qemu.git
15 months agovfio/pci: Extract mdev check into an helper
Joao Martins [Fri, 19 Jul 2024 12:04:49 +0000 (13:04 +0100)]
vfio/pci: Extract mdev check into an helper

In preparation to skip initialization of the HostIOMMUDevice for mdev,
extract the checks that validate if a device is an mdev into helpers.

A vfio_device_is_mdev() is created, and subsystems consult VFIODevice::mdev
to check if it's mdev or not.

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
15 months agohw/vfio/container: Fix SIGSEV on vfio_container_instance_finalize()
Eric Auger [Fri, 19 Jul 2024 16:50:11 +0000 (18:50 +0200)]
hw/vfio/container: Fix SIGSEV on vfio_container_instance_finalize()

In vfio_connect_container's error path, the base container is
removed twice form the VFIOAddressSpace QLIST: first on the
listener_release_exit label and second, on free_container_exit
label, through object_unref(container), which calls
vfio_container_instance_finalize().

Let's remove the first instance.

Fixes: 938026053f4 ("vfio/container: Switch to QOM")
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
15 months agoMerge tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging
Richard Henderson [Tue, 23 Jul 2024 05:23:05 +0000 (15:23 +1000)]
Merge tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging

UI-related for 9.1

# -----BEGIN PGP SIGNATURE-----
#
# iQJQBAABCAA6FiEEh6m9kz+HxgbSdvYt2ujhCXWWnOUFAmaeu44cHG1hcmNhbmRy
# ZS5sdXJlYXVAcmVkaGF0LmNvbQAKCRDa6OEJdZac5ZvNEACES6y1D4rzBtZBV/FY
# OvWHzM/2Uycma3CO2pTl8DzwucgUuVxVjrAppi+iIXza+qEHlN0e9tbmR8u3ypdV
# tu0ijRm1MWeV9EHw8fQxSIci9cgoPzJzfvrmGD9rPEJTPh44yifL3CiE97y/5SJx
# FkrmYoDeuLQ4WAgZqIhkFOZ3eX+bQ+sI49ZVm0vSIeZ2wYuWlw7JwMKq2Xb4fCsZ
# 7wJZcL7gNGHk3rsH2Sfukv5LRw64+eDwpQMkXS2scYp64xwhdd5bAqKchicBA0zh
# jBw+KszCpAW7XunQtXjiiQZco9x6auu2c+4erDyNcTfqBtSRNjArMauL2/609EVv
# 7xsLmwZvXgrbO7fRCGCnC4M5NCuisDbMeON+7tKdS8kfEMgFX0FNfM1Jp9z4Rh7T
# I/vy8mLlBIy4BNZA7jV1jyIJZeVYBYGc+ieBEeE1sK7L5RIxeoOwP1S20Xu9A9bO
# VFBohKcMt5x0HlUg0oSH8OJLbpQ8vDQDkIcDMIOQCqj+PX0erc2u9oHQ7xB1k3BB
# os83zWDTLJTJ+ZdoI2tp9FHQj56wdGJxDQNrRjFOP5KL1AoHGz+Y5fF7BvGB3jnK
# JsPV2OSkEs6Q/be6pLTiVEoUUEpqy40Kh/7NlzdbM+oHX5h0TlcIqJ16I2QsfM/N
# sRXAmzqCe00STyhxopR1BMZnjg==
# =aCj6
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 23 Jul 2024 06:05:34 AM AEST
# gpg:                using RSA key 87A9BD933F87C606D276F62DDAE8E10975969CE5
# gpg:                issuer "marcandre.lureau@redhat.com"
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" [full]
# gpg:                 aka "Marc-André Lureau <marcandre.lureau@gmail.com>" [full]

* tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu:
  chardev/char-win-stdio.c: restore old console mode
  ui/vdagent: send caps on fe_open
  ui/vdagent: notify clipboard peers of serial reset
  ui/vdagent: improve vdagent_fe_open() trace
  ui: add more tracing for dbus
  Cursor: 8 -> 1 bit alpha downsampling improvement
  virtio-gpu-gl: declare dependency on ui-opengl
  vnc: increase max display size

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoMerge tag 'pull-tcg-20240723' of https://gitlab.com/rth7680/qemu into staging
Richard Henderson [Tue, 23 Jul 2024 05:19:39 +0000 (15:19 +1000)]
Merge tag 'pull-tcg-20240723' of https://gitlab.com/rth7680/qemu into staging

accel/tcg: Export set/clear_helper_retaddr
target/arm: Use set_helper_retaddr for dc_zva, sve and sme
target/ppc: Tidy dcbz helpers
target/ppc: Use set_helper_retaddr for dcbz
target/s390x: Use set_helper_retaddr in mem_helper.c

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmafJKIdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+FBAf7Bup+karxeGHZx2rN
# cPeF248bcCWTxBWHK7dsYze4KqzsrlNIJlPeOKErU2bbbRDZGhOp1/N95WVz+P8V
# 6Ny63WTsAYkaFWKxE6Jf0FWJlGw92btk75pTV2x/TNZixg7jg0vzVaYkk0lTYc5T
# m5e4WycYEbzYm0uodxI09i+wFvpd+7WCnl6xWtlJPWZENukvJ36Ss43egFMDtuMk
# vTJuBkS9wpwZ9MSi6EY6M+Raieg8bfaotInZeDvE/yRPNi7CwrA7Dgyc1y626uBA
# joGkYRLzhRgvT19kB3bvFZi1AXa0Pxr+j0xJqwspP239Gq5qezlS5Bv/DrHdmGHA
# jaqSwg==
# =XgUE
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 23 Jul 2024 01:33:54 PM AEST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* tag 'pull-tcg-20240723' of https://gitlab.com/rth7680/qemu:
  target/riscv: Simplify probing in vext_ldff
  target/s390x: Use set/clear_helper_retaddr in mem_helper.c
  target/s390x: Use user_or_likely in access_memmove
  target/s390x: Use user_or_likely in do_access_memset
  target/ppc: Improve helper_dcbz for user-only
  target/ppc: Merge helper_{dcbz,dcbzep}
  target/ppc: Split out helper_dbczl for 970
  target/ppc: Hoist dcbz_size out of dcbz_common
  target/ppc/mem_helper.c: Remove a conditional from dcbz_common()
  target/arm: Use set/clear_helper_retaddr in SVE and SME helpers
  target/arm: Use set/clear_helper_retaddr in helper-a64.c
  accel/tcg: Move {set,clear}_helper_retaddr to cpu_ldst.h

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoMerge tag 'nvme-next-pull-request' of https://gitlab.com/birkelund/qemu into staging
Richard Henderson [Tue, 23 Jul 2024 03:55:45 +0000 (13:55 +1000)]
Merge tag 'nvme-next-pull-request' of https://gitlab.com/birkelund/qemu into staging

hw/nvme patches

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmaeiz4ACgkQTeGvMW1P
# Dem5DggAkudAwZYUlKLz/FuxmOJsZ/CKL7iIu6wE3P93WTTbi4m2AL5lMFz1bOUH
# 33LtjHz51bDvOsnhAwLs2TwjfhICiMJCOXEmxF9zJnO4Yo8ih9UbeE7sEukpxsVr
# FJlAg5OXhdIHuo48ow7hu7BqMs58jnXhVA6zSvLU5rbKTSdG/369jyQKy5aoFPN0
# Rk+S6hqDmVMiN7u6E+QqPyB2tSbmNKkhPICu3O9fbHmaOoMFmrcvyxkd1wJ9JxwF
# 8MWbuEZlIpLIIL/mCN4wzDw8VKlJ26sBJJC1b+NHmWIWmPkqMeXwcmQtWhUqsrcs
# xAGUcjgJuJ3Fu6Xzt+09Y+FXO8v0oQ==
# =vCDb
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 23 Jul 2024 02:39:26 AM AEST
# gpg:                using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown]
# gpg:                 aka "Klaus Jensen <k.jensen@samsung.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468  4272 63D5 6FC5 E55D A838
#      Subkey fingerprint: 5228 33AA 75E2 DCE6 A247  66C0 4DE1 AF31 6D4F 0DE9

* tag 'nvme-next-pull-request' of https://gitlab.com/birkelund/qemu:
  hw/nvme: remove useless type cast
  hw/nvme: actually implement abort
  hw/nvme: add cross namespace copy support
  hw/nvme: fix memory leak in nvme_dsm

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoMerge tag 'pull-maintainer-9.1-rc0-230724-1' of https://gitlab.com/stsquad/qemu into...
Richard Henderson [Tue, 23 Jul 2024 02:15:11 +0000 (12:15 +1000)]
Merge tag 'pull-maintainer-9.1-rc0-230724-1' of https://gitlab.com/stsquad/qemu into staging

Maintainer updates for testing, gdbstub, semihosting, plugins

  - bump python in *BSD images via libvirt-ci
  - remove old unused Leon3 Avocado test
  - re-factor gdb command extension
  - add stoptrigger plugin to contrib
  - ensure plugin mem callbacks properly sized
  - reduce check-tcg noise of inline plugin test
  - fix register dumping in execlog plugin
  - restrict semihosting to TCG builds
  - fix regex in MTE test

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmae5OcACgkQ+9DbCVqe
# KkR8cgf/eM2Sm7EG7zIQ8SbY53DS07ls6uT7Mfn4374GEmj4Cy1I+WNoLGM5vq1r
# qWAC9q2LgJVMQoWJA6Fi3SCKiylBp3/jIdJ7CWN5qj/NmePHSV3EisQXf2qOWWL9
# qOX2hJI7IIYNI2v3IvCzN/fB8F8U60iXERFHRypBH2p6Mz+EGMC3CEhesOEUta6o
# 2IMkRW8MoDv9x4B+FnNYav6CfqZjhRenu1CGgVGvWYRds2QDVNB/14kOunmBuwSs
# gPb7AhhnpobDYVxMarlJNPMbOdFjtDkYCajCNW7ffLcl+OjhoVR6cJcFpbOMv4kZ
# 8Nok8aDjUDWwUbmU0rBynca+1k8OTg==
# =TjRc
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 23 Jul 2024 09:01:59 AM AEST
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]

* tag 'pull-maintainer-9.1-rc0-230724-1' of https://gitlab.com/stsquad/qemu:
  tests/tcg/aarch64: Fix test-mte.py
  semihosting: Restrict to TCG
  target/xtensa: Restrict semihosting to TCG
  target/riscv: Restrict semihosting to TCG
  target/mips: Restrict semihosting to TCG
  target/m68k: Restrict semihosting to TCG
  target/mips: Add semihosting stub
  target/m68k: Add semihosting stub
  semihosting: Include missing 'gdbstub/syscalls.h' header
  plugins/execlog.c: correct dump of registers values
  tests/plugins: use qemu_plugin_outs for inline stats
  plugins: fix mem callback array size
  plugins/stoptrigger: TCG plugin to stop execution under conditions
  gdbstub: Re-factor gdb command extensions
  tests/avocado: Remove non-working sparc leon3 test
  testing: bump to latest libvirt-ci

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/riscv: Simplify probing in vext_ldff
Richard Henderson [Wed, 10 Jul 2024 03:10:55 +0000 (20:10 -0700)]
target/riscv: Simplify probing in vext_ldff

The current pairing of tlb_vaddr_to_host with extra is either
inefficient (user-only, with page_check_range) or incorrect
(system, with probe_pages).

For proper non-fault behaviour, use probe_access_flags with
its nonfault parameter set to true.

Reviewed-by: Max Chou <max.chou@sifive.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/s390x: Use set/clear_helper_retaddr in mem_helper.c
Richard Henderson [Wed, 10 Jul 2024 01:40:58 +0000 (18:40 -0700)]
target/s390x: Use set/clear_helper_retaddr in mem_helper.c

Avoid a race condition with munmap in another thread.
For access_memset and access_memmove, manage the value
within the helper.  For uses of access_{get,set}_byte,
manage the value across the for loops.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/s390x: Use user_or_likely in access_memmove
Richard Henderson [Wed, 10 Jul 2024 01:59:13 +0000 (18:59 -0700)]
target/s390x: Use user_or_likely in access_memmove

Invert the conditional, indent the block, and use the macro
that expands to true for user-only.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/s390x: Use user_or_likely in do_access_memset
Richard Henderson [Wed, 10 Jul 2024 01:05:59 +0000 (18:05 -0700)]
target/s390x: Use user_or_likely in do_access_memset

Eliminate the ifdef by using a predicate that is
always true with CONFIG_USER_ONLY.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/ppc: Improve helper_dcbz for user-only
Richard Henderson [Tue, 9 Jul 2024 23:56:48 +0000 (16:56 -0700)]
target/ppc: Improve helper_dcbz for user-only

Mark the reserve_addr check unlikely.  Use tlb_vaddr_to_host
instead of probe_write, relying on the memset itself to test
for page writability.  Use set/clear_helper_retaddr so that
we can properly unwind on segfault.

With this, a trivial loop around guest memset will no longer
spend nearly 25% of runtime within page_get_flags.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/ppc: Merge helper_{dcbz,dcbzep}
Richard Henderson [Tue, 2 Jul 2024 03:10:53 +0000 (20:10 -0700)]
target/ppc: Merge helper_{dcbz,dcbzep}

Merge the two and pass the mmu_idx directly from translation.
Swap the argument order in dcbz_common to avoid extra swaps.

Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/ppc: Split out helper_dbczl for 970
Richard Henderson [Tue, 2 Jul 2024 02:46:15 +0000 (19:46 -0700)]
target/ppc: Split out helper_dbczl for 970

We can determine at translation time whether the insn is or
is not dbczl.  We must retain a runtime check against the
HID5 register, but we can move that to a separate function
that never affects other ppc models.

Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/ppc: Hoist dcbz_size out of dcbz_common
Richard Henderson [Tue, 2 Jul 2024 01:17:50 +0000 (18:17 -0700)]
target/ppc: Hoist dcbz_size out of dcbz_common

The 970 logic does not apply to dcbzep, which is an e500 insn.

Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/ppc/mem_helper.c: Remove a conditional from dcbz_common()
BALATON Zoltan [Sat, 22 Jun 2024 20:48:33 +0000 (22:48 +0200)]
target/ppc/mem_helper.c: Remove a conditional from dcbz_common()

Instead of passing a bool and select a value within dcbz_common() let
the callers pass in the right value to avoid this conditional
statement. On PPC dcbz is often used to zero memory and some code uses
it a lot. This change improves the run time of a test case that copies
memory with a dcbz call in every iteration from 6.23 to 5.83 seconds.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <20240622204833.5F7C74E6000@zero.eik.bme.hu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
15 months agotarget/arm: Use set/clear_helper_retaddr in SVE and SME helpers
Richard Henderson [Tue, 9 Jul 2024 22:02:07 +0000 (15:02 -0700)]
target/arm: Use set/clear_helper_retaddr in SVE and SME helpers

Avoid a race condition with munmap in another thread.
Use around blocks that exclusively use "host_fn".
Keep the blocks as small as possible, but without setting
and clearing for every operation on one page.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/arm: Use set/clear_helper_retaddr in helper-a64.c
Richard Henderson [Tue, 9 Jul 2024 21:08:24 +0000 (14:08 -0700)]
target/arm: Use set/clear_helper_retaddr in helper-a64.c

Use these in helper_dc_dva and the FEAT_MOPS routines to
avoid a race condition with munmap in another thread.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoaccel/tcg: Move {set,clear}_helper_retaddr to cpu_ldst.h
Richard Henderson [Tue, 9 Jul 2024 19:52:40 +0000 (12:52 -0700)]
accel/tcg: Move {set,clear}_helper_retaddr to cpu_ldst.h

Use of these in helpers goes hand-in-hand with tlb_vaddr_to_host
and other probing functions.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoMerge tag 'pull-request-2024-07-22' of https://gitlab.com/thuth/qemu into staging
Richard Henderson [Mon, 22 Jul 2024 22:31:21 +0000 (08:31 +1000)]
Merge tag 'pull-request-2024-07-22' of https://gitlab.com/thuth/qemu into staging

* Minor clean-ups and fixes for the qtests and Avocado tests
* Fix crash that happens when introspecting scsi-block on older machine types
* s390x: filter deprecated properties based on model expansion type

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmaeSUMRHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbVdQw/8DvGymXKwpS0F2aSHg3AZvjSCpkv3Y+fK
# myQrzh30cv9Vhe/Y9do47HpfJ6Ug9SK6xG64K2o+BIW+G3+ZUwSHk24PoiALsrJf
# 9qqya1upBJkEC5B4PhqRPS3GlbvBnKKEk8W6BMpUa2BToFV9MsG256cBVhUrRpGc
# 6u80DgTNxCI1czsNkWVGJAt1oVLYYJIjz7UZ4VbZCH48o6r0iSUV6C01wccOFmNy
# IXbspyyUftWFh9lO0i8PiYlXG2YEAmFry3gqD5vc+6BsFT4lMeoRFFxbVCddGKFc
# iNwlH4ayjeISlEJeClImIdbHyZ+sDhPyy5x4cpQqmZudEPn+GVnZ0arm7OvXW/k8
# Yog4n7/cUz7GHnWbqYIFZMS1g1wmqm/9VPsVTzXAlTva4dTTs2p0tKAADHIAtPCI
# jxSPpbuCuukDzUZGsNZyRGbex6g4B0tP4TMHRFxo5LVy9dKn2BLOHBWuzPevD9OO
# FphZHUuGngcPi4GSFmlv7aCS0pqyWsCO+5EqoYUgO8yadyfiXN9pwjB6OnBZux0U
# kbJOkkBJwEalhsiHmPFMnS8rkWa4Ye4ZJjj8XHRiecxSZOcNOcxyE+l2x8CV2aFB
# UBR83nm86vXXpu86Yod3E+txDEUzKN5+B8X0q7Se0YvsWbB+1Dq/Co0Bdh/Wp70E
# EPk5eqaSp8k=
# =zB5F
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 22 Jul 2024 09:57:55 PM AEST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]

* tag 'pull-request-2024-07-22' of https://gitlab.com/thuth/qemu:
  target/s390x: filter deprecated properties based on model expansion type
  tests: increase timeout per instance of bios-tables-test
  qtest/fuzz: make range overlap check more readable
  hw: Fix crash that happens when introspecting scsi-block on older machine types
  tests/avocado/machine_aspeed.py: Increase timeout for TPM test
  tests/avocado: Remove the remainders of the virtiofs_submounts test
  tests/avocado/mem-addr-space-check: Remove unused "import signal"
  tests/avocado: Move LinuxTest related code into a separate file
  tests/avocado: Allow overwriting AVOCADO_SHOW env variable
  tests/avocado/boot_xen.py: use class attribute
  tests/avocado/boot_xen.py: unify tags
  tests/avocado/boot_xen.py: merge base classes

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agochardev/char-win-stdio.c: restore old console mode
songziming [Mon, 22 Jul 2024 09:52:55 +0000 (17:52 +0800)]
chardev/char-win-stdio.c: restore old console mode

If I use `-serial stdio` on Windows, after QEMU exits, the terminal
could not handle arrow keys and tab any more. Because stdio backend
on Windows sets console mode to virtual terminal input when starts,
but does not restore the old mode when finalize.

This small patch saves the old console mode and set it back.

Signed-off-by: Ziming Song <s.ziming@hotmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-ID: <ME3P282MB25488BE7C39BF0C35CD0DA5D8CA82@ME3P282MB2548.AUSP282.PROD.OUTLOOK.COM>

15 months agohw/nvme: remove useless type cast
Yao Xingtao [Mon, 22 Jul 2024 09:17:28 +0000 (05:17 -0400)]
hw/nvme: remove useless type cast

The type of req->cmd is NvmeCmd, cast the pointer of this type to
NvmeCmd* is useless.

Signed-off-by: Yao Xingtao <yaoxt.fnst@fujitsu.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
15 months agohw/nvme: actually implement abort
Ayush Mishra [Tue, 2 Jul 2024 08:02:32 +0000 (13:32 +0530)]
hw/nvme: actually implement abort

Abort was not implemented previously, but we can implement it for AERs
and asynchrnously for I/O.

Signed-off-by: Ayush Mishra <ayush.m55@samsung.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
15 months agohw/nvme: add cross namespace copy support
Arun Kumar [Mon, 1 Jul 2024 07:08:55 +0000 (12:38 +0530)]
hw/nvme: add cross namespace copy support

Extend copy command to copy user data across different namespaces via
support for specifying a namespace for each source range

Signed-off-by: Arun Kumar <arun.kka@samsung.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
15 months agotarget/s390x: filter deprecated properties based on model expansion type
Collin Walling [Fri, 19 Jul 2024 18:17:41 +0000 (14:17 -0400)]
target/s390x: filter deprecated properties based on model expansion type

Currently, there is no way to execute the query-cpu-model-expansion
command to retrieve a comprehenisve list of deprecated properties, as
the result is dependent per-model. To enable this, the expansion output
is modified as such:

When reporting a "full" CPU model, show the *entire* list of deprecated
properties regardless if they are supported on the model. A full
expansion outputs all known CPU model properties anyway, so it makes
sense to report all deprecated properties here too.

This allows management apps to query a single model (e.g. host) to
acquire the full list of deprecated properties.

Additionally, when reporting a "static" CPU model, the command will
only show deprecated properties that are a subset of the model's
*enabled* properties. This is more accurate than how the query was
handled before, which blindly reported deprecated properties that
were never otherwise introduced for certain models.

Acked-by: David Hildenbrand <david@redhat.com>
Suggested-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Collin Walling <walling@linux.ibm.com>
Message-ID: <20240719181741.35146-1-walling@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agotests: increase timeout per instance of bios-tables-test
Igor Mammedov [Tue, 16 Jul 2024 12:59:30 +0000 (14:59 +0200)]
tests: increase timeout per instance of bios-tables-test

CI often fails 'cross-i686-tci' job due to runner slowness
Log shows that test almost complete, with a few remaining
when bios-tables-test timeout hits:

  19/270 qemu:qtest+qtest-aarch64 / qtest-aarch64/bios-tables-test
    TIMEOUT        610.02s   killed by signal 15 SIGTERM
  ...
  stderr:
  TAP parsing error: Too few tests run (expected 8, got 7)

At the same time overall job running time is only ~30 out of 1hr allowed.

Increase bios-tables-test instance timeout on 5min as a fix
for slow CI runners.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-ID: <20240716125930.620861-1-imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agoqtest/fuzz: make range overlap check more readable
Yao Xingtao [Mon, 22 Jul 2024 04:07:36 +0000 (00:07 -0400)]
qtest/fuzz: make range overlap check more readable

use ranges_overlap() instead of open-coding the overlap check to improve
the readability of the code.

Signed-off-by: Yao Xingtao <yaoxt.fnst@fujitsu.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Message-ID: <20240722040742.11513-8-yaoxt.fnst@fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agohw: Fix crash that happens when introspecting scsi-block on older machine types
Thomas Huth [Wed, 3 Jul 2024 09:09:04 +0000 (11:09 +0200)]
hw: Fix crash that happens when introspecting scsi-block on older machine types

"make check SPEED=slow" is currently failing the device-introspect-test on
older machine types since introspecting "scsi-block" is causing an abort:

 $ ./qemu-system-x86_64 -M pc-q35-8.0 -monitor stdio
 QEMU 9.0.50 monitor - type 'help' for more information
 (qemu) device_add scsi-block,help
 Unexpected error in object_property_find_err() at
 ../../devel/qemu/qom/object.c:1357:
 can't apply global scsi-disk-base.migrate-emulated-scsi-request=false:
 Property 'scsi-block.migrate-emulated-scsi-request' not found
 Aborted (core dumped)

The problem is that the compat code tries to change the
"migrate-emulated-scsi-request" property for all devices that are
derived from "scsi-block", but the property has only been added
to "scsi-hd" and "scsi-cd" via the DEFINE_SCSI_DISK_PROPERTIES macro.

Thus let's fix the problem by only changing the property on the devices
that really have this property.

Fixes: b4912afa5f ("scsi-disk: Fix crash for VM configured with USB CDROM after live migration")
Message-ID: <20240703090904.909720-1-thuth@redhat.com>
Acked-by: Hyman Huang <yong.huang@smartx.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agotests/avocado/machine_aspeed.py: Increase timeout for TPM test
Cédric Le Goater [Mon, 22 Jul 2024 08:55:47 +0000 (10:55 +0200)]
tests/avocado/machine_aspeed.py: Increase timeout for TPM test

On some runners, test_arm_ast2600_evb_buildroot_tpm can take longer
than 90s to complete. Increase timeout for these.

Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Message-ID: <20240722085547.90650-1-clg@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agotests/avocado: Remove the remainders of the virtiofs_submounts test
Thomas Huth [Thu, 18 Jul 2024 17:31:25 +0000 (19:31 +0200)]
tests/avocado: Remove the remainders of the virtiofs_submounts test

The virtiofs_submounts test has been removed in commit 5da7701e2a
("virtiofsd: Remove test"), so we don't need this files anymore.

Message-ID: <20240718173125.489901-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agotests/avocado/mem-addr-space-check: Remove unused "import signal"
Thomas Huth [Fri, 19 Jul 2024 09:54:08 +0000 (11:54 +0200)]
tests/avocado/mem-addr-space-check: Remove unused "import signal"

The "signal" module is not used here, so we can remove this import
statement.

Message-ID: <20240719095408.33298-1-thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agotests/avocado: Move LinuxTest related code into a separate file
Thomas Huth [Fri, 19 Jul 2024 09:50:31 +0000 (11:50 +0200)]
tests/avocado: Move LinuxTest related code into a separate file

Only some few tests are using the LinuxTest class. Move the related
code into a separate file so that this does not pollute the main
namespace.

Message-ID: <20240719095031.32814-1-thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agotests/avocado: Allow overwriting AVOCADO_SHOW env variable
Philippe Mathieu-Daudé [Fri, 19 Jul 2024 18:02:11 +0000 (20:02 +0200)]
tests/avocado: Allow overwriting AVOCADO_SHOW env variable

The 'app' level logging is useful, but sometimes we want
more, for example QEMU leverages the 'console' logging.

Allow overwriting AVOCADO_SHOW from environment, i.e.:

  $ make check-avocado AVOCADO_SHOW='app,console'

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20240719180211.48073-1-philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agohw/nvme: fix memory leak in nvme_dsm
Zheyu Ma [Tue, 2 Jul 2024 23:13:03 +0000 (01:13 +0200)]
hw/nvme: fix memory leak in nvme_dsm

The allocated memory to hold LBA ranges leaks in the nvme_dsm function. This
happens because the allocated memory for iocb->range is not freed in all
error handling paths.

Fix this by adding a free to ensure that the allocated memory is properly freed.

ASAN log:
==3075137==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 480 byte(s) in 6 object(s) allocated from:
    #0 0x55f1f8a0eddd in malloc llvm/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
    #1 0x7f531e0f6738 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5e738)
    #2 0x55f1faf1f091 in blk_aio_get block/block-backend.c:2583:12
    #3 0x55f1f945c74b in nvme_dsm hw/nvme/ctrl.c:2609:30
    #4 0x55f1f945831b in nvme_io_cmd hw/nvme/ctrl.c:4470:16
    #5 0x55f1f94561b7 in nvme_process_sq hw/nvme/ctrl.c:7039:29

Cc: qemu-stable@nongnu.org
Fixes: d7d1474fd85d ("hw/nvme: reimplement dsm to allow cancellation")
Signed-off-by: Zheyu Ma <zheyuma97@gmail.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
15 months agoui/vdagent: send caps on fe_open
Marc-André Lureau [Wed, 17 Jul 2024 17:15:40 +0000 (21:15 +0400)]
ui/vdagent: send caps on fe_open

The spice-vdagentd doesn't send capabilities again on host/client
disconnect (but when the session agent connects and sends a
GUEST_XORG_RESOLUTION message)

When the dbus client disconnects, vdagent_disconnect() is called to
reset the agent state. Capabilities must be negotiated again on
reconnection.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717171541.201525-5-marcandre.lureau@redhat.com>

15 months agoui/vdagent: notify clipboard peers of serial reset
Marc-André Lureau [Wed, 17 Jul 2024 17:15:39 +0000 (21:15 +0400)]
ui/vdagent: notify clipboard peers of serial reset

Since we reset the serial counters, peers should also be reset to be sync.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717171541.201525-4-marcandre.lureau@redhat.com>

15 months agoui/vdagent: improve vdagent_fe_open() trace
Marc-André Lureau [Wed, 17 Jul 2024 17:15:38 +0000 (21:15 +0400)]
ui/vdagent: improve vdagent_fe_open() trace

Place the trace when the function enters, with arg value.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717171541.201525-3-marcandre.lureau@redhat.com>

15 months agoui: add more tracing for dbus
Marc-André Lureau [Wed, 17 Jul 2024 17:15:37 +0000 (21:15 +0400)]
ui: add more tracing for dbus

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717171541.201525-2-marcandre.lureau@redhat.com>

15 months agoCursor: 8 -> 1 bit alpha downsampling improvement
Phil Dennis-Jordan [Mon, 24 Jun 2024 10:10:40 +0000 (12:10 +0200)]
Cursor: 8 -> 1 bit alpha downsampling improvement

Mouse cursors with 8 bit alpha were downsampled to 1-bit opacity maps by
turning alpha values of 255 into 1 and everything else into 0. This
means that mostly-opaque pixels ended up completely invisible.

This patch changes the behaviour so that only pixels with less than 50%
alpha (0-127) are treated as transparent when converted to 1-bit alpha.

This greatly improves the subjective appearance of anti-aliased mouse
cursors, such as those used by macOS, when using a front-end UI without
support for alpha-blended cursors, such as some VNC clients.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20240624101040.82726-1-phil@philjordan.eu>

15 months agovirtio-gpu-gl: declare dependency on ui-opengl
Marc-André Lureau [Mon, 17 Jun 2024 08:27:56 +0000 (12:27 +0400)]
virtio-gpu-gl: declare dependency on ui-opengl

Since commit e8a2db94 "virtio-gpu-virgl: teach it to get the QEMU EGL
display", virtio-gl depends on ui-opengl symbol "qemu_egl_display".

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2391
Fixes: e8a2db94 ("virtio-gpu-virgl: teach it to get the QEMU EGL display")
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
15 months agotests/tcg/aarch64: Fix test-mte.py
Richard Henderson [Fri, 19 Jul 2024 00:41:43 +0000 (10:41 +1000)]
tests/tcg/aarch64: Fix test-mte.py

Python 3.12 warns:

  TEST    gdbstub MTE support on aarch64
/home/rth/qemu/src/tests/tcg/aarch64/gdbstub/test-mte.py:21: SyntaxWarning: invalid escape sequence '\('
  PATTERN_0 = "Memory tags for address 0x[0-9a-f]+ match \(0x[0-9a-f]+\)."

Double up the \ to pass one through to the pattern.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-Id: <20240719004143.1319260-1-richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
15 months agosemihosting: Restrict to TCG
Philippe Mathieu-Daudé [Thu, 18 Jul 2024 09:45:23 +0000 (10:45 +0100)]
semihosting: Restrict to TCG

Semihosting currently uses the TCG probe_access API.
It is pointless to have it in the binary when TCG isn't.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20240717105723.58965-9-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-16-alex.bennee@linaro.org>

15 months agotarget/xtensa: Restrict semihosting to TCG
Philippe Mathieu-Daudé [Thu, 18 Jul 2024 09:45:22 +0000 (10:45 +0100)]
target/xtensa: Restrict semihosting to TCG

The semihosting feature depends on TCG (due to the probe_access
API access). Although TCG is the single accelerator currently
available for the xtensa target, use the Kconfig "imply" directive
which is more correct (if we were to support a different accel).

Reported-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717105723.58965-8-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-15-alex.bennee@linaro.org>

15 months agotarget/riscv: Restrict semihosting to TCG
Philippe Mathieu-Daudé [Thu, 18 Jul 2024 09:45:21 +0000 (10:45 +0100)]
target/riscv: Restrict semihosting to TCG

Semihosting currently uses the TCG probe_access API. To prepare for
encoding the TCG dependency in Kconfig, do not enable it unless TCG
is available.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-Id: <20240717105723.58965-7-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-14-alex.bennee@linaro.org>

15 months agotarget/mips: Restrict semihosting to TCG
Philippe Mathieu-Daudé [Thu, 18 Jul 2024 09:45:20 +0000 (10:45 +0100)]
target/mips: Restrict semihosting to TCG

Semihosting currently uses the TCG probe_access API. To prepare for
encoding the TCG dependency in Kconfig, do not enable it unless TCG
is available.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-Id: <20240717105723.58965-6-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-13-alex.bennee@linaro.org>

15 months agotarget/m68k: Restrict semihosting to TCG
Philippe Mathieu-Daudé [Thu, 18 Jul 2024 09:45:19 +0000 (10:45 +0100)]
target/m68k: Restrict semihosting to TCG

The semihosting feature depends on TCG (due to the probe_access
API access). Although TCG is the single accelerator currently
available for the m68k target, use the Kconfig "imply" directive
which is more correct (if we were to support a different accel).

Reported-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717105723.58965-5-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-12-alex.bennee@linaro.org>

15 months agotarget/mips: Add semihosting stub
Philippe Mathieu-Daudé [Thu, 18 Jul 2024 09:45:18 +0000 (10:45 +0100)]
target/mips: Add semihosting stub

Since the SEMIHOSTING feature is optional, we need
a stub to link when it is disabled.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717105723.58965-4-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-11-alex.bennee@linaro.org>

15 months agotarget/m68k: Add semihosting stub
Philippe Mathieu-Daudé [Thu, 18 Jul 2024 09:45:17 +0000 (10:45 +0100)]
target/m68k: Add semihosting stub

Since the SEMIHOSTING feature is optional, we need
a stub to link when it is disabled.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717105723.58965-3-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-10-alex.bennee@linaro.org>

15 months agosemihosting: Include missing 'gdbstub/syscalls.h' header
Philippe Mathieu-Daudé [Thu, 18 Jul 2024 09:45:16 +0000 (10:45 +0100)]
semihosting: Include missing 'gdbstub/syscalls.h' header

"semihosting/syscalls.h" requires definitions from
"gdbstub/syscalls.h", include it in order to avoid:

  include/semihosting/syscalls.h:23:38: error: unknown type name 'gdb_syscall_complete_cb'
  void semihost_sys_open(CPUState *cs, gdb_syscall_complete_cb complete,
                                       ^

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240717105723.58965-2-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-9-alex.bennee@linaro.org>

15 months agoplugins/execlog.c: correct dump of registers values
Frédéric Pétrot [Thu, 18 Jul 2024 09:45:15 +0000 (10:45 +0100)]
plugins/execlog.c: correct dump of registers values

Register values are dumped as 'sz' chunks of two nibbles in the execlog
plugin, sz was 1 too big.

Signed-off-by: Frédéric Pétrot <frederic.petrot@univ-grenoble-alpes.fr>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-Id: <20240620083805.73603-1-frederic.petrot@univ-grenoble-alpes.fr>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-8-alex.bennee@linaro.org>

15 months agotests/plugins: use qemu_plugin_outs for inline stats
Alex Bennée [Thu, 18 Jul 2024 09:45:14 +0000 (10:45 +0100)]
tests/plugins: use qemu_plugin_outs for inline stats

Using bare printf's in plugins is perfectly acceptable but they do
rather mess up the output of "make check-tcg". Convert the printfs to
use g_string and then output with the plugin output helper which will
already be captured to .pout files by the test harness.

Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-7-alex.bennee@linaro.org>

15 months agoplugins: fix mem callback array size
Pierrick Bouvier [Thu, 18 Jul 2024 09:45:13 +0000 (10:45 +0100)]
plugins: fix mem callback array size

data was correctly copied, but size of array was not set
(g_array_sized_new only reserves memory, but does not set size).

As a result, callbacks were not called for code path relying on
plugin_register_vcpu_mem_cb().

Found when trying to trigger mem access callbacks for atomic
instructions.

Reviewed-by: Xingtao Yao <yaoxt.fnst@fujitsu.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240706191335.878142-2-pierrick.bouvier@linaro.org>
Message-Id: <20240718094523.1198645-6-alex.bennee@linaro.org>

15 months agoplugins/stoptrigger: TCG plugin to stop execution under conditions
Simon Hamelin [Thu, 18 Jul 2024 09:45:12 +0000 (10:45 +0100)]
plugins/stoptrigger: TCG plugin to stop execution under conditions

This new plugin allows to stop emulation using conditions on the
emulation state. By setting this plugin arguments, it is possible
to set an instruction count limit and/or trigger address(es) to stop at.
The code returned at emulation exit can be customized.

This plugin demonstrates how someone could stop QEMU execution.
It could be used for research purposes to launch some code and
deterministically stop it and understand where its execution flow went.

Co-authored-by: Alexandre Iooss <erdnaxe@crans.org>
Signed-off-by: Simon Hamelin <simon.hamelin@grenoble-inp.org>
Signed-off-by: Alexandre Iooss <erdnaxe@crans.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-Id: <20240715081521.19122-2-simon.hamelin@grenoble-inp.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-5-alex.bennee@linaro.org>

15 months agogdbstub: Re-factor gdb command extensions
Alex Bennée [Thu, 18 Jul 2024 09:45:11 +0000 (10:45 +0100)]
gdbstub: Re-factor gdb command extensions

Coverity reported a memory leak (CID 1549757) in this code and its
admittedly rather clumsy handling of extending the command table.
Instead of handing over a full array of the commands lets use the
lighter weight GPtrArray and simply test for the presence of each
entry as we go. This avoids complications of transferring ownership of
arrays and keeps the final command entries as static entries in the
target code.

Cc: Akihiko Odaki <akihiko.odaki@daynix.com>
Cc: Gustavo Bueno Romero <gustavo.romero@linaro.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Gustavo Romero <gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-4-alex.bennee@linaro.org>

15 months agotests/avocado: Remove non-working sparc leon3 test
Thomas Huth [Thu, 18 Jul 2024 09:45:10 +0000 (10:45 +0100)]
tests/avocado: Remove non-working sparc leon3 test

The test has been marked as broken more than 4 years ago, and
so far nobody ever cared to fix it. Thus let's simply remove it
now ... if somebody ever needs it again, they can restore the
file from an older version of QEMU.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Clément Chigot <chigot@adacore.com>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240710111755.60584-1-thuth@redhat.com>
[AJB: fix MAINTAINERS]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-3-alex.bennee@linaro.org>

15 months agotesting: bump to latest libvirt-ci
Alex Bennée [Thu, 18 Jul 2024 09:45:09 +0000 (10:45 +0100)]
testing: bump to latest libvirt-ci

This brings in the latest python mappings for the BSD updates.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-2-alex.bennee@linaro.org>

15 months agovnc: increase max display size
Gerd Hoffmann [Thu, 30 May 2024 11:10:29 +0000 (13:10 +0200)]
vnc: increase max display size

It's 2024.  4k display resolutions are a thing these days.
Raise width and height limits of the qemu vnc server.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1596
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20240530111029.1726329-1-kraxel@redhat.com>

15 months agotests/avocado/boot_xen.py: use class attribute
Cleber Rosa [Fri, 8 Dec 2023 19:09:11 +0000 (14:09 -0500)]
tests/avocado/boot_xen.py: use class attribute

Rather than defining a single use variable, let's just use the class
attribute directly.

Signed-off-by: Cleber Rosa <crosa@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20231208190911.102879-11-crosa@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agotests/avocado/boot_xen.py: unify tags
Cleber Rosa [Fri, 8 Dec 2023 19:09:10 +0000 (14:09 -0500)]
tests/avocado/boot_xen.py: unify tags

Because all tests share the same tags, it's possible to have all of
them at the class level.

Signed-off-by: Cleber Rosa <crosa@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20231208190911.102879-10-crosa@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agotests/avocado/boot_xen.py: merge base classes
Cleber Rosa [Fri, 8 Dec 2023 19:09:09 +0000 (14:09 -0500)]
tests/avocado/boot_xen.py: merge base classes

While it's a good practice to have reusable base classes, in this
specific case there's no other user of the BootXenBase class.

By unifying the class used in this test, we can improve readability
and have the opportunity to add some future improvements in a clearer
fashion.

Signed-off-by: Cleber Rosa <crosa@redhat.com>
Message-ID: <20231208190911.102879-9-crosa@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
15 months agoMerge tag 'pull-aspeed-20240721' of https://github.com/legoater/qemu into staging
Richard Henderson [Sun, 21 Jul 2024 21:52:05 +0000 (07:52 +1000)]
Merge tag 'pull-aspeed-20240721' of https://github.com/legoater/qemu into staging

aspeed queue:

* SMC model fix (Coverity)
* AST2600 boot for eMMC support and test
* AST2700 ADC model
* I2C model changes preparing AST2700 I2C support

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmacwdQACgkQUaNDx8/7
# 7KFJGxAAyGLeAW8OJQgRMh0LygKyY6n4p+8LnImKwH19DkJy9KXsFmi2iCyg2Ufh
# FvNU1NUNjJopYZv+9sMtNXDlFbv53FkxotpmRnPQZxncH7VNUqZ/FyfVBItU7fdB
# pX4pU1x49InQDSL+ZwOYEDLirc8aTp/ZfyeayeFxmJvhtpVtAOGwH+R/Xx5o+Tfd
# fHTkAkJ69LVxK37fk6Bz6X4s3RnOCUpC7g8MuwN4FOSs1IorCq37tH72npPQ+lR+
# rFAaTY8/EDvn+mhCk61rTDo7fNB+/Oaks336cqKVWX8cg+qc0qOfqnG9f8H77b/P
# PLmCoXS+L83Ko6p8PMh2hzehYMW/NXJLHQm3YOFx20LicommM3Mg9wXd2FV4AcVi
# VbsL4+gNi4fPb4z6qCKUV/ir9IoL3x4OLfazKvj9wo88AvOkw06cyhZCfIBIy1Pe
# BQyI9Bg8ExjCsDX5MXhPOzHbqHSQDmGPpN7B4DkcCRSp61QoO4GR8XwsUMPOWt2H
# jwa0qEicdetu4Rop6HIQMdGCvpQEB4RW9l9hoePlg5FSv66M+wQoO5DTmUmTP/Go
# 5NNEdFK1oaf2xgvgiWsexFyeinKoyC12OwzhHWxeZp7OORo44M1eYosFQ8L7o+Pk
# XKL+t9Om17/BKKEA4JQjjip8E4p7m9wNJ7HQNcb63lqh2sYH/rQ=
# =r9I0
# -----END PGP SIGNATURE-----
# gpg: Signature made Sun 21 Jul 2024 06:07:48 PM AEST
# gpg:                using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B  0B60 51A3 43C7 CFFB ECA1

* tag 'pull-aspeed-20240721' of https://github.com/legoater/qemu:
  aspeed: fix coding style
  hw/i2c/aspeed: rename the I2C class pool attribute to share_pool
  hw/i2c/aspeed: support to set the different memory size
  aspeed/soc: support ADC for AST2700
  aspeed/adc: Add AST2700 support
  tests/avocado/machine_aspeed.py: Add eMMC boot tests
  aspeed: Introduce a 'boot-emmc' machine option
  aspeed: Introduce a 'hw_strap1' machine attribute
  aspeed: Add boot-from-eMMC HW strapping bit to rainier-bmc machine
  aspeed: Tune eMMC device properties to reflect HW strapping
  aspeed: Introduce a AspeedSoCClass 'boot_from_emmc' handler
  aspeed/scu: Add boot-from-eMMC HW strapping bit for AST2600 SoC
  aspeed: Load eMMC first boot area as a boot rom
  aspeed: Change type of eMMC device
  aspeed/smc: Fix possible integer overflow

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoaspeed: fix coding style
Jamin Lin [Thu, 18 Jul 2024 06:49:24 +0000 (14:49 +0800)]
aspeed: fix coding style

Fix coding style issues from checkpatch.pl

Test command:
./scripts/checkpatch.pl --no-tree -f hw/arm/aspeed.c

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agohw/i2c/aspeed: rename the I2C class pool attribute to share_pool
Jamin Lin [Thu, 18 Jul 2024 06:49:15 +0000 (14:49 +0800)]
hw/i2c/aspeed: rename the I2C class pool attribute to share_pool

According to the datasheet of ASPEED SOCs,
each I2C bus has their own pool buffer since AST2500.

Only AST2400 utilized a pool buffer share to all I2C bus.
And firmware required to set the offset of pool buffer
by writing "Function Control Register(I2CD 00)"

To make this model more readable, will change to introduce
a new bus pool buffer attribute in AspeedI2Cbus.
So, it does not need to calculate the pool buffer offset
for different I2C bus.

This patch rename the I2C class pool attribute to share_pool.
It make user more understand share pool and bus pool
are different.

Incrementing the version of aspeed_i2c_vmstate to 3.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agohw/i2c/aspeed: support to set the different memory size
Jamin Lin [Thu, 18 Jul 2024 06:49:13 +0000 (14:49 +0800)]
hw/i2c/aspeed: support to set the different memory size

According to the datasheet of ASPEED SOCs,
an I2C controller owns 8KB of register space for AST2700,
owns 4KB of register space for AST2600, AST2500 and AST2400,
and owns 64KB of register space for AST1030.

It set the memory region size 4KB by default and it does not compatible
register space for AST2700.

Introduce a new class attribute to set the I2C controller memory size
for different ASPEED SOCs.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agoaspeed/soc: support ADC for AST2700
Jamin Lin [Thu, 18 Jul 2024 06:49:12 +0000 (14:49 +0800)]
aspeed/soc: support ADC for AST2700

Add ADC model for AST2700 ADC support.
The ADC controller registers base address is start at
0x14C0_0000 and its address space is 0x1000.
The ADC controller interrupt is connected to
GICINT130_INTC group at bit 16. The GIC IRQ is 130.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agoaspeed/adc: Add AST2700 support
Jamin Lin [Thu, 18 Jul 2024 06:49:11 +0000 (14:49 +0800)]
aspeed/adc: Add AST2700 support

AST2700 and AST2600 ADC controllers are identical.
Introduce ast2700 class and set 2 engines.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agotests/avocado/machine_aspeed.py: Add eMMC boot tests
Cédric Le Goater [Wed, 17 Jul 2024 12:00:34 +0000 (14:00 +0200)]
tests/avocado/machine_aspeed.py: Add eMMC boot tests

The image was built using the process described in commit c8cb19876d3e
("hw/sd/sdcard: Support boot area in emmc image") with artefacts from
the latest successful build of the IBM P10 BMC platform available on:

  https://jenkins.openbmc.org/job/ci-openbmc/distro=ubuntu,label=docker-builder,target=p10bmc/lastSuccessfulBuild/

Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed: Introduce a 'boot-emmc' machine option
Cédric Le Goater [Wed, 17 Jul 2024 06:30:22 +0000 (08:30 +0200)]
aspeed: Introduce a 'boot-emmc' machine option

The default behavior of some Aspeed machines is to boot from the eMMC
device, like the rainier-bmc. Others like ast2600-evb could also boot
from eMMC if the HW strapping boot-from-eMMC bit was set. Add a
property to set or unset this bit. This is useful to test boot images.

For now, only activate this property on the ast2600-evb and rainier-bmc
machines for which eMMC images are available or can be built.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed: Introduce a 'hw_strap1' machine attribute
Cédric Le Goater [Wed, 17 Jul 2024 06:30:21 +0000 (08:30 +0200)]
aspeed: Introduce a 'hw_strap1' machine attribute

To change default behavior of a machine and boot from eMMC, future
changes will add a machine option to let the user configure the
boot-from-eMMC HW strapping bit. Add a new machine attribute first.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed: Add boot-from-eMMC HW strapping bit to rainier-bmc machine
Cédric Le Goater [Wed, 17 Jul 2024 06:30:20 +0000 (08:30 +0200)]
aspeed: Add boot-from-eMMC HW strapping bit to rainier-bmc machine

This value is taken from a running Rainier machine.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed: Tune eMMC device properties to reflect HW strapping
Cédric Le Goater [Wed, 17 Jul 2024 06:30:19 +0000 (08:30 +0200)]
aspeed: Tune eMMC device properties to reflect HW strapping

When the boot-from-eMMC HW strapping bit is set, use the 'boot-config'
property to set the boot config register to boot from the first boot
area partition of the eMMC device. Also set the boot partition size
of the device.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed: Introduce a AspeedSoCClass 'boot_from_emmc' handler
Cédric Le Goater [Wed, 17 Jul 2024 06:30:18 +0000 (08:30 +0200)]
aspeed: Introduce a AspeedSoCClass 'boot_from_emmc' handler

Report support on the AST2600 SoC if the boot-from-eMMC HW strapping
bit is set at the board level. AST2700 also has support but it is not
yet ready in QEMU and others SoCs do not have support, so return false
always for these.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed/scu: Add boot-from-eMMC HW strapping bit for AST2600 SoC
Cédric Le Goater [Wed, 17 Jul 2024 06:30:17 +0000 (08:30 +0200)]
aspeed/scu: Add boot-from-eMMC HW strapping bit for AST2600 SoC

Bit SCU500[2] of the AST2600 controls the boot device of the SoC.

Future changes will configure this bit to boot from eMMC disk images
specially built for this purpose.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed: Load eMMC first boot area as a boot rom
Cédric Le Goater [Wed, 17 Jul 2024 06:30:16 +0000 (08:30 +0200)]
aspeed: Load eMMC first boot area as a boot rom

The first boot area partition (64K) of the eMMC device should contain
an initial boot loader (u-boot SPL). Load it as a ROM only if an eMMC
device is available to boot from but no flash device is.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed: Change type of eMMC device
Cédric Le Goater [Wed, 17 Jul 2024 06:30:15 +0000 (08:30 +0200)]
aspeed: Change type of eMMC device

The QEMU device model representing the eMMC device of the machine is
currently created with type SD_CARD. Change the type to EMMC now that
it is available.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agoaspeed/smc: Fix possible integer overflow
Cédric Le Goater [Fri, 12 Jul 2024 15:13:15 +0000 (17:13 +0200)]
aspeed/smc: Fix possible integer overflow

Coverity reports a possible integer overflow because routine
aspeeed_smc_hclk_divisor() has a codepath returning 0, which could
lead to an integer overflow when computing variable 'hclk_shift' in
the caller aspeed_smc_dma_calibration().

The value passed to aspeed_smc_hclk_divisor() is always between 0 and
15 and, in this case, there is always a matching hclk divisor. Remove
the return 0 and use g_assert_not_reached() instead.

Fixes: Coverity CID 1547822
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
15 months agoMerge tag 'pull-loongarch-20240719' of https://gitlab.com/gaosong/qemu into staging
Richard Henderson [Fri, 19 Jul 2024 06:28:28 +0000 (16:28 +1000)]
Merge tag 'pull-loongarch-20240719' of https://gitlab.com/gaosong/qemu into staging

pull-loongarch-20240719

# -----BEGIN PGP SIGNATURE-----
#
# iLMEAAEKAB0WIQS4/x2g0v3LLaCcbCxAov/yOSY+3wUCZpnSRQAKCRBAov/yOSY+
# 3+dmBACzIzU+nnCI0QANYJhEVekXUoo+UVa+PX4dk7OoACDSgq2nQkAQzUoqhzSj
# zjnxTmIevdcUqQ6eU24hNwOT7DEZBk0MIcTZMuG8DRc1wbSo46ORfVGWQkPtMQ25
# ADNS0q/TPnYMtMEfXn2xN/0QrpR99HN8wOVNmYH5/D6/zHMFOw==
# =Vo1H
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 19 Jul 2024 12:41:09 PM AEST
# gpg:                using RSA key B8FF1DA0D2FDCB2DA09C6C2C40A2FFF239263EDF
# gpg: Good signature from "Song Gao <m17746591750@163.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B8FF 1DA0 D2FD CB2D A09C  6C2C 40A2 FFF2 3926 3EDF

* tag 'pull-loongarch-20240719' of https://gitlab.com/gaosong/qemu:
  hw/loongarch: Modify flash block size to 256K
  hw/loongarch: Remove unimplemented extioi INT_encode mode
  target/loongarch/gdbstub: Add vector registers support

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agohw/loongarch: Modify flash block size to 256K
Xianglai Li [Mon, 24 Jun 2024 03:33:19 +0000 (11:33 +0800)]
hw/loongarch: Modify flash block size to 256K

loongarch added a common library for edk2 to
parse flash base addresses through fdt.
For compatibility with other architectures,
the flash block size in qemu is now changed to 256k.

Signed-off-by: Xianglai Li <lixianglai@loongson.cn>
Reviewed-by: Song Gao <gaosong@loongson.cn>
Message-Id: <20240624033319.999631-1-lixianglai@loongson.cn>
Signed-off-by: Song Gao <gaosong@loongson.cn>
15 months agohw/loongarch: Remove unimplemented extioi INT_encode mode
Song Gao [Thu, 18 Jul 2024 08:32:54 +0000 (16:32 +0800)]
hw/loongarch: Remove unimplemented extioi INT_encode mode

Remove extioi INT_encode encode mode, because we don't emulate it.

Signed-off-by: Song Gao <gaosong@loongson.cn>
Reviewed-by: Bibo Mao <maobibo@loongson.cn>
Message-Id: <20240718083254.748179-1-gaosong@loongson.cn>

15 months agotarget/loongarch/gdbstub: Add vector registers support
Song Gao [Thu, 11 Jul 2024 02:44:54 +0000 (10:44 +0800)]
target/loongarch/gdbstub: Add vector registers support

GDB already support LoongArch vector extension[1], QEMU gdb adds
LoongArch vector registers support, so that users can use 'info all-registers'
to get all vector registers values.

[1]: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1e9569f383a3d5a88ee07d0c2401bd95613c222e

Signed-off-by: Song Gao <gaosong@loongson.cn>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewd-by: Bibo Mao <maobibo@loongson.cn>
Message-Id: <20240711024454.3075183-1-gaosong@loongson.cn>

15 months agoMerge tag 'pull-target-arm-20240718' of https://git.linaro.org/people/pmaydell/qemu...
Richard Henderson [Thu, 18 Jul 2024 21:02:17 +0000 (07:02 +1000)]
Merge tag 'pull-target-arm-20240718' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * Fix handling of LDAPR/STLR with negative offset
 * LDAPR should honour SCTLR_ELx.nAA
 * Use float_status copy in sme_fmopa_s
 * hw/display/bcm2835_fb: fix fb_use_offsets condition
 * hw/arm/smmuv3: Support and advertise nesting
 * Use FPST_F16 for SME FMOPA (widening)
 * tests/arm-cpu-features: Do not assume PMU availability
 * hvf: arm: Do not advance PC when raising an exception

# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmaZFlUZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3iJuEACtVh1Wp93XMsL3llAZkQlx
# DUCnDCvAM2qiiTIMOqPQzeKTIkRV9aFh1YWzOtMFKai6UkBU6p1b4bPqb5SIr99G
# Ayps4+WzAHsjTqBGEpIIDWL6GqMwv9azBnRAYNb+Cg9O3SzEnCdGOKCfGYTXXPRz
# zQ1NIgqZSUC5jg3XgkU22J3VMsOUWijbzxnGXhOyemSIEhREl+t6Ns3ca3n47/jk
# JIw1g6o0mpefPPkaLq6ftVwpn1L63iYQugn4VCrIhtIoOM8vmnShbI9/GwzL4AYk
# n28nwPl948Xby13kCYmu6Slt8Rmm7M33pBDJzsVtbaeBSd44XHrov8Y1+e1FhAco
# lxrWY/2rG9HiWKGLdAeCKwVxB186DKiTmuK7lcN+eBu3VbOLjDiVE0d1bK4HqGyc
# nzA/Aq81Y9p5Z7wzX40sVFlq0j1pQDQWk6GgPfMA4ueHKEEobxC3C+k1q9m02gjQ
# qesOFzViiGe0j7JER84qqcatIaTk09xfbXL/uMZx8oP/iKa1pyMUx2blChXOXVTx
# oGkO2h3/QCpRIos8d8WM/bso16EkpraInM4748iumSLuxDxTwiIikK/hpsCLDwUN
# dLsH/hAMz+yQOFubFoRt4IlsGVnk5asmTDMb4S8RojdF2KzHuzbJMgdEOe62631g
# IOAc7Tn3TIm5MpAxXOXgJA==
# =/aEm
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 18 Jul 2024 11:19:17 PM AEST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
# gpg:                 aka "Peter Maydell <peter@archaic.org.uk>" [unknown]

* tag 'pull-target-arm-20240718' of https://git.linaro.org/people/pmaydell/qemu-arm: (26 commits)
  hvf: arm: Do not advance PC when raising an exception
  tests/arm-cpu-features: Do not assume PMU availability
  tests/tcg/aarch64: Add test cases for SME FMOPA (widening)
  target/arm: Use FPST_F16 for SME FMOPA (widening)
  target/arm: Use float_status copy in sme_fmopa_s
  hw/arm/smmu: Refactor SMMU OAS
  hw/arm/smmuv3: Support and advertise nesting
  hw/arm/smmuv3: Handle translation faults according to SMMUPTWEventInfo
  hw/arm/smmuv3: Support nested SMMUs in smmuv3_notify_iova()
  hw/arm/smmu: Support nesting in the rest of commands
  hw/arm/smmu: Introduce smmu_iotlb_inv_asid_vmid
  hw/arm/smmu: Support nesting in smmuv3_range_inval()
  hw/arm/smmu-common: Support nested translation
  hw/arm/smmu-common: Add support for nested TLB
  hw/arm/smmu-common: Rework TLB lookup for nesting
  hw/arm/smmuv3: Translate CD and TT using stage-2 table
  hw/arm/smmu: Introduce CACHED_ENTRY_TO_ADDR
  hw/arm/smmu: Consolidate ASID and VMID types
  hw/arm/smmu: Split smmuv3_translate()
  hw/arm/smmu: Use enum for SMMU stage
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agohvf: arm: Do not advance PC when raising an exception
Akihiko Odaki [Tue, 16 Jul 2024 12:50:33 +0000 (21:50 +0900)]
hvf: arm: Do not advance PC when raising an exception

hvf did not advance PC when raising an exception for most unhandled
system registers, but it mistakenly advanced PC when raising an
exception for GICv3 registers.

Cc: qemu-stable@nongnu.org
Fixes: a2260983c655 ("hvf: arm: Add support for GICv3")
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-id: 20240716-pmu-v3-4-8c7c1858a227@daynix.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotests/arm-cpu-features: Do not assume PMU availability
Akihiko Odaki [Tue, 16 Jul 2024 12:50:30 +0000 (21:50 +0900)]
tests/arm-cpu-features: Do not assume PMU availability

Asahi Linux supports KVM but lacks PMU support.

Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20240716-pmu-v3-1-8c7c1858a227@daynix.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotests/tcg/aarch64: Add test cases for SME FMOPA (widening)
Daniyal Khan [Wed, 17 Jul 2024 06:01:49 +0000 (16:01 +1000)]
tests/tcg/aarch64: Add test cases for SME FMOPA (widening)

Signed-off-by: Daniyal Khan <danikhan632@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240717060149.204788-4-richard.henderson@linaro.org
Message-Id: 172090222034.13953.16888708708822922098-1@git.sr.ht
[rth: Split test from a larger patch, tidy assembly]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotarget/arm: Use FPST_F16 for SME FMOPA (widening)
Richard Henderson [Wed, 17 Jul 2024 06:01:48 +0000 (16:01 +1000)]
target/arm: Use FPST_F16 for SME FMOPA (widening)

This operation has float16 inputs and thus must use
the FZ16 control not the FZ control.

Cc: qemu-stable@nongnu.org
Fixes: 3916841ac75 ("target/arm: Implement FMOPA, FMOPS (widening)")
Reported-by: Daniyal Khan <danikhan632@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240717060149.204788-3-richard.henderson@linaro.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2374
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotarget/arm: Use float_status copy in sme_fmopa_s
Daniyal Khan [Wed, 17 Jul 2024 06:01:47 +0000 (16:01 +1000)]
target/arm: Use float_status copy in sme_fmopa_s

We made a copy above because the fp exception flags
are not propagated back to the FPST register, but
then failed to use the copy.

Cc: qemu-stable@nongnu.org
Fixes: 558e956c719 ("target/arm: Implement FMOPA, FMOPS (non-widening)")
Signed-off-by: Daniyal Khan <danikhan632@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240717060149.204788-2-richard.henderson@linaro.org
[rth: Split from a larger patch]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu: Refactor SMMU OAS
Mostafa Saleh [Mon, 15 Jul 2024 08:45:18 +0000 (08:45 +0000)]
hw/arm/smmu: Refactor SMMU OAS

SMMUv3 OAS is currently hardcoded in the code to 44 bits, for nested
configurations that can be a problem, as stage-2 might be shared with
the CPU which might have different PARANGE, and according to SMMU manual
ARM IHI 0070F.b:
    6.3.6 SMMU_IDR5, OAS must match the system physical address size.

This patch doesn't change the SMMU OAS, but refactors the code to
make it easier to do that:
- Rely everywhere on IDR5 for reading OAS instead of using the
  SMMU_IDR5_OAS macro, so, it is easier just to change IDR5 and
  it propagages correctly.
- Add additional checks when OAS is greater than 48bits.
- Remove unused functions/macros: pa_range/MAX_PA.

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-19-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmuv3: Support and advertise nesting
Mostafa Saleh [Mon, 15 Jul 2024 08:45:17 +0000 (08:45 +0000)]
hw/arm/smmuv3: Support and advertise nesting

Everything is in place, consolidate parsing of STE cfg and setting
translation stage.

Advertise nesting if stage requested is "nested".

Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-18-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmuv3: Handle translation faults according to SMMUPTWEventInfo
Mostafa Saleh [Mon, 15 Jul 2024 08:45:16 +0000 (08:45 +0000)]
hw/arm/smmuv3: Handle translation faults according to SMMUPTWEventInfo

Previously, to check if faults are enabled, it was sufficient to check
the current stage of translation and check the corresponding
record_faults flag.

However, with nesting, it is possible for stage-1 (nested) translation
to trigger a stage-2 fault, so we check SMMUPTWEventInfo as it would
have the correct stage set from the page table walk.

Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-17-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmuv3: Support nested SMMUs in smmuv3_notify_iova()
Mostafa Saleh [Mon, 15 Jul 2024 08:45:15 +0000 (08:45 +0000)]
hw/arm/smmuv3: Support nested SMMUs in smmuv3_notify_iova()

IOMMUTLBEvent only understands IOVA, for stage-1 or stage-2
SMMU instances we consider the input address as the IOVA, but when
nesting is used, we can't mix stage-1 and stage-2 addresses, so for
nesting only stage-1 is considered the IOVA and would be notified.

Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-16-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu: Support nesting in the rest of commands
Mostafa Saleh [Mon, 15 Jul 2024 08:45:14 +0000 (08:45 +0000)]
hw/arm/smmu: Support nesting in the rest of commands

Some commands need rework for nesting, as they used to assume S1
and S2 are mutually exclusive:

- CMD_TLBI_NH_ASID: Consider VMID if stage-2 is supported
- CMD_TLBI_NH_ALL: Consider VMID if stage-2 is supported, otherwise
  invalidate everything, this required a new vmid invalidation
  function for stage-1 only (ASID >= 0)

Also, rework trace events to reflect the new implementation.

Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-15-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu: Introduce smmu_iotlb_inv_asid_vmid
Mostafa Saleh [Mon, 15 Jul 2024 08:45:13 +0000 (08:45 +0000)]
hw/arm/smmu: Introduce smmu_iotlb_inv_asid_vmid

Soon, Instead of doing TLB invalidation by ASID only, VMID will be
also required.
Add smmu_iotlb_inv_asid_vmid() which invalidates by both ASID and VMID.

However, at the moment this function is only used in SMMU_CMD_TLBI_NH_ASID
which is a stage-1 command, so passing VMID = -1 keeps the original
behaviour.

Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-14-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu: Support nesting in smmuv3_range_inval()
Mostafa Saleh [Mon, 15 Jul 2024 08:45:12 +0000 (08:45 +0000)]
hw/arm/smmu: Support nesting in smmuv3_range_inval()

With nesting, we would need to invalidate IPAs without
over-invalidating stage-1 IOVAs. This can be done by
distinguishing IPAs in the TLBs by having ASID=-1.
To achieve that, rework the invalidation for IPAs to have a
separate function, while for IOVA invalidation ASID=-1 means
invalidate for all ASIDs.

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-13-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu-common: Support nested translation
Mostafa Saleh [Mon, 15 Jul 2024 08:45:11 +0000 (08:45 +0000)]
hw/arm/smmu-common: Support nested translation

When nested translation is requested, do the following:
- Translate stage-1 table address IPA into PA through stage-2.
- Translate stage-1 table walk output (IPA) through stage-2.
- Create a single TLB entry from stage-1 and stage-2 translations
  using logic introduced before.

smmu_ptw() has a new argument SMMUState which include the TLB as
stage-1 table address can be cached in there.

Also in smmu_ptw(), a separate path used for nesting to simplify the
code, although some logic can be combined.

With nested translation class of translation fault can be different,
from the class of the translation, as faults from translating stage-1
tables are considered as CLASS_TT and not CLASS_IN, a new member
"is_ipa_descriptor" added to "SMMUPTWEventInfo" to differ faults
from walking stage 1 translation table and faults from translating
an IPA for a transaction.

Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-12-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu-common: Add support for nested TLB
Mostafa Saleh [Mon, 15 Jul 2024 08:45:10 +0000 (08:45 +0000)]
hw/arm/smmu-common: Add support for nested TLB

This patch adds support for nested (combined) TLB entries.
The main function combine_tlb() is not used here but in the next
patches, but to simplify the patches it is introduced first.

Main changes:
1) New field added in the SMMUTLBEntry struct: parent_perm, for
   nested TLB, holds the stage-2 permission, this can be used to know
   the origin of a permission fault from a cached entry as caching
   the “and” of the permissions loses this information.

   SMMUPTWEventInfo is used to hold information about PTW faults so
   the event can be populated, the value of stage used to be set
   based on the current stage for TLB permission faults, however
   with the parent_perm, it is now set based on which perm has
   the missing permission

   When nesting is not enabled it has the same value as perm which
   doesn't change the logic.

2) As combined TLB implementation is used, the combination logic
   chooses:
   - tg and level from the entry which has the smallest addr_mask.
   - Based on that the iova that would be cached is recalculated.
   - Translated_addr is chosen from stage-2.

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-11-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu-common: Rework TLB lookup for nesting
Mostafa Saleh [Mon, 15 Jul 2024 08:45:09 +0000 (08:45 +0000)]
hw/arm/smmu-common: Rework TLB lookup for nesting

In the next patch, combine_tlb() will be added which combines 2 TLB
entries into one for nested translations, which chooses the granule
and level from the smallest entry.

This means that with nested translation, an entry can be cached with
the granule of stage-2 and not stage-1.

However, currently, the lookup for an IOVA is done with input stage
granule, which is stage-1 for nested configuration, which will not
work with the above logic.
This patch reworks lookup in that case, so it falls back to stage-2
granule if no entry is found using stage-1 granule.

Also, drop aligning the iova to avoid over-aligning in case the iova
is cached with a smaller granule, the TLB lookup will align the iova
anyway for each granule and level, and the page table walker doesn't
consider the page offset bits.

Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-10-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmuv3: Translate CD and TT using stage-2 table
Mostafa Saleh [Mon, 15 Jul 2024 08:45:08 +0000 (08:45 +0000)]
hw/arm/smmuv3: Translate CD and TT using stage-2 table

According to ARM SMMU architecture specification (ARM IHI 0070 F.b),
In "5.2 Stream Table Entry":
 [51:6] S1ContextPtr
 If Config[1] == 1 (stage 2 enabled), this pointer is an IPA translated by
 stage 2 and the programmed value must be within the range of the IAS.

In "5.4.1 CD notes":
 The translation table walks performed from TTB0 or TTB1 are always performed
 in IPA space if stage 2 translations are enabled.

This patch implements translation of the S1 context descriptor pointer and
TTBx base addresses through the S2 stage (IPA -> PA)

smmuv3_do_translate() is updated to have one arg which is translation
class, this is useful to:
 - Decide wether a translation is stage-2 only or use the STE config.
 - Populate the class in case of faults, WALK_EABT is left unchanged
   for stage-1 as it is always IN, while stage-2 would match the
   used class (TT, IN, CD), this will change slightly when the ptw
   supports nested translation as it can also issue TT event with
   class IN.

In case for stage-2 only translation, used in the context of nested
translation, the stage and asid are saved and restored before and
after calling smmu_translate().

Translating CD or TTBx can fail for the following reasons:
1) Large address size: This is described in
   (3.4.3 Address sizes of SMMU-originated accesses)
   - For CD ptr larger than IAS, for SMMUv3.1, it can trigger either
     C_BAD_STE or Translation fault, we implement the latter as it
     requires no extra code.
   - For TTBx, if larger than the effective stage 1 output address size, it
     triggers C_BAD_CD.

2) Faults from PTWs (7.3 Event records)
   - F_ADDR_SIZE: large address size after first level causes stage 2 Address
     Size fault (Also in 3.4.3 Address sizes of SMMU-originated accesses)
   - F_PERMISSION: Same as an address translation. However, when
     CLASS == CD, the access is implicitly Data and a read.
   - F_ACCESS: Same as an address translation.
   - F_TRANSLATION: Same as an address translation.
   - F_WALK_EABT: Same as an address translation.
  These are already implemented in the PTW logic, so no extra handling
  required.

As in CD and TTBx translation context, the iova is not known, setting
the InputAddr was removed from "smmuv3_do_translate" and set after
from "smmuv3_translate" with the new function "smmuv3_fixup_event"

Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-9-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu: Introduce CACHED_ENTRY_TO_ADDR
Mostafa Saleh [Mon, 15 Jul 2024 08:45:07 +0000 (08:45 +0000)]
hw/arm/smmu: Introduce CACHED_ENTRY_TO_ADDR

Soon, smmuv3_do_translate() will be used to translate the CD and the
TTBx, instead of re-writting the same logic to convert the returned
cached entry to an address, add a new macro CACHED_ENTRY_TO_ADDR.

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-8-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu: Consolidate ASID and VMID types
Mostafa Saleh [Mon, 15 Jul 2024 08:45:06 +0000 (08:45 +0000)]
hw/arm/smmu: Consolidate ASID and VMID types

ASID and VMID used to be uint16_t in the translation config, however,
in other contexts they can be int as -1 in case of TLB invalidation,
to represent all (don’t care).
When stage-2 was added asid was set to -1 in stage-2 and vmid to -1
in stage-1 configs. However, that meant they were set as (65536),
this was not an issue as nesting was not supported and no
commands/lookup uses both.

With nesting, it’s critical to get this right as translation must be
tagged correctly with ASID/VMID, and with ASID=-1 meaning stage-2.
Represent ASID/VMID everywhere as int.

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-7-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu: Split smmuv3_translate()
Mostafa Saleh [Mon, 15 Jul 2024 08:45:05 +0000 (08:45 +0000)]
hw/arm/smmu: Split smmuv3_translate()

smmuv3_translate() does everything from STE/CD parsing to TLB lookup
and PTW.

Soon, when nesting is supported, stage-1 data (tt, CD) needs to be
translated using stage-2.

Split smmuv3_translate() to 3 functions:

- smmu_translate(): in smmu-common.c, which does the TLB lookup, PTW,
  TLB insertion, all the functions are already there, this just puts
  them together.
  This also simplifies the code as it consolidates event generation
  in case of TLB lookup permission failure or in TT selection.

- smmuv3_do_translate(): in smmuv3.c, Calls smmu_translate() and does
  the event population in case of errors.

- smmuv3_translate(), now calls smmuv3_do_translate() for
  translation while the rest is the same.

Also, add stage in trace_smmuv3_translate_success()

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-6-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm/smmu: Use enum for SMMU stage
Mostafa Saleh [Mon, 15 Jul 2024 08:45:04 +0000 (08:45 +0000)]
hw/arm/smmu: Use enum for SMMU stage

Currently, translation stage is represented as an int, where 1 is stage-1 and
2 is stage-2, when nested is added, 3 would be confusing to represent nesting,
so we use an enum instead.

While keeping the same values, this is useful for:
 - Doing tricks with bit masks, where BIT(0) is stage-1 and BIT(1) is
   stage-2 and both is nested.
 - Tracing, as stage is printed as int.

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-id: 20240715084519.1189624-5-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>