Daniel P. Berrangé [Mon, 7 Jun 2021 13:58:40 +0000 (14:58 +0100)]
 
docs: add a table showing x86-64 ABI compatibility levels
It is useful to know which CPUs satisfy each x86-64 ABI
compatibility level, when dealing with guest OS that require
something newer than the baseline ABI.
These ABI levels are defined in:
  https://gitlab.com/x86-psABIs/x86-64-ABI/
and supported by GCC, Clang, glibc and more.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <
20210607135843.196595-2-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Tom Lendacky [Fri, 23 Apr 2021 20:08:19 +0000 (15:08 -0500)]
 
docs/interop/firmware.json: Add SEV-ES support
Create an enum definition, '@amd-sev-es', for SEV-ES and add documention
for the new enum. Add an example that shows some of the requirements for
SEV-ES, including not having SMM support and the requirement for an
X64-only build.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Message-Id: <
b941a7ee105dfeb67607cf2d24dafcb82658b212.
1619208498.git.thomas.lendacky@amd.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Tom Lendacky [Fri, 23 Apr 2021 20:08:18 +0000 (15:08 -0500)]
 
docs: Add SEV-ES documentation to amd-memory-encryption.txt
Update the amd-memory-encryption.txt file with information about SEV-ES,
including how to launch an SEV-ES guest and some of the differences
between SEV and SEV-ES guests in regards to launching and measuring the
guest.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Message-Id: <
fa1825a5eb0290eac4712cde75ba4c6829946eac.
1619208498.git.thomas.lendacky@amd.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Tom Lendacky [Fri, 23 Apr 2021 20:08:17 +0000 (15:08 -0500)]
 
doc: Fix some mistakes in the SEV documentation
Fix some spelling and grammar mistakes in the amd-memory-encryption.txt
file. No new information added.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Message-Id: <
a7c5ee6c056d840f46028f4a817c16a9862bdd9e.
1619208498.git.thomas.lendacky@amd.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Chenyi Qiang [Fri, 21 May 2021 04:38:20 +0000 (12:38 +0800)]
 
i386: Add ratelimit for bus locks acquired in guest
A bus lock is acquired through either split locked access to writeback
(WB) memory or any locked access to non-WB memory. It is typically >1000
cycles slower than an atomic operation within a cache and can also
disrupts performance on other cores.
Virtual Machines can exploit bus locks to degrade the performance of
system. To address this kind of performance DOS attack coming from the
VMs, bus lock VM exit is introduced in KVM and it can report the bus
locks detected in guest. If enabled in KVM, it would exit to the
userspace to let the user enforce throttling policies once bus locks
acquired in VMs.
The availability of bus lock VM exit can be detected through the
KVM_CAP_X86_BUS_LOCK_EXIT. The returned bitmap contains the potential
policies supported by KVM. The field KVM_BUS_LOCK_DETECTION_EXIT in
bitmap is the only supported strategy at present. It indicates that KVM
will exit to userspace to handle the bus locks.
This patch adds a ratelimit on the bus locks acquired in guest as a
mitigation policy.
Introduce a new field "bus_lock_ratelimit" to record the limited speed
of bus locks in the target VM. The user can specify it through the
"bus-lock-ratelimit" as a machine property. In current implementation,
the default value of the speed is 0 per second, which means no
restrictions on the bus locks.
As for ratelimit on detected bus locks, simply set the ratelimit
interval to 1s and restrict the quota of bus lock occurence to the value
of "bus_lock_ratelimit". A potential alternative is to introduce the
time slice as a property which can help the user achieve more precise
control.
The detail of bus lock VM exit can be found in spec:
https://software.intel.com/content/www/us/en/develop/download/intel-architecture-instruction-set-extensions-programming-reference.html
Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <
20210521043820.29678-1-chenyi.qiang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Eduardo Habkost [Thu, 3 Jun 2021 19:15:41 +0000 (15:15 -0400)]
 
Update Linux headers to 5.13-rc4
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <
20210603191541.
2862286-1-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Peter Maydell [Thu, 17 Jun 2021 09:42:57 +0000 (10:42 +0100)]
 
Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-c11-
20210615' into staging
Change to -std=gnu11.
Replace QEMU_GENERIC with _Generic.
Remove configure detect of _Static_assert.
# gpg: Signature made Wed 16 Jun 2021 02:32:32 BST
# gpg:                using RSA key 
7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F
* remotes/rth-gitlab/tags/pull-c11-
20210615:
  configure: Remove probe for _Static_assert
  qemu/compiler: Remove QEMU_GENERIC
  include/qemu/lockable: Use _Generic instead of QEMU_GENERIC
  util: Use unique type for QemuRecMutex in thread-posix.h
  util: Pass file+line to qemu_rec_mutex_unlock_impl
  util: Use real functions for thread-posix QemuRecMutex
  softfloat: Use _Generic instead of QEMU_GENERIC
  configure: Use -std=gnu11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 16 Jun 2021 16:02:30 +0000 (17:02 +0100)]
 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-
20210616' into staging
target-arm queue:
 * hw/intc/arm_gicv3_cpuif: Tolerate spurious EOIR writes
 * handle some UNALLOCATED decode cases correctly rather
   than asserting
 * hw: virt: consider hw_compat_6_0
 * hw/arm: add quanta-gbs-bmc machine
 * hw/intc/armv7m_nvic: Remove stale comment
 * target/arm: Fix mte page crossing test
 * hw/arm: quanta-q71l add pca954x muxes
 * target/arm: First few parts of MVE support
# gpg: Signature made Wed 16 Jun 2021 14:34:49 BST
# gpg:                using RSA key 
E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-
20210616: (25 commits)
  include/qemu/int128.h: Add function to create Int128 from int64_t
  bitops.h: Provide hswap32(), hswap64(), wswap64() swapping operations
  target/arm: Move expand_pred_b() data to vec_helper.c
  target/arm: Add framework for MVE decode
  target/arm: Implement MVE LETP insn
  target/arm: Implement MVE DLSTP
  target/arm: Implement MVE WLSTP insn
  target/arm: Implement MVE LCTP
  target/arm: Let vfp_access_check() handle late NOCP checks
  target/arm: Add handling for PSR.ECI/ICI
  target/arm: Handle VPR semantics in existing code
  target/arm: Enable FPSCR.QC bit for MVE
  target/arm: Provide and use H8 and H1_8 macros
  hw/arm: quanta-q71l add pca954x muxes
  hw/arm: gsj add pca9548
  hw/arm: gsj add i2c comments
  target/arm: Fix mte page crossing test
  hw/intc/armv7m_nvic: Remove stale comment
  hw/arm: quanta-gbs-bmc add i2c comments
  hw/arm: add quanta-gbs-bmc machine
  ...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 14 Jun 2021 15:09:43 +0000 (16:09 +0100)]
 
include/qemu/int128.h: Add function to create Int128 from int64_t
int128_make64() creates an Int128 from an unsigned 64 bit value; add
a function int128_makes64() creating an Int128 from a signed 64 bit
value.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 
20210614151007.4545-34-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:26 +0000 (16:09 +0100)]
 
bitops.h: Provide hswap32(), hswap64(), wswap64() swapping operations
Currently the ARM SVE helper code defines locally some utility
functions for swapping 16-bit halfwords within 32-bit or 64-bit
values and for swapping 32-bit words within 64-bit values,
parallel to the byte-swapping bswap16/32/64 functions.
We want these also for the ARM MVE code, and they're potentially
generally useful for other targets, so move them to bitops.h.
(We don't put them in bswap.h with the bswap* functions because
they are implemented in terms of the rotate operations also
defined in bitops.h, and including bitops.h from bswap.h seems
better avoided.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 
20210614151007.4545-17-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:23 +0000 (16:09 +0100)]
 
target/arm: Move expand_pred_b() data to vec_helper.c
For MVE, we want to re-use the large data table from expand_pred_b().
Move the data table to vec_helper.c so it is no longer in an SVE
specific source file.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-14-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:20 +0000 (16:09 +0100)]
 
target/arm: Add framework for MVE decode
Add the framework for decoding MVE insns, with the necessary new
files and the meson.build rules, but no actual content yet.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-11-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:19 +0000 (16:09 +0100)]
 
target/arm: Implement MVE LETP insn
Implement the MVE LETP insn.  This is like the existing LE loop-end
insn, but it must perform an FPU-enabled check, and on loop-exit it
resets LTPSIZE to 4.
To accommodate the requirement to do something on loop-exit, we drop
the use of condlabel and instead manage both the TB exits manually,
in the same way we already do in trans_WLS().
The other MVE-specific change to the LE insn is that we must raise an
INVSTATE UsageFault insn if LTPSIZE is not 4.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-10-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:18 +0000 (16:09 +0100)]
 
target/arm: Implement MVE DLSTP
Implement the MVE DLSTP insn; this is like the existing DLS
insn, except that it must do an FPU access check and it
sets LTPSIZE to the value specified in the insn.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-9-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:17 +0000 (16:09 +0100)]
 
target/arm: Implement MVE WLSTP insn
Implement the MVE WLSTP insn; this is like the existing WLS insn,
except that it specifies a size value which is used to set
FPSCR.LTPSIZE.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-8-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:16 +0000 (16:09 +0100)]
 
target/arm: Implement MVE LCTP
Implement the MVE LCTP instruction.
We put its decode and implementation with the other
low-overhead-branch insns because although it is only present if MVE
is implemented it is logically in the same group as the other LOB
insns.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-7-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:15 +0000 (16:09 +0100)]
 
target/arm: Let vfp_access_check() handle late NOCP checks
In commit 
a3494d4671797c we reworked the M-profile handling of its
checks for when the NOCP exception should be raised because the FPU
is disabled, so that (in line with the architecture) the NOCP check
is done early over a large range of the encoding space, and takes
precedence over UNDEF exceptions.  As part of this, we removed the
code from full_vfp_access_check() which raised an exception there for
M-profile with the FPU disabled, because it was no longer reachable.
For MVE, some instructions which are outside the "coprocessor space"
region of the encoding space must nonetheless do "is the FPU enabled"
checks and possibly raise a NOCP exception.  (In particular this
covers the MVE-specific low-overhead branch insns LCTP, DLSTP and
WLSTP.) To support these insns, reinstate the code in
full_vfp_access_check(), so that their trans functions can call
vfp_access_check() and get the correct behaviour.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-6-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:14 +0000 (16:09 +0100)]
 
target/arm: Add handling for PSR.ECI/ICI
On A-profile, PSR bits [15:10][26:25] are always the IT state bits.
On M-profile, some of the reserved encodings of the IT state are used
to instead indicate partial progress through instructions that were
interrupted partway through by an exception and can be resumed.
These resumable instructions fall into two categories:
(1) load/store multiple instructions, where these bits are called
"ICI" and specify the register in the ldm/stm list where execution
should resume.  (Specifically: LDM, STM, VLDM, VSTM, VLLDM, VLSTM,
CLRM, VSCCLRM.)
(2) MVE instructions subject to beatwise execution, where these bits
are called "ECI" and specify which beats in this and possibly also
the following MVE insn have been executed.
There are also a few insns (LE, LETP, and BKPT) which do not use the
ICI/ECI bits but must leave them alone.
Otherwise, we should raise an INVSTATE UsageFault for any attempt to
execute an insn with non-zero ICI/ECI bits.
So far we have been able to ignore ECI/ICI, because the architecture
allows the IMPDEF choice of "always restart load/store multiple from
the beginning regardless of ICI state", so the only thing we have
been missing is that we don't raise the INVSTATE fault for bad guest
code.  However, MVE requires that we honour ECI bits and do not
rexecute beats of an insn that have already been executed.
Add the support in the decoder for handling ECI/ICI:
 * identify the ECI/ICI case in the CONDEXEC TB flags
 * when a load/store multiple insn succeeds, it updates the ECI/ICI
   state (both in DisasContext and in the CPU state), and sets a flag
   to say that the ECI/ICI state was handled
 * if we find that the insn we just decoded did not handle the
   ECI/ICI state, we delete all the code that we just generated for
   it and instead emit the code to raise the INVFAULT.  This allows
   us to avoid having to update every non-MVE non-LDM/STM insn to
   make it check for "is ECI/ICI set?".
We continue with our existing IMPDEF choice of not caring about the
ICI state for the load/store multiples and simply restarting them
from the beginning.  Because we don't allow interrupts in the middle
of an insn, the only way we would see this state is if the guest set
ICI manually on return from an exception handler, so it's a corner
case which doesn't merit optimisation.
ICI update for LDM/STM is simple -- it always zeroes the state.  ECI
update for MVE beatwise insns will be a little more complex, since
the ECI state may include information for the following insn.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-5-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:13 +0000 (16:09 +0100)]
 
target/arm: Handle VPR semantics in existing code
When MVE is supported, the VPR register has a place on the exception
stack frame in a previously reserved slot just above the FPSCR.
It must also be zeroed in various situations when we invalidate
FPU context.
Update the code which handles the stack frames (exception entry and
exit code, VLLDM, and VLSTM) to save/restore VPR.
Update code which invalidates FP registers (mostly also exception
entry and exit code, but also VSCCLRM and the code in
full_vfp_access_check() that corresponds to the ExecuteFPCheck()
pseudocode) to zero VPR.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-4-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:12 +0000 (16:09 +0100)]
 
target/arm: Enable FPSCR.QC bit for MVE
MVE has an FPSCR.QC bit similar to the A-profile Neon one; when MVE
is implemented make the bit writeable, both in the generic "load and
store FPSCR" helper functions and in the code for handling the NZCVQC
sysreg which we had previously left as "TODO when we implement MVE".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-3-peter.maydell@linaro.org
Peter Maydell [Mon, 14 Jun 2021 15:09:11 +0000 (16:09 +0100)]
 
target/arm: Provide and use H8 and H1_8 macros
Currently we provide Hn and H1_n macros for accessing the correct
data within arrays of vector elements of size 1, 2 and 4, accounting
for host endianness.  We don't provide any macros for elements of
size 8 because there the host endianness doesn't matter.  However,
this does result in awkwardness where we need to pass empty arguments
to macros, because checkpatch complains about them.  The empty
argument is a little confusing for humans to read as well.
Add H8() and H1_8() macros and use them where we were previously
passing empty arguments to macros.
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614151007.4545-2-peter.maydell@linaro.org
Message-id: 
20210610132505.5827-1-peter.maydell@linaro.org
Patrick Venture [Tue, 8 Jun 2021 20:25:22 +0000 (13:25 -0700)]
 
hw/arm: quanta-q71l add pca954x muxes
Adds the pca954x muxes expected.
Tested: Booted quanta-q71l image to userspace.
Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-id: 
20210608202522.
2677850-4-venture@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Patrick Venture [Tue, 8 Jun 2021 20:25:21 +0000 (13:25 -0700)]
 
hw/arm: gsj add pca9548
Tested: Quanta-gsj firmware booted.
i2c /dev entries driver
I2C init bus 1 freq 100000
I2C init bus 2 freq 100000
I2C init bus 3 freq 100000
I2C init bus 4 freq 100000
I2C init bus 8 freq 100000
I2C init bus 9 freq 100000
at24 9-0055: 8192 byte 24c64 EEPROM, writable, 1 bytes/write
I2C init bus 10 freq 100000
at24 10-0055: 8192 byte 24c64 EEPROM, writable, 1 bytes/write
I2C init bus 12 freq 100000
I2C init bus 15 freq 100000
i2c i2c-15: Added multiplexed i2c bus 16
i2c i2c-15: Added multiplexed i2c bus 17
i2c i2c-15: Added multiplexed i2c bus 18
i2c i2c-15: Added multiplexed i2c bus 19
i2c i2c-15: Added multiplexed i2c bus 20
i2c i2c-15: Added multiplexed i2c bus 21
i2c i2c-15: Added multiplexed i2c bus 22
i2c i2c-15: Added multiplexed i2c bus 23
pca954x 15-0075: registered 8 multiplexed busses for I2C switch pca9548
Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-id: 
20210608202522.
2677850-3-venture@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Patrick Venture [Tue, 8 Jun 2021 20:25:20 +0000 (13:25 -0700)]
 
hw/arm: gsj add i2c comments
Adds comments to the board init to identify missing i2c devices.
Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-id: 
20210608202522.
2677850-2-venture@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Sat, 12 Jun 2021 19:57:07 +0000 (12:57 -0700)]
 
target/arm: Fix mte page crossing test
The test was off-by-one, because tag_last points to the
last byte of the tag to check, thus tag_last - prev_page
will equal TARGET_PAGE_SIZE when we use the first byte
of the next page.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/403
Reported-by: Peter Collingbourne <pcc@google.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210612195707.840217-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 16 Jun 2021 13:32:43 +0000 (14:32 +0100)]
 
Merge remote-tracking branch 'remotes/kraxel/tags/vga-
20210615-pull-request' into staging
vga: fixes for stdvga, vhost-user-gpu and virtio-gpu.
# gpg: Signature made Tue 15 Jun 2021 18:40:11 BST
# gpg:                using RSA key 
A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138
* remotes/kraxel/tags/vga-
20210615-pull-request:
  virtio-gpu: move scanout_id sanity check
  vhost-user-gpu: reorder free calls.
  vga: Allow writing VBE_DISPI_ID5 to ID register
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 23:31:43 +0000 (16:31 -0700)]
 
configure: Remove probe for _Static_assert
_Static_assert is part of C11, which is now required.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210614233143.
1221879-9-richard.henderson@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 23:31:42 +0000 (16:31 -0700)]
 
qemu/compiler: Remove QEMU_GENERIC
All previous users now use C11 _Generic.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210614233143.
1221879-8-richard.henderson@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 23:31:41 +0000 (16:31 -0700)]
 
include/qemu/lockable: Use _Generic instead of QEMU_GENERIC
This is both more and less complicated than our expansion
using __builtin_choose_expr and __builtin_types_compatible_p.
The expansion through QEMU_MAKE_LOCKABLE_ doesn't work because
we're not emumerating all of the types within the same _Generic,
which results in errors about unhandled cases.  We must also
handle void* explicitly, so that the NULL constant can be used.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210614233143.
1221879-7-richard.henderson@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 23:31:40 +0000 (16:31 -0700)]
 
util: Use unique type for QemuRecMutex in thread-posix.h
We will shortly convert lockable.h to _Generic, and we cannot
have two compatible types in the same expansion.  Wrap QemuMutex
in a struct, and unwrap in qemu-thread-posix.c.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210614233143.
1221879-6-richard.henderson@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 23:31:39 +0000 (16:31 -0700)]
 
util: Pass file+line to qemu_rec_mutex_unlock_impl
Create macros for file+line expansion in qemu_rec_mutex_unlock
like we have for qemu_mutex_unlock.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210614233143.
1221879-5-richard.henderson@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 23:31:38 +0000 (16:31 -0700)]
 
util: Use real functions for thread-posix QemuRecMutex
Move the declarations from thread-win32.h into thread.h
and remove the macro redirection from thread-posix.h.
This will be required by following cleanups.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210614233143.
1221879-4-richard.henderson@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 23:31:37 +0000 (16:31 -0700)]
 
softfloat: Use _Generic instead of QEMU_GENERIC
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210614233143.
1221879-3-richard.henderson@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 23:31:36 +0000 (16:31 -0700)]
 
configure: Use -std=gnu11
Now that the minimum gcc version is 7.5, we can use C11.
This will allow lots of cleanups to the code, currently
hidden behind macros in include/qemu/compiler.h.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210614233143.
1221879-2-richard.henderson@linaro.org>
Peter Maydell [Tue, 15 Jun 2021 15:33:05 +0000 (16:33 +0100)]
 
Merge remote-tracking branch 'remotes/stefanberger/tags/pull-tpm-2021-06-15-1' into staging
Merge tpm 2021/06/15 v1
# gpg: Signature made Tue 15 Jun 2021 16:09:31 BST
# gpg:                using RSA key 
B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211
* remotes/stefanberger/tags/pull-tpm-2021-06-15-1:
  tpm: Return QMP error when TPM is disabled in build
  sysemu: Make TPM structures inaccessible if CONFIG_TPM is not defined
  acpi: Eliminate all TPM related code if CONFIG_TPM is not set
  arm: Eliminate all TPM related code if CONFIG_TPM is not set
  i386: Eliminate all TPM related code if CONFIG_TPM is not set
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 14 Jun 2021 16:12:43 +0000 (17:12 +0100)]
 
hw/intc/armv7m_nvic: Remove stale comment
In commit 
da6d674e509f0939b we split the NVIC code out from the GIC.
This allowed us to specify the NVIC's default value for the num-irq
property (64) in the usual way in its property list, and we deleted
the previous hack where we updated the value in the state struct in
the instance init function.  Remove a stale comment about that hack
which we forgot to delete at that time.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 
20210614161243.14211-1-peter.maydell@linaro.org
Patrick Venture [Tue, 8 Jun 2021 19:36:05 +0000 (12:36 -0700)]
 
hw/arm: quanta-gbs-bmc add i2c comments
Add a comment and i2c method that describes the board layout.
Tested: firmware booted to userspace.
Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Brandon Kim <brandonkim@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Message-id: 
20210608193605.
2611114-3-venture@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Patrick Venture [Tue, 8 Jun 2021 19:36:04 +0000 (12:36 -0700)]
 
hw/arm: add quanta-gbs-bmc machine
Adds initial quanta-gbs-bmc machine support.
Tested: Boots to userspace.
Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Brandon Kim <brandonkim@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Message-id: 
20210608193605.
2611114-2-venture@google.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Heinrich Schuchardt [Thu, 10 Jun 2021 18:34:59 +0000 (20:34 +0200)]
 
hw: virt: consider hw_compat_6_0
virt-6.0 must consider hw_compat_6_0.
Fixes: da7e13c00b59 ("hw: add compat machines for 6.1")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Message-id: 
20210610183500.54207-1-xypron.glpk@gmx.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 15:34:06 +0000 (16:34 +0100)]
 
target/arm: Diagnose UNALLOCATED in disas_simd_three_reg_same_fp16
This fprintf+assert has been in place since the beginning.
It is after to the fp_access_check, so we need to move the
check up.  Fold that in to the pairwise filter.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 
20210604183506.916654-4-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 15:34:06 +0000 (16:34 +0100)]
 
target/arm: Remove fprintf from disas_simd_mod_imm
The default of this switch is truly unreachable.
The switch selector is 3 bits, and all 8 cases are present.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 
20210604183506.916654-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Mon, 14 Jun 2021 15:34:06 +0000 (16:34 +0100)]
 
target/arm: Diagnose UNALLOCATED in disas_simd_two_reg_misc_fp16
This fprintf+assert has been in place since the beginning.
It is prior to the fp_access_check, so we're still good to
raise sigill here.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/381
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 
20210604183506.916654-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Jean-Philippe Brucker [Mon, 14 Jun 2021 15:34:05 +0000 (16:34 +0100)]
 
hw/intc/arm_gicv3_cpuif: Tolerate spurious EOIR writes
Commit 
382c7160d1cd ("hw/intc/arm_gicv3_cpuif: Fix EOIR write access
check logic") added an assert_not_reached() if the guest writes the EOIR
register while no interrupt is active.
It turns out some software does this: EDK2, in
GicV3ExitBootServicesEvent(), unconditionally write EOIR for all
interrupts that it manages. This now causes QEMU to abort when running
UEFI on a VM with GICv3. Although it is UNPREDICTABLE behavior and EDK2
does need fixing, the punishment seems a little harsh, especially since
icc_eoir_write() already tolerates writes of nonexistent interrupt
numbers. Display a guest error and tolerate spurious EOIR writes.
Fixes: 382c7160d1cd ("hw/intc/arm_gicv3_cpuif: Fix EOIR write access check logic")
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 
20210604130352.
1887560-1-jean-philippe@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Philippe Mathieu-Daudé [Tue, 15 Jun 2021 14:21:21 +0000 (16:21 +0200)]
 
tpm: Return QMP error when TPM is disabled in build
When the management layer queries a binary built using --disable-tpm
for TPM devices, it gets confused by getting empty responses:
  { "execute": "query-tpm" }
  {
      "return": [
      ]
  }
  { "execute": "query-tpm-types" }
  {
      "return": [
      ]
  }
  { "execute": "query-tpm-models" }
  {
      "return": [
      ]
  }
To make it clearer by returning an error:
- Make the TPM QAPI schema conditional
  All of tpm.json is now 'if': 'defined(CONFIG_TPM)'.
- Adapt the HMP command
- Remove stubs which became unnecessary
The management layer now gets a 'CommandNotFound' error:
  { "execute": "query-tpm" }
  {
      "error": {
          "class": "CommandNotFound",
          "desc": "The command query-tpm has not been found"
      }
  }
Suggested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Tue, 15 Jun 2021 14:21:20 +0000 (16:21 +0200)]
 
sysemu: Make TPM structures inaccessible if CONFIG_TPM is not defined
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20210614191335.
1968807-5-stefanb@linux.ibm.com>
[PMD: Remove tpm_init() / tpm_cleanup() stubs]
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Stefan Berger [Tue, 15 Jun 2021 14:21:19 +0000 (16:21 +0200)]
 
acpi: Eliminate all TPM related code if CONFIG_TPM is not set
Cc: M: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20210614191335.
1968807-4-stefanb@linux.ibm.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Stefan Berger [Tue, 15 Jun 2021 14:21:18 +0000 (16:21 +0200)]
 
arm: Eliminate all TPM related code if CONFIG_TPM is not set
Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20210614191335.
1968807-3-stefanb@linux.ibm.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Stefan Berger [Tue, 15 Jun 2021 14:21:17 +0000 (16:21 +0200)]
 
i386: Eliminate all TPM related code if CONFIG_TPM is not set
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20210614191335.
1968807-2-stefanb@linux.ibm.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Gerd Hoffmann [Fri, 4 Jun 2021 07:50:29 +0000 (09:50 +0200)]
 
virtio-gpu: move scanout_id sanity check
Checking scanout_id in virtio_gpu_do_set_scanout() is too late, for the
"resource_id == 0" case (aka disable scanout) the scanout_id is used
unchecked.  Move the check into the callers to fix that.
Fixes: e64d4b6a9bc3 ("virtio-gpu: Refactor virtio_gpu_set_scanout")
Fixes: 32db3c63ae11 ("virtio-gpu: Add virtio_gpu_set_scanout_blob")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/383
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Vivek Kasireddy <vivek.kasireddy@intel.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Message-Id: <
20210604075029.
1201478-1-kraxel@redhat.com>
Gerd Hoffmann [Fri, 4 Jun 2021 10:37:14 +0000 (12:37 +0200)]
 
vhost-user-gpu: reorder free calls.
Free in correct order to avoid use-after-free.
Resolves: CID 
1453812
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20210604103714.
1237414-1-kraxel@redhat.com>
Dennis Wölfing [Mon, 7 Jun 2021 11:53:03 +0000 (13:53 +0200)]
 
vga: Allow writing VBE_DISPI_ID5 to ID register
The highest VBE_DISPI_INDEX_ID version supported by QEMU is
VBE_DISPI_ID5. But currently QEMU only allows writing values up to
VBE_DISPI_ID4 to the VBE_DISPI_INDEX_ID register.
As a result of this when a lower version is written to this register and
later VBE_DISPI_ID5 is written back, reads from the register will
continue to report the lower version.
Indeed SeaBIOS is doing that during VGA initialization which causes
guests to always read VBE_DISPI_ID0 instead of the correct version.
Signed-off-by: Dennis Wölfing <denniswoelfing@gmx.de>
Message-Id: <
20210607115303.228659-1-denniswoelfing@gmx.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Peter Maydell [Mon, 14 Jun 2021 14:59:13 +0000 (15:59 +0100)]
 
Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-fixes-pull-request' into staging
Merge misc patches
# gpg: Signature made Mon 14 Jun 2021 15:14:48 BST
# gpg:                using RSA key 
DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF
* remotes/berrange-gitlab/tags/misc-fixes-pull-request:
  usb/dev-mtp: use GDateTime for formatting timestamp for objects
  block: use GDateTime for formatting timestamp when dumping snapshot info
  migration: use GDateTime for formatting timestamp in snapshot names
  block: remove duplicate trace.h include
  block: add trace point when fdatasync fails
  block: preserve errno from fdatasync failures
  softmmu: add trace point when bdrv_flush_all fails
  migration: add trace point when vm_stop_force_state fails
  sasl: remove comment about obsolete kerberos versions
  docs: recommend SCRAM-SHA-256 SASL mech instead of SHA-1 variant
  docs: document usage of the authorization framework
  docs: document how to pass secret data to QEMU
  docs: add table of contents to QAPI references
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Daniel P. Berrangé [Fri, 30 Apr 2021 11:59:06 +0000 (12:59 +0100)]
 
usb/dev-mtp: use GDateTime for formatting timestamp for objects
The GDateTime APIs provided by GLib avoid portability pitfalls, such
as some platforms where 'struct timeval.tv_sec' field is still 'long'
instead of 'time_t'. When combined with automatic cleanup, GDateTime
often results in simpler code too.
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Fri, 30 Apr 2021 11:59:06 +0000 (12:59 +0100)]
 
block: use GDateTime for formatting timestamp when dumping snapshot info
The GDateTime APIs provided by GLib avoid portability pitfalls, such
as some platforms where 'struct timeval.tv_sec' field is still 'long'
instead of 'time_t'. When combined with automatic cleanup, GDateTime
often results in simpler code too.
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Fri, 30 Apr 2021 11:59:06 +0000 (12:59 +0100)]
 
migration: use GDateTime for formatting timestamp in snapshot names
The GDateTime APIs provided by GLib avoid portability pitfalls, such
as some platforms where 'struct timeval.tv_sec' field is still 'long'
instead of 'time_t'. When combined with automatic cleanup, GDateTime
often results in simpler code too.
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Thu, 15 Apr 2021 13:50:07 +0000 (14:50 +0100)]
 
block: remove duplicate trace.h include
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Thu, 15 Apr 2021 13:28:16 +0000 (14:28 +0100)]
 
block: add trace point when fdatasync fails
A flush failure is a critical failure scenario for some operations.
For example, it will prevent migration from completing, as it will
make vm_stop() report an error. Thus it is important to have a
trace point present for debugging.
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Thu, 15 Apr 2021 13:28:16 +0000 (14:28 +0100)]
 
block: preserve errno from fdatasync failures
When fdatasync() fails on a file backend we set a flag that
short-circuits any future attempts to call fdatasync(). The
first failure returns the true errno, but the later short-
circuited calls return a generic EIO. The latter is unhelpful
because fdatasync() can return a variety of errnos, including
EACCESS.
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Thu, 15 Apr 2021 13:33:51 +0000 (14:33 +0100)]
 
softmmu: add trace point when bdrv_flush_all fails
The VM stop process has to flush outstanding I/O and this is a critical
failure scenario that is hard to diagnose. Add a probe point that
records the flush return code.
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Thu, 15 Apr 2021 13:33:51 +0000 (14:33 +0100)]
 
migration: add trace point when vm_stop_force_state fails
This is a critical failure scenario for migration that is hard to
diagnose from existing probes. Most likely it is caused by an error
from bdrv_flush(), but we're not logging the errno anywhere, hence
this new probe.
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Thu, 4 Mar 2021 18:15:20 +0000 (18:15 +0000)]
 
sasl: remove comment about obsolete kerberos versions
This is not relevant to any OS distro that QEMU currently targets.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Thu, 4 Mar 2021 18:14:26 +0000 (18:14 +0000)]
 
docs: recommend SCRAM-SHA-256 SASL mech instead of SHA-1 variant
The SHA-256 variant better meats modern security expectations.
Also warn that the password file is storing entries in clear
text.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Fri, 14 May 2021 17:20:30 +0000 (18:20 +0100)]
 
docs: document usage of the authorization framework
The authorization framework provides a way to control access to network
services after a client has been authenticated. This documents how to
actually use it.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Tue, 23 Feb 2021 15:35:45 +0000 (15:35 +0000)]
 
docs: document how to pass secret data to QEMU
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé [Tue, 11 May 2021 09:23:52 +0000 (10:23 +0100)]
 
docs: add table of contents to QAPI references
The QAPI reference docs for the guest agent, storage daemon and QMP are
all rather long and hard to navigate unless you already know the name of
the command and can do full text search for it.
A table of contents in each doc will help people locate stuff much more
easily.
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Peter Maydell [Mon, 14 Jun 2021 09:25:37 +0000 (10:25 +0100)]
 
Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-tcg-
20210613' into staging
Clean up code_gen_buffer allocation.
Add tcg_remove_ops_after.
Fix tcg_constant_* documentation.
Improve TB chaining documentation.
Fix float32_exp2.
Fix arm tcg_out_op function signature.
# gpg: Signature made Mon 14 Jun 2021 02:12:35 BST
# gpg:                using RSA key 
7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F
* remotes/rth-gitlab/tags/pull-tcg-
20210613: (34 commits)
  docs/devel: Explain in more detail the TB chaining mechanisms
  softfloat: Fix tp init in float32_exp2
  tcg/arm: Fix tcg_out_op function signature
  tcg: Fix documentation for tcg_constant_* vs tcg_temp_free_*
  tcg: Introduce tcg_remove_ops_after
  tcg: Move tcg_init_ctx and tcg_ctx from accel/tcg/
  tcg: When allocating for !splitwx, begin with PROT_NONE
  tcg: Merge buffer protection and guard page protection
  tcg: Round the tb_size default from qemu_get_host_physmem
  util/osdep: Add qemu_mprotect_rw
  tcg: Sink qemu_madvise call to common code
  tcg: Return the map protection from alloc_code_gen_buffer
  tcg: Allocate code_gen_buffer into struct tcg_region_state
  tcg: Move in_code_gen_buffer and tests to region.c
  tcg: Tidy split_cross_256mb
  tcg: Tidy tcg_n_regions
  tcg: Rename region.start to region.after_prologue
  tcg: Replace region.end with region.total_size
  tcg: Move MAX_CODE_GEN_BUFFER_SIZE to tcg-target.h
  tcg: Introduce tcg_max_ctxs
  ...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Luis Pires [Tue, 1 Jun 2021 12:51:43 +0000 (09:51 -0300)]
 
docs/devel: Explain in more detail the TB chaining mechanisms
Signed-off-by: Luis Pires <luis.pires@eldorado.org.br>
Message-Id: <
20210601125143.191165-1-luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Mon, 7 Jun 2021 22:38:12 +0000 (15:38 -0700)]
 
softfloat: Fix tp init in float32_exp2
Typo in the conversion to FloatParts64.
Fixes: 572c4d862ff2
Fixes: Coverity CID 1457457
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20210607223812.110596-1-richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Jose R. Ziviani [Thu, 10 Jun 2021 22:44:50 +0000 (19:44 -0300)]
 
tcg/arm: Fix tcg_out_op function signature
Commit 
5e8892db93 fixed several function signatures but tcg_out_op for
arm is missing. This patch fixes it as well.
Signed-off-by: Jose R. Ziviani <jziviani@suse.de>
Message-Id: <
20210610224450.23425-1-jziviani@suse.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Thu, 10 Jun 2021 16:32:40 +0000 (09:32 -0700)]
 
tcg: Fix documentation for tcg_constant_* vs tcg_temp_free_*
At some point during the development of tcg_constant_*, I changed
my mind about whether such temps should be able to be passed to
tcg_temp_free_*.  The final version committed allows this, but the
commentary was not updated to match.
Fixes: c0522136adf
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Fri, 4 Jun 2021 21:26:45 +0000 (14:26 -0700)]
 
tcg: Introduce tcg_remove_ops_after
Introduce a function to remove everything emitted
since a given point.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Sat, 13 Mar 2021 19:36:51 +0000 (13:36 -0600)]
 
tcg: Move tcg_init_ctx and tcg_ctx from accel/tcg/
These variables belong to the jit side, not the user side.
Since tcg_init_ctx is no longer used outside of tcg/, move
the declaration to tcg-internal.h.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Suggested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 23:41:26 +0000 (17:41 -0600)]
 
tcg: When allocating for !splitwx, begin with PROT_NONE
There's a change in mprotect() behaviour [1] in the latest macOS
on M1 and it's not yet clear if it's going to be fixed by Apple.
In this case, instead of changing permissions of N guard pages,
we change permissions of N rwx regions.  The same number of
syscalls are required either way.
[1] https://gist.github.com/hikalium/
75ae822466ee4da13cbbe486498a191f
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 23:27:49 +0000 (17:27 -0600)]
 
tcg: Merge buffer protection and guard page protection
Do not handle protections on a case-by-case basis in the
various alloc_code_gen_buffer instances; do it within a
single loop in tcg_region_init.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Sun, 14 Mar 2021 19:32:18 +0000 (13:32 -0600)]
 
tcg: Round the tb_size default from qemu_get_host_physmem
If qemu_get_host_physmem returns an odd number of pages,
then physmem / 8 will not be a multiple of the page size.
The following was observed on a gitlab runner:
ERROR qtest-arm/boot-serial-test - Bail out!
ERROR:../util/osdep.c:80:qemu_mprotect__osdep: \
  assertion failed: (!(size & ~qemu_real_host_page_mask))
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 23:47:33 +0000 (17:47 -0600)]
 
util/osdep: Add qemu_mprotect_rw
For --enable-tcg-interpreter on Windows, we will need this.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 23:01:46 +0000 (17:01 -0600)]
 
tcg: Sink qemu_madvise call to common code
Move the call out of the N versions of alloc_code_gen_buffer
and into tcg_region_init.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 19:59:37 +0000 (13:59 -0600)]
 
tcg: Return the map protection from alloc_code_gen_buffer
Change the interface from a boolean error indication to a
negative error vs a non-negative protection.  For the moment
this is only interface change, not making use of the new data.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 18:34:27 +0000 (12:34 -0600)]
 
tcg: Allocate code_gen_buffer into struct tcg_region_state
Do not mess around with setting values within tcg_init_ctx.
Put the values into 'region' directly, which is where they
will live for the lifetime of the program.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Sat, 13 Mar 2021 18:29:28 +0000 (12:29 -0600)]
 
tcg: Move in_code_gen_buffer and tests to region.c
Shortly, the full code_gen_buffer will only be visible
to region.c, so move in_code_gen_buffer out-of-line.
Move the debugging versions of tcg_splitwx_to_{rx,rw}
to region.c as well, so that the compiler gets to see
the implementation of in_code_gen_buffer.
This leaves exactly one use of in_code_gen_buffer outside
of region.c, in cpu_restore_state.  Which, being on the
exception path, is not performance critical.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 17:16:27 +0000 (11:16 -0600)]
 
tcg: Tidy split_cross_256mb
Return output buffer and size via output pointer arguments,
rather than returning size via tcg_ctx->code_gen_buffer_size.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 17:06:17 +0000 (11:06 -0600)]
 
tcg: Tidy tcg_n_regions
Compute the value using straight division and bounds,
rather than a loop.  Pass in tb_size rather than reading
from tcg_init_ctx.code_gen_buffer_size,
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Sat, 13 Mar 2021 18:20:54 +0000 (12:20 -0600)]
 
tcg: Rename region.start to region.after_prologue
Give the field a name reflecting its actual meaning.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 16:35:05 +0000 (10:35 -0600)]
 
tcg: Replace region.end with region.total_size
A size is easier to work with than an end point,
particularly during initial buffer allocation.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 05:30:38 +0000 (23:30 -0600)]
 
tcg: Move MAX_CODE_GEN_BUFFER_SIZE to tcg-target.h
Remove the ifdef ladder and move each define into the
appropriate header file.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 05:06:32 +0000 (23:06 -0600)]
 
tcg: Introduce tcg_max_ctxs
Finish the divorce of tcg/ from hw/, and do not take
the max cpu value from MachineState; just remember what
we were passed in tcg_init.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Wed, 10 Mar 2021 04:52:45 +0000 (22:52 -0600)]
 
accel/tcg: Pass down max_cpus to tcg_init
Start removing the include of hw/boards.h from tcg/.
Pass down the max_cpus value from tcg_init_machine,
where we have the MachineState already.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Thu, 3 Jun 2021 20:32:11 +0000 (13:32 -0700)]
 
accel/tcg: Use MiB in tcg_init_machine
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 23:42:16 +0000 (17:42 -0600)]
 
accel/tcg: Merge tcg_exec_init into tcg_init_machine
There is only one caller, and shortly we will need access
to the MachineState, which tcg_init_machine already has.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 23:24:33 +0000 (17:24 -0600)]
 
tcg: Create tcg_init
Perform both tcg_context_init and tcg_region_init.
Do not leave this split to the caller.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 23:22:23 +0000 (17:22 -0600)]
 
accel/tcg: Rename tcg_init to tcg_init_machine
We shortly want to use tcg_init for something else.
Since the hook is called init_machine, match that.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 23:02:48 +0000 (17:02 -0600)]
 
accel/tcg: Move alloc_code_gen_buffer to tcg/region.c
Buffer management is integral to tcg.  Do not leave the allocation
to code outside of tcg/.  This is code movement, with further
cleanups to follow.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 22:40:37 +0000 (16:40 -0600)]
 
accel/tcg: Inline cpu_gen_init
It consists of one function call and has only one caller.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 22:24:14 +0000 (16:24 -0600)]
 
tcg: Split out region.c
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 22:33:15 +0000 (16:33 -0600)]
 
tcg: Split out tcg_region_prologue_set
This has only one user, but will make more sense after some
code motion.
Always leave the tcg_init_ctx initialized to the first region,
in preparation for tcg_prologue_init().  This also requires
that we don't re-allocate the region for the first cpu, lest
we hit the assertion for total number of regions allocated .
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 18:27:05 +0000 (12:27 -0600)]
 
tcg: Split out tcg_region_initial_alloc
This has only one user, and currently needs an ifdef,
but will make more sense after some code motion.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 17:45:19 +0000 (11:45 -0600)]
 
tcg: Remove error return from tcg_region_initial_alloc__locked
All callers immediately assert on error, so move the assert
into the function itself.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 9 Mar 2021 16:45:58 +0000 (08:45 -0800)]
 
tcg: Re-order tcg_region_init vs tcg_prologue_init
Instead of delaying tcg_region_init until after tcg_prologue_init
is complete, do tcg_region_init first and let tcg_prologue_init
shrink the first region by the size of the generated prologue.
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Mon, 8 Mar 2021 20:15:06 +0000 (12:15 -0800)]
 
meson: Split out fpu/meson.build
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Mon, 8 Mar 2021 20:04:33 +0000 (12:04 -0800)]
 
meson: Split out tcg/meson.build
Reviewed-by: Luis Pires <luis.pires@eldorado.org.br>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>