aboutsummaryrefslogtreecommitdiff
path: root/target/i386
AgeCommit message (Collapse)Author
2017-05-18Merge remote-tracking branch 'quintela/tags/migration/20170517' into stagingStefan Hajnoczi
migration/next for 20170517 # gpg: Signature made Wed 17 May 2017 11:46:36 AM BST # gpg: using RSA key 0xF487EF185872D723 # gpg: Good signature from "Juan Quintela <quintela@redhat.com>" # gpg: aka "Juan Quintela <quintela@trasno.org>" # Primary key fingerprint: 1899 FF8E DEBF 58CC EE03 4B82 F487 EF18 5872 D723 * quintela/tags/migration/20170517: migration: Move check_migratable() into qdev.c migration: Move postcopy stuff to postcopy-ram.c migration: Move page_cache.c to migration/ migration: Create migration/blocker.h ram: Rename RAM_SAVE_FLAG_COMPRESS to RAM_SAVE_FLAG_ZERO migration: Pass Error ** argument to {save,load}_vmstate migration: Fix regression with compression threads Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-05-17qdev: Replace cannot_instantiate_with_device_add_yet with !user_creatableEduardo Habkost
cannot_instantiate_with_device_add_yet was introduced by commit efec3dd631d94160288392721a5f9c39e50fb2bc to replace no_user. It was supposed to be a temporary measure. When it was introduced, we had 54 cannot_instantiate_with_device_add_yet=true lines in the code. Today (3 years later) this number has not shrunk: we now have 57 cannot_instantiate_with_device_add_yet=true lines. I think it is safe to say it is not a temporary measure, and we won't see the flag go away soon. Instead of a long field name that misleads people to believe it is temporary, replace it a shorter and less misleading field: user_creatable. Except for code comments, changes were generated using the following Coccinelle patch: @@ expression DC; @@ ( -DC->cannot_instantiate_with_device_add_yet = false; +DC->user_creatable = true; | -DC->cannot_instantiate_with_device_add_yet = true; +DC->user_creatable = false; ) @@ typedef ObjectClass; expression dc; identifier class, data; @@ static void device_class_init(ObjectClass *class, void *data) { ... dc->hotpluggable = true; +dc->user_creatable = true; ... } @@ @@ struct DeviceClass { ... -bool cannot_instantiate_with_device_add_yet; +bool user_creatable; ... } @@ expression DC; @@ ( -!DC->cannot_instantiate_with_device_add_yet +DC->user_creatable | -DC->cannot_instantiate_with_device_add_yet +!DC->user_creatable ) Cc: Alistair Francis <alistair.francis@xilinx.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Marcel Apfelbaum <marcel@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Thomas Huth <thuth@redhat.com> Acked-by: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Acked-by: Marcel Apfelbaum <marcel@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170503203604.31462-2-ehabkost@redhat.com> [ehabkost: kept "TODO remove once we're there" comment] Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-05-17migration: Create migration/blocker.hJuan Quintela
This allows us to remove lots of includes of migration/migration.h Signed-off-by: Juan Quintela <quintela@redhat.com> Reviewed-by: Peter Xu <peterx@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2017-05-11migration/i386: Remove support for pre-0.12 formatsDr. David Alan Gilbert
Remove support for versions of the CPU state prior to 11 which is the version used in qemu 0.12 - you'd be pretty lucky if you got a migration stream to work from anything that old anyway. This doesn't affect the machine type definition in any way. My main reason for doing this is the hack for sysenter_esp/eip that uses .get/.put's in state versions less than 7 (that's prior to somewhere before 0.10). Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <20170405190024.27581-4-dgilbert@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-05-11vmstatification: i386 FPRegDr. David Alan Gilbert
Convert the fpreg save/restore to use VMSTATE_ macros rather than .get/.put. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <20170405190024.27581-3-dgilbert@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-05-11migration/i386: Remove old non-softfloat 64bit FP supportDr. David Alan Gilbert
Long long ago, we used to support storing the x86 FP registers in a 64bit format. Then c31da136a0bf8caad70c348f5ffc283206e9c7fc in v0.14-rc0 removed the last support for writing that in the migration format. Even before that, it was only used if you had softfloat disabled (i.e. !USE_X86LDOUBLE) so in practice use of it in even earlier qemu is unlikely for most users. Kill it off, it's complicated, and possibly broken. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <20170405190024.27581-2-dgilbert@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-05-11pc: add node-id property to CPUIgor Mammedov
it will allow switching from cpu_index to property based numa mapping in follow up patches. PS: patch changes default value of CPUState::numa_node from 0 to CPU_UNSET_NUMA_NODE_ID. The only place for x86 that would affected is monitor's 'infor numa' command which uses that field. However legacy 0 value is still preserved by pc_cpu_pre_plug() in this patch if user/numa.c hasn't set it explicitly, so there is no change in behavior. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1494415802-227633-4-git-send-email-imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-05-11i386: rewrite way CPUID index is validatedDaniel P. Berrange
Change the nested if statements into a flat format, to make it clearer what validation / capping is being performed on different CPUID index values. NB this changes behaviour when "index > env->cpuid_xlevel2". This won't have any guest-visible effect because no there is no CPUID[0xC0000001] feature supported by TCG, and KVM code will never call cpu_x86_cpuid() with such an index value. Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <20170509132736.10071-2-berrange@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-05-05hax: Fix memory mapping de-duplication logicYu Ning
hax_update_mapping() avoids unnecessary and potentially expensive calls to HAX_VM_IOCTL_SET_RAM by computing the net result (i.e. effective mapping changes) of each MemoryRegion transaction, with the help of a linked list of HAXMapping objects. However, when processing a new mapping that overlaps with an existing mapping in the list, it fails to handle the case where the start address of the new mapping is above that of the existing mapping in the guest physical address space. This happens when QEMU is launched with "-machine q35 -enable-hax", which involves the following MemoryRegion transaction for digging the VGA hole: region_del: 0x00000000->0x08000000 VA 05fa0000 ('pc.ram') region_add: 0x00000000->0x000a0000 VA 05fa0000 ('pc.ram') region_add: 0x000a0000->0x000c0000 VA 00000000 ('vga-lowmem') region_add: 0x000c0000->0x08000000 VA 06060000 ('pc.ram') where the third MemoryRegion is MMIO and is ignored. The current de-duplication logic handles the last MemoryRegion incorrectly and produces the following result: hax_mapping_dump_list updates: + 0x000c0000->0x08000000 VA 0x06060000 - 0x07fe0000->0x08000000 VA 0x0df80000 which is why VGA emulation does not work for Q35. With this patch, one can see VGA output as Q35 boots up. Note that Q35 support also requires a change to HAXM kernel module, which is not available in the current HAXM release (6.1.2). + Add a warning if the input MemoryRegion is a ROM device, which is not supported by HAXM kernel module at this time. Signed-off-by: Yu Ning <yu.ning@linux.intel.com> Message-Id: <20170428072723.7036-1-yu.ning@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-05-05target/i386: Add GDB XML register description supportAbdallah Bouassida
This patch implements XML target description support for X86 and X86-64 architectures in the GDB stub, as the way with ARM and PowerPC: - gdb-xml/32bit-core.xml & gdb-xml/64bit-core.xml: Adding the XML target description files, these files are picked from GDB source code. - configure: Define gdb_xml_files for X86 targets. - target/i386/cpu.c: Define gdb_core_xml_file and gdb_arch_name to add XML awareness for this architecture, modify the gdb_num_core_regs to fit the registers number defined in each XML file. Signed-off-by: Abdallah Bouassida <abdallah.bouassida@lauterbach.com> Message-Id: <2b3c8119-1602-28c7-eab4-296593877103@lauterbach.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-04-10target/i386/misc_helper: wrap BQL around another IRQ generatorAlex Bennée
Anything that calls into HW emulation must be protected by the BQL. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Acked-by: Eduardo Habkost <ehabkost@redhat.com>
2017-04-02target-i386: fix "info lapic" segfault on isapcTejaswini Poluri
Start QEMU with "qemu-system-x86_64 -nographic -M isapc -serial none-monitor stdio" and enter "info lapic" at the monitor prompt ⇒ Segmentation fault Signed-off-by: Tejaswini Poluri <tejaswinipoluri3@gmail.com> Message-Id: <1490685583-16987-1-git-send-email-tejaswinipoluri3@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-31hmp: fix "dump-quest-memory" segfaultIwona Kotlarska
Running QEMU with "qemu-system-x86_64 -M none -nographic -m 256" and executing "dump-guest-memory /dev/null 0 8192" results in segfault. Fix by checking if we have CPU. Signed-off-by: Iwona Kotlarska <iwona260909@gmail.com> Message-Id: <20170330050924.22134-1-iwona260909@gmail.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Fixed up title
2017-03-28i386: Don't override -cpu options on -cpu host/maxEduardo Habkost
The existing code for "host" and "max" CPU models overrides every single feature in the CPU object at realize time, even the ones that were explicitly enabled or disabled by the user using "feat=on" or "feat=off", while features set using +feat/-feat are kept. This means "-cpu host,+invtsc" works as expected, while "-cpu host,invtsc=on" doesn't. This was a known bug, already documented in a comment inside x86_cpu_expand_features(). What makes this bug worse now is that libvirt 3.0.0 and newer now use "feat=on|off" instead of +feat/-feat when it detects a QEMU version that supports it (see libvirt commit d47db7b16dd5422c7e487c8c8ee5b181a2f9cd66). Change the feature property getter/setter to set a env->user_features field, to keep track of features that were explicitly changed using QOM properties. Then make the max_features code not override user features when handling "-cpu host" and "-cpu max". This will also allow us to remove the plus_features/minus_features hack in the future, but I plan to do that after 2.9.0 is released. Reported-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170327144815.8043-3-ehabkost@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-03-28i386: Replace uint32_t* with FeatureWord on feature getter/setterEduardo Habkost
Instead of passing a pointer to the feature property getter and setter functions, pass a FeatureWord enum so they can perform other actions related to the feature flag. This will be used to add a new "user_features" field to keep track of features that were explicitly set by the user. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170327144815.8043-2-ehabkost@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-03-24tcg/i386: Check the size of instruction being translatedPranith Kumar
This fixes the bug: 'user-to-root privesc inside VM via bad translation caching' reported by Jann Horn here: https://bugs.chromium.org/p/project-zero/issues/detail?id=1122 Reviewed-by: Richard Henderson <rth@twiddle.net> CC: Peter Maydell <peter.maydell@linaro.org> CC: Paolo Bonzini <pbonzini@redhat.com> Reported-by: Jann Horn <jannh@google.com> Signed-off-by: Pranith Kumar <bobby.prani@gmail.com> Message-Id: <20170323175851.14342-1-bobby.prani@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-14kvm: Print MSR information if KVM_{GET,SET}_MSRS failedEduardo Habkost
When a KVM_{GET,SET}_MSRS ioctl() fails, it is difficult to find out which MSR caused the problem. Print an error message for debugging, before we trigger the (ret == cpu->kvm_msr_buf->nmsrs) assert. Suggested-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170309194634.28457-1-ehabkost@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-13Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into ↵Peter Maydell
staging x86: Haswell TSX blacklist fix for 2.9 # gpg: Signature made Fri 10 Mar 2017 18:45:08 GMT # gpg: using RSA key 0x2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: i386: Change stepping of Haswell to non-blacklisted value i386/kvm: Blacklist TSX on known broken hosts i386: host_vendor_fms() helper function Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-10i386: Change stepping of Haswell to non-blacklisted valueEduardo Habkost
glibc blacklists TSX on Haswell CPUs with model==60 and stepping < 4. To make the Haswell CPU model more useful, make those guests actually use TSX by changing CPU stepping to 4. References: * glibc commit 2702856bf45c82cf8e69f2064f5aa15c0ceb6359 https://sourceware.org/git/?p=glibc.git;a=commit;h=2702856bf45c82cf8e69f2064f5aa15c0ceb6359 Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170309181212.18864-4-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-03-10i386/kvm: Blacklist TSX on known broken hostsEduardo Habkost
Some Intel CPUs are known to have a broken TSX implementation. A microcode update from Intel disabled TSX on those CPUs, but GET_SUPPORTED_CPUID might be reporting it as supported if the hosts were not updated yet. Manually fixup the GET_SUPPORTED_CPUID data to ensure we will never enable TSX when running on those hosts. Reference: * glibc commit 2702856bf45c82cf8e69f2064f5aa15c0ceb6359: https://sourceware.org/git/?p=glibc.git;a=commit;h=2702856bf45c82cf8e69f2064f5aa15c0ceb6359 Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170309181212.18864-3-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-03-10i386: host_vendor_fms() helper functionEduardo Habkost
Helper function for code that needs to check the host CPU vendor/family/model/stepping values. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170309181212.18864-2-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-03-09target-i386: defer VMEXIT to do_interruptPaolo Bonzini
Paths through the softmmu code during code generation now need to be audited to check for double locking of tb_lock. In particular, VMEXIT can take tb_lock through cpu_vmexit -> cpu_x86_update_cr4 -> tlb_flush. To avoid this, split VMEXIT delivery in two parts, similar to what is done with exceptions. cpu_vmexit only records the VMEXIT exit code and information, and cc->do_interrupt can then deliver it when it is safe to take the lock. Reported-by: Alexander Boettcher <alexander.boettcher@genode-labs.com> Suggested-by: Richard Henderson <rth@twiddle.net> Tested-by: Alexander Boettcher <alexander.boettcher@genode-labs.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
2017-03-09target/i386/cpu.h: declare TCG_GUEST_DEFAULT_MOAlex Bennée
This suppresses the incorrect warning when forcing MTTCG for x86 guests on x86 hosts. A future patch will still warn when TARGET_SUPPORT_MTTCG hasn't been defined for the guest (which is still pending for x86). Reported-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com>
2017-03-03x86: Work around SMI migration breakagesDr. David Alan Gilbert
Migration from a 2.3.0 qemu results in a reboot on the receiving QEMU due to a disagreement about SM (System management) interrupts. 2.3.0 didn't have much SMI support, but it did set CPU_INTERRUPT_SMI and this gets into the migration stream, but on 2.3.0 it never got delivered. ~2.4.0 SMI interrupt support was added but was broken - so that when a 2.3.0 stream was received it cleared the CPU_INTERRUPT_SMI but never actually caused an interrupt. The SMI delivery was recently fixed by 68c6efe07a, but the effect now is that an incoming 2.3.0 stream takes the interrupt it had flagged but it's bios can't actually handle it(I think partly due to the original interrupt not being taken during boot?). The consequence is a triple(?) fault and a reboot. Tested from: 2.3.1 -M 2.3.0 2.7.0 -M 2.3.0 2.8.0 -M 2.3.0 2.8.0 -M 2.8.0 This corresponds to RH bugzilla entry 1420679. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <20170223133441.16010-1-dgilbert@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-03qapi: flatten GuestPanicInformation unionAnton Nefedov
Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Eric Blake <eblake@redhat.com> Message-Id: <1487614915-18710-3-git-send-email-den@openvz.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-03KVM: do not use sigtimedwait to catch SIGBUSPaolo Bonzini
Call kvm_on_sigbus_vcpu asynchronously from the VCPU thread. Information for the SIGBUS can be stored in thread-local variables and processed later in kvm_cpu_exec. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-03KVM: remove kvm_arch_on_sigbusPaolo Bonzini
Build it on kvm_arch_on_sigbus_vcpu instead. They do the same for "action optional" SIGBUSes, and the main thread should never get "action required" SIGBUSes because it blocks the signal. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-03cpus: reorganize signal handling codePaolo Bonzini
Move the KVM "eat signals" code under CONFIG_LINUX, in preparation for moving it to kvm-all.c; reraise non-MCE SIGBUS immediately, without passing it to KVM. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-03KVM: x86: cleanup SIGBUS handlersPaolo Bonzini
This patch should have no semantic change. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-02Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into ↵Peter Maydell
staging x86 queue, 2017-02-27 "-cpu max" and query-cpu-model-expansion support for x86. This should be the last x86 pull request before 2.9 soft freeze. # gpg: Signature made Mon 27 Feb 2017 16:24:15 GMT # gpg: using RSA key 0x2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: i386: Improve query-cpu-model-expansion full mode i386: Implement query-cpu-model-expansion QMP command i386: Define static "base" CPU model i386: Don't set CPUClass::cpu_def on "max" model i386: Make "max" model not use any host CPUID info on TCG i386: Create "max" CPU model qapi-schema: Comment about full expansion of non-migration-safe models i386: Reorganize and document CPUID initialization steps i386: Rename X86CPU::host_features to X86CPU::max_features i386: Add ordering field to CPUClass i386: Unset cannot_destroy_with_object_finalize_yet on "host" model Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-02-27linux-user: Add signal handling support for x86_64Pranith Kumar
Note that x86_64 has only _rt signal handlers. This implementation attempts to share code with the x86_32 implementation. CC: Laurent Vivier <laurent@vivier.eu> Signed-off-by: Allan Wirth <awirth@akamai.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Pranith Kumar <bobby.prani@gmail.com> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20170226165345.8757-1-bobby.prani@gmail.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2017-02-27i386: Improve query-cpu-model-expansion full modeEduardo Habkost
This keeps the same results on type=static expansion, but make type=full expansion return every single QOM property on the CPU object that have a different value from the "base' CPU model, plus all the CPU feature flag properties. Cc: Jiri Denemark <jdenemar@redhat.com> Message-Id: <20170222190029.17243-4-ehabkost@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Implement query-cpu-model-expansion QMP commandEduardo Habkost
Implement query-cpu-model-expansion for target-i386. This should meet all the requirements while being simple. In the case of static expansion, it will use the new "base" CPU model, and in the case of full expansion, it will keep the original CPU model name+props, and append extra properties. A future follow-up should improve the implementation of type=full, so that it returns more detailed data, including every writable QOM property in the CPU object. Cc: libvir-list@redhat.com Cc: Jiri Denemark <jdenemar@redhat.com> Message-Id: <20170222190029.17243-3-ehabkost@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Define static "base" CPU modelEduardo Habkost
The query-cpu-model-expand QMP command needs at least one static model, to allow the "static" expansion mode to be implemented. Instead of defining static versions of every CPU model, define a "base" CPU model that has absolutely no feature flag enabled. Despite having no CPUID data set at all, "-cpu base" is even a functional CPU: * It can boot a Slackware Linux 1.01 image with a Linux 0.99.12 kernel[1]. * It is even possible to boot[2] a modern Fedora x86_64 guest by manually enabling the following CPU features: -cpu base,+lm,+msr,+pae,+fpu,+cx8,+cmov,+sse,+sse2,+fxsr [1] http://www.qemu-advent-calendar.org/2014/#day-1 [2] This is what can be seen in the guest: [root@localhost ~]# cat /proc/cpuinfo processor : 0 vendor_id : unknown cpu family : 0 model : 0 model name : 00/00 stepping : 0 physical id : 0 siblings : 1 core id : 0 cpu cores : 1 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 1 wp : yes flags : fpu msr pae cx8 cmov fxsr sse sse2 lm nopl bugs : bogomips : 5832.70 clflush size : 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: [root@localhost ~]# x86info -v -a x86info v1.30. Dave Jones 2001-2011 Feedback to <davej@redhat.com>. No TSC, MHz calculation cannot be performed. Unknown vendor (0) MP Table: Family: 0 Model: 0 Stepping: 0 CPU Model (x86info's best guess): eax in: 0x00000000, eax = 00000001 ebx = 00000000 ecx = 00000000 edx = 00000000 eax in: 0x00000001, eax = 00000000 ebx = 00000800 ecx = 00000000 edx = 07008161 eax in: 0x80000000, eax = 80000001 ebx = 00000000 ecx = 00000000 edx = 00000000 eax in: 0x80000001, eax = 00000000 ebx = 00000000 ecx = 00000000 edx = 20000000 Feature flags: fpu Onboard FPU msr Model-Specific Registers pae Physical Address Extensions cx8 CMPXCHG8 instruction cmov CMOV instruction fxsr FXSAVE and FXRSTOR instructions sse SSE support sse2 SSE2 support Long NOPs supported: yes Address sizes : 0 bits physical, 0 bits virtual 0MHz processor (estimate). running at an estimated 0MHz [root@localhost ~]# Message-Id: <20170222190029.17243-2-ehabkost@redhat.com> Reviewed-by: David Hildenbrand <david@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Don't set CPUClass::cpu_def on "max" modelEduardo Habkost
Host CPUID info is used by the "max" CPU model only in KVM mode. Move the initialization of CPUID data for "max" from class_init to instance_init, and don't set CPUClass::cpu_def for "max". Message-Id: <20170222183919.11928-4-ehabkost@redhat.com> Tested-by: Richard W.M. Jones <rjones@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Make "max" model not use any host CPUID info on TCGEduardo Habkost
Instead of reporting host CPUID data on "max", use the qemu64 CPU model as reference to initialize CPUID vendor/family/model/stepping/model-id. Message-Id: <20170222183919.11928-3-ehabkost@redhat.com> Tested-by: Richard W.M. Jones <rjones@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Create "max" CPU modelEduardo Habkost
Rename the existing "host" CPU model to "max, and set it to kvm_enabled=false. The new "max" CPU model will be able to enable all features supported by TCG out of the box, because its logic is based on x86_cpu_get_supported_feature_word(), which already works with TCG. A new KVM-specific "host" class was added, that simply inherits everything from "max" except the 'ordering' and 'description' fields. Message-Id: <20170222183919.11928-2-ehabkost@redhat.com> Tested-by: Richard W.M. Jones <rjones@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Reorganize and document CPUID initialization stepsEduardo Habkost
CPU runnability checks and CPU model expansion have slightly different requirements. Document the steps involved in loading a CPU model and realizing a CPU, so their requirements and purpose are clearly defined. This patch doesn't change any implementation. It just add comments, rename the x86_cpu_load_features() function for clarity (so it won't be confused with x86_cpu_load_def()), and move x86_cpu_filter_features() closer to it. Message-Id: <20170116211124.29245-2-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Rename X86CPU::host_features to X86CPU::max_featuresEduardo Habkost
Rename the field and add a small comment to make its purpose clearer. Message-Id: <20170119210449.11991-4-ehabkost@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Add ordering field to CPUClassEduardo Habkost
Instead of using kvm_enabled to order the "-cpu help" list, use a new "ordering" field for that. Message-Id: <20170119210449.11991-3-ehabkost@redhat.com> Tested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-27i386: Unset cannot_destroy_with_object_finalize_yet on "host" modelEduardo Habkost
The class is now safe because the assert(kvm_enabled()) line was removed by commit e435601058e656e6d24e3e87b187e5518f7bf16a. Message-Id: <20170119210449.11991-2-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-02-25Merge remote-tracking branch 'remotes/stsquad/tags/pull-mttcg-240217-1' into ↵Peter Maydell
staging This is the MTTCG pull-request as posted yesterday. # gpg: Signature made Fri 24 Feb 2017 11:17:51 GMT # gpg: using RSA key 0xFBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" # Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44 * remotes/stsquad/tags/pull-mttcg-240217-1: (24 commits) tcg: enable MTTCG by default for ARM on x86 hosts hw/misc/imx6_src: defer clearing of SRC_SCR reset bits target-arm: ensure all cross vCPUs TLB flushes complete target-arm: don't generate WFE/YIELD calls for MTTCG target-arm/powerctl: defer cpu reset work to CPU context cputlb: introduce tlb_flush_*_all_cpus[_synced] cputlb: atomically update tlb fields used by tlb_reset_dirty cputlb: add tlb_flush_by_mmuidx async routines cputlb and arm/sparc targets: convert mmuidx flushes from varg to bitmap cputlb: introduce tlb_flush_* async work. cputlb: tweak qemu_ram_addr_from_host_nofail reporting cputlb: add assert_cpu_is_self checks tcg: handle EXCP_ATOMIC exception for system emulation tcg: enable thread-per-vCPU tcg: enable tb_lock() for SoftMMU tcg: remove global exit_request tcg: drop global lock during TCG code execution tcg: rename tcg_current_cpu to tcg_current_rr_cpu tcg: add kick timer for single-threaded vCPU emulation tcg: add options for enabling MTTCG ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-02-24tcg: drop global lock during TCG code executionJan Kiszka
This finally allows TCG to benefit from the iothread introduction: Drop the global mutex while running pure TCG CPU code. Reacquire the lock when entering MMIO or PIO emulation, or when leaving the TCG loop. We have to revert a few optimization for the current TCG threading model, namely kicking the TCG thread in qemu_mutex_lock_iothread and not kicking it in qemu_cpu_kick. We also need to disable RAM block reordering until we have a more efficient locking mechanism at hand. Still, a Linux x86 UP guest and my Musicpal ARM model boot fine here. These numbers demonstrate where we gain something: 20338 jan 20 0 331m 75m 6904 R 99 0.9 0:50.95 qemu-system-arm 20337 jan 20 0 331m 75m 6904 S 20 0.9 0:26.50 qemu-system-arm The guest CPU was fully loaded, but the iothread could still run mostly independent on a second core. Without the patch we don't get beyond 32206 jan 20 0 330m 73m 7036 R 82 0.9 1:06.00 qemu-system-arm 32204 jan 20 0 330m 73m 7036 S 21 0.9 0:17.03 qemu-system-arm We don't benefit significantly, though, when the guest is not fully loading a host CPU. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Message-Id: <1439220437-23957-10-git-send-email-fred.konrad@greensocs.com> [FK: Rebase, fix qemu_devices_reset deadlock, rm address_space_* mutex] Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com> [EGC: fixed iothread lock for cpu-exec IRQ handling] Signed-off-by: Emilio G. Cota <cota@braap.org> [AJB: -smp single-threaded fix, clean commit msg, BQL fixes] Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Pranith Kumar <bobby.prani@gmail.com> [PM: target-arm changes] Acked-by: Peter Maydell <peter.maydell@linaro.org>
2017-02-23util/cutils: Change qemu_strtosz*() from int64_t to uint64_tMarkus Armbruster
This will permit its use in parse_option_size(). Cc: Dr. David Alan Gilbert <dgilbert@redhat.com> Cc: Eduardo Habkost <ehabkost@redhat.com> (maintainer:X86) Cc: Kevin Wolf <kwolf@redhat.com> (supporter:Block layer core) Cc: Max Reitz <mreitz@redhat.com> (supporter:Block layer core) Cc: qemu-block@nongnu.org (open list:Block layer core) Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <1487708048-2131-24-git-send-email-armbru@redhat.com>
2017-02-23util/cutils: Return qemu_strtosz*() error and value separatelyMarkus Armbruster
This makes qemu_strtosz(), qemu_strtosz_mebi() and qemu_strtosz_metric() similar to qemu_strtoi64(), except negative values are rejected. Cc: Dr. David Alan Gilbert <dgilbert@redhat.com> Cc: Eduardo Habkost <ehabkost@redhat.com> (maintainer:X86) Cc: Kevin Wolf <kwolf@redhat.com> (supporter:Block layer core) Cc: Max Reitz <mreitz@redhat.com> (supporter:Block layer core) Cc: qemu-block@nongnu.org (open list:Block layer core) Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <1487708048-2131-23-git-send-email-armbru@redhat.com>
2017-02-23util/cutils: Let qemu_strtosz*() optionally reject trailing crapMarkus Armbruster
Change the qemu_strtosz() & friends to return -EINVAL when @endptr is null and the conversion doesn't consume the string completely. Matches how qemu_strtol() & friends work. Only test_qemu_strtosz_simple() passes a null @endptr. No functional change there, because its conversion consumes the string. Simplify callers that use @endptr only to fail when it doesn't point to '\0' to pass a null @endptr instead. Cc: Dr. David Alan Gilbert <dgilbert@redhat.com> Cc: Eduardo Habkost <ehabkost@redhat.com> (maintainer:X86) Cc: Kevin Wolf <kwolf@redhat.com> (supporter:Block layer core) Cc: Max Reitz <mreitz@redhat.com> (supporter:Block layer core) Cc: qemu-block@nongnu.org (open list:Block layer core) Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <1487708048-2131-22-git-send-email-armbru@redhat.com>
2017-02-23util/cutils: New qemu_strtosz_metric()Markus Armbruster
To parse numbers with metric suffixes, we use qemu_strtosz_suffix_unit(nptr, &eptr, QEMU_STRTOSZ_DEFSUFFIX_B, 1000) Capture this in a new function for legibility: qemu_strtosz_metric(nptr, &eptr) Replace test_qemu_strtosz_suffix_unit() by test_qemu_strtosz_metric(). Rename qemu_strtosz_suffix_unit() to do_strtosz() and give it internal linkage. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1487708048-2131-15-git-send-email-armbru@redhat.com>
2017-02-21monitor: Fix crashes when using HMP commands without CPUThomas Huth
When running certain HMP commands ("info registers", "info cpustats", "info tlb", "nmi", "memsave" or dumping virtual memory) with the "none" machine, QEMU crashes with a segmentation fault. This happens because the "none" machine does not have any CPUs by default, but these HMP commands did not check for a valid CPU pointer yet. Add such checks now, so we get an error message about the missing CPU instead. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <1484309555-1935-1-git-send-email-thuth@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2017-02-16target-i386: correctly propagate retaddr into SVM helpersPaolo Bonzini
Commit 2afbdf8 ("target-i386: exception handling for memory helpers", 2015-09-15) changed tlb_fill's cpu_restore_state+raise_exception_err to raise_exception_err_ra. After this change, the cpu_restore_state and raise_exception_err's cpu_loop_exit are merged into raise_exception_err_ra's cpu_loop_exit_restore. This actually fixed some bugs, but when SVM is enabled there is a second path from raise_exception_err_ra to cpu_loop_exit. This is the VMEXIT path, and now cpu_vmexit is called without a cpu_restore_state before. The fix is to pass the retaddr to cpu_vmexit (via cpu_svm_check_intercept_param). All helpers can now use GETPC() to pass the correct retaddr, too. Cc: qemu-stable@nongnu.org Fixes: 2afbdf84807d673eb682cb78158e11cdacbf4673 Reported-by: Alexander Boettcher <alexander.boettcher@genode-labs.com> Tested-by: Alexander Boettcher <alexander.boettcher@genode-labs.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-02-16report guest crash information in GUEST_PANICKED eventAnton Nefedov
it's not very convenient to use the crash-information property interface, so provide a CPU class callback to get the guest crash information, and pass that information in the event Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Message-Id: <1487053524-18674-3-git-send-email-den@openvz.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>