Joseph Myers [Wed, 13 May 2020 23:51:42 +0000 (23:51 +0000)]
target/i386: fix fbstp handling of out-of-range values
The fbstp implementation fails to check for out-of-range and invalid
values, instead just taking the result of conversion to int64_t and
storing its sign and low 18 decimal digits. Fix this by checking for
an out-of-range result (invalid conversions always result in INT64_MAX
or INT64_MIN from the softfloat code, which are large enough to be
considered as out-of-range by this code) and storing the packed BCD
indefinite encoding in that case.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.
2005132351110.11687@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Joseph Myers [Wed, 13 May 2020 23:51:09 +0000 (23:51 +0000)]
target/i386: fix fbstp handling of negative zero
The fbstp implementation stores +0 when the rounded result should be
-0 because it compares an integer value with 0 to determine the sign.
Fix this by checking the sign bit of the operand instead.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.
2005132350230.11687@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Joseph Myers [Wed, 13 May 2020 23:50:19 +0000 (23:50 +0000)]
target/i386: fix fxam handling of invalid encodings
The fxam implementation does not check for invalid encodings, instead
treating them like NaN or normal numbers depending on the exponent.
Fix it to check that the high bit of the significand is set before
treating an encoding as NaN or normal, thus resulting in correct
handling (all of C0, C2 and C3 cleared) for invalid encodings.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.
2005132349311.11687@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Joseph Myers [Wed, 13 May 2020 23:49:27 +0000 (23:49 +0000)]
target/i386: fix floating-point load-constant rounding
The implementations of the fldl2t, fldl2e, fldpi, fldlg2 and fldln2
instructions load fixed constants independent of the rounding mode.
Fix them to load a value correctly rounded for the current rounding
mode (but always rounded to 64-bit precision independent of the
precision control, and without setting "inexact") as specified.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <alpine.DEB.2.21.
2005132348310.11687@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Mon, 18 May 2020 15:53:05 +0000 (17:53 +0200)]
hw/elf_ops: Do not ignore write failures when loading ELF
Do not ignore the MemTxResult error type returned by
address_space_write().
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Mon, 18 May 2020 15:53:04 +0000 (17:53 +0200)]
disas: Let disas::read_memory() handler return EIO on error
Both cpu_memory_rw_debug() and address_space_read() return
an error on failed transaction. Check the returned value,
and return EIO in case of error.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Mon, 18 May 2020 15:53:03 +0000 (17:53 +0200)]
exec: Propagate cpu_memory_rw_debug() error
Do not ignore the MemTxResult error type returned by
the address_space_rw() API.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Mon, 18 May 2020 15:53:02 +0000 (17:53 +0200)]
exec: Let address_space_read/write_cached() propagate MemTxResult
Both address_space_read_cached_slow() and
address_space_write_cached_slow() return a MemTxResult type.
Do not discard it, return it to the caller.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Joseph Myers [Thu, 7 May 2020 00:46:28 +0000 (00:46 +0000)]
target/i386: fix fscale handling of rounding precision
The fscale implementation uses floatx80_scalbn for the final scaling
operation. floatx80_scalbn ends up rounding the result using the
dynamic rounding precision configured for the FPU. But only a limited
set of x87 floating-point instructions are supposed to respect the
dynamic rounding precision, and fscale is not in that set. Fix the
implementation to save and restore the rounding precision around the
call to floatx80_scalbn.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.
2005070045430.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Joseph Myers [Thu, 7 May 2020 00:45:38 +0000 (00:45 +0000)]
target/i386: fix fscale handling of infinite exponents
The fscale implementation passes infinite exponents through to generic
code that rounds the exponent to a 32-bit integer before using
floatx80_scalbn. In round-to-nearest mode, and ignoring exceptions,
this works in many cases. But it fails to handle the special cases of
scaling 0 by a +Inf exponent or an infinity by a -Inf exponent, which
should produce a NaN, and because it produces an inexact result for
finite nonzero numbers being scaled, the result is sometimes incorrect
in other rounding modes. Add appropriate handling of infinite
exponents to produce a NaN or an appropriately signed exact zero or
infinity as a result.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.
2005070045010.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Joseph Myers [Thu, 7 May 2020 00:44:57 +0000 (00:44 +0000)]
target/i386: fix fscale handling of invalid exponent encodings
The fscale implementation does not check for invalid encodings in the
exponent operand, thus treating them like INT_MIN (the value returned
for invalid encodings by floatx80_to_int32_round_to_zero). Fix it to
treat them similarly to signaling NaN exponents, thus generating a
quiet NaN result.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.
2005070044190.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Joseph Myers [Thu, 7 May 2020 00:44:14 +0000 (00:44 +0000)]
target/i386: fix fscale handling of signaling NaN
The implementation of the fscale instruction returns a NaN exponent
unchanged. Fix it to return a quiet NaN when the provided exponent is
a signaling NaN.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.
2005070043330.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Joseph Myers [Thu, 7 May 2020 00:43:30 +0000 (00:43 +0000)]
target/i386: implement special cases for fxtract
The implementation of the fxtract instruction treats all nonzero
operands as normal numbers, so yielding incorrect results for invalid
formats, infinities, NaNs and subnormal and pseudo-denormal operands.
Implement appropriate handling of all those cases.
Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <alpine.DEB.2.21.
2005070042360.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Prasad J Pandit [Wed, 13 May 2020 19:25:40 +0000 (00:55 +0530)]
megasas: use unsigned type for positive numeric fields
Use unsigned type for the MegasasState fields which hold positive
numeric values.
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <
20200513192540.
1583887-4-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Prasad J Pandit [Wed, 13 May 2020 19:25:39 +0000 (00:55 +0530)]
megasas: avoid NULL pointer dereference
While in megasas_handle_frame(), megasas_enqueue_frame() may
set a NULL frame into MegasasCmd object for a given 'frame_addr'
address. Add check to avoid a NULL pointer dereference issue.
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Fixes: https://bugs.launchpad.net/qemu/+bug/1878259
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Acked-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <
20200513192540.
1583887-3-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Prasad J Pandit [Wed, 13 May 2020 19:25:38 +0000 (00:55 +0530)]
megasas: use unsigned type for reply_queue_head and check index
A guest user may set 'reply_queue_head' field of MegasasState to
a negative value. Later in 'megasas_lookup_frame' it is used to
index into s->frames[] array. Use unsigned type to avoid OOB
access issue.
Also check that 'index' value stays within s->frames[] bounds
through the while() loop in 'megasas_lookup_frame' to avoid OOB
access.
Reported-by: Ren Ding <rding@gatech.edu>
Reported-by: Hanqing Zhao <hanqing@gatech.edu>
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Acked-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <
20200513192540.
1583887-2-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pan Nengyuan [Wed, 13 May 2020 13:26:30 +0000 (09:26 -0400)]
i386/kvm: fix a use-after-free when vcpu plug/unplug
When we hotplug vcpus, cpu_update_state is added to vm_change_state_head
in kvm_arch_init_vcpu(). But it forgot to delete in kvm_arch_destroy_vcpu() after
unplug. Then it will cause a use-after-free access. This patch delete it in
kvm_arch_destroy_vcpu() to fix that.
Reproducer:
virsh setvcpus vm1 4 --live
virsh setvcpus vm1 2 --live
virsh suspend vm1
virsh resume vm1
The UAF stack:
==qemu-system-x86_64==28233==ERROR: AddressSanitizer: heap-use-after-free on address 0x62e00002e798 at pc 0x5573c6917d9e bp 0x7fff07139e50 sp 0x7fff07139e40
WRITE of size 1 at 0x62e00002e798 thread T0
#0 0x5573c6917d9d in cpu_update_state /mnt/sdb/qemu/target/i386/kvm.c:742
#1 0x5573c699121a in vm_state_notify /mnt/sdb/qemu/vl.c:1290
#2 0x5573c636287e in vm_prepare_start /mnt/sdb/qemu/cpus.c:2144
#3 0x5573c6362927 in vm_start /mnt/sdb/qemu/cpus.c:2150
#4 0x5573c71e8304 in qmp_cont /mnt/sdb/qemu/monitor/qmp-cmds.c:173
#5 0x5573c727cb1e in qmp_marshal_cont qapi/qapi-commands-misc.c:835
#6 0x5573c7694c7a in do_qmp_dispatch /mnt/sdb/qemu/qapi/qmp-dispatch.c:132
#7 0x5573c7694c7a in qmp_dispatch /mnt/sdb/qemu/qapi/qmp-dispatch.c:175
#8 0x5573c71d9110 in monitor_qmp_dispatch /mnt/sdb/qemu/monitor/qmp.c:145
#9 0x5573c71dad4f in monitor_qmp_bh_dispatcher /mnt/sdb/qemu/monitor/qmp.c:234
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200513132630.13412-1-pannengyuan@huawei.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
WangBowen [Sat, 9 May 2020 03:59:52 +0000 (11:59 +0800)]
hax: Dynamic allocate vcpu state structure
Dynamic allocating vcpu state structure according to smp value to be
more precise and safe. Previously it will alloccate array of fixed size
HAX_MAX_VCPU.
This is achieved by using g_new0 to dynamic allocate the array. The
allocated size is obtained from smp.max_cpus in MachineState. Also, the
size is compared with HAX_MAX_VCPU when creating the vm. The reason for
choosing dynamic array over linked list is because the status is visited
by index all the time.
This will lead to QEMU checking whether the smp value is larger than the
HAX_MAX_VCPU when creating vm, if larger, the process will terminate,
otherwise it will allocate array of size smp to store the status.
V2: Check max_cpus before open vm. (Philippe)
Signed-off-by: WangBowen <bowen.wang@intel.com>
Signed-off-by: Colin Xu <colin.xu@intel.com>
Message-Id: <
20200509035952.187615-1-colin.xu@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Markus Armbruster [Fri, 15 May 2020 04:22:31 +0000 (06:22 +0200)]
cpus: Fix botched configure_icount() error API violation fix
Before recent commit
abc9bf69a66, configure_icount() returned early
when option "shift" was absent: succeed when option "align" was also
absent, else fail.
Since then, it still errors out when only "align" is present, but
continues when both are absent. Crashes when examining the value of
"shift" further. Reproducer: -icount "".
Revert this erroneous part of the commit.
Fixes: abc9bf69a66a11499a801ff545b8fe7adbb3a04c
Fixes: Coverity CID 1428754
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200515042231.18201-1-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Masahiro Yamada [Wed, 13 May 2020 03:36:00 +0000 (12:36 +0900)]
qom/container: remove .instance_size initializer from container_info
You can omit .instance_size if it is the same as that of the parent.
.class_size = sizeof(ObjectClass)
... is omitted here, so removing .instance_size is more consistent.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Message-Id: <
20200513033600.
2709646-1-masahiroy@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Masahiro Yamada [Tue, 12 May 2020 17:31:04 +0000 (02:31 +0900)]
qom/object: pass (Object *) to object_initialize_with_type()
object_new_with_type() already passes (Object *) pointer.
Avoid casting back and forth.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Message-Id: <
20200512173104.
2293073-1-masahiroy@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Masahiro Yamada [Tue, 12 May 2020 18:25:01 +0000 (03:25 +0900)]
qom/object: simplify type_initialize_interface()
iface_impl->class is the same as new_iface. Make it more readable.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Message-Id: <
20200512182501.
2300530-1-masahiroy@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Masahiro Yamada [Tue, 12 May 2020 17:26:15 +0000 (02:26 +0900)]
qom/object: factor out the initialization of hash table of properties
Properties are not related to the initialization of interfaces.
The initialization of the hash table can be moved after the if-block,
and unified.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Message-Id: <
20200512172615.
2291999-1-masahiroy@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Masahiro Yamada [Sun, 10 May 2020 01:32:35 +0000 (10:32 +0900)]
qom: remove index from object_resolve_abs_path()
You can advance 'parts' to track the current path fragment.
The 'index' parameter is unneeded.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Message-Id: <
20200510013235.954906-1-masahiroy@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Fri, 8 May 2020 10:02:22 +0000 (12:02 +0200)]
accel: Move Xen accelerator code under accel/xen/
This code is not related to hardware emulation.
Move it under accel/ with the other hypervisors.
Reviewed-by: Paul Durrant <paul@xen.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200508100222.7112-1-philmd@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:31 +0000 (18:54 +0200)]
hw/i386/vmport: Assert vmport initialized before registering commands
vmport_register() is also called from other modules such as vmmouse.
Therefore, these modules rely that vmport is realized before those call
sites. If this is violated, vmport_register() will NULL-deref.
To make such issues easier to debug, assert in vmport_register() that
vmport is already realized.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-17-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:30 +0000 (18:54 +0200)]
hw/i386/vmport: Add support for CMD_GETHZ
This command returns to guest information on LAPIC bus frequency and TSC
frequency.
One can see how this interface is used by Linux vmware_platform_setup()
introduced in Linux commit
88b094fb8d4f ("x86: Hypervisor detection and
get tsc_freq from hypervisor").
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-16-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:29 +0000 (18:54 +0200)]
i386/cpu: Store LAPIC bus frequency in CPU structure
No functional change.
This information will be used by following patches.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-15-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:28 +0000 (18:54 +0200)]
hw/i386/vmport: Allow x2apic without IR
Signal to guest that hypervisor supports x2apic without VT-d/IOMMU
Interrupt-Remapping support. This allows guest to use x2apic in
case all APIC IDs fits in 8-bit (i.e. Max APIC ID < 255).
See Linux kernel commit
4cca6ea04d31 ("x86/apic: Allow x2apic
without IR on VMware platform") and Linux try_to_enable_x2apic()
function.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-14-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:27 +0000 (18:54 +0200)]
hw/i386/vmport: Add support for CMD_GET_VCPU_INFO
Command currently returns that it is unimplemented by setting
the reserved-bit in it's return value.
Following patches will return various useful vCPU information
to guest.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-13-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:24 +0000 (18:54 +0200)]
hw/i386/vmport: Add support for CMD_GETBIOSUUID
This is VMware documented functionallity that some guests rely on.
Returns the BIOS UUID of the current virtual machine.
Note that we also introduce a new compatability flag "x-cmds-v2" to
make sure to expose new VMPort commands only to new machine-types.
This flag will also be used by the following patches that will introduce
additional VMPort commands.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-10-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:23 +0000 (18:54 +0200)]
hw/i386/vmport: Define enum for all commands
No functional change.
Defining an enum for all VMPort commands have the following advantages:
* It gets rid of the error-prone requirement to update VMPORT_ENTRIES
when new VMPort commands are added to QEMU.
* It makes it clear to know by looking at one place at the source, what
are all the VMPort commands supported by QEMU.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200312165431.82118-9-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:22 +0000 (18:54 +0200)]
hw/i386/vmport: Introduce vmport.h
No functional change. This is mere refactoring.
Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200312165431.82118-8-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:21 +0000 (18:54 +0200)]
hw/i386/vmport: Report vmware-vmx-type in CMD_GETVERSION
As can be seen from VmCheck_GetVersion() in open-vm-tools code,
CMD_GETVERSION should return vmware-vmx-type in ECX register.
Default is to fake host as VMware ESX server. But user can control
this value by "-global vmport.vmware-vmx-type=X".
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-7-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:20 +0000 (18:54 +0200)]
hw/i386/vmport: Introduce vmware-vmx-version property
vmware-vmx-version is a number returned from CMD_GETVERSION which specifies
to guest VMware Tools the the host VMX version. If the host reports a number
that is different than what the guest VMware Tools expects, it may force
guest to upgrade VMware Tools. (See comment above VERSION_MAGIC and
VmCheck_IsVirtualWorld() function in open-vm-tools open-source code).
For better readability and allow maintaining compatability for guests
which may expect different vmware-vmx-version, make vmware-vmx-version a
VMPort object property. This would allow user to control it's value via
"-global vmport.vmware-vmx-version=X".
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200312165431.82118-6-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:19 +0000 (18:54 +0200)]
hw/i386/vmport: Set EAX to -1 on failed and unsupported commands
This is used as a signal for VMware Tools to know if a command it
attempted to invoke, failed or is unsupported. As a result, VMware Tools
will either report failure to user or fallback to another backdoor command
in attempt to perform some operation.
A few examples:
* open-vm-tools TimeSyncReadHost() function fallbacks to
CMD_GETTIMEFULL command when CMD_GETTIMEFULL_WITH_LAG
fails/unsupported.
* open-vm-tools Hostinfo_NestingSupported() function verifies
EAX != -1 to check for success.
* open-vm-tools Hostinfo_VCPUInfoBackdoor() functions checks
if reserved-bit is set to indicate command is unimplemented.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-5-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:18 +0000 (18:54 +0200)]
hw/i386/vmport: Propagate IOPort read to vCPU EAX register
vmport_ioport_read() returns the value that should propagate to vCPU EAX
register when guest reads VMPort IOPort (i.e. By x86 IN instruction).
However, because vmport_ioport_read() calls cpu_synchronize_state(), the
returned value gets overridden by the value in QEMU vCPU EAX register.
i.e. cpu->env.regs[R_EAX].
To fix this issue, change vmport_ioport_read() to explicitly override
cpu->env.regs[R_EAX] with the value it wish to propagate to vCPU EAX
register.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-4-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:17 +0000 (18:54 +0200)]
hw/i386/vmport: Add device properties
No functional change.
This is done as a preparation for the following patches that will
introduce several device properties.
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200312165431.82118-3-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liran Alon [Thu, 12 Mar 2020 16:54:16 +0000 (18:54 +0200)]
hw/i386/vmport: Add reference to VMware open-vm-tools
This official VMware open-source project can be used as reference to
understand how guest code interacts with VMPort virtual device. Thus,
providing understanding on how device is expected to behave.
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <
20200312165431.82118-2-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Janne Grunau [Wed, 1 Apr 2020 22:52:53 +0000 (00:52 +0200)]
target/i386: fix phadd* with identical destination and source register
Detected by asm test suite failures in dav1d
(https://code.videolan.org/videolan/dav1d). Can be reproduced by
`qemu-x86_64 -cpu core2duo ./tests/checkasm --test=mc_8bpc
1659890620`.
Signed-off-by: Janne Grunau <j@jannau.net>
Message-Id: <
20200401225253.30745-1-j@jannau.net>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Babu Moger [Fri, 17 Apr 2020 21:55:13 +0000 (16:55 -0500)]
target/i386: Fix the CPUID leaf CPUID_Fn80000008
CPUID leaf CPUID_Fn80000008_ECX provides information about the
number of threads supported by the processor. It was found that
the field ApicIdSize(bits 15-12) was not set correctly.
ApicIdSize is defined as the number of bits required to represent
all the ApicId values within a package.
Valid Values: Value Description
3h-0h Reserved.
4h up to 16 threads.
5h up to 32 threads.
6h up to 64 threads.
7h up to 128 threads.
Fh-8h Reserved.
Fix the bit appropriately.
This came up during following thread.
https://lore.kernel.org/qemu-devel/
158643709116.17430.
15995069125716778943.malonedeb@wampee.canonical.com/#t
Refer the Processor Programming Reference (PPR) for AMD Family 17h
Model 01h, Revision B1 Processors. The documentation is available
from the bugzilla Link below.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537
Reported-by: Philipp Eppelt <1871842@bugs.launchpad.net>
Signed-off-by: Babu Moger <babu.moger@amd.com>
Message-Id: <
20200417215345.64800.73351.stgit@localhost.localdomain>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jon Doron [Fri, 24 Apr 2020 12:34:44 +0000 (15:34 +0300)]
vmbus: add infrastructure to save/load vmbus requests
This can be allow to include controller-specific data while
saving/loading in-flight scsi requests of the vmbus scsi controller.
Signed-off-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Signed-off-by: Jon Doron <arilou@gmail.com>
Message-Id: <
20200424123444.
3481728-7-arilou@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jon Doron [Fri, 24 Apr 2020 12:34:43 +0000 (15:34 +0300)]
i386: Hyper-V VMBus ACPI DSDT entry
Guest OS uses ACPI to discover VMBus presence. Add a corresponding
entry to DSDT in case VMBus has been enabled.
Experimentally Windows guests were found to require this entry to
include two IRQ resources. They seem to never be used but they still
have to be there.
Make IRQ numbers user-configurable via corresponding properties; use 7
and 13 by default.
Signed-off-by: Evgeny Yakovlev <eyakovlev@virtuozzo.com>
Signed-off-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Signed-off-by: Jon Doron <arilou@gmail.com>
Message-Id: <
20200424123444.
3481728-6-arilou@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jon Doron [Fri, 24 Apr 2020 12:34:42 +0000 (15:34 +0300)]
i386:pc: whitelist dynamic vmbus-bridge
As vmbus-bridge is derived from sysbus device, it has to be whitelisted
to be allowed to be created with -device.
Signed-off-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Signed-off-by: Jon Doron <arilou@gmail.com>
Message-Id: <
20200424123444.
3481728-5-arilou@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jon Doron [Fri, 24 Apr 2020 12:34:41 +0000 (15:34 +0300)]
vmbus: vmbus implementation
Add the VMBus infrastructure -- bus, devices, root bridge, vmbus state
machine, vmbus channel interactions, etc.
VMBus is a collection of technologies. At its lowest layer, it's a message
passing and signaling mechanism, allowing efficient passing of messages to and
from guest VMs. A layer higher, it's a mechanism for defining channels of
communication, where each channel is tagged with a type (which implies a
protocol) and a instance ID. A layer higher than that, it's a bus driver,
serving as the basis of device enumeration within a VM, where a channel can
optionally be exposed as a paravirtual device. When a server-side (paravirtual
back-end) component wishes to offer a channel to a guest VM, it does so by
specifying a channel type, a mode, and an instance ID. VMBus then exposes this
in the guest.
More information about VMBus can be found in the file
vmbuskernelmodeclientlibapi.h in Microsoft's WDK.
TODO:
- split into smaller palatable pieces
- more comments
- check and handle corner cases
Kudos to Evgeny Yakovlev (formerly eyakovlev@virtuozzo.com) and Andrey
Smetatin (formerly asmetanin@virtuozzo.com) for research and
prototyping.
Signed-off-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Signed-off-by: Jon Doron <arilou@gmail.com>
Message-Id: <
20200424123444.
3481728-4-arilou@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jon Doron [Fri, 24 Apr 2020 12:34:40 +0000 (15:34 +0300)]
vmbus: add vmbus protocol definitions
Add a header with data structures and constants used in Hyper-V VMBus
hypervisor <-> guest interactions.
Based on the respective stuff from Linux kernel.
Signed-off-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Signed-off-by: Jon Doron <arilou@gmail.com>
Message-Id: <
20200424123444.
3481728-3-arilou@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jon Doron [Fri, 24 Apr 2020 12:34:39 +0000 (15:34 +0300)]
hyperv: expose API to determine if synic is enabled
Signed-off-by: Jon Doron <arilou@gmail.com>
Message-Id: <
20200424123444.
3481728-2-arilou@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Thu, 23 Apr 2020 10:43:45 +0000 (12:43 +0200)]
Makefile: Let the 'help' target list the helper targets
List the name of the helper targets when calling 'make help',
along with the tool targets:
$ make help
[...]
Helper targets:
fsdev/virtfs-proxy-helper - Build virtfs-proxy-helper
scsi/qemu-pr-helper - Build qemu-pr-helper
qemu-bridge-helper - Build qemu-bridge-helper
vhost-user-gpu - Build vhost-user-gpu
virtiofsd - Build virtiofsd
Tools targets:
qemu-ga - Build qemu-ga tool
qemu-keymap - Build qemu-keymap tool
elf2dmp - Build elf2dmp tool
ivshmem-client - Build ivshmem-client tool
ivshmem-server - Build ivshmem-server tool
qemu-nbd - Build qemu-nbd tool
qemu-storage-daemon - Build qemu-storage-daemon tool
qemu-img - Build qemu-img tool
qemu-io - Build qemu-io tool
qemu-edid - Build qemu-edid tool
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Mon, 4 May 2020 11:56:55 +0000 (13:56 +0200)]
io/task: Move 'qom/object.h' header to source
We need "qom/object.h" to call object_ref()/object_unref(),
and to test the TYPE_DUMMY.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <
20200504115656.6045-3-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Mon, 4 May 2020 11:56:54 +0000 (13:56 +0200)]
qom/object: Move Object typedef to 'qemu/typedefs.h'
We use the Object type all over the place.
Forward declare it in "qemu/typedefs.h".
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <
20200504115656.6045-2-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Philippe Mathieu-Daudé [Sun, 17 May 2020 11:01:47 +0000 (13:01 +0200)]
target/i386: Fix OUTL debug output
Fix OUTL instructions incorrectly displayed as OUTW.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20200517110147.26026-1-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cédric Le Goater [Sat, 4 Apr 2020 15:33:40 +0000 (17:33 +0200)]
qom/object: Fix object_child_foreach_recursive() return value
When recursing, the return value of do_object_child_foreach() is not
taken into account.
Cc: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Fixes: d714b8de7747 ("qom: Add recursive version of object_child_for_each")
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200404153340.164861-1-clg@kaod.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pavel Dovgalyuk [Tue, 19 May 2020 10:43:20 +0000 (13:43 +0300)]
icount: fix shift=auto for record/replay
This patch fixes shift=auto when record/replay is enabled.
Now user does not need to guess the best shift value.
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru>
--
v2:
moved icount_time_shift to vmstate subsection
Message-Id: <
158988500050.15192.
692077802469400393.stgit@pasha-ThinkPad-X280>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Igor Mammedov [Mon, 11 May 2020 14:11:03 +0000 (10:11 -0400)]
numa: prevent usage of -M memory-backend and -numa memdev at the same time
Options -M memory-backend and -numa memdev are mutually exclusive,
and if used together, it might lead to a crash in the worst case.
For example when the same backend is used with these options together:
-m 4G \
-object memory-backend-ram,id=mem0,size=4G \
-M pc,memory-backend=mem0 \
-numa node,memdev=mem0
QEMU will abort with:
exec.c:2006: qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed.
and following backtrace:
abort ()
qemu_ram_set_idstr ()
vmstate_register_ram ()
vmstate_register_ram_global ()
machine_consume_memdev ()
numa_init_memdev_container ()
numa_complete_configuration ()
machine_run_board_init ()
add a check to error out in case the user tries to use both options at
the same time.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20200511141103.43768-3-imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Igor Mammedov [Mon, 11 May 2020 14:11:02 +0000 (10:11 -0400)]
vl.c: run preconfig loop before creating default RAM backend
Default RAM backend depends on numa_uses_legacy_mem(), which is
infulenced by -numa options on CLI or set-numa-node QMP command
at preconfig time. If QEMU is started with '-preconfig'
without -numa, it will lead to creating default RAM backend
even if later set-numa-node is used to assing RAM to NUMA nodes
using 'memdev' NUMA option.
That at best will waste RAM object created by default and with
next patch adding a check to prevent usage of conflicting
'-M memory-backend' and '-numa memdev'
options, it will make QEMU error out if user tries to configure
NUMA at preconfig time with memdev option, making set-numa-node
unusable.
To fix issue, move preconfig loop before default RAM backend is
created, so that numa_uses_legacy_mem() would take into account
effects of set-numa-node commands executed at preconfig time.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20200511141103.43768-2-imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 22 Apr 2020 14:38:57 +0000 (10:38 -0400)]
run-coverity-scan: support --update-tools-only --docker
Just build the container when run-coverity-scan is invoked with
--update-tools-only --docker. This requires moving the "docker build"
logic into the update_coverity_tools function.
The only snag is that --update-tools-only --docker requires access to
the dockerfile. For now just report an error for --src-tarball, and
"docker build" will fail if not in a source tree. Another possibility
could be to host our container images on a public registry, and use
"FROM qemu:fedora" to make the Dockerfile small enough that it can be
included directly in the run-coverity-scan script.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 22 Apr 2020 15:49:40 +0000 (11:49 -0400)]
run-coverity-scan: download tools outside the container
This lets us look at coverity_tool.md5 across executions of run-coverity-scan
and skip the download.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 22 Apr 2020 15:43:14 +0000 (11:43 -0400)]
run-coverity-scan: use --no-update-tools in docker run
Tools are already updated via the docker build.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 22 Apr 2020 15:37:55 +0000 (11:37 -0400)]
run-coverity-scan: add --no-update-tools option
Provide a quick way to skip building the container while we figure out how
to get caching right.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 22 Apr 2020 14:38:57 +0000 (10:38 -0400)]
run-coverity-scan: use docker.py
Our trusted docker wrapper allows run-coverity-scan to run with both
docker and podman.
For the "run" phase this is transparent; for the "build" phase however
scripts are replaced with a bind mount (-v). This is not an issue
because the secret option is meant for secrets stored globally in the
system and bind mounts are a valid substitute for secrets that are known
to whoever builds the container.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 22 Apr 2020 14:21:18 +0000 (10:21 -0400)]
run-coverity-scan: get Coverity token and email from special git config section
Support a [coverity] section in .git/config. It can be used to retrieve the
token and also, if it is different from user.email, the username of the
submitter.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 22 Apr 2020 16:19:43 +0000 (12:19 -0400)]
docker.py/build: support binary files in --extra-files
Read the --extra-files in binary mode to avoid encoding errors.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 22 Apr 2020 14:17:08 +0000 (10:17 -0400)]
docker.py/build: support -t and -f arguments
The docker.py command line is subtly different from docker and podman's,
in that the tag and Dockerfile are passed via positional arguments.
Remove this gratuitous difference and just parse -f and -t.
-f was previously used by --extra-files, only keep the long option.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Maydell [Tue, 9 Jun 2020 16:29:47 +0000 (17:29 +0100)]
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/sparc-next-
20200609' into staging
SPARC patches
HW:
- Use UNIMP device instead of EMPTY_SLOT
- Make EMPTY_SLOT similar to UNIMP device
- Map UART devices unconditionally
- Pair of fixes for AHB PnP
- Add trace events to AHB PnP
TCG:
- Improve exception logging
CI:
- https://gitlab.com/philmd/qemu/-/pipelines/
154231191
- https://travis-ci.org/github/philmd/qemu/builds/
696321130
# gpg: Signature made Tue 09 Jun 2020 08:24:09 BST
# gpg: using RSA key
FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* remotes/philmd-gitlab/tags/sparc-next-
20200609:
target/sparc/int32_helper: Extract and use excp_name_str()
target/sparc/int32_helper: Remove DEBUG_PCALL definition
hw/timer/grlib_gptimer: Display frequency in decimal
hw/misc/grlib_ahb_apb_pnp: Add trace events on read accesses
hw/misc/grlib_ahb_apb_pnp: Fix AHB PnP 8-bit accesses
hw/misc/grlib_ahb_apb_pnp: Avoid crash when writing to AHB PnP registers
hw/sparc64/niagara: Remove duplicated NIAGARA_UART_BASE definition
hw/sparc64/niagara: Map the UART device unconditionally
hw/sparc/leon3: Map the UART device unconditionally
hw/misc/empty_slot: Name the slots when created
hw/misc/empty_slot: Move the 'hw/misc' and cover in MAINTAINERS
hw/misc/empty_slot: Convert debug printf() to trace event
hw/misc/empty_slot: Add a 'name' qdev property
hw/misc/empty_slot: Convert 'size' field as qdev property
hw/misc/empty_slot: Lower address space priority
hw/sparc/sun4m: Use UnimplementedDevice for I/O devices
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Philippe Mathieu-Daudé [Tue, 31 Mar 2020 09:49:11 +0000 (11:49 +0200)]
target/sparc/int32_helper: Extract and use excp_name_str()
Improve exception error report:
Before:
qemu: fatal: Trap 0x06 while interrupts disabled, Error state
After:
qemu: fatal: Trap 0x06 (Window Underflow) while interrupts disabled, Error state
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-Id: <
20200331105048.27989-8-f4bug@amsat.org>
Philippe Mathieu-Daudé [Tue, 31 Mar 2020 09:38:15 +0000 (11:38 +0200)]
target/sparc/int32_helper: Remove DEBUG_PCALL definition
We define DEBUG_PCALL since
b884fc5e (2012-10-06).
7.5 years later it is safe to assume we can remove it :)
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-Id: <
20200331105048.27989-7-f4bug@amsat.org>
Philippe Mathieu-Daudé [Tue, 31 Mar 2020 09:38:01 +0000 (11:38 +0200)]
hw/timer/grlib_gptimer: Display frequency in decimal
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-Id: <
20200331105048.27989-6-f4bug@amsat.org>
Philippe Mathieu-Daudé [Tue, 31 Mar 2020 10:02:47 +0000 (12:02 +0200)]
hw/misc/grlib_ahb_apb_pnp: Add trace events on read accesses
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-Id: <
20200331105048.27989-5-f4bug@amsat.org>
Philippe Mathieu-Daudé [Tue, 31 Mar 2020 09:59:49 +0000 (11:59 +0200)]
hw/misc/grlib_ahb_apb_pnp: Fix AHB PnP 8-bit accesses
The Plug & Play region of the AHB/APB bridge can be accessed
by various word size, however the implementation is clearly
restricted to 32-bit:
static uint64_t grlib_ahb_pnp_read(void *opaque, hwaddr offset, unsigned size)
{
AHBPnp *ahb_pnp = GRLIB_AHB_PNP(opaque);
return ahb_pnp->regs[offset >> 2];
}
Similarly to commit
0fbe394a64 with the APB PnP registers,
set the MemoryRegionOps::impl min/max fields to 32-bit, so
memory.c::access_with_adjusted_size() can adjust when the
access is not 32-bit.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-Id: <
20200331105048.27989-4-f4bug@amsat.org>
Philippe Mathieu-Daudé [Tue, 31 Mar 2020 09:56:22 +0000 (11:56 +0200)]
hw/misc/grlib_ahb_apb_pnp: Avoid crash when writing to AHB PnP registers
Similarly to commit
158b659451 with the APB PnP registers, guests
can crash QEMU when writting to the AHB PnP registers:
$ echo 'writeb 0xfffff042 69' | qemu-system-sparc -M leon3_generic -S -bios /etc/magic -qtest stdio
[I
1571938309.932255] OPENED
[R +0.063474] writeb 0xfffff042 69
Segmentation fault (core dumped)
(gdb) bt
#0 0x0000000000000000 in ()
#1 0x0000562999110df4 in memory_region_write_with_attrs_accessor
(mr=mr@entry=0x56299aa28ea0, addr=66, value=value@entry=0x7fff6abe13b8, size=size@entry=1, shift=<optimized out>, mask=mask@entry=255, attrs=...) at memory.c:503
#2 0x000056299911095e in access_with_adjusted_size
(addr=addr@entry=66, value=value@entry=0x7fff6abe13b8, size=size@entry=1, access_size_min=<optimized out>, access_size_max=<optimized out>, access_fn=access_fn@entry=
0x562999110d70 <memory_region_write_with_attrs_accessor>, mr=0x56299aa28ea0, attrs=...) at memory.c:539
#3 0x0000562999114fba in memory_region_dispatch_write (mr=mr@entry=0x56299aa28ea0, addr=66, data=<optimized out>, op=<optimized out>, attrs=attrs@entry=...) at memory.c:1482
#4 0x00005629990c0860 in flatview_write_continue
(fv=fv@entry=0x56299aa7d8a0, addr=addr@entry=
4294963266, attrs=..., ptr=ptr@entry=0x7fff6abe1540, len=len@entry=1, addr1=<optimized out>, l=<optimized out>, mr=0x56299aa28ea0)
at include/qemu/host-utils.h:164
#5 0x00005629990c0a76 in flatview_write (fv=0x56299aa7d8a0, addr=
4294963266, attrs=..., buf=0x7fff6abe1540, len=1) at exec.c:3165
#6 0x00005629990c4c1b in address_space_write (as=<optimized out>, addr=<optimized out>, attrs=..., attrs@entry=..., buf=buf@entry=0x7fff6abe1540, len=len@entry=1) at exec.c:3256
#7 0x000056299910f807 in qtest_process_command (chr=chr@entry=0x5629995ee920 <qtest_chr>, words=words@entry=0x56299acfcfa0) at qtest.c:437
Instead of crashing, log the access as unimplemented.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-Id: <
20200331105048.27989-3-f4bug@amsat.org>
Philippe Mathieu-Daudé [Mon, 8 Jun 2020 17:14:37 +0000 (19:14 +0200)]
hw/sparc64/niagara: Remove duplicated NIAGARA_UART_BASE definition
NIAGARA_UART_BASE is already defined few lines earlier.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200608172144.20461-3-f4bug@amsat.org>
Philippe Mathieu-Daudé [Sun, 1 Dec 2019 20:35:24 +0000 (21:35 +0100)]
hw/sparc64/niagara: Map the UART device unconditionally
The UART is present on the machine regardless there is a
character device connected to it. Map it unconditionally.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200608172144.20461-4-f4bug@amsat.org>
Philippe Mathieu-Daudé [Sun, 1 Dec 2019 20:35:24 +0000 (21:35 +0100)]
hw/sparc/leon3: Map the UART device unconditionally
The UART is present on the chipset regardless there is a
character device connected to it. Map it unconditionally.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-Id: <
20200608172144.20461-2-f4bug@amsat.org>
Philippe Mathieu-Daudé [Mon, 24 Jun 2019 16:55:47 +0000 (18:55 +0200)]
hw/misc/empty_slot: Name the slots when created
Directly set the slot name when creating the device,
to display the device name in trace events.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200510152840.13558-8-f4bug@amsat.org>
Philippe Mathieu-Daudé [Mon, 24 Jun 2019 15:17:32 +0000 (17:17 +0200)]
hw/misc/empty_slot: Move the 'hw/misc' and cover in MAINTAINERS
Add an entry for the 'empty_slot' device.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200510152840.13558-7-f4bug@amsat.org>
Philippe Mathieu-Daudé [Mon, 24 Jun 2019 15:23:48 +0000 (17:23 +0200)]
hw/misc/empty_slot: Convert debug printf() to trace event
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200510152840.13558-6-f4bug@amsat.org>
Philippe Mathieu-Daudé [Mon, 24 Jun 2019 15:23:31 +0000 (17:23 +0200)]
hw/misc/empty_slot: Add a 'name' qdev property
Add a 'name' qdev property so when multiple slots are
accessed, we can notice which one is accessed.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200510152840.13558-5-f4bug@amsat.org>
Philippe Mathieu-Daudé [Mon, 24 Jun 2019 15:19:22 +0000 (17:19 +0200)]
hw/misc/empty_slot: Convert 'size' field as qdev property
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200510152840.13558-4-f4bug@amsat.org>
Philippe Mathieu-Daudé [Mon, 24 Jun 2019 15:20:37 +0000 (17:20 +0200)]
hw/misc/empty_slot: Lower address space priority
Empty slots model RAZ/WI access on a bus. Since we can still
(hot) plug devices on the bus, lower the slot priority, so
device added later is accessed first.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200510152840.13558-3-f4bug@amsat.org>
Philippe Mathieu-Daudé [Mon, 1 Oct 2018 20:27:22 +0000 (22:27 +0200)]
hw/sparc/sun4m: Use UnimplementedDevice for I/O devices
These devices are not slots on a bus, but real I/O devices
that we do not implement. As the ISDN ROM would be a ROMD
device, also model it as UnimplementedDevice.
Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com>
Message-Id: <
20200510152840.13558-2-f4bug@amsat.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Peter Maydell [Mon, 8 Jun 2020 10:04:57 +0000 (11:04 +0100)]
Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-5.1-pull-request' into staging
linux-user pull request
20200605-v2
Implement F_OFD_ fcntl() command, /proc/cpuinfo for hppa
Fix socket(), prnctl() error codes, underflow in target_mremap,
epoll_create() strace, oldumount for alpha
User-mode build dependencies improvement
# gpg: Signature made Sat 06 Jun 2020 14:15:36 BST
# gpg: using RSA key
CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg: issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C
* remotes/vivier2/tags/linux-user-for-5.1-pull-request:
stubs: Restrict ui/win32-kbd-hook to system-mode
hw/core: Restrict CpuClass::get_crash_info() to system-mode
target/s390x: Restrict CpuClass::get_crash_info() to system-mode
target/i386: Restrict CpuClass::get_crash_info() to system-mode
arch_init: Remove unused 'qapi-commands-misc.h' include
exec: Assert CPU migration is not used on user-only build
target/riscv/cpu: Restrict CPU migration to system-mode
stubs/Makefile: Reduce the user-mode object list
util/Makefile: Reduce the user-mode object list
tests/Makefile: Restrict some softmmu-only tests
tests/Makefile: Only display TCG-related tests when TCG is available
configure: Avoid building TCG when not needed
Makefile: Only build virtiofsd if system-mode is enabled
linux-user: implement OFD locks
linux-user/mmap.c: fix integer underflow in target_mremap
linux-user/strace.list: fix epoll_create{,1} -strace output
linux-user: Add support for /proc/cpuinfo on hppa platform
linux-user: return target error codes for socket() and prctl()
linux-user, alpha: fix oldumount syscall
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 5 Jun 2020 22:31:31 +0000 (23:31 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-
20200605' into staging
target-arm queue:
hw/ssi/imx_spi: Handle tx burst lengths other than 8 correctly
hw/input/pxa2xx_keypad: Replace hw_error() by qemu_log_mask()
hw/arm/pxa2xx: Replace printf() call by qemu_log_mask()
target/arm: Convert crypto insns to gvec
hw/adc/stm32f2xx_adc: Correct memory region size and access size
tests/acceptance: Add a boot test for the xlnx-versal-virt machine
docs/system: Document Aspeed boards
raspi: Add model of the USB controller
target/arm: Convert 2-reg-and-shift and 1-reg-imm Neon insns to decodetree
# gpg: Signature made Fri 05 Jun 2020 17:48:39 BST
# gpg: using RSA key
E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-
20200605: (29 commits)
target/arm: Convert Neon one-register-and-immediate insns to decodetree
target/arm: Convert VCVT fixed-point ops to decodetree
target/arm: Convert Neon VSHLL, VMOVL to decodetree
target/arm: Convert Neon narrowing shifts with op==9 to decodetree
target/arm: Convert Neon narrowing shifts with op==8 to decodetree
target/arm: Convert VQSHLU, VQSHL 2-reg-shift insns to decodetree
target/arm: Convert Neon VSRA, VSRI, VRSHR, VRSRA 2-reg-shift insns to decodetree
target/arm: Convert Neon VSHR 2-reg-shift insns to decodetree
target/arm: Convert Neon VSHL and VSLI 2-reg-shift insn to decodetree
raspi2 acceptance test: add test for dwc-hsotg (dwc2) USB host
wire in the dwc-hsotg (dwc2) USB host controller emulation
usb: add short-packet handling to usb-storage driver
dwc-hsotg (dwc2) USB host controller emulation
dwc-hsotg (dwc2) USB host controller state definitions
dwc-hsotg (dwc2) USB host controller register definitions
raspi: add BCM2835 SOC MPHI emulation
docs/system: Document Aspeed boards
tests/acceptance: Add a boot test for the xlnx-versal-virt machine
hw/adc/stm32f2xx_adc: Correct memory region size and access size
target/arm: Split helper_crypto_sm3tt
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:10 +0000 (19:25 +0200)]
stubs: Restrict ui/win32-kbd-hook to system-mode
In Makefile.objs, the ui/ directory is restricted to system-mode:
43 ifeq ($(CONFIG_SOFTMMU),y)
...
65 common-obj-y += ui/
66 common-obj-m += ui/
...
82 endif # CONFIG_SOFTMMU
Restrict the ui/ stub added in commit
2df9f5718df to only build
it for system-mode emulation.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20200522172510.25784-14-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:09 +0000 (19:25 +0200)]
hw/core: Restrict CpuClass::get_crash_info() to system-mode
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-13-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:08 +0000 (19:25 +0200)]
target/s390x: Restrict CpuClass::get_crash_info() to system-mode
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-12-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:07 +0000 (19:25 +0200)]
target/i386: Restrict CpuClass::get_crash_info() to system-mode
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-11-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:06 +0000 (19:25 +0200)]
arch_init: Remove unused 'qapi-commands-misc.h' include
Commit
ffaee83bcb2 moved qmp_query_target but forgot to remove
this include.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-10-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:05 +0000 (19:25 +0200)]
exec: Assert CPU migration is not used on user-only build
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-9-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:04 +0000 (19:25 +0200)]
target/riscv/cpu: Restrict CPU migration to system-mode
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-8-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:03 +0000 (19:25 +0200)]
stubs/Makefile: Reduce the user-mode object list
These stubs are not required when configured with --disable-system.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-7-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:02 +0000 (19:25 +0200)]
util/Makefile: Reduce the user-mode object list
These objects are not required when configured with --disable-system.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-6-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:01 +0000 (19:25 +0200)]
tests/Makefile: Restrict some softmmu-only tests
In the next commit we are going to remove some objects from the
util-obj-y variable (objects which are not used by user-mode,
when configured with --disable-system).
Then some system-mode tests are going to fail, due to the missing
objects:
$ make check-unit -k
LINK tests/test-iov
/usr/bin/ld: tests/test-iov.o: in function `iov_from_buf':
include/qemu/iov.h:49: undefined reference to `iov_from_buf_full'
make: *** [rules.mak:124: tests/test-iov] Error 1
LINK tests/test-timed-average
/usr/bin/ld: tests/test-timed-average.o: in function `account':
tests/test-timed-average.c:27: undefined reference to `timed_average_account'
make: *** [rules.mak:124: tests/test-timed-average] Error 1
LINK tests/test-util-filemonitor
/usr/bin/ld: tests/test-util-filemonitor.o: in function `qemu_file_monitor_test_event_loop':
tests/test-util-filemonitor.c:83: undefined reference to `main_loop_wait'
make: *** [rules.mak:124: tests/test-util-filemonitor] Error 1
LINK tests/test-util-sockets
/usr/bin/ld: tests/test-util-sockets.o: in function `test_socket_fd_pass_name_good':
tests/test-util-sockets.c:91: undefined reference to `socket_connect'
make: *** [rules.mak:124: tests/test-util-sockets] Error 1
LINK tests/test-base64
/usr/bin/ld: tests/test-base64.o: in function `test_base64_good':
tests/test-base64.c:35: undefined reference to `qbase64_decode'
collect2: error: ld returned 1 exit status
make: *** [rules.mak:124: tests/test-base64] Error 1
LINK tests/test-bufferiszero
/usr/bin/ld: tests/test-bufferiszero.o: in function `test_1':
tests/test-bufferiszero.c:31: undefined reference to `buffer_is_zero'
make: *** [rules.mak:124: tests/test-bufferiszero] Error 1
make: Target 'check-unit' not remade because of errors.
Instead, restrict these tests to system-mode, by using the
$(CONFIG_SOFTMMU) variable.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-5-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:25:00 +0000 (19:25 +0200)]
tests/Makefile: Only display TCG-related tests when TCG is available
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-4-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:24:59 +0000 (19:24 +0200)]
configure: Avoid building TCG when not needed
Avoid building TCG when building only tools:
./configure --enable-tools --disable-system --disable-user
This saves us from running the soft-float tests enabled since
commit
76170102508.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-3-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Philippe Mathieu-Daudé [Fri, 22 May 2020 17:24:58 +0000 (19:24 +0200)]
Makefile: Only build virtiofsd if system-mode is enabled
Do not build the virtiofsd helper when configured with
--disable-system.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20200522172510.25784-2-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Andreas Schwab [Mon, 25 May 2020 07:59:28 +0000 (09:59 +0200)]
linux-user: implement OFD locks
Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <mvm7dx0cun3.fsf@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Jonathan Marler [Sat, 2 May 2020 16:12:25 +0000 (10:12 -0600)]
linux-user/mmap.c: fix integer underflow in target_mremap
Fixes: https://bugs.launchpad.net/bugs/1876373
This code path in mmap occurs when a page size is decreased with mremap. When a section of pages is shrunk, qemu calls mmap_reserve on the pages that were released. However, it has the diff operation reversed, subtracting the larger old_size from the smaller new_size. Instead, it should be subtracting the smaller new_size from the larger old_size. You can also see in the previous line of the change that this mmap_reserve call only occurs when old_size > new_size.
Bug: https://bugs.launchpad.net/qemu/+bug/
1876373
Signed-off-by: Jonathan Marler <johnnymarler@gmail.com>
Reviewded-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <
20200502161225.14346-1-johnnymarler@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Sergei Trofimovich [Thu, 16 Apr 2020 17:59:57 +0000 (18:59 +0100)]
linux-user/strace.list: fix epoll_create{,1} -strace output
Fix syscall name and parameters priinter.
Before the change:
```
$ alpha-linux-user/qemu-alpha -strace -L /usr/alpha-unknown-linux-gnu/ /tmp/a
...
1274697 %s(%d)(
2097152,
274903156744,
274903156760,
274905840712,
274877908880,
274903235616) = 3
1274697 exit_group(0)
```
After the change:
```
$ alpha-linux-user/qemu-alpha -strace -L /usr/alpha-unknown-linux-gnu/ /tmp/a
...
1273719 epoll_create1(
2097152) = 3
1273719 exit_group(0)
```
Fixes: 9cbc0578cb6 ("Improve output of various syscalls")
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
CC: Riku Voipio <riku.voipio@iki.fi>
CC: Laurent Vivier <laurent@vivier.eu>
Cc: qemu-stable@nongnu.org
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <
20200416175957.
1274882-1-slyfox@gentoo.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Helge Deller [Fri, 24 Apr 2020 21:06:48 +0000 (23:06 +0200)]
linux-user: Add support for /proc/cpuinfo on hppa platform
Provide our own /proc/cpuinfo file for the hppa (parisc) platform.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <
20200424210648.GA26715@ls3530.fritz.box>
[lv: s/an/our/ and add TARGET_HPPA to guard is_proc()]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Fri, 5 Jun 2020 16:45:59 +0000 (17:45 +0100)]
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-
20200605' into staging
s390x update:
- enhance s390x documentation
- allow ORBs without prefetch specified for vfio-ccw
- various cleanups and enhancements
# gpg: Signature made Fri 05 Jun 2020 16:32:43 BST
# gpg: using RSA key
C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg: issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [marginal]
# gpg: aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg: aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg: aka "Cornelia Huck <cohuck@kernel.org>" [marginal]
# gpg: aka "Cornelia Huck <cohuck@redhat.com>" [marginal]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0 18CE DECF 6B93 C6F0 2FAF
* remotes/cohuck/tags/s390x-
20200605:
target/s390x: Restrict system-mode declarations
target/s390x/helper: Clean ifdef'ry
target/s390x: Only compile decode_basedisp() on system-mode
MAINTAINERS: add Thomas as additional s390x maintainer
docs/s390x: document vfio-ccw
vfio-ccw: allow non-prefetch ORBs
docs/s390x: document 3270
docs/s390x: document the virtual css
s390x: pv: Fix KVM_PV_PREP_RESET command wrapper name
s390x/kvm: help valgrind in several places
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>