-01i386/kvm: Add xen-version KVM accelerator property and init KVM Xen supportDavid Woodhouse
This just initializes the basic Xen support in KVM for now. Only permitted on TYPE_PC_MACHINE because that's where the sysbus devices for Xen heap overlay, event channel, grant tables and other stuff will exist. There's no point having the basic hypercall support if nothing else works. Provide sysemu/kvm_xen.h and a kvm_xen_get_caps() which will be used later by support devices. Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Paul Durrant <paul@xen.org>
2023-02-28accel/tcg: Add 'size' param to probe_access_fullRichard Henderson
Change to match the recent change to probe_access_flags. All existing callers updated to supply 0, so no change in behaviour. Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-02-28Merge tag 'buildsys-qom-qdev-ui-20230227' of https://github.com/philmd/qemu ↵Peter Maydell
into staging - buildsys - Various header cleaned up (removing pointless headers) - Mark various files/code user/system specific - Make various objects target-independent - Remove tswapN() calls from dump.o - Suggest g_assert_not_reached() instead of assert(0) - qdev / qom - Replace various container_of() by QOM cast macros - Declare some QOM macros using OBJECT_DECLARE_TYPE() - Embed OHCI QOM child in SM501 chipset - hw (ISA & IDE) - add some documentation, improve function names - un-inline, open-code few functions - have ISA API accessing IRQ/DMA prefer ISABus over ISADevice - Demote IDE subsystem maintenance to "Odd Fixes" - ui: Improve Ctrl+Alt hint on Darwin Cocoa # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmP9IeAACgkQ4+MsLN6t # wN7bdQ//SxJYJuQvqTT6s+O0LmP6NbqvhxCXX7YAwK2jCTM+zTgcqqRZCcisLQol # 3ENu2UhnZmiLKHSOxatOVozbws08/u8Vl+WkW4UTMUb1yo5KPaPtq808Y95RdAJB # 7D7B5juDGnFRAHXZz38zVk9uIuEkm+Po/pD0JQa+upBtAAgOJTqGavDNSR5+T0Yl # VjGdwK0b10skPqiF6OABYoy/4IFHVJJFIbARZh+a7hrF0llsbzUts5JiYsOxEEHQ # t3woUItdMnS1m0+Ty4AQ8m0Yv9y4HZOIzixvsZ+vChj5ariwUhL9/7wC/s/UCYEg # gKVA5X8R6n/ME6DScK99a+CyR/MXkz70b/rOUZxoutXhV3xdh4X1stL4WN9W/m3z # D4i4ZrUsDUcKCGWlj49of/dKbOPwk1+e/mT0oDZD6JzG0ODjfdVxvJ/JEV2iHgS3 # WqHuSKzX/20H9j7/MgfbQ0HjBFOQ8tl781vQzhD+y+cF/IiTsHhrE6esIWho4bob # kfSdVydUWWRnBsnyGoRZXoEMX9tn+pu0nKxEDm2Bo2+jajsa0aZZPokgjxaz4MnD # Hx+/p1E+8IuOn05JgzQSgTJmKFdSbya203tXIsTo1kL2aJTJ6QfMvgEPP/fkn+lS # oQyVBFZmb1JDdTM1MxOncnlWLg74rp/CWEc+u5pSdbxMO/M/uac= # =AV/+ # -----END PGP SIGNATURE----- # gpg: Signature made Mon 27 Feb 2023 21:34:24 GMT # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * tag 'buildsys-qom-qdev-ui-20230227' of https://github.com/philmd/qemu: (125 commits) ui/cocoa: user friendly characters for release mouse dump: Add create_win_dump() stub for non-x86 targets dump: Simplify compiling win_dump.o by introducing win_dump_available() dump: Clean included headers dump: Replace TARGET_PAGE_SIZE -> qemu_target_page_size() dump: Replace tswapN() -> cpu_to_dumpN() hw/ide/pci: Add PCIIDEState::isa_irq[] hw/ide/via: Replace magic 2 value by ARRAY_SIZE / MAX_IDE_DEVS hw/ide/piix: Refactor pci_piix_init_ports as pci_piix_init_bus per bus hw/ide/piix: Pass Error* to pci_piix_init_ports() for better error msg hw/ide/piix: Remove unused includes hw/ide/pci: Unexport bmdma_active_if() hw/ide/ioport: Remove unnecessary includes hw/ide: Declare ide_get_[geometry/bios_chs_trans] in 'hw/ide/internal.h' hw/ide: Rename idebus_active_if() -> ide_bus_active_if() hw/ide: Rename ide_init2() -> ide_bus_init_output_irq() hw/ide: Rename ide_exec_cmd() -> ide_bus_exec_cmd() hw/ide: Rename ide_register_restart_cb -> ide_bus_register_restart_cb hw/ide: Rename ide_create_drive() -> ide_bus_create_drive() hw/ide: Rename ide_set_irq() -> ide_bus_set_irq() ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-02-27hw: Move ioapic*.h to intc/Bernhard Beschow
The ioapic sources reside in hw/intc already. Move the headers there as well. Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20230213173033.98762-11-shentey@gmail.com> [PMD: Keep ioapic_internal.h in hw/intc/, not under include/] Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2023-02-27target/i386: Remove x86_cpu_dump_local_apic_state() dead stubPhilippe Mathieu-Daudé
x86_cpu_dump_local_apic_state() is called from monitor.c which is only compiled for system emulation since commit bf95728400 ("monitor: remove target-specific code from monitor.c"). Interestingly this stub was added few weeks later in commit 1f871d49e3 ("hmp: added local apic dump state") and was not necessary by that time. Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20221216220158.6317-5-philmd@linaro.org>
2023-02-27target/i386/cpu: Remove dead helper_lock() declarationPhilippe Mathieu-Daudé
Missed in commit 37b995f6e7 ("target-i386: remove helper_lock()"). Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20221216220158.6317-3-philmd@linaro.org>
2023-02-27target/i386: Remove NEED_CPU_H guard from target-specific headersPhilippe Mathieu-Daudé
NEED_CPU_H is always defined for these target-specific headers. Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20221216220158.6317-2-philmd@linaro.org>
2023-02-27target/cpu: Restrict cpu_get_phys_page_debug() handlers to sysemuPhilippe Mathieu-Daudé
The 'hwaddr' type is only available / meaningful on system emulation. Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20221216215519.5522-5-philmd@linaro.org>
2023-02-27i386: Add new CPU model SapphireRapidsWang, Lei
The new CPU model mostly inherits features from Icelake-Server, while adding new features: - AMX (Advance Matrix eXtensions) - Bus Lock Debug Exception and new instructions: - AVX VNNI (Vector Neural Network Instruction): - VPDPBUS: Multiply and Add Unsigned and Signed Bytes - VPDPBUSDS: Multiply and Add Unsigned and Signed Bytes with Saturation - VPDPWSSD: Multiply and Add Signed Word Integers - VPDPWSSDS: Multiply and Add Signed Integers with Saturation - FP16: Replicates existing AVX512 computational SP (FP32) instructions using FP16 instead of FP32 for ~2X performance gain - SERIALIZE: Provide software with a simple way to force the processor to complete all modifications, faster, allowed in all privilege levels and not causing an unconditional VM exit - TSX Suspend Load Address Tracking: Allows programmers to choose which memory accesses do not need to be tracked in the TSX read set - AVX512_BF16: Vector Neural Network Instructions supporting BFLOAT16 inputs and conversion instructions from IEEE single precision - fast zero-length MOVSB (KVM doesn't support yet) - fast short STOSB (KVM doesn't support yet) - fast short CMPSB, SCASB (KVM doesn't support yet) Features that may be added in future versions: - CET (virtualization support hasn't been merged) Signed-off-by: Wang, Lei <lei4.wang@intel.com> Reviewed-by: Robert Hoo <robert.hu@linux.intel.com> Message-Id: <20220812055751.14553-1-lei4.wang@intel.com> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-27target/i386: KVM: allow fast string operations if host supports themPaolo Bonzini
These are just a flag that documents the performance characteristic of an instruction; it needs no hypervisor support. So include them even if KVM does not show them. In particular, FZRM/FSRS/FSRC have only been added very recently, but they are available on Sapphire Rapids processors. Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-27target/i386: add FZRM, FSRS, FSRCPaolo Bonzini
These are three more markers for string operation optimizations. They can all be added to TCG, whose string operations are more or less as fast as they can be for short lengths. Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-27target/i386: add FSRM to TCGPaolo Bonzini
Fast short REP MOVS can be added to TCG, since a trivial translation of string operation is a good option for short lengths. Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-27target/i386: Fix BZHI instructionRichard Henderson
We did not correctly handle N >= operand size. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1374 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230114233206.3118472-1-richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-24Merge tag 'pull-error-2023-02-23' of https://repo.or.cz/qemu/armbru into stagingPeter Maydell
Error reporting patches patches for 2023-02-23 # -----BEGIN PGP SIGNATURE----- # # iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmP3ZogSHGFybWJydUBy # ZWRoYXQuY29tAAoJEDhwtADrkYZT+PsP/ibioHJkJiR8yMt2/2iSwpkMrphZDmRQ # 5sAgxCARdcp0m7maH4McCFkgtERcROip+j98FV29qI4y2P/mLkt1jyMYC+TH9r4O # X3G997526gzZBLIJJsnYlVlJ1Gbgn+uCy4AzRLuhaKAHsYoxkP0jygoSs/eIZ9tK # Wg2tkQ/wY4bXihrlzdOpWqU3Y0ADo2PQ29p7HWheRMDQz6JQxq82hFFs1jgGQ1aq # 4HmcpIMX0+/LshFbDU91dL1pxW17vWT9J3xtzAsWlfBBgAh257LKvJqVD0XojL04 # FxJZ05IqTXZ04gvwgji0dcvNjdmP/dXVoGLfxAYwCFtKxiig700bdNb0+6MjCT6u # P2tSPyQQzNQ5LYI7AgER4kMyXK22RkBXx+Q7y7QK1YXszWWSmGFZWGLA2FSg4lO6 # 5jsCgtEGixsMym/ox3XeoywSh4BgWkNXC+gKMSg/hQXgfriQmndHUOlK0ZU95I43 # 7gnPol+pU1HIEy/GDU8oMyieG513Ti1KVPZyv/FbuW75AYUDlHAXH/5OFlsuaLIR # 1QF449xCLR5vIOOLXHbKJ9jbkcAaidhq5pOhLr7oV3yKh4H53iNB7gy8+vJ6XtBf # tXXcYPVD8LpZxDegKNpIaeT0Nr4pyy6bYfrF+YeisVotD6PDtPALfJ9eSCWjaQsl # DG2opOfv5xuV # =VRxu # -----END PGP SIGNATURE----- # gpg: Signature made Thu 23 Feb 2023 13:13:44 GMT # gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653 # gpg: issuer "armbru@redhat.com" # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full] # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full] # Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653 * tag 'pull-error-2023-02-23' of https://repo.or.cz/qemu/armbru: rocker: Tweak stubbed out monitor commands' error messages migration/colo: Improve an x-colo-lost-heartbeat error message hw/core: Improve the query-hotpluggable-cpus error message replay: Simplify setting replay blockers qga: Drop dangling reference to QERR_QGA_LOGGING_DISABLED hw/acpi: Move QMP command to hw/core/ hw/acpi: Dumb down acpi_table_add() stub hw/smbios: Dumb down smbios_entry_add() stub hw/core: Improve error message when machine doesn't provide NMIs dump: Assert cpu_get_note_size() can't fail dump: Improve error message when target doesn't support memory dump error: Drop superfluous #include "qapi/qmp/qerror.h" Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-02-23error: Drop superfluous #include "qapi/qmp/qerror.h"Markus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20230207075115.1525-2-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Juan Quintela <quintela@redhat.com> Reviewed-by: Konstantin Kostiuk <kkostiuk@redhat.com>
2023-02-21target/i386/gdbstub: Fix a bug about order of FPU stack in 'g' packets.TaiseiIto
Before this commit, when GDB attached an OS working on QEMU, order of FPU stack registers printed by GDB command 'info float' was wrong. There was a bug causing the problem in 'g' packets sent by QEMU to GDB. The packets have values of registers of machine emulated by QEMU containing FPU stack registers. There are 2 ways to specify a x87 FPU stack register. The first is specifying by absolute indexed register names (R0, ..., R7). The second is specifying by stack top relative indexed register names (ST0, ..., ST7). Values of the FPU stack registers should be located in 'g' packet and be ordered by the relative index. But QEMU had located these registers ordered by the absolute index. After this commit, when QEMU reads registers to make a 'g' packet, QEMU specifies FPU stack registers by the relative index. Then, the registers are ordered correctly in the packet. As a result, GDB, the packet receiver, can print FPU stack registers in the correct order. Signed-off-by: TaiseiIto <taisei1212@outlook.jp> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <TY0PR0101MB4285923FBE9AD97CE832D95BA4E59@TY0PR0101MB4285.apcprd01.prod.exchangelabs.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-16target/i386: Fix 32-bit AD[CO]X insns in 64-bit modeRichard Henderson
Failure to truncate the inputs results in garbage for the carry-out. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1373 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20230115012103.3131796-1-richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-11target/i386: fix ADOX followed by ADCXPaolo Bonzini
When ADCX is followed by ADOX or vice versa, the second instruction's carry comes from EFLAGS and the condition codes use the CC_OP_ADCOX operation. Retrieving the carry from EFLAGS is handled by this bit of gen_ADCOX: tcg_gen_extract_tl(carry_in, cpu_cc_src, ctz32(cc_op == CC_OP_ADCX ? CC_C : CC_O), 1); Unfortunately, in this case cc_op has been overwritten by the previous "if" statement to CC_OP_ADCOX. This works by chance when the first instruction is ADCX; however, if the first instruction is ADOX, ADCX will incorrectly take its carry from OF instead of CF. Fix by moving the computation of the new cc_op at the end of the function. The included exhaustive test case fails without this patch and passes afterwards. Because ADCX/ADOX need not be invoked through the VEX prefix, this regression bisects to commit 16fc5726a6e2 ("target/i386: reimplement 0x0f 0x38, add AVX", 2022-10-18). However, the mistake happened a little earlier, when BMI instructions were rewritten using the new decoder framework. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1471 Reported-by: Paul Jolly <https://gitlab.com/myitcv> Fixes: 1d0b926150e5 ("target/i386: move scalar 0F 38 and 0F 3A instruction to new decoder", 2022-10-18) Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-11target/i386: Fix C flag for BLSI, BLSMSK, BLSRRichard Henderson
We forgot to set cc_src, which is used for computing C. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1370 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230114180601.2993644-1-richard.henderson@linaro.org> Cc: qemu-stable@nongnu.org Fixes: 1d0b926150e5 ("target/i386: move scalar 0F 38 and 0F 3A instruction to new decoder", 2022-10-18) Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-11target/i386: Fix BEXTR instructionRichard Henderson
There were two problems here: not limiting the input to operand bits, and not correctly handling large extraction length. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1372 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230114230542.3116013-3-richard.henderson@linaro.org> Cc: qemu-stable@nongnu.org Fixes: 1d0b926150e5 ("target/i386: move scalar 0F 38 and 0F 3A instruction to new decoder", 2022-10-18) Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-02-04target/i386: Inline cmpxchg16bRichard Henderson
Use tcg_gen_atomic_cmpxchg_i128 for the atomic case, and tcg_gen_qemu_ld/st_i128 otherwise. Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-02-04target/i386: Inline cmpxchg8bRichard Henderson
Use tcg_gen_atomic_cmpxchg_i64 for the atomic case, and tcg_gen_nonatomic_cmpxchg_i64 otherwise. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-02-04target/i386: Split out gen_cmpxchg8b, gen_cmpxchg16bRichard Henderson
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-01-26docs/about/deprecated: Mark HAXM in QEMU as deprecatedThomas Huth
The HAXM project has been retired (see https://github.com/intel/haxm#status), so we should mark the code in QEMU as deprecated (and finally remove it unless somebody else picks the project up again - which is quite unlikely since there are now whpx and hvf on these operating systems, too). Message-Id: <20230126121034.1035138-1-thuth@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-01-20Merge tag 'pull-include-2023-01-20' of https://repo.or.cz/qemu/armbru into ↵Peter Maydell
staging Header cleanup patches for 2023-01-20 # -----BEGIN PGP SIGNATURE----- # # iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmPKN6YSHGFybWJydUBy # ZWRoYXQuY29tAAoJEDhwtADrkYZTPeoQAIKl/BF6PFRNq0/k3vPqMe6nltjgkpa/ # p7E5qRlo31RCeUB+f0iW26mySnNTgYkE28yy57HxUML/9Lp1bbxyDgRNiJ406a4L # kFVF04kOIFez1+mfvWN92DZqcl/EAAqNL6XqSFyO38kYwcsFsi+BZ7DLZbL9Ea8v # wVywB96mN6KyrLWCJ2D0OqIVuPHSHol+5zt9e6+ShBgN0FfElLbv0F4KH3VJ1olA # psKl6w6V9+c2zV1kT/H+S763m6mQdwtVo/UuOJoElI+Qib/UBxDOrhdYf4Zg7hKf # ByUuhJUASm8y9yD/42mFs90B6eUNzLSBC8v1PgRqSqDHtllveP4RysklBlyIMlOs # DKtqEuRuIJ/qDXliIFHY6tBnUkeITSd7BCxkQYfaGyaSOcviDSlE3AyaaBC0sY4F # P/lTTiRg5ksvhDYtJnW3mSfmT2PY7aBtyE3D1Z84v9hek6D0reMQTE97yL/j4m7P # wJP8aM3Z8GILCVxFIh02wmqWZhZUCGsIDS/vxVm+u060n66qtDIQFBoazsFJrCME # eWI+qDNDr6xhLegeYajGDM9pdpQc3x0siiuHso4wMSI9NZxwP+tkCVhTpqmrRcs4 # GSH/4IlUXqEZdUQDL38DfA22C1TV8BzyMhGLTUERWWYki1sr99yv0pdFyk5r3nLB # SURwr58rB2zo # =dOfq # -----END PGP SIGNATURE----- # gpg: Signature made Fri 20 Jan 2023 06:41:42 GMT # gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653 # gpg: issuer "armbru@redhat.com" # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full] # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full] # Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653 * tag 'pull-include-2023-01-20' of https://repo.or.cz/qemu/armbru: include/hw/ppc include/hw/pci-host: Drop extra typedefs include/hw/ppc: Don't include hw/pci-host/pnv_phb.h from pnv.h include/hw/ppc: Supply a few missing includes include/hw/ppc: Split pnv_chip.h off pnv.h include/hw/block: Include hw/block/block.h where needed hw/sparc64/niagara: Use blk_name() instead of open-coding it include/block: Untangle inclusion loops coroutine: Use Coroutine typedef name instead of structure tag coroutine: Split qemu/coroutine-core.h off qemu/coroutine.h coroutine: Clean up superfluous inclusion of qemu/lockable.h coroutine: Move coroutine_fn to qemu/osdep.h, trim includes coroutine: Clean up superfluous inclusion of qemu/coroutine.h Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-01-20include/block: Untangle inclusion loopsMarkus Armbruster
We have two inclusion loops: block/block.h -> block/block-global-state.h -> block/block-common.h -> block/blockjob.h -> block/block.h block/block.h -> block/block-io.h -> block/block-common.h -> block/blockjob.h -> block/block.h I believe these go back to Emanuele's reorganization of the block API, merged a few months ago in commit d7e2fe4aac8. Fortunately, breaking them is merely a matter of deleting unnecessary includes from headers, and adding them back in places where they are now missing. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20221221133551.3967339-2-armbru@redhat.com>
2023-01-18bulk: Rename TARGET_FMT_plx -> HWADDR_FMT_plxPhilippe Mathieu-Daudé
The 'hwaddr' type is defined in "exec/hwaddr.h" as: hwaddr is the type of a physical address (its size can be different from 'target_ulong'). All definitions use the 'HWADDR_' prefix, except TARGET_FMT_plx: $ fgrep define include/exec/hwaddr.h #define HWADDR_H #define HWADDR_BITS 64 #define HWADDR_MAX UINT64_MAX #define TARGET_FMT_plx "%016" PRIx64 ^^^^^^ #define HWADDR_PRId PRId64 #define HWADDR_PRIi PRIi64 #define HWADDR_PRIo PRIo64 #define HWADDR_PRIu PRIu64 #define HWADDR_PRIx PRIx64 #define HWADDR_PRIX PRIX64 Since hwaddr's size can be *different* from target_ulong, it is very confusing to read one of its format using the 'TARGET_FMT_' prefix, normally used for the target_long / target_ulong types: $ fgrep TARGET_FMT_ include/exec/cpu-defs.h #define TARGET_FMT_lx "%08x" #define TARGET_FMT_ld "%d" #define TARGET_FMT_lu "%u" #define TARGET_FMT_lx "%016" PRIx64 #define TARGET_FMT_ld "%" PRId64 #define TARGET_FMT_lu "%" PRIu64 Apparently this format was missed during commit a8170e5e97 ("Rename target_phys_addr_t to hwaddr"), so complete it by doing a bulk-rename with: $ sed -i -e s/TARGET_FMT_plx/HWADDR_FMT_plx/g $(git grep -l TARGET_FMT_plx) Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20230110212947.34557-1-philmd@linaro.org> [thuth: Fix some warnings from checkpatch.pl along the way] Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-01-11target/i386: fix operand size of unary SSE operationsPaolo Bonzini
VRCPSS, VRSQRTSS and VCVTSx2Sx have a 32-bit or 64-bit memory operand, which is represented in the decoding tables by X86_VEX_REPScalar. Add it to the tables, and make validate_vex() handle the case of an instruction that is in exception type 4 without the REP prefix and exception type 5 with it; this is the cas of VRCP and VRSQRT. Reported-by: yongwoo <https://gitlab.com/yongwoo36> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1377 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-01-11target/i386: Remove compilation errors when -Werror=maybe-uninitializedEric Auger
To avoid compilation errors when -Werror=maybe-uninitialized is used, add a default case with g_assert_not_reached(). Otherwise with GCC 11.3.1 "cc (GCC) 11.3.1 20220421 (Red Hat 11.3.1-2)" we get: ../target/i386/ops_sse.h: In function ‘helper_vpermdq_ymm’: ../target/i386/ops_sse.h:2495:13: error: ‘r3’ may be used uninitialized in this function [-Werror=maybe-uninitialized] 2495 | d->Q(3) = r3; | ~~~~~~~~^~~~ ../target/i386/ops_sse.h:2494:13: error: ‘r2’ may be used uninitialized in this function [-Werror=maybe-uninitialized] 2494 | d->Q(2) = r2; | ~~~~~~~~^~~~ ../target/i386/ops_sse.h:2493:13: error: ‘r1’ may be used uninitialized in this function [-Werror=maybe-uninitialized] 2493 | d->Q(1) = r1; | ~~~~~~~~^~~~ ../target/i386/ops_sse.h:2492:13: error: ‘r0’ may be used uninitialized in this function [-Werror=maybe-uninitialized] 2492 | d->Q(0) = r0; | ~~~~~~~~^~~~ Signed-off-by: Eric Auger <eric.auger@redhat.com> Message-Id: <20221222140158.1260748-1-eric.auger@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-01-11i386: Emit correct error code for 64-bit IDT entryJoe Richey
When in 64-bit mode, IDT entiries are 16 bytes, so `intno * 16` is used for base/limit/offset calculations. However, even in 64-bit mode, the exception error code still uses bits [3,16) for the invlaid interrupt index. This means the error code should still be `intno * 8 + 2` even in 64-bit mode. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1382 Signed-off-by: Joe Richey <joerichey@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-01-06target/i386: Add SGX aex-notify and EDECCSSA supportKai Huang
The new SGX Asynchronous Exit (AEX) notification mechanism (AEX-notify) allows one enclave to receive a notification in the ERESUME after the enclave exit due to an AEX. EDECCSSA is a new SGX user leaf function (ENCLU[EDECCSSA]) to facilitate the AEX notification handling. Whether the hardware supports to create enclave with AEX-notify support is enumerated via CPUID.(EAX=0x12,ECX=0x1):EAX[10]. The new EDECCSSA user leaf function is enumerated via CPUID.(EAX=0x12,ECX=0x0):EAX[11]. Add support to allow to expose the new SGX AEX-notify feature and the new EDECCSSA user leaf function to KVM guest. Link: https://lore.kernel.org/lkml/166760360549.4906.809756297092548496.tip-bot2@tip-bot2/ Link: https://lore.kernel.org/lkml/166760360934.4906.2427175408052308969.tip-bot2@tip-bot2/ Reviewed-by: Yang Zhong <yang.zhong@linux.intel.com> Signed-off-by: Kai Huang <kai.huang@intel.com> Message-Id: <20221109024834.172705-1-kai.huang@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-01-06KVM: remove support for kernel-irqchip=offPaolo Bonzini
-machine kernel-irqchip=off is broken for many guest OSes; kernel-irqchip=split is the replacement that works, so remove the deprecated support for the former. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-12-16target/i386: Convert to 3-phase resetPeter Maydell
Convert the i386 CPU class to use 3-phase reset, so it doesn't need to use device_class_set_parent_reset() any more. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Edgar E. Iglesias <edgar@zeroasic.com> Reviewed-by: Taylor Simpson <tsimpson@quicinc.com> Message-id: 20221124115023.2437291-7-peter.maydell@linaro.org
2022-12-15Merge tag 'pull-misc-2022-12-14' of https://repo.or.cz/qemu/armbru into stagingPeter Maydell
Miscellaneous patches for 2022-12-14 # gpg: Signature made Wed 14 Dec 2022 15:23:02 GMT # gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653 # gpg: issuer "armbru@redhat.com" # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full] # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full] # Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653 * tag 'pull-misc-2022-12-14' of https://repo.or.cz/qemu/armbru: ppc4xx_sdram: Simplify sdram_ddr_size() to return block/vmdk: Simplify vmdk_co_create() to return directly cleanup: Tweak and re-run return_directly.cocci io: Tidy up fat-fingered parameter name qapi: Use returned bool to check for failure (again) sockets: Use ERRP_GUARD() where obviously appropriate qemu-config: Use ERRP_GUARD() where obviously appropriate qemu-config: Make config_parse_qdict() return bool monitor: Use ERRP_GUARD() in monitor_init() monitor: Simplify monitor_fd_param()'s error handling error: Move ERRP_GUARD() to the beginning of the function error: Drop a few superfluous ERRP_GUARD() error: Drop some obviously superfluous error_propagate() Drop more useless casts from void * to pointer Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-12-14qapi machine: Elide redundant has_FOO in generated CMarkus Armbruster
The has_FOO for pointer-valued FOO are redundant, except for arrays. They are also a nuisance to work with. Recent commit "qapi: Start to elide redundant has_FOO in generated C" provided the means to elide them step by step. This is the step for qapi/machine*.json. Said commit explains the transformation in more detail. The invariant violations mentioned there do not occur here. Cc: Eduardo Habkost <eduardo@habkost.net> Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com> Cc: Philippe Mathieu-Daudé <f4bug@amsat.org> Cc: Yanan Wang <wangyanan55@huawei.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20221104160712.3005652-16-armbru@redhat.com>
2022-12-14qapi: Use returned bool to check for failure (again)Markus Armbruster
Commit 012d4c96e2 changed the visitor functions taking Error ** to return bool instead of void, and the commits following it used the new return value to simplify error checking. Since then a few more uses in need of the same treatment crept in. Do that. All pretty mechanical except for * balloon_stats_get_all() This is basically the same transformation commit 012d4c96e2 applied to the virtual walk example in include/qapi/visitor.h. * set_max_queue_size() Additionally replace "goto end of function" by return. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20221121085054.683122-10-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2022-12-14Drop more useless casts from void * to pointerMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20221123133811.1398562-1-armbru@redhat.com>
2022-12-01target/i386: Always completely initialize TranslateFaultRichard Henderson
In get_physical_address, the canonical address check failed to set TranslateFault.stage2, which resulted in an uninitialized read from the struct when reporting the fault in x86_cpu_tlb_fill. Adjust all error paths to use structure assignment so that the entire struct is always initialized. Reported-by: Daniel Hoffman <dhoff749@gmail.com> Fixes: 9bbcf372193a ("target/i386: Reorg GET_HPHYS") Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20221201074522.178498-1-richard.henderson@linaro.org> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1324 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-12-01target/i386: allow MMX instructions with CR4.OSFXSR=0Paolo Bonzini
MMX state is saved/restored by FSAVE/FRSTOR so the instructions are not illegal opcodes even if CR4.OSFXSR=0. Make sure that validate_vex takes into account the prefix and only checks HF_OSFXSR_MASK in the presence of an SSE instruction. Fixes: 20581aadec5e ("target/i386: validate VEX prefixes via the instructions' exception classes", 2022-10-18) Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1350 Reported-by: Helge Konetzka (@hejko on gitlab.com) Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-11-15target/i386: hardcode R_EAX as destination register for LAHF/SAHFPaolo Bonzini
When translating code that is using LAHF and SAHF in combination with the REX prefix, the instructions should not use any other register than AH; however, QEMU selects SPL (SP being register 4, just like AH) if the REX prefix is present. To fix this, use deposit directly without going through gen_op_mov_v_reg and gen_op_mov_reg_v. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/130 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-11-15target/i386: fix cmpxchg with 32-bit register destinationPaolo Bonzini
Unlike the memory case, where "the destination operand receives a write cycle without regard to the result of the comparison", rm must not be touched altogether if the write fails, including not zero-extending it on 64-bit processors. This is not how the movcond currently works, because it is always followed by a gen_op_mov_reg_v to rm. To fix it, introduce a new function that is similar to gen_op_mov_reg_v but writes to a TCG temporary. Considering that gen_extu(ot, oldv) is not needed in the memory case either, the two cases for register and memory destinations are different enough that one might as well fuse the two "if (mod == 3)" into one. So do that too. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/508 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> [rth: Add a test case ] Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-11-03Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into stagingStefan Hajnoczi
* bug fixes * reduced memory footprint for IPI virtualization on Intel processors * asynchronous teardown support (Linux only) # -----BEGIN PGP SIGNATURE----- # # iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmNiVykUHHBib256aW5p # QHJlZGhhdC5jb20ACgkQv/vSX3jHroN0Swf/YxjphCtFgYYSO14WP+7jAnfRZLhm # 0xWChWP8rco5I352OBFeFU64Av5XoLGNn6SZLl8lcg86lQ/G0D27jxu6wOcDDHgw # 0yTDO1gevj51UKsbxoC66OWSZwKTEo398/BHPDcI2W41yOFycSdtrPgspOrFRVvf # 7M3nNjuNPsQorZeuu8NGr3jakqbt99ZDXcyDEWbrEAcmy2JBRMbGgT0Kdnc6aZfW # CvL+1ljxzldNwGeNBbQW2QgODbfHx5cFZcy4Daze35l5Ra7K/FrgAzr6o/HXptya # 9fEs5LJQ1JWI6JtpaWwFy7fcIIOsJ0YW/hWWQZSDt9JdAJFE5/+vF+Kz5Q== # =CgrO # -----END PGP SIGNATURE----- # gpg: Signature made Wed 02 Nov 2022 07:40:25 EDT # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * tag 'for-upstream' of https://gitlab.com/bonzini/qemu: target/i386: Fix test for paging enabled util/log: Close per-thread log file on thread termination target/i386: Set maximum APIC ID to KVM prior to vCPU creation os-posix: asynchronous teardown for shutdown on Linux target/i386: Fix calculation of LOCK NEG eflags Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2022-11-02target/i386: Fix test for paging enabledRichard Henderson
If CR0.PG is unset, pg_mode will be zero, but it will also be zero for non-PAE/non-PSE page tables with CR0.WP=0. Restore the correct test for paging enabled. Fixes: 98281984a37 ("target/i386: Add MMU_PHYS_IDX and MMU_NESTED_IDX") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1269 Reported-by: Andreas Gustafsson <gson@gson.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20221102091232.1092552-1-richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-11-01target/i386: Expand eflags updates inlineRichard Henderson
The helpers for reset_rf, cli, sti, clac, stac are completely trivial; implement them inline. Drop some nearby #if 0 code. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-11-01accel/tcg: Remove will_exit argument from cpu_restore_stateRichard Henderson
The value passed is always true, and if the target's synchronize_from_tb hook is non-trivial, not exiting may be erroneous. Reviewed-by: Claudio Fontana <cfontana@suse.de> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-11-01target/i386: Use cpu_unwind_state_data for tpr accessRichard Henderson
Avoid cpu_restore_state, and modifying env->eip out from underneath the translator with TARGET_TB_PCREL. There is some slight duplication from x86_restore_state_to_opc, but it's just a few lines. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1269 Reviewed-by: Claudio Fontana <cfontana@suse.de> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-10-31target/i386: Set maximum APIC ID to KVM prior to vCPU creationZeng Guang
Specify maximum possible APIC ID assigned for current VM session to KVM prior to the creation of vCPUs. By this setting, KVM can set up VM-scoped data structure indexed by the APIC ID, e.g. Posted-Interrupt Descriptor pointer table to support Intel IPI virtualization, with the most optimal memory footprint. It can be achieved by calling KVM_ENABLE_CAP for KVM_CAP_MAX_VCPU_ID capability once KVM has enabled it. Ignoring the return error if KVM doesn't support this capability yet. Signed-off-by: Zeng Guang <guang.zeng@intel.com> Acked-by: Peter Xu <peterx@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Message-Id: <20220825025246.26618-1-guang.zeng@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-10-31target/i386: Fix calculation of LOCK NEG eflagsQi Hu
After: lock negl -0x14(%rbp) pushf pop %rax %rax will contain the wrong value because the "lock neg" calculates the wrong eflags. Simple test: #include <assert.h> int main() { __volatile__ unsigned test = 0x2363a; __volatile__ char cond = 0; asm( "lock negl %0 \n\t" "sets %1" : "=m"(test), "=r"(cond)); assert(cond & 1); return 0; } Reported-by: Jinyang Shen <shenjinyang@loongson.cn> Co-Developed-by: Xuehai Chen <chenxuehai@loongson.cn> Signed-off-by: Xuehai Chen <chenxuehai@loongson.cn> Signed-off-by: Qi Hu <huqi@loongson.cn> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>