qemu.git
2 years agovirtio-crypto-pci: add check for cryptodev object
Gonglei [Thu, 22 Dec 2016 03:12:40 +0000 (11:12 +0800)] 
virtio-crypto-pci: add check for cryptodev object

We must assure each virtio crypto pci device has
an vaild cryptodev backend object.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agocryptodev: wrap the ready flag
Gonglei [Thu, 22 Dec 2016 03:12:39 +0000 (11:12 +0800)] 
cryptodev: wrap the ready flag

The ready flag should be set by the children of
cryptodev backend interface. Warp the setter/getter
functions for it.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agocryptodev: introduce a new is_used property
Gonglei [Thu, 22 Dec 2016 03:12:38 +0000 (11:12 +0800)] 
cryptodev: introduce a new is_used property

This property is used to Tag the cryptodev backend
is used by virtio-crypto or not. Making cryptodev
can't be hot unplugged when it's in use. Cleanup
resources when cryptodev is finalized.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovirtio-crypto: use the correct length for cipher operation
Gonglei [Thu, 22 Dec 2016 03:37:03 +0000 (11:37 +0800)] 
virtio-crypto: use the correct length for cipher operation

In some modes of cipher algorithms, the length of destination data
maybe larger then source data, such as ciphertext stealing (CTS).

For symmetric algorithms, the length of ciphertext is definitly
equal to the plaintext for each crypto operation. So we should
use the src_len instead of dst_len avoid to pass the incorrect
cryptographical results to the frontend driver.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agodoc/pcie: correct command line examples
Cao jin [Thu, 29 Dec 2016 01:19:37 +0000 (09:19 +0800)] 
doc/pcie: correct command line examples

Nit picking: Multi-function PCI Express Root Ports should mean that
'addr' property is mandatory, and slot is optional because it defaults
to 0, and 'chassis' is mandatory for 2nd & 3rd root port because it
defaults to 0 too.

Bonus: fix a typo(2->3)
Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agomemory: handle alias in memory_region_is_iommu()
Jason Wang [Fri, 30 Dec 2016 10:09:18 +0000 (18:09 +0800)] 
memory: handle alias in memory_region_is_iommu()

Cc: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
2 years agomemory: handle alias for iommu notifier
Jason Wang [Fri, 30 Dec 2016 10:09:17 +0000 (18:09 +0800)] 
memory: handle alias for iommu notifier

Cc: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
2 years agoacpi: add ATSR for q35
Jason Wang [Fri, 30 Dec 2016 10:09:16 +0000 (18:09 +0800)] 
acpi: add ATSR for q35

This patch provides ATSR which was a requirement for software that
wants to enable ATS on endpoint devices behind a Root Port. This is
done simply by setting ALL_PORTS which indicates all PCI-Express Root
Ports support ATS transactions.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovirtio-pci: address space translation service (ATS) support
Jason Wang [Fri, 30 Dec 2016 10:09:15 +0000 (18:09 +0800)] 
virtio-pci: address space translation service (ATS) support

This patches enable the Address Translation Service support for virtio
pci devices. This is needed for a guest visible Device IOTLB
implementation and will be required by vhost device IOTLB API
implementation for intel IOMMU.

Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agointel_iommu: support device iotlb descriptor
Jason Wang [Fri, 30 Dec 2016 10:09:14 +0000 (18:09 +0800)] 
intel_iommu: support device iotlb descriptor

This patch enables device IOTLB support for intel iommu. The major
work is to implement QI device IOTLB descriptor processing and notify
the device through iommu notifier.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
2 years agoexec: introduce address_space_get_iotlb_entry()
Jason Wang [Fri, 30 Dec 2016 10:09:13 +0000 (18:09 +0800)] 
exec: introduce address_space_get_iotlb_entry()

This patch introduces a helper to query the iotlb entry for a
possible iova. This will be used by later device IOTLB API to enable
the capability for a dataplane (e.g vhost) to query the IOTLB.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agointel_iommu: allocate new key when creating new address space
Jason Wang [Fri, 30 Dec 2016 10:09:12 +0000 (18:09 +0800)] 
intel_iommu: allocate new key when creating new address space

We use the pointer to stack for key for new address space, this will break hash
table searching, fixing by g_malloc() a new key instead.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agointel_iommu: name vtd address space with devfn
Jason Wang [Fri, 30 Dec 2016 10:09:11 +0000 (18:09 +0800)] 
intel_iommu: name vtd address space with devfn

To avoid duplicated name and ease debugging.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovirtio: convert to use DMA api
Jason Wang [Fri, 30 Dec 2016 10:09:10 +0000 (18:09 +0800)] 
virtio: convert to use DMA api

Currently, all virtio devices bypass IOMMU completely. This is because
address_space_memory is assumed and used during DMA emulation. This
patch converts the virtio core API to use DMA API. This idea is

- introducing a new transport specific helper to query the dma address
  space. (only pci version is implemented).
- query and use this address space during virtio device guest memory
  accessing when iommu platform (VIRTIO_F_IOMMU_PLATFORM) was enabled
  for this device.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Amit Shah <amit.shah@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-block@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovirtio-crypto: fix possible integer and heap overflow
Gonglei [Tue, 3 Jan 2017 06:50:03 +0000 (14:50 +0800)] 
virtio-crypto: fix possible integer and heap overflow

Because the 'size_t' type is 4 bytes in 32-bit platform, which
is the same with 'int'. It's easy to make 'max_len' to zero when
integer overflow and then cause heap overflow if 'max_len' is zero.

Using uint_64 instead of size_t to avoid the integer overflow.

Cc: qemu-stable@nongnu.org
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Tested-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agointel_iommu: allow migration
Peter Xu [Fri, 6 Jan 2017 04:06:13 +0000 (12:06 +0800)] 
intel_iommu: allow migration

IOMMU needs to be migrated before all the PCI devices (in case there are
devices that will request for address translation). So marking it with a
priority higher than the default (which PCI devices and other belong).
Migration framework handled the rest.

Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agomigration: allow to prioritize save state entries
Peter Xu [Fri, 6 Jan 2017 04:06:12 +0000 (12:06 +0800)] 
migration: allow to prioritize save state entries

During migration, save state entries are saved/loaded without a specific
order - we just traverse the savevm_state.handlers list and do it one by
one. This might not be enough.

There are requirements that we need to load specific device's vmstate
first before others. For example, VT-d IOMMU contains DMA address
remapping information, which is required by all the PCI devices to do
address translations. We need to make sure IOMMU's device state is
loaded before the rest of the PCI devices, so that DMA address
translation can work properly.

This patch provide a VMStateDescription.priority value to allow specify
the priority of the saved states. The loadvm operation will be done with
those devices with higher vmsd priority.

Before this patch, we are possibly achieving the ordering requirement by
an assumption that the ordering will be the same with the ordering that
objects are created. A better way is to mark it out explicitly in the
VMStateDescription table, like what this patch does.

Current ordering logic is still naive and slow, but after all that's not
a critical path so IMO it's a workable solution for now.

Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Mon, 9 Jan 2017 15:30:45 +0000 (15:30 +0000)] 
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio, vhost, pc: fixes

Here are some bugfixes that didn't make 2.8.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Fri 16 Dec 2016 21:13:43 GMT
# gpg:                using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  virtio: avoid using guest_notifier_mask in vhost-user mode
  pci: fix error message for express slots
  i386: amd_iommu: fix MMIO register count and access
  tests/vhost-user-bridge: use contrib/libvhost-user
  contrib: add libvhost-user
  tests/vhost-user-bridge: do not accept more than one connection
  tests/vhost-user-bridge: indicate peer disconnected
  tests/vhost-user-bridge: remove unnecessary dispatcher_remove
  tests/vhost-user-bridge: remove false comment

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Peter Maydell [Mon, 9 Jan 2017 13:54:31 +0000 (13:54 +0000)] 
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Mon 09 Jan 2017 13:43:44 GMT
# gpg:                using RSA key 0x7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  block: Rename raw-{posix,win32} to file-*.c
  block: Rename raw_bsd to raw-format.c
  blkverify: Implement bdrv_co_preadv/pwritev/flush
  blkdebug: Implement bdrv_co_preadv/pwritev/flush
  quorum: Clean up quorum_aio_get()
  quorum: Inline quorum_fifo_aio_cb()
  quorum: Implement .bdrv_co_preadv/pwritev()
  quorum: Avoid bdrv_aio_writev() for rewrites
  quorum: Inline quorum_aio_cb()
  quorum: Do cleanup in caller coroutine
  quorum: Implement .bdrv_co_readv/writev
  quorum: Remove s from quorum_aio_get() arguments
  coroutine: Introduce qemu_coroutine_enter_if_inactive()
  qemu-img: fix in-flight count for qemu-img bench

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoblock: Rename raw-{posix,win32} to file-*.c
Eric Blake [Fri, 2 Dec 2016 19:48:54 +0000 (13:48 -0600)] 
block: Rename raw-{posix,win32} to file-*.c

These files deal with the file protocol, not the raw format (the
file protocol is often used with other formats, and the raw
format is not forced to use the file protocol).  Rename things
to make it a bit easier to follow.

Suggested-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock: Rename raw_bsd to raw-format.c
Eric Blake [Fri, 2 Dec 2016 19:48:53 +0000 (13:48 -0600)] 
block: Rename raw_bsd to raw-format.c

Given that we have raw-win32.c and raw-posix.c, my initial guess at
raw_bsd.c was that it was for dealing with raw files using code
specific to the BSD operating system (beyond what raw-posix could
do).  Not so - this name was chosen back in commit e1c66c6 to
distinguish that it was a BSD licensed file, in contrast to the
then-existing raw.c with an unclear and potentially unusable
license.  But since it has been more than three years since the
rewrite, it's time to pick a more useful name for this file to
avoid this type of confusion to future contributors that don't know
the backstory, as none of our other files are named solely by the
license they use.

In reality, this file deals with the raw format, which is useful
with any number of protocols, while raw-{win32,posix} deal with
the file protocol (and in turn, that protocol is not limited to
use with the raw format).  So rename raw_bsd to raw-format.c.  We
could have also used the shorter name raw.c, except that collides
with the earlier use of that filename for a different license,
and it's better to be safe than risk license pollution.

The next patch will also rename raw-win32.c and raw-posix.c to
further distinguish the difference in roles.

It doesn't hurt that this gets rid of an underscore in the filename,
thereby making tab-completion on 'ra<TAB>' easier (now I don't have
to type the shift key, which slows things down :)

Suggested-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblkverify: Implement bdrv_co_preadv/pwritev/flush
Kevin Wolf [Fri, 4 Nov 2016 20:13:45 +0000 (21:13 +0100)] 
blkverify: Implement bdrv_co_preadv/pwritev/flush

This enables byte granularity requests for blkverify, and at the same
time gets us rid of another user of the BDS-level AIO emulation.

The reference output of a test case must be changed because the
verification failure message reports byte offsets instead of sectors
now.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2 years agoblkdebug: Implement bdrv_co_preadv/pwritev/flush
Kevin Wolf [Fri, 4 Nov 2016 20:13:45 +0000 (21:13 +0100)] 
blkdebug: Implement bdrv_co_preadv/pwritev/flush

This enables byte granularity requests for blkdebug, and at the same
time gets us rid of another user of the BDS-level AIO emulation.

Note that unless align=512 is specified, this can behave subtly
different from the old behaviour because bdrv_co_preadv/pwritev don't
have to perform alignment adjustments any more.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2 years agoquorum: Clean up quorum_aio_get()
Kevin Wolf [Tue, 22 Nov 2016 11:49:49 +0000 (12:49 +0100)] 
quorum: Clean up quorum_aio_get()

Make sure that all fields of the new QuorumAIOCB are zeroed when the
function returns even without explicitly setting them. This will protect
us when new fields are added, removes some explicit zero assignment and
makes the code a little nicer to read.

Suggested-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
2 years agoquorum: Inline quorum_fifo_aio_cb()
Kevin Wolf [Thu, 10 Nov 2016 16:40:34 +0000 (17:40 +0100)] 
quorum: Inline quorum_fifo_aio_cb()

Inlining the function removes some boilerplace code and replaces
recursion by a simple loop, so the code becomes somewhat easier to
understand.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2 years agoquorum: Implement .bdrv_co_preadv/pwritev()
Kevin Wolf [Thu, 10 Nov 2016 16:22:07 +0000 (17:22 +0100)] 
quorum: Implement .bdrv_co_preadv/pwritev()

This enables byte granularity requests on quorum nodes.

Note that the QMP events emitted by the driver are an external API that
we were careless enough to define as sector based. The offset and length
of requests reported in events are rounded therefore.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
2 years agoquorum: Avoid bdrv_aio_writev() for rewrites
Kevin Wolf [Thu, 10 Nov 2016 15:50:16 +0000 (16:50 +0100)] 
quorum: Avoid bdrv_aio_writev() for rewrites

Replacing it with bdrv_co_pwritev() prepares us for byte granularity
requests and gets us rid of the last bdrv_aio_*() user in quorum.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2 years agoquorum: Inline quorum_aio_cb()
Kevin Wolf [Thu, 10 Nov 2016 15:13:15 +0000 (16:13 +0100)] 
quorum: Inline quorum_aio_cb()

This is a conversion to a more natural coroutine style and improves the
readability of the driver.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2 years agoquorum: Do cleanup in caller coroutine
Kevin Wolf [Thu, 10 Nov 2016 13:24:27 +0000 (14:24 +0100)] 
quorum: Do cleanup in caller coroutine

Instead of calling quorum_aio_finalize() deeply nested in what used
to be an AIO callback, do it in the same functions that allocated the
AIOCB.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2 years agoquorum: Implement .bdrv_co_readv/writev
Kevin Wolf [Tue, 8 Nov 2016 10:10:14 +0000 (11:10 +0100)] 
quorum: Implement .bdrv_co_readv/writev

This converts the quorum block driver from implementing callback-based
interfaces for read/write to coroutine-based ones. This is the first
step that will allow us further simplification of the code.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
2 years agoquorum: Remove s from quorum_aio_get() arguments
Kevin Wolf [Mon, 7 Nov 2016 17:00:29 +0000 (18:00 +0100)] 
quorum: Remove s from quorum_aio_get() arguments

There is no point in passing the value of bs->opaque in order to
overwrite it with itself.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
2 years agocoroutine: Introduce qemu_coroutine_enter_if_inactive()
Kevin Wolf [Mon, 7 Nov 2016 15:34:35 +0000 (16:34 +0100)] 
coroutine: Introduce qemu_coroutine_enter_if_inactive()

In the context of asynchronous work, if we have a worker coroutine that
didn't yield, the parent coroutine cannot be reentered because it hasn't
yielded yet. In this case we don't even have to reenter the parent
because it will see that the work is already done and won't even yield.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
2 years agoqemu-img: fix in-flight count for qemu-img bench
Paolo Bonzini [Wed, 7 Dec 2016 15:08:27 +0000 (16:08 +0100)] 
qemu-img: fix in-flight count for qemu-img bench

With aio=native (qemu-img bench -n) one or more requests can be completed
when a new request is submitted.  This in turn can cause bench_cb to
recurse before b->in_flight is updated.  This causes multiple I/Os
to be submitted with the same offset and, furthermore, the blk_aio_*
coroutines are never freed and qemu-img aborts.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20170109' into...
Peter Maydell [Mon, 9 Jan 2017 11:56:49 +0000 (11:56 +0000)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20170109' into staging

target-arm queue:
 * i2c: Allow I2C devices to NAK start events
 * hw/char: QOM'ify exynos4210_uart.c
 * clean up and refactor virt-acpi-build.c
 * virt-acpi-build: Don't incorrectly claim architectural timer
   to be edge-triggered
 * m25p80: Don't let rogue SPI controllers cause buffer overruns
 * imx_spi: Remove broken MSGDATA register support

# gpg: Signature made Mon 09 Jan 2017 11:52:49 GMT
# gpg:                using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20170109: (21 commits)
  hw/ssi/imx_spi.c: Remove MSGDATA register support
  m25p80: don't let rogue SPI controllers cause buffer overruns
  hw/arm/virt-acpi-build: Don't incorrectly claim architectural timer to be edge-triggered
  hw/arm/virt: remove VirtGuestInfo
  hw/arm/virt-acpi-build: don't save VirtGuestInfo on AcpiBuildState
  hw/arm/virt-acpi-build: remove redundant members from VirtGuestInfo
  hw/arm/virt: pass VirtMachineState instead of VirtGuestInfo
  hw/arm/virt: move VirtMachineState/Class to virt.h
  hw/arm/virt: remove include/hw/arm/virt-acpi-build.h
  hw/arm/virt: eliminate struct VirtGuestInfoState
  hw/arm/virt: use VirtMachineState.gic_version
  hw/arm/virt: parameter passing cleanups
  hw/arm/virt-acpi-build: fadt: improve flag naming
  hw/arm/virt-acpi-build: gtdt: improve flag naming
  hw/arm/virt-acpi-build: name GIC CPU Interface Structure appropriately
  hw/arm/virt-acpi-build: add all missing cpu_to_le's
  hw/arm/virt: Don't incorrectly claim architectural timer to be edge-triggered
  hw/arm/virt: Rename 'vbi' variables to 'vms'
  hw/arm/virt: Merge VirtBoardInfo and VirtMachineState
  hw/char: QOM'ify exynos4210_uart.c
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/ssi/imx_spi.c: Remove MSGDATA register support
Jean-Christophe Dubois [Mon, 9 Jan 2017 11:40:23 +0000 (11:40 +0000)] 
hw/ssi/imx_spi.c: Remove MSGDATA register support

From the documentation it is not clear what this SPI register is about.

Moreover, neither linux driver nor xvisor driver are using this SPI register.

For now we just remove it and issue a log on register write access.

Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 20170107122047.26300-1-jcd@tribudubois.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agom25p80: don't let rogue SPI controllers cause buffer overruns
Jean-Christophe Dubois [Mon, 9 Jan 2017 11:40:23 +0000 (11:40 +0000)] 
m25p80: don't let rogue SPI controllers cause buffer overruns

In normal operation we should never attempt to put more
data into the data[] array than it can hold. However if the
SPI controller connected to us misbehaves then it can send
us a sequence of commands that attempt this. Since the
controller might be in the guest (if the hardware does SPI
via bit-banging), catch the possible overrun conditions and
reset the flash internal state, logging them as guest errors.

Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 20170107111631.24444-1-jcd@tribudubois.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: rewrote commit message to be more exact about when
 this can happen]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt-acpi-build: Don't incorrectly claim architectural timer to be edge-triggered
Andrew Jones [Mon, 9 Jan 2017 11:40:23 +0000 (11:40 +0000)] 
hw/arm/virt-acpi-build: Don't incorrectly claim architectural timer to be edge-triggered

This is the ACPI equivalent to "hw/arm/virt: Don't incorrectly claim
architectural timer to be edge-triggered" which fixes the DT for
machine types 2.9 and later.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-15-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt: remove VirtGuestInfo
Andrew Jones [Mon, 9 Jan 2017 11:40:23 +0000 (11:40 +0000)] 
hw/arm/virt: remove VirtGuestInfo

by moving VirtGuestInfo.fw_cfg to VirtMachineState. This is the
mach-virt equivalent of "pc: Move PcGuestInfo.fw_cfg to
PCMachineState" and "pc: Eliminate PcGuestInfo struct" combined.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-14-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt-acpi-build: don't save VirtGuestInfo on AcpiBuildState
Andrew Jones [Mon, 9 Jan 2017 11:40:22 +0000 (11:40 +0000)] 
hw/arm/virt-acpi-build: don't save VirtGuestInfo on AcpiBuildState

We can get to VirtMachineState without the need for saving a pointer
on AcpiBuildState. This is the mach-virt equivalent to "acpi: Don't save
PcGuestInfo on AcpiBuildState"

Signed-off-by: Andrew Jones <drjones@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-13-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt-acpi-build: remove redundant members from VirtGuestInfo
Andrew Jones [Mon, 9 Jan 2017 11:40:22 +0000 (11:40 +0000)] 
hw/arm/virt-acpi-build: remove redundant members from VirtGuestInfo

Now that we pass VirtMachineState, and guest-info is just part of
that state, we can remove all the redundant members and access
the VirtMachineState directly.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-12-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt: pass VirtMachineState instead of VirtGuestInfo
Andrew Jones [Mon, 9 Jan 2017 11:40:22 +0000 (11:40 +0000)] 
hw/arm/virt: pass VirtMachineState instead of VirtGuestInfo

Only two functions take VirtGuestInfo parameters. Now that guest-info
is part of VirtMachineState, and VirtMachineState is defined in the
virt header, pass that instead.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-11-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt: move VirtMachineState/Class to virt.h
Andrew Jones [Mon, 9 Jan 2017 11:40:22 +0000 (11:40 +0000)] 
hw/arm/virt: move VirtMachineState/Class to virt.h

In preparation to share more Virt machine state than just guest-info
with other mach-virt source files, move the State and Class structures
to virt.h

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-10-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt: remove include/hw/arm/virt-acpi-build.h
Andrew Jones [Mon, 9 Jan 2017 11:40:22 +0000 (11:40 +0000)] 
hw/arm/virt: remove include/hw/arm/virt-acpi-build.h

include/hw/arm/virt-acpi-build.h is only used for VirtGuestInfo,
which doesn't even necessarily have to be ACPI specific. Move
VirtGuestInfo to include/hw/arm/virt.h, allowing us to remove
include/hw/arm/virt-acpi-build.h, and to prepare for even more
code motion.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-9-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt: eliminate struct VirtGuestInfoState
Andrew Jones [Mon, 9 Jan 2017 11:40:22 +0000 (11:40 +0000)] 
hw/arm/virt: eliminate struct VirtGuestInfoState

Instead of allocating a new struct just for VirtGuestInfo and the
machine_done Notifier, place them inside VirtMachineState. This
is the mach-virt equivalent of "pc: Eliminate struct
PcGuestInfoState"

Suggested-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-8-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt: use VirtMachineState.gic_version
Andrew Jones [Mon, 9 Jan 2017 11:40:22 +0000 (11:40 +0000)] 
hw/arm/virt: use VirtMachineState.gic_version

machvirt_init may need to probe for the gic version. If so, then
make sure the result is written to VirtMachineState. With the
state up to date, use it instead of a local variable. This is a
cleanup that prepares for VirtMachineState to be passed to functions
even outside hw/arm/virt.c

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-7-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt: parameter passing cleanups
Andrew Jones [Mon, 9 Jan 2017 11:40:22 +0000 (11:40 +0000)] 
hw/arm/virt: parameter passing cleanups

Some simple cleanups made possible by "hw/arm/virt: Merge
VirtBoardInfo and VirtMachineState"

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20170102200153.28864-6-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt-acpi-build: fadt: improve flag naming
Andrew Jones [Mon, 9 Jan 2017 11:40:21 +0000 (11:40 +0000)] 
hw/arm/virt-acpi-build: fadt: improve flag naming

Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 20170102200153.28864-5-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt-acpi-build: gtdt: improve flag naming
Andrew Jones [Mon, 9 Jan 2017 11:40:21 +0000 (11:40 +0000)] 
hw/arm/virt-acpi-build: gtdt: improve flag naming

Also remove all unused flags.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 20170102200153.28864-4-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt-acpi-build: name GIC CPU Interface Structure appropriately
Andrew Jones [Mon, 9 Jan 2017 11:40:21 +0000 (11:40 +0000)] 
hw/arm/virt-acpi-build: name GIC CPU Interface Structure appropriately

Also move the enabled flag definition from mach-virt code to
acpi common.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 20170102200153.28864-3-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt-acpi-build: add all missing cpu_to_le's
Andrew Jones [Mon, 9 Jan 2017 11:40:21 +0000 (11:40 +0000)] 
hw/arm/virt-acpi-build: add all missing cpu_to_le's

Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 20170102200153.28864-2-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw/arm/virt: Don't incorrectly claim architectural timer to be edge-triggered
Peter Maydell [Mon, 9 Jan 2017 11:40:21 +0000 (11:40 +0000)] 
hw/arm/virt: Don't incorrectly claim architectural timer to be edge-triggered

The architectural timers in ARM CPUs all have level triggered interrupts
(unless you're using KVM on a host kernel before 4.4, which misimplemented
them as edge-triggered).

We were incorrectly describing them in the device tree as edge triggered.
This can cause problems for guest kernels in 4.8 before rc6:
 * pre-4.8 kernels ignore the values in the DT
 * 4.8 before rc6 write the DT values to the GIC config registers
 * newer than rc6 ignore the DT and insist that the timer interrupts
   are level triggered regardless

Fix the DT so we're describing reality. For backwards-compatibility
purposes, only do this for the virt-2.9 machine onward.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
2 years agohw/arm/virt: Rename 'vbi' variables to 'vms'
Peter Maydell [Mon, 9 Jan 2017 11:40:21 +0000 (11:40 +0000)] 
hw/arm/virt: Rename 'vbi' variables to 'vms'

Rename all the variables which used to be VirtBoardInfo*
and are now VirtMachineState* so their names are in line
with the type being used.

Apart from the removal of the line 'VirtMachineState *vbi = vms;'
this commit is purely a search-and-replace of 'vbi' with 'vms'.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
2 years agohw/arm/virt: Merge VirtBoardInfo and VirtMachineState
Peter Maydell [Mon, 9 Jan 2017 11:40:21 +0000 (11:40 +0000)] 
hw/arm/virt: Merge VirtBoardInfo and VirtMachineState

One of the purposes of VirtBoardInfo was to hold various
bits of state about the board. Now we have MachineState
and the subclass VirtMachineState to do this. Fold the
VirtBoardInfo into VirtMachineState rather than having
some flags in one struct and some in another with no
useful way to get between them.

In the process we drop the code for looking up the
memory map and irq map from the CPU model, because
in practice we always use the same maps in all cases.

For easier code review, this change removes the
VirtBoardInfo type but leaves all the variables which
used to be VirtBoardInfo* and are now VirtMachineState*
with their now-confusing 'vbi' names.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
2 years agohw/char: QOM'ify exynos4210_uart.c
xiaoqiang zhao [Mon, 9 Jan 2017 11:40:21 +0000 (11:40 +0000)] 
hw/char: QOM'ify exynos4210_uart.c

Drop the old Sysbus init and use instance_init and
DeviceClass::realize instead

Signed-off-by: xiaoqiang zhao <zxq_yx_007@163.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoi2c: Allow I2C devices to NAK start events
Corey Minyard [Mon, 9 Jan 2017 11:40:20 +0000 (11:40 +0000)] 
i2c: Allow I2C devices to NAK start events

Add a return value to the event handler.  Some I2C devices will
NAK if they have no data, so allow them to do this.  This required
the following changes:

Go through all the event handlers and change them to return int
and return 0.

Modify i2c_start_transfer to terminate the transaction on a NAK.

Modify smbus handing to not assert if a NAK occurs on a second
operation, and terminate the transaction and return -1 instead.

Add some information on semantics to I2CSlaveClass.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/gonglei/tags/cryptodev-next-20161224' into...
Peter Maydell [Fri, 6 Jan 2017 15:18:09 +0000 (15:18 +0000)] 
Merge remote-tracking branch 'remotes/gonglei/tags/cryptodev-next-20161224' into staging

cryptodev patches

- add xts mode support
- add 3DES algorithm support
- other trivial fixes

# gpg: Signature made Sat 24 Dec 2016 05:56:44 GMT
# gpg:                using RSA key 0x2ED7FDE9063C864D
# gpg: Good signature from "Gonglei <arei.gonglei@huawei.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3EF1 8E53 3459 E6D1 963A  3C05 2ED7 FDE9 063C 864D

* remotes/gonglei/tags/cryptodev-next-20161224:
  cryptodev: add 3des-ede support
  cryptodev: remove single-DES support in cryptodev
  cryptodev: add xts(aes) support
  cryptodev: fix the check of aes algorithm

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
Peter Maydell [Fri, 6 Jan 2017 12:10:40 +0000 (12:10 +0000)] 
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Fri 06 Jan 2017 02:55:49 GMT
# gpg:                using RSA key 0xEF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  fsl_etsec: Fix Tx BD ring wrapping handling
  rtl8139: correctly handle PHY reset
  record/replay: add network support

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agofsl_etsec: Fix Tx BD ring wrapping handling
Andrey Smirnov [Thu, 5 Jan 2017 20:26:36 +0000 (12:26 -0800)] 
fsl_etsec: Fix Tx BD ring wrapping handling

Current code that handles Tx buffer desciprtor ring scanning employs the
following algorithm:

1. Restore current buffer descriptor pointer from TBPTRn

2. Process current descriptor

3. If current descriptor has BD_WRAP flag set set current
   descriptor pointer to start of the descriptor ring

4. If current descriptor points to start of the ring exit the
   loop, otherwise increment current descriptor pointer and go
   to #2

5. Store current descriptor in TBPTRn

The way the code is implemented results in buffer descriptor ring being
scanned starting at offset/descriptor #0. While covering 99% of the
cases, this algorithm becomes problematic for a number of edge cases.

Consider the following scenario: guest OS driver initializes descriptor
ring to N individual descriptors and starts sending data out. Depending
on the volume of traffic and probably guest OS driver implementation it
is possible that an edge case where a packet, spread across 2
descriptors is placed in descriptors N - 1 and 0 in that order(it is
easy to imagine similar examples involving more than 2 descriptors).

What happens then is aforementioned algorithm starts at descriptor 0,
sees a descriptor marked as BD_LAST, which it happily sends out as a
separate packet(very much malformed at this point) then the iteration
continues and the first part of the original packet is tacked to the
next transmission which ends up being bogus as well.

This behvaiour can be pretty reliably observed when scp'ing data from a
guest OS via TAP interface for files larger than 160K (every time for
700K+).

This patch changes the scanning algorithm to do the following:

1. Restore "current" buffer descriptor pointer from
   TBPTRn

2. If "current" descriptor does not have BD_TX_READY set, goto #6

3. Process current descriptor

4. If "current" descriptor has BD_WRAP flag set "current"
   descriptor pointer to start of the descriptor ring otherwise
   set increment "current" by the size of one descriptor

5. Goto #1

6. Save "current" buffer descriptor in TBPTRn

This way we preserve the information about which descriptor was
processed last and always start where we left off avoiding the original
problem. On top of that, judging by the following excerpt from
MPC8548ERM (p. 14-48):

"... When the end of the TxBD ring is reached, eTSEC initializes TBPTRn
to the value in the corresponding TBASEn. The TBPTR register is
internally written by the eTSEC’s DMA controller during
transmission. The pointer increments by eight (bytes) each time a
descriptor is closed successfully by the eTSEC..."

revised algorithm might also a more correct way of emulating this aspect
of eTSEC peripheral.

Cc: Alexander Graf <agraf@suse.de>
Cc: Scott Wood <scottwood@freescale.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: qemu-devel@nongnu.org
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2 years agortl8139: correctly handle PHY reset
Hervé Poussineau [Tue, 13 Dec 2016 19:44:41 +0000 (20:44 +0100)] 
rtl8139: correctly handle PHY reset

According to datasheet:
"[Bit 15 of Basic Mode Control Register] sets the status and control registers
of the PHY (register 0062-0074) in a default state. This bit is self-clearing.
1 = software reset; 0 = normal operation."

This fixes the netcard detection failure in Minoca OS.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2 years agorecord/replay: add network support
Pavel Dovgalyuk [Mon, 26 Sep 2016 08:08:21 +0000 (11:08 +0300)] 
record/replay: add network support

This patch adds support of recording and replaying network packets in
irount rr mode.

Record and replay for network interactions is performed with the network filter.
Each backend must have its own instance of the replay filter as follows:
 -netdev user,id=net1 -device rtl8139,netdev=net1
 -object filter-replay,id=replay,netdev=net1

Replay network filter is used to record and replay network packets. While
recording the virtual machine this filter puts all packets coming from
the outer world into the log. In replay mode packets from the log are
injected into the network device. All interactions with network backend
in replay mode are disabled.

v5 changes:
 - using iov_to_buf function instead of loop

Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Peter Maydell [Thu, 5 Jan 2017 12:44:22 +0000 (12:44 +0000)] 
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Wed 04 Jan 2017 13:29:09 GMT
# gpg:                using RSA key 0x9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  iothread: add poll-grow and poll-shrink parameters
  aio: self-tune polling time
  virtio: disable virtqueue notifications during polling
  aio: add .io_poll_begin/end() callbacks
  virtio: turn vq->notification into a nested counter
  virtio-scsi: suppress virtqueue kick during processing
  virtio-blk: suppress virtqueue kick during processing
  iothread: add polling parameters
  linux-aio: poll ring for completions
  virtio: poll virtqueues for new buffers
  aio: add polling mode to AioContext
  aio: add AioPollFn and io_poll() interface
  aio: add flag to skip fds to aio_dispatch()
  HACKING: document #include order

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging
Peter Maydell [Thu, 5 Jan 2017 10:53:57 +0000 (10:53 +0000)] 
Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging

- transport specific callbacks (for Xen)
- fix crash (2.8 regression)
- 9p functional tests

# gpg: Signature made Tue 03 Jan 2017 17:30:58 GMT
# gpg:                using DSA key 0x02FC3AEB0101DBC2
# gpg: Good signature from "Greg Kurz <groug@kaod.org>"
# gpg:                 aka "Greg Kurz <groug@free.fr>"
# gpg:                 aka "Greg Kurz <gkurz@fr.ibm.com>"
# gpg:                 aka "Greg Kurz <gkurz@linux.vnet.ibm.com>"
# gpg:                 aka "Gregory Kurz (Groug) <groug@free.fr>"
# gpg:                 aka "Gregory Kurz (Cimai Technology) <gkurz@cimai.com>"
# gpg:                 aka "Gregory Kurz (Meiosys Technology) <gkurz@meiosys.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 2BD4 3B44 535E C0A7 9894  DBA2 02FC 3AEB 0101 DBC2

* remotes/gkurz/tags/for-upstream:
  tests: virtio-9p: ".." cannot be used to walk out of the shared directory
  tests: virtio-9p: no slash in path elements during walk
  tests: virtio-9p: add walk operation test
  tests: virtio-9p: add attach operation test
  tests: virtio-9p: add version operation test
  9pfs: fix P9_NOTAG and P9_NOFID macros
  tests: virtio-9p: code refactoring
  tests: virtio-9p: rename PCI configuration test
  9pfs: fix crash when fsdev is missing
  9pfs: introduce init_out/in_iov_from_pdu
  9pfs: call v9fs_init_qiov_from_pdu before v9fs_pack
  9pfs: introduce transport specific callbacks
  9pfs: move pdus to V9fsState

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20170103-1' into staging
Peter Maydell [Thu, 5 Jan 2017 10:22:47 +0000 (10:22 +0000)] 
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20170103-1' into staging

virtio-gpu: misc bugfixes.

# gpg: Signature made Tue 03 Jan 2017 14:48:04 GMT
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/pull-vga-20170103-1:
  virtio-gpu: fix memory leak in resource attach backing
  virtio-gpu-3d: fix memory leak in resource attach backing
  virtio-gpu: call cleanup mapping function in resource destroy
  virtio-gpu: track and limit host memory allocations
  display: virtio-gpu-3d: check virgl capabilities max_size

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoiothread: add poll-grow and poll-shrink parameters
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:52 +0000 (19:26 +0000)] 
iothread: add poll-grow and poll-shrink parameters

These parameters control the poll time self-tuning algorithm.  They are
optional and will default to sane values if omitted.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-14-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoaio: self-tune polling time
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:51 +0000 (19:26 +0000)] 
aio: self-tune polling time

This patch is based on the algorithm for the kvm.ko halt_poll_ns
parameter in Linux.  The initial polling time is zero.

If the event loop is woken up within the maximum polling time it means
polling could be effective, so grow polling time.

If the event loop is woken up beyond the maximum polling time it means
polling is not effective, so shrink polling time.

If the event loop makes progress within the current polling time then
the sweet spot has been reached.

This algorithm adjusts the polling time so it can adapt to variations in
workloads.  The goal is to reach the sweet spot while also recognizing
when polling would hurt more than help.

Two new trace events, poll_grow and poll_shrink, are added for observing
polling time adjustment.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-13-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agovirtio: disable virtqueue notifications during polling
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:50 +0000 (19:26 +0000)] 
virtio: disable virtqueue notifications during polling

This is a performance optimization to eliminate vmexits during polling.
It also avoids spurious ioeventfd processing after polling ends.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-12-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoaio: add .io_poll_begin/end() callbacks
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:49 +0000 (19:26 +0000)] 
aio: add .io_poll_begin/end() callbacks

The begin and end callbacks can be used to prepare for the polling loop
and clean up when polling stops.  Note that they may only be called once
for multiple aio_poll() calls if polling continues to succeed.  Once
polling fails the end callback is invoked before aio_poll() resumes file
descriptor monitoring.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-11-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agovirtio: turn vq->notification into a nested counter
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:48 +0000 (19:26 +0000)] 
virtio: turn vq->notification into a nested counter

Polling should disable virtqueue notifications but that requires nested
virtio_queue_set_notification() calls.  Turn vq->notification into a
counter so it is possible to do nesting.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-10-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agovirtio-scsi: suppress virtqueue kick during processing
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:47 +0000 (19:26 +0000)] 
virtio-scsi: suppress virtqueue kick during processing

The guest does not need to kick the virtqueue while we are processing
it.  This reduces the number of vmexits during periods of heavy I/O.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-9-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agovirtio-blk: suppress virtqueue kick during processing
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:46 +0000 (19:26 +0000)] 
virtio-blk: suppress virtqueue kick during processing

The guest does not need to kick the virtqueue while we are processing
it.  This reduces the number of vmexits during periods of heavy I/O.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-8-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoiothread: add polling parameters
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:45 +0000 (19:26 +0000)] 
iothread: add polling parameters

Poll mode can be configured with -object iothread,poll-max-ns=NUM.
Polling is disabled with a value of 0 nanoseconds.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-7-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agolinux-aio: poll ring for completions
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:44 +0000 (19:26 +0000)] 
linux-aio: poll ring for completions

The Linux AIO userspace ABI includes a ring that is shared with the
kernel.  This allows userspace programs to process completions without
system calls.

Add an AioContext poll handler to check for completions in the ring.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-6-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agovirtio: poll virtqueues for new buffers
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:43 +0000 (19:26 +0000)] 
virtio: poll virtqueues for new buffers

Add an AioContext poll handler to detect new virtqueue buffers without
waiting for a guest->host notification.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-5-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoaio: add polling mode to AioContext
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:42 +0000 (19:26 +0000)] 
aio: add polling mode to AioContext

The AioContext event loop uses ppoll(2) or epoll_wait(2) to monitor file
descriptors or until a timer expires.  In cases like virtqueues, Linux
AIO, and ThreadPool it is technically possible to wait for events via
polling (i.e. continuously checking for events without blocking).

Polling can be faster than blocking syscalls because file descriptors,
the process scheduler, and system calls are bypassed.

The main disadvantage to polling is that it increases CPU utilization.
In classic polling configuration a full host CPU thread might run at
100% to respond to events as quickly as possible.  This patch implements
a timeout so we fall back to blocking syscalls if polling detects no
activity.  After the timeout no CPU cycles are wasted on polling until
the next event loop iteration.

The run_poll_handlers_begin() and run_poll_handlers_end() trace events
are added to aid performance analysis and troubleshooting.  If you need
to know whether polling mode is being used, trace these events to find
out.

Note that the AioContext is now re-acquired before disabling notify_me
in the non-polling case.  This makes the code cleaner since notify_me
was enabled outside the non-polling AioContext release region.  This
change is correct since it's safe to keep notify_me enabled longer
(disabling is an optimization) but potentially causes unnecessary
event_notifer_set() calls.  I think the chance of performance regression
is small here.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-4-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoaio: add AioPollFn and io_poll() interface
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:41 +0000 (19:26 +0000)] 
aio: add AioPollFn and io_poll() interface

The new AioPollFn io_poll() argument to aio_set_fd_handler() and
aio_set_event_handler() is used in the next patch.

Keep this code change separate due to the number of files it touches.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-3-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoaio: add flag to skip fds to aio_dispatch()
Stefan Hajnoczi [Thu, 1 Dec 2016 19:26:40 +0000 (19:26 +0000)] 
aio: add flag to skip fds to aio_dispatch()

Polling mode will not call ppoll(2)/epoll_wait(2).  Therefore we know
there are no fds ready and should avoid looping over fd handlers in
aio_dispatch().

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20161201192652.9509-2-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoHACKING: document #include order
Stefan Hajnoczi [Wed, 16 Nov 2016 14:39:21 +0000 (14:39 +0000)] 
HACKING: document #include order

It was not obvious to me why "qemu/osdep.h" must be the first #include.
This documents the rationale and the overall #include order.

Cc: Fam Zheng <famz@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1479307161-24658-1-git-send-email-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agotests: virtio-9p: ".." cannot be used to walk out of the shared directory
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
tests: virtio-9p: ".." cannot be used to walk out of the shared directory

According to the 9P spec at http://man.cat-v.org/plan_9/5/intro, the
parent directory of the root directory of a server's tree is itself.
This test hence checks that the qid of the root directory as returned by
attach is the same as the qid of ".." when walking from the root directory.

Signed-off-by: Greg Kurz <groug@kaod.org>
2 years agotests: virtio-9p: no slash in path elements during walk
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
tests: virtio-9p: no slash in path elements during walk

The walk operation is expected to fail and to return ENOENT.

Signed-off-by: Greg Kurz <groug@kaod.org>
2 years agotests: virtio-9p: add walk operation test
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
tests: virtio-9p: add walk operation test

The walk operation is used to traverse the directory tree and to associate
paths to fids. A single walk can be used to traverse up to P9_MAXWELEM path
elements at the same time.

The test creates a path with P9_MAXWELEM elements on the backend (à la
'mkdir -p') and issues a walk operation. The walk is expected to succeed
without error.

Reference:

http://man.cat-v.org/plan_9/5/walk

Signed-off-by: Greg Kurz <groug@kaod.org>
2 years agotests: virtio-9p: add attach operation test
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
tests: virtio-9p: add attach operation test

The attach operation is used to establish a connection between the
client and the server. After this, the client is able to access the
underlying filesystem and do I/O.

This test simply ensures the operation succeeds without error.

Reference:

http://man.cat-v.org/plan_9/5/attach

Signed-off-by: Greg Kurz <groug@kaod.org>
2 years agotests: virtio-9p: add version operation test
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
tests: virtio-9p: add version operation test

This patch lays the foundations to be able to test 9P operations and
provides a test for the version operation as a first example.

A 9P request is composed of a T-message sent by the client (guest) to the
server (QEMU), and a R-message sent by the server back to the client.

The following general calls are available to implement requests for any
9P operations:

v9fs_req_init(): allocates the request structure and the guest memory for
                 the T-message

v9fs_req_send(): allocates the guest memory for the R-message and sends the
                 T-message to QEMU

v9fs_req_recv(): waits for QEMU to answer and does some sanity checks on the
                 returned R-message header

v9fs_req_free(): releases the guest memory and the request structure

Helpers are provided, to be used by each specific 9P operation to copy data
to/from the guest memory.

The version operation is used to negotiate the 9P protocol version to be
used and the maximum buffer size for exchanged data. It is necessarily
the first message of a 9P session. For simplicity, the maximum buffer size
is hardcoded to 4k, which should be enough for functional tests.

The test simply advertises the "9P2000.L" version to QEMU and expects QEMU
to answer it is supported.

References:

http://man.cat-v.org/plan_9/5/intro
http://man.cat-v.org/plan_9/5/version

Signed-off-by: Greg Kurz <groug@kaod.org>
2 years ago9pfs: fix P9_NOTAG and P9_NOFID macros
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
9pfs: fix P9_NOTAG and P9_NOFID macros

The u16 and u32 types don't exist in QEMU common headers. It never broke
build because these two macros aren't use by the current code, but this
is about to change with the future addition of functional tests for 9P.

Also, these should have enclosing parenthesis to be usable in any
syntactical situation.

As suggested by Eric Blake, let's use UINT16_MAX and UINT32_MAX to address
both issues.

Signed-off-by: Greg Kurz <groug@kaod.org>
2 years agotests: virtio-9p: code refactoring
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
tests: virtio-9p: code refactoring

This moves the test_share static and the QOSState into the QVirtIO9P
structure, and put PCI related code in functions with a _pci_ name.

This will avoid code duplication in future tests, and allow to add
support for non-PCI platforms.

Signed-off-by: Greg Kurz <groug@kaod.org>
2 years agotests: virtio-9p: rename PCI configuration test
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
tests: virtio-9p: rename PCI configuration test

Signed-off-by: Greg Kurz <groug@kaod.org>
2 years ago9pfs: fix crash when fsdev is missing
Greg Kurz [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
9pfs: fix crash when fsdev is missing

If the user passes -device virtio-9p without the corresponding -fsdev, QEMU
dereferences a NULL pointer and crashes.

This is a 2.8 regression introduced by commit 702dbcc274e2c.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
2 years ago9pfs: introduce init_out/in_iov_from_pdu
Stefano Stabellini [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
9pfs: introduce init_out/in_iov_from_pdu

Not all 9pfs transports share memory between request and response. For
those who don't, it is necessary to know how much memory is required in
the response.

Split the existing init_iov_from_pdu function in two:
init_out_iov_from_pdu (for writes) and init_in_iov_from_pdu (for reads).
init_in_iov_from_pdu takes an additional size parameter to specify the
memory required for the response message.

Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
2 years ago9pfs: call v9fs_init_qiov_from_pdu before v9fs_pack
Stefano Stabellini [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
9pfs: call v9fs_init_qiov_from_pdu before v9fs_pack

v9fs_xattr_read should not access VirtQueueElement elems directly.
Move v9fs_init_qiov_from_pdu up in the file and call
v9fs_init_qiov_from_pdu before v9fs_pack. Use v9fs_pack on the new
iovec.

Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
2 years ago9pfs: introduce transport specific callbacks
Stefano Stabellini [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
9pfs: introduce transport specific callbacks

Don't call virtio functions from 9pfs generic code, use generic function
callbacks instead.

Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
2 years ago9pfs: move pdus to V9fsState
Stefano Stabellini [Tue, 3 Jan 2017 16:28:44 +0000 (17:28 +0100)] 
9pfs: move pdus to V9fsState

pdus are initialized and used in 9pfs common code. Move the array from
V9fsVirtioState to V9fsState.

Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
2 years agovirtio-gpu: fix memory leak in resource attach backing
Li Qiang [Thu, 29 Dec 2016 09:28:41 +0000 (04:28 -0500)] 
virtio-gpu: fix memory leak in resource attach backing

In the resource attach backing function, everytime it will
allocate 'res->iov' thus can leading a memory leak. This
patch avoid this.

Signed-off-by: Li Qiang <liq3ea@gmail.com>
Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agovirtio-gpu-3d: fix memory leak in resource attach backing
Li Qiang [Thu, 29 Dec 2016 08:11:26 +0000 (03:11 -0500)] 
virtio-gpu-3d: fix memory leak in resource attach backing

If the virgl_renderer_resource_attach_iov function fails the
'res_iovs' will be leaked. Add check of the return value to
free the 'res_iovs' when failing.

Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agovirtio-gpu: call cleanup mapping function in resource destroy
Li Qiang [Tue, 29 Nov 2016 02:29:25 +0000 (21:29 -0500)] 
virtio-gpu: call cleanup mapping function in resource destroy

If the guest destroy the resource before detach banking, the 'iov'
and 'addrs' field in resource is not freed thus leading memory
leak issue. This patch avoid this.

Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 1480386565-10077-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/vivier/tags/m68k-for-2.9-pull-request' into...
Peter Maydell [Wed, 28 Dec 2016 17:11:11 +0000 (17:11 +0000)] 
Merge remote-tracking branch 'remotes/vivier/tags/m68k-for-2.9-pull-request' into staging

# gpg: Signature made Tue 27 Dec 2016 17:52:12 GMT
# gpg:                using RSA key 0xF30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier/tags/m68k-for-2.9-pull-request:
  target-m68k: free TCG variables that are not
  target-m68k: add rol/ror/roxl/roxr instructions
  target-m68k: Inline shifts
  target-m68k: Do not cpu_abort on undefined insns
  target-m68k: Implement 680x0 movem
  target-m68k: add cas/cas2 ops
  target-m68k: add abcd/sbcd/nbcd
  target-m68k: add 680x0 divu/divs variants
  target-m68k: add 64bit mull
  target-m68k: add cmpm
  target-m68k: Split gen_lea and gen_ea
  target-m68k: Delay autoinc writeback

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget-m68k: free TCG variables that are not
Laurent Vivier [Sun, 10 Jan 2016 13:53:33 +0000 (14:53 +0100)] 
target-m68k: free TCG variables that are not

This is a cleanup patch. It adds call to tcg_temp_free()
when it is missing.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2 years agotarget-m68k: add rol/ror/roxl/roxr instructions
Laurent Vivier [Sun, 10 Jan 2016 23:54:57 +0000 (00:54 +0100)] 
target-m68k: add rol/ror/roxl/roxr instructions

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2 years agotarget-m68k: Inline shifts
Richard Henderson [Wed, 9 Nov 2016 13:46:09 +0000 (14:46 +0100)] 
target-m68k: Inline shifts

Also manage word and byte operands and fix the computation of
overflow in the case of M68000 arithmetic shifts.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1478699171-10637-4-git-send-email-rth@twiddle.net>

2 years agotarget-m68k: Do not cpu_abort on undefined insns
Richard Henderson [Wed, 9 Nov 2016 13:46:08 +0000 (14:46 +0100)] 
target-m68k: Do not cpu_abort on undefined insns

Report this properly via exception and, importantly, allow
the disassembler the chance to tell us what insn is not handled.

Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1478699171-10637-3-git-send-email-rth@twiddle.net>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2 years agotarget-m68k: Implement 680x0 movem
Laurent Vivier [Wed, 9 Nov 2016 13:46:07 +0000 (14:46 +0100)] 
target-m68k: Implement 680x0 movem

680x0 movem can load/store words and long words and can use more
addressing modes.  Coldfire can only use long words with (Ax) and
(d16,Ax) addressing modes.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1478699171-10637-2-git-send-email-rth@twiddle.net>

2 years agotarget-m68k: add cas/cas2 ops
Laurent Vivier [Mon, 11 Jan 2016 00:33:26 +0000 (01:33 +0100)] 
target-m68k: add cas/cas2 ops

Implement CAS using cmpxchg.
Implement CAS2 using helper and either cmpxchg when
the 32bit addresses are consecutive, or with
parallel_cpus+cpu_loop_exit_atomic() otherwise.

Suggested-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <rth@twiddle.net>