qemu.git
2 years agoMerge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2019-06-24' into staging
Peter Maydell [Mon, 1 Jul 2019 10:28:28 +0000 (11:28 +0100)] 
Merge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2019-06-24' into staging

Block patches:
- The SSH block driver now uses libssh instead of libssh2
- The VMDK block driver gets read-only support for the seSparse
  subformat
- Various fixes

# gpg: Signature made Mon 24 Jun 2019 15:42:56 BST
# gpg:                using RSA key 91BEB60A30DB3E8857D11829F407DB0061D5CF40
# gpg:                issuer "mreitz@redhat.com"
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>" [full]
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1  1829 F407 DB00 61D5 CF40

* remotes/maxreitz/tags/pull-block-2019-06-24:
  iotests: Fix 205 for concurrent runs
  ssh: switch from libssh2 to libssh
  vmdk: Add read-only support for seSparse snapshots
  vmdk: Reduce the max bound for L1 table size
  vmdk: Fix comment regarding max l1_size coverage
  iotest 134: test cluster-misaligned encrypted write
  blockdev: enable non-root nodes for transaction drive-backup source
  nvme: do not advertise support for unsupported arbitration mechanism

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoiotests: Fix 205 for concurrent runs
Max Reitz [Tue, 18 Jun 2019 21:02:38 +0000 (23:02 +0200)] 
iotests: Fix 205 for concurrent runs

Tests should place their files into the test directory.  This includes
Unix sockets.  205 currently fails to do so, which prevents it from
being run concurrently.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20190618210238.9524-1-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2 years agossh: switch from libssh2 to libssh
Pino Toscano [Thu, 20 Jun 2019 20:08:40 +0000 (22:08 +0200)] 
ssh: switch from libssh2 to libssh

Rewrite the implementation of the ssh block driver to use libssh instead
of libssh2.  The libssh library has various advantages over libssh2:
- easier API for authentication (for example for using ssh-agent)
- easier API for known_hosts handling
- supports newer types of keys in known_hosts

Use APIs/features available in libssh 0.8 conditionally, to support
older versions (which are not recommended though).

Adjust the iotest 207 according to the different error message, and to
find the default key type for localhost (to properly compare the
fingerprint with).
Contributed-by: Max Reitz <mreitz@redhat.com>
Adjust the various Docker/Travis scripts to use libssh when available
instead of libssh2. The mingw/mxe testing is dropped for now, as there
are no packages for it.

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20190620200840.17655-1-ptoscano@redhat.com
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 5873173.t2JhDm7DL7@lindworm.usersys.redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2 years agovmdk: Add read-only support for seSparse snapshots
Sam Eiderman [Thu, 20 Jun 2019 09:10:57 +0000 (12:10 +0300)] 
vmdk: Add read-only support for seSparse snapshots

Until ESXi 6.5 VMware used the vmfsSparse format for snapshots (VMDK3 in
QEMU).

This format was lacking in the following:

    * Grain directory (L1) and grain table (L2) entries were 32-bit,
      allowing access to only 2TB (slightly less) of data.
    * The grain size (default) was 512 bytes - leading to data
      fragmentation and many grain tables.
    * For space reclamation purposes, it was necessary to find all the
      grains which are not pointed to by any grain table - so a reverse
      mapping of "offset of grain in vmdk" to "grain table" must be
      constructed - which takes large amounts of CPU/RAM.

The format specification can be found in VMware's documentation:
https://www.vmware.com/support/developer/vddk/vmdk_50_technote.pdf

In ESXi 6.5, to support snapshot files larger than 2TB, a new format was
introduced: SESparse (Space Efficient).

This format fixes the above issues:

    * All entries are now 64-bit.
    * The grain size (default) is 4KB.
    * Grain directory and grain tables are now located at the beginning
      of the file.
      + seSparse format reserves space for all grain tables.
      + Grain tables can be addressed using an index.
      + Grains are located in the end of the file and can also be
        addressed with an index.
      - seSparse vmdks of large disks (64TB) have huge preallocated
        headers - mainly due to L2 tables, even for empty snapshots.
    * The header contains a reverse mapping ("backmap") of "offset of
      grain in vmdk" to "grain table" and a bitmap ("free bitmap") which
      specifies for each grain - whether it is allocated or not.
      Using these data structures we can implement space reclamation
      efficiently.
    * Due to the fact that the header now maintains two mappings:
        * The regular one (grain directory & grain tables)
        * A reverse one (backmap and free bitmap)
      These data structures can lose consistency upon crash and result
      in a corrupted VMDK.
      Therefore, a journal is also added to the VMDK and is replayed
      when the VMware reopens the file after a crash.

Since ESXi 6.7 - SESparse is the only snapshot format available.

Unfortunately, VMware does not provide documentation regarding the new
seSparse format.

This commit is based on black-box research of the seSparse format.
Various in-guest block operations and their effect on the snapshot file
were tested.

The only VMware provided source of information (regarding the underlying
implementation) was a log file on the ESXi:

    /var/log/hostd.log

Whenever an seSparse snapshot is created - the log is being populated
with seSparse records.

Relevant log records are of the form:

[...] Const Header:
[...]  constMagic     = 0xcafebabe
[...]  version        = 2.1
[...]  capacity       = 204800
[...]  grainSize      = 8
[...]  grainTableSize = 64
[...]  flags          = 0
[...] Extents:
[...]  Header         : <1 : 1>
[...]  JournalHdr     : <2 : 2>
[...]  Journal        : <2048 : 2048>
[...]  GrainDirectory : <4096 : 2048>
[...]  GrainTables    : <6144 : 2048>
[...]  FreeBitmap     : <8192 : 2048>
[...]  BackMap        : <10240 : 2048>
[...]  Grain          : <12288 : 204800>
[...] Volatile Header:
[...] volatileMagic     = 0xcafecafe
[...] FreeGTNumber      = 0
[...] nextTxnSeqNumber  = 0
[...] replayJournal     = 0

The sizes that are seen in the log file are in sectors.
Extents are of the following format: <offset : size>

This commit is a strict implementation which enforces:
    * magics
    * version number 2.1
    * grain size of 8 sectors  (4KB)
    * grain table size of 64 sectors
    * zero flags
    * extent locations

Additionally, this commit proivdes only a subset of the functionality
offered by seSparse's format:
    * Read-only
    * No journal replay
    * No space reclamation
    * No unmap support

Hence, journal header, journal, free bitmap and backmap extents are
unused, only the "classic" (L1 -> L2 -> data) grain access is
implemented.

However there are several differences in the grain access itself.
Grain directory (L1):
    * Grain directory entries are indexes (not offsets) to grain
      tables.
    * Valid grain directory entries have their highest nibble set to
      0x1.
    * Since grain tables are always located in the beginning of the
      file - the index can fit into 32 bits - so we can use its low
      part if it's valid.
Grain table (L2):
    * Grain table entries are indexes (not offsets) to grains.
    * If the highest nibble of the entry is:
        0x0:
            The grain in not allocated.
            The rest of the bytes are 0.
        0x1:
            The grain is unmapped - guest sees a zero grain.
            The rest of the bits point to the previously mapped grain,
            see 0x3 case.
        0x2:
            The grain is zero.
        0x3:
            The grain is allocated - to get the index calculate:
            ((entry & 0x0fff000000000000) >> 48) |
            ((entry & 0x0000ffffffffffff) << 12)
    * The difference between 0x1 and 0x2 is that 0x1 is an unallocated
      grain which results from the guest using sg_unmap to unmap the
      grain - but the grain itself still exists in the grain extent - a
      space reclamation procedure should delete it.
      Unmapping a zero grain has no effect (0x2 will not change to 0x1)
      but unmapping an unallocated grain will (0x0 to 0x1) - naturally.

In order to implement seSparse some fields had to be changed to support
both 32-bit and 64-bit entry sizes.

Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Eyal Moscovici <eyal.moscovici@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-id: 20190620091057.47441-4-shmuel.eiderman@oracle.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2 years agovmdk: Reduce the max bound for L1 table size
Sam Eiderman [Thu, 20 Jun 2019 09:10:56 +0000 (12:10 +0300)] 
vmdk: Reduce the max bound for L1 table size

512M of L1 entries is a very loose bound, only 32M are required to store
the maximal supported VMDK file size of 2TB.

Fixed qemu-iotest 59# - now failure occures before on impossible L1
table size.

Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Eyal Moscovici <eyal.moscovici@oracle.com>
Reviewed-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-id: 20190620091057.47441-3-shmuel.eiderman@oracle.com
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2 years agovmdk: Fix comment regarding max l1_size coverage
Sam Eiderman [Thu, 20 Jun 2019 09:10:55 +0000 (12:10 +0300)] 
vmdk: Fix comment regarding max l1_size coverage

Commit b0651b8c246d ("vmdk: Move l1_size check into vmdk_add_extent")
extended the l1_size check from VMDK4 to VMDK3 but did not update the
default coverage in the moved comment.

The previous vmdk4 calculation:

    (512 * 1024 * 1024) * 512(l2 entries) * 65536(grain) = 16PB

The added vmdk3 calculation:

    (512 * 1024 * 1024) * 4096(l2 entries) * 512(grain) = 1PB

Adding the calculation of vmdk3 to the comment.

In any case, VMware does not offer virtual disks more than 2TB for
vmdk4/vmdk3 or 64TB for the new undocumented seSparse format which is
not implemented yet in qemu.

Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Eyal Moscovici <eyal.moscovici@oracle.com>
Reviewed-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-id: 20190620091057.47441-2-shmuel.eiderman@oracle.com
Reviewed-by: yuchenlin <yuchenlin@synology.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2 years agoiotest 134: test cluster-misaligned encrypted write
Anton Nefedov [Thu, 16 May 2019 14:30:28 +0000 (17:30 +0300)] 
iotest 134: test cluster-misaligned encrypted write

COW (even empty/zero) areas require encryption too

Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 20190516143028.81155-1-anton.nefedov@virtuozzo.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2 years agoblockdev: enable non-root nodes for transaction drive-backup source
Vladimir Sementsov-Ogievskiy [Tue, 18 Jun 2019 14:08:04 +0000 (17:08 +0300)] 
blockdev: enable non-root nodes for transaction drive-backup source

We forget to enable it for transaction .prepare, while it is already
enabled in do_drive_backup since commit a2d665c1bc362
    "blockdev: loosen restrictions on drive-backup source node"

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-id: 20190618140804.59214-1-vsementsov@virtuozzo.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2 years agonvme: do not advertise support for unsupported arbitration mechanism
Klaus Birkelund Jensen [Thu, 6 Jun 2019 09:25:30 +0000 (11:25 +0200)] 
nvme: do not advertise support for unsupported arbitration mechanism

The device mistakenly reports that the Weighted Round Robin with Urgent
Priority Class arbitration mechanism is supported.

It is not.

Signed-off-by: Klaus Birkelund Jensen <klaus.jensen@cnexlabs.com>
Message-id: 20190606092530.14206-1-klaus@birkelund.eu
Acked-by: Maxim Levitsky <mlevitsk@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-jun-21-2019' into...
Peter Maydell [Fri, 21 Jun 2019 14:40:50 +0000 (15:40 +0100)] 
Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-jun-21-2019' into staging

MIPS queue for June 21st, 2019

# gpg: Signature made Fri 21 Jun 2019 10:46:57 BST
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic/tags/mips-queue-jun-21-2019:
  target/mips: Fix emulation of ILVR.<B|H|W> on big endian host
  target/mips: Fix emulation of ILVL.<B|H|W> on big endian host
  target/mips: Fix emulation of ILVOD.<B|H|W> on big endian host
  target/mips: Fix emulation of ILVEV.<B|H|W> on big endian host
  tests/tcg: target/mips: Amend tests for MSA pack instructions
  tests/tcg: target/mips: Include isa/ase and group name in test output
  target/mips: Fix if-else-switch-case arms checkpatch errors in translate.c
  target/mips: Fix some space checkpatch errors in translate.c
  MAINTAINERS: Consolidate MIPS disassembler-related items
  MAINTAINERS: Update file items for MIPS Malta board

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
Peter Maydell [Fri, 21 Jun 2019 12:32:10 +0000 (13:32 +0100)] 
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Nuke hw_compat_4_0_1 and pc_compat_4_0_1 (Greg)
* Static analysis fixes (Igor, Lidong)
* X86 Hyper-V CPUID improvements (Vitaly)
* X86 nested virt migration (Liran)
* New MSR-based features (Xiaoyao)

# gpg: Signature made Fri 21 Jun 2019 12:25:42 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (25 commits)
  hw: Nuke hw_compat_4_0_1 and pc_compat_4_0_1
  util/main-loop: Fix incorrect assertion
  sd: Fix out-of-bounds assertions
  target/i386: kvm: Add nested migration blocker only when kernel lacks required capabilities
  target/i386: kvm: Add support for KVM_CAP_EXCEPTION_PAYLOAD
  target/i386: kvm: Add support for save and restore nested state
  vmstate: Add support for kernel integer types
  linux-headers: sync with latest KVM headers from Linux 5.2
  target/i386: kvm: Block migration for vCPUs exposed with nested virtualization
  target/i386: kvm: Re-inject #DB to guest with updated DR6
  target/i386: kvm: Use symbolic constant for #DB/#BP exception constants
  KVM: Introduce kvm_arch_destroy_vcpu()
  target/i386: kvm: Delete VMX migration blocker on vCPU init failure
  target/i386: define a new MSR based feature word - FEAT_CORE_CAPABILITY
  i386/kvm: add support for Direct Mode for Hyper-V synthetic timers
  i386/kvm: hv-evmcs requires hv-vapic
  i386/kvm: hv-tlbflush/ipi require hv-vpindex
  i386/kvm: hv-stimer requires hv-time and hv-synic
  i386/kvm: implement 'hv-passthrough' mode
  i386/kvm: document existing Hyper-V enlightenments
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agohw: Nuke hw_compat_4_0_1 and pc_compat_4_0_1
Greg Kurz [Fri, 14 Jun 2019 13:09:02 +0000 (15:09 +0200)] 
hw: Nuke hw_compat_4_0_1 and pc_compat_4_0_1

Commit c87759ce876a fixed a regression affecting pc-q35 machines by
introducing a new pc-q35-4.0.1 machine version to be used instead
of pc-q35-4.0. The only purpose was to revert the default behaviour
of not using split irqchip, but the change also introduced the usual
hw_compat and pc_compat bits, and wired them for pc-q35 only.

This raises questions when it comes to add new compat properties for
4.0* machine versions of any architecture. Where to add them ? In
4.0, 4.0.1 or both ? Error prone. Another possibility would be to teach
all other architectures about 4.0.1. This solution isn't satisfying,
especially since this is a pc-q35 specific issue.

It turns out that the split irqchip default is handled in the machine
option function and doesn't involve compat lists at all.

Drop all the 4.0.1 compat lists and use the 4.0 ones instead in the 4.0.1
machine option function.

Move the compat props that were added to the 4.0.1 since c87759ce876a to
4.0.

Even if only hw_compat_4_0_1 had an impact on other architectures,
drop pc_compat_4_0_1 as well for consistency.

Fixes: c87759ce876a "q35: Revert to kernel irqchip"
Suggested-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <156051774276.244890.8660277280145466396.stgit@bahia.lan>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoutil/main-loop: Fix incorrect assertion
Lidong Chen [Wed, 19 Jun 2019 19:14:47 +0000 (15:14 -0400)] 
util/main-loop: Fix incorrect assertion

The check for poll_fds in g_assert() was incorrect. The correct assertion
should check "n_poll_fds + w->num <= ARRAY_SIZE(poll_fds)" because the
subsequent for-loop is doing access to poll_fds[n_poll_fds + i] where i
is in [0, w->num).  This could happen with a very high number of file
descriptors and/or wait objects.

Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Suggested-by: Liam Merwick <liam.merwick@oracle.com>
Reviewed-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <ded30967982811617ce7f0222d11228130c198b7.1560806687.git.lidong.chen@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agosd: Fix out-of-bounds assertions
Lidong Chen [Wed, 19 Jun 2019 19:14:46 +0000 (15:14 -0400)] 
sd: Fix out-of-bounds assertions

Due to an off-by-one error, the assert statements allow an
out-of-bound array access.  This doesn't happen in practice,
but the static analyzer notices.

Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <6b19cb7359a10a6bedc3ea0fce22fed3ef93c102.1560806687.git.lidong.chen@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget/i386: kvm: Add nested migration blocker only when kernel lacks required capabi...
Liran Alon [Wed, 19 Jun 2019 16:21:40 +0000 (19:21 +0300)] 
target/i386: kvm: Add nested migration blocker only when kernel lacks required capabilities

Previous commits have added support for migration of nested virtualization
workloads. This was done by utilising two new KVM capabilities:
KVM_CAP_NESTED_STATE and KVM_CAP_EXCEPTION_PAYLOAD. Both which are
required in order to correctly migrate such workloads.

Therefore, change code to add a migration blocker for vCPUs exposed with
Intel VMX or AMD SVM in case one of these kernel capabilities is
missing.

Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Message-Id: <20190619162140.133674-11-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget/i386: kvm: Add support for KVM_CAP_EXCEPTION_PAYLOAD
Liran Alon [Wed, 19 Jun 2019 16:21:39 +0000 (19:21 +0300)] 
target/i386: kvm: Add support for KVM_CAP_EXCEPTION_PAYLOAD

Kernel commit c4f55198c7c2 ("kvm: x86: Introduce KVM_CAP_EXCEPTION_PAYLOAD")
introduced a new KVM capability which allows userspace to correctly
distinguish between pending and injected exceptions.

This distinguish is important in case of nested virtualization scenarios
because a L2 pending exception can still be intercepted by the L1 hypervisor
while a L2 injected exception cannot.

Furthermore, when an exception is attempted to be injected by QEMU,
QEMU should specify the exception payload (CR2 in case of #PF or
DR6 in case of #DB) instead of having the payload already delivered in
the respective vCPU register. Because in case exception is injected to
L2 guest and is intercepted by L1 hypervisor, then payload needs to be
reported to L1 intercept (VMExit handler) while still preserving
respective vCPU register unchanged.

This commit adds support for QEMU to properly utilise this new KVM
capability (KVM_CAP_EXCEPTION_PAYLOAD).

Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <20190619162140.133674-10-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget/i386: kvm: Add support for save and restore nested state
Liran Alon [Wed, 19 Jun 2019 16:21:38 +0000 (19:21 +0300)] 
target/i386: kvm: Add support for save and restore nested state

Kernel commit 8fcc4b5923af ("kvm: nVMX: Introduce KVM_CAP_NESTED_STATE")
introduced new IOCTLs to extract and restore vCPU state related to
Intel VMX & AMD SVM.

Utilize these IOCTLs to add support for migration of VMs which are
running nested hypervisors.

Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Tested-by: Maran Wilson <maran.wilson@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <20190619162140.133674-9-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agovmstate: Add support for kernel integer types
Liran Alon [Wed, 19 Jun 2019 16:21:37 +0000 (19:21 +0300)] 
vmstate: Add support for kernel integer types

Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190619162140.133674-8-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agolinux-headers: sync with latest KVM headers from Linux 5.2
Liran Alon [Wed, 19 Jun 2019 16:21:36 +0000 (19:21 +0300)] 
linux-headers: sync with latest KVM headers from Linux 5.2

Improve the KVM_{GET,SET}_NESTED_STATE structs by detailing the format
of VMX nested state data in a struct.

In order to avoid changing the ioctl values of
KVM_{GET,SET}_NESTED_STATE, there is a need to preserve
sizeof(struct kvm_nested_state). This is done by defining the data
struct as "data.vmx[0]". It was the most elegant way I found to
preserve struct size while still keeping struct readable and easy to
maintain. It does have a misfortunate side-effect that now it has to be
accessed as "data.vmx[0]" rather than just "data.vmx".

Because we are already modifying these structs, I also modified the
following:
* Define the "format" field values as macros.
* Rename vmcs_pa to vmcs12_pa for better readability.

Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Message-Id: <20190619162140.133674-7-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget/i386: kvm: Block migration for vCPUs exposed with nested virtualization
Liran Alon [Wed, 19 Jun 2019 16:21:35 +0000 (19:21 +0300)] 
target/i386: kvm: Block migration for vCPUs exposed with nested virtualization

Commit d98f26073beb ("target/i386: kvm: add VMX migration blocker")
added a migration blocker for vCPU exposed with Intel VMX.
However, migration should also be blocked for vCPU exposed with
AMD SVM.

Both cases should be blocked because QEMU should extract additional
vCPU state from KVM that should be migrated as part of vCPU VMState.
E.g. Whether vCPU is running in guest-mode or host-mode.

Fixes: d98f26073beb ("target/i386: kvm: add VMX migration blocker")
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <20190619162140.133674-6-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget/mips: Fix emulation of ILVR.<B|H|W> on big endian host
Aleksandar Markovic [Thu, 20 Jun 2019 13:45:49 +0000 (15:45 +0200)] 
target/mips: Fix emulation of ILVR.<B|H|W> on big endian host

Fix emulation of ILVR.<B|H|W> on big endian host by applying
mapping of data element indexes from one endian to another.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1561038349-17105-5-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotarget/mips: Fix emulation of ILVL.<B|H|W> on big endian host
Aleksandar Markovic [Thu, 20 Jun 2019 13:45:48 +0000 (15:45 +0200)] 
target/mips: Fix emulation of ILVL.<B|H|W> on big endian host

Fix emulation of ILVL.<B|H|W> on big endian host by applying
mapping of data element indexes from one endian to another.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1561038349-17105-4-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotarget/mips: Fix emulation of ILVOD.<B|H|W> on big endian host
Aleksandar Markovic [Thu, 20 Jun 2019 13:45:47 +0000 (15:45 +0200)] 
target/mips: Fix emulation of ILVOD.<B|H|W> on big endian host

Fix emulation of ILVOD.<B|H|W> on big endian host by applying
mapping of data element indexes from one endian to another.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1561038349-17105-3-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotarget/mips: Fix emulation of ILVEV.<B|H|W> on big endian host
Aleksandar Markovic [Thu, 20 Jun 2019 13:45:46 +0000 (15:45 +0200)] 
target/mips: Fix emulation of ILVEV.<B|H|W> on big endian host

Fix emulation of ILVEV.<B|H|W> on big endian host by applying
mapping of data element indexes from one endian to another.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1561038349-17105-2-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotests/tcg: target/mips: Amend tests for MSA pack instructions
Aleksandar Markovic [Thu, 20 Jun 2019 11:49:18 +0000 (13:49 +0200)] 
tests/tcg: target/mips: Amend tests for MSA pack instructions

Add tests for cases when destination register is the same as one
of source registers.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1561031359-6727-3-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotests/tcg: target/mips: Include isa/ase and group name in test output
Aleksandar Markovic [Thu, 20 Jun 2019 11:49:17 +0000 (13:49 +0200)] 
tests/tcg: target/mips: Include isa/ase and group name in test output

For better appearance and usefullnes, include ISA/ASE name and
instruction group name in the output of tests. For example, all
this data will be displayed for FMAX_A.W test:

| MSA       | Float Max Min       | FMAX_A.W    |
| PASS:  80 | FAIL:   0 | elapsed time: 0.16 ms |

(the data will be displayed in one row; they are presented here in two
rows not to exceed the width of the commit message)

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1561031359-6727-2-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotarget/mips: Fix if-else-switch-case arms checkpatch errors in translate.c
Aleksandar Markovic [Thu, 20 Jun 2019 13:33:15 +0000 (15:33 +0200)] 
target/mips: Fix if-else-switch-case arms checkpatch errors in translate.c

Remove if-else-switch-case-arms-related checkpatch errors.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <1561037595-14413-5-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotarget/mips: Fix some space checkpatch errors in translate.c
Aleksandar Markovic [Thu, 20 Jun 2019 13:33:14 +0000 (15:33 +0200)] 
target/mips: Fix some space checkpatch errors in translate.c

Remove some space-related checkpatch warning.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <1561037595-14413-4-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agoMAINTAINERS: Consolidate MIPS disassembler-related items
Aleksandar Markovic [Thu, 20 Jun 2019 13:33:13 +0000 (15:33 +0200)] 
MAINTAINERS: Consolidate MIPS disassembler-related items

Eliminate duplicate MIPS disassembler-related items in the
MAINTAINERS file, and use wildcards to shorten the list of
involved files.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1561037595-14413-3-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agoMAINTAINERS: Update file items for MIPS Malta board
Aleksandar Markovic [Thu, 20 Jun 2019 13:33:12 +0000 (15:33 +0200)] 
MAINTAINERS: Update file items for MIPS Malta board

hw/mips/gt64xxx_pci.c is used for Malta only, so it is logical to
place this file in Malta board section of the MAINTAINERS file.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1561037595-14413-2-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotarget/i386: kvm: Re-inject #DB to guest with updated DR6
Liran Alon [Wed, 19 Jun 2019 16:21:34 +0000 (19:21 +0300)] 
target/i386: kvm: Re-inject #DB to guest with updated DR6

If userspace (QEMU) debug guest, when #DB is raised in guest and
intercepted by KVM, KVM forwards information on #DB to userspace
instead of injecting #DB to guest.
While doing so, KVM don't update vCPU DR6 but instead report the #DB DR6
value to userspace for further handling.
See KVM's handle_exception() DB_VECTOR handler.

QEMU handler for this case is kvm_handle_debug(). This handler basically
checks if #DB is related to one of user set hardware breakpoints and if
not, it re-inject #DB into guest.
The re-injection is done by setting env->exception_injected to #DB which
will later be passed as events.exception.nr to KVM_SET_VCPU_EVENTS ioctl
by kvm_put_vcpu_events().

However, in case userspace re-injects #DB, KVM expects userspace to set
vCPU DR6 as reported to userspace when #DB was intercepted! Otherwise,
KVM_REQ_EVENT handler will inject #DB with wrong DR6 to guest.

Fix this issue by updating vCPU DR6 appropriately when re-inject #DB to
guest.

Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Reviewed-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <20190619162140.133674-5-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget/i386: kvm: Use symbolic constant for #DB/#BP exception constants
Liran Alon [Wed, 19 Jun 2019 16:21:33 +0000 (19:21 +0300)] 
target/i386: kvm: Use symbolic constant for #DB/#BP exception constants

Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Reviewed-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <20190619162140.133674-4-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoKVM: Introduce kvm_arch_destroy_vcpu()
Liran Alon [Wed, 19 Jun 2019 16:21:32 +0000 (19:21 +0300)] 
KVM: Introduce kvm_arch_destroy_vcpu()

Simiar to how kvm_init_vcpu() calls kvm_arch_init_vcpu() to perform
arch-dependent initialisation, introduce kvm_arch_destroy_vcpu()
to be called from kvm_destroy_vcpu() to perform arch-dependent
destruction.

This was added because some architectures (Such as i386)
currently do not free memory that it have allocated in
kvm_arch_init_vcpu().

Suggested-by: Maran Wilson <maran.wilson@oracle.com>
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <20190619162140.133674-3-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget/i386: kvm: Delete VMX migration blocker on vCPU init failure
Liran Alon [Wed, 19 Jun 2019 16:21:31 +0000 (19:21 +0300)] 
target/i386: kvm: Delete VMX migration blocker on vCPU init failure

Commit d98f26073beb ("target/i386: kvm: add VMX migration blocker")
added migration blocker for vCPU exposed with Intel VMX because QEMU
doesn't yet contain code to support migration of nested virtualization
workloads.

However, that commit missed adding deletion of the migration blocker in
case init of vCPU failed. Similar to invtsc_mig_blocker. This commit fix
that issue.

Fixes: d98f26073beb ("target/i386: kvm: add VMX migration blocker")
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Message-Id: <20190619162140.133674-2-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget/i386: define a new MSR based feature word - FEAT_CORE_CAPABILITY
Xiaoyao Li [Mon, 17 Jun 2019 15:36:54 +0000 (23:36 +0800)] 
target/i386: define a new MSR based feature word - FEAT_CORE_CAPABILITY

MSR IA32_CORE_CAPABILITY is a feature-enumerating MSR, which only
enumerates the feature split lock detection (via bit 5) by now.

The existence of MSR IA32_CORE_CAPABILITY is enumerated by CPUID.7_0:EDX[30].

The latest kernel patches about them can be found here:
https://lkml.org/lkml/2019/4/24/1909

Signed-off-by: Xiaoyao Li <xiaoyao.li@linux.intel.com>
Message-Id: <20190617153654.916-1-xiaoyao.li@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: add support for Direct Mode for Hyper-V synthetic timers
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:24 +0000 (16:19 +0200)] 
i386/kvm: add support for Direct Mode for Hyper-V synthetic timers

Hyper-V on KVM can only use Synthetic timers with Direct Mode (opting for
an interrupt instead of VMBus message). This new capability is only
announced in KVM_GET_SUPPORTED_HV_CPUID.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-10-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: hv-evmcs requires hv-vapic
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:23 +0000 (16:19 +0200)] 
i386/kvm: hv-evmcs requires hv-vapic

Enlightened VMCS is enabled by writing to a field in VP assist page and
these require virtual APIC.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-9-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: hv-tlbflush/ipi require hv-vpindex
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:22 +0000 (16:19 +0200)] 
i386/kvm: hv-tlbflush/ipi require hv-vpindex

The corresponding hypercalls require using VP indexes.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-8-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: hv-stimer requires hv-time and hv-synic
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:21 +0000 (16:19 +0200)] 
i386/kvm: hv-stimer requires hv-time and hv-synic

Synthetic timers operate in hv-time time and Windows won't use these
without SynIC.

Add .dependencies field to kvm_hyperv_properties[] and a generic mechanism
to check dependencies between features.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-7-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: implement 'hv-passthrough' mode
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:20 +0000 (16:19 +0200)] 
i386/kvm: implement 'hv-passthrough' mode

In many case we just want to give Windows guests all currently supported
Hyper-V enlightenments and that's where this new mode may come handy. We
pass through what was returned by KVM_GET_SUPPORTED_HV_CPUID.

hv_cpuid_check_and_set() is modified to also set cpu->hyperv_* flags as
we may want to check them later (and we actually do for hv_runtime,
hv_synic,...).

'hv-passthrough' is a development only feature, a migration blocker is
added to prevent issues while migrating between hosts with different
feature sets.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-6-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: document existing Hyper-V enlightenments
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:19 +0000 (16:19 +0200)] 
i386/kvm: document existing Hyper-V enlightenments

Currently, there is no doc describing hv-* CPU flags, people are
encouraged to get the information from Microsoft Hyper-V Top Level
Functional specification (TLFS). There is, however, a bit of QEMU
specifics.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-5-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: move Hyper-V CPUID filling to hyperv_handle_properties()
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:18 +0000 (16:19 +0200)] 
i386/kvm: move Hyper-V CPUID filling to hyperv_handle_properties()

Let's consolidate Hyper-V features handling in hyperv_handle_properties().
The change is necessary to support 'hv-passthrough' mode as we'll be just
copying CPUIDs from KVM instead of filling them in.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-4-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: add support for KVM_GET_SUPPORTED_HV_CPUID
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:17 +0000 (16:19 +0200)] 
i386/kvm: add support for KVM_GET_SUPPORTED_HV_CPUID

KVM now supports reporting supported Hyper-V features through CPUID
(KVM_GET_SUPPORTED_HV_CPUID ioctl). Going forward, this is going to be
the only way to announce new functionality and this has already happened
with Direct Mode stimers.

While we could just support KVM_GET_SUPPORTED_HV_CPUID for new features,
it seems to be beneficial to use it for all Hyper-V enlightenments when
possible. This way we can implement 'hv-all' pass-through mode giving the
guest all supported Hyper-V features even when QEMU knows nothing about
them.

Implementation-wise we create a new kvm_hyperv_properties structure
defining Hyper-V features, get_supported_hv_cpuid()/
get_supported_hv_cpuid_legacy() returning the supported CPUID set and
a bit over-engineered hv_cpuid_check_and_set() which we will also be
used to set cpu->hyperv_* properties for 'hv-all' mode.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-3-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386/kvm: convert hyperv enlightenments properties from bools to bits
Vitaly Kuznetsov [Fri, 17 May 2019 14:19:16 +0000 (16:19 +0200)] 
i386/kvm: convert hyperv enlightenments properties from bools to bits

Representing Hyper-V properties as bits will allow us to check features
and dependencies between them in a natural way.

Suggested-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190517141924.19024-2-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agohax: Honor CPUState::halted
Colin Xu [Mon, 10 Jun 2019 02:19:39 +0000 (10:19 +0800)] 
hax: Honor CPUState::halted

QEMU tracks whether a vcpu is halted using CPUState::halted. E.g.,
after initialization or reset, halted is 0 for the BSP (vcpu 0)
and 1 for the APs (vcpu 1, 2, ...). A halted vcpu should not be
handed to the hypervisor to run (e.g. hax_vcpu_run()).

Under HAXM, Android Emulator sometimes boots into a "vcpu shutdown
request" error while executing in SeaBIOS, with the HAXM driver
logging a guest triple fault in vcpu 1, 2, ... at RIP 0x3. That is
ultimately because the HAX accelerator asks HAXM to run those APs
when they are still in the halted state.

Normally, the vcpu thread for an AP will start by looping in
qemu_wait_io_event(), until the BSP kicks it via a pair of IPIs
(INIT followed by SIPI). But because the HAX accelerator does not
honor cpu->halted, it allows the AP vcpu thread to proceed to
hax_vcpu_run() as soon as it receives any kick, even if the kick
does not come from the BSP. It turns out that emulator has a
worker thread which periodically kicks every vcpu thread (possibly
to collect CPU usage data), and if one of these kicks comes before
those by the BSP, the AP will start execution from the wrong RIP,
resulting in the aforementioned SMP boot failure.

The solution is inspired by the KVM accelerator (credit to
Chuanxiao Dong <chuanxiao.dong@intel.com> for the pointer):

1. Get rid of questionable logic that unconditionally resets
   cpu->halted before hax_vcpu_run(). Instead, only reset it at the
   right moments (there are only a few "unhalt" events).
2. Add a check for cpu->halted before hax_vcpu_run().

Note that although the non-Unrestricted Guest (!ug_platform) code
path also forcibly resets cpu->halted, it is left untouched,
because only the UG code path supports SMP guests.

The patch is first merged to android emulator with Change-Id:
I9c5752cc737fd305d7eace1768ea12a07309d716

Cc: Yu Ning <yu.ning@intel.com>
Cc: Chuanxiao Dong <chuanxiao.dong@intel.com>
Signed-off-by: Colin Xu <colin.xu@intel.com>
Message-Id: <20190610021939.13669-1-colin.xu@intel.com>

2 years agokvm-all: Add/update fprintf's for kvm_*_ioeventfd_del
Yury Kotov [Fri, 7 Jun 2019 09:08:30 +0000 (12:08 +0300)] 
kvm-all: Add/update fprintf's for kvm_*_ioeventfd_del

Signed-off-by: Yury Kotov <yury-kotov@yandex-team.ru>
Message-Id: <20190607090830.18807-1-yury-kotov@yandex-team.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Peter Maydell [Tue, 18 Jun 2019 16:00:52 +0000 (17:00 +0100)] 
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- block: Remove bs->job
- block: Ignore loosening perm restrictions failures
- block/null: Expose read-zeroes option in QAPI schema
- iotests: Hide timestamps for skipped tests

# gpg: Signature made Tue 18 Jun 2019 15:44:12 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  block/null: Expose read-zeroes option in QAPI schema
  iotests: Test failure to loosen restrictions
  block: Ignore loosening perm restrictions failures
  block: Add *tighten_restrictions to *check*_perm()
  block: Fix order in bdrv_replace_child()
  block/commit: Drop bdrv_child_try_set_perm()
  block/mirror: Fix child permissions
  block: Add bdrv_child_refresh_perms()
  file-posix: Update open_flags in raw_set_perm()
  block: drop bs->job
  blockdev: blockdev_mark_auto_del: drop usage of bs->job
  block/block-backend: blk_iostatus_reset: drop usage of bs->job
  block/replication: drop usage of bs->job
  iotests: Hide timestamps for skipped tests

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/ehabkost/tags/python-next-pull-request' into...
Peter Maydell [Tue, 18 Jun 2019 14:47:16 +0000 (15:47 +0100)] 
Merge remote-tracking branch 'remotes/ehabkost/tags/python-next-pull-request' into staging

Python queue, 2019-06-18

Use a different method to dump avocado job log, to work around
timing-dependent issues in the arm test cases.

# gpg: Signature made Tue 18 Jun 2019 15:39:31 BST
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full]
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/python-next-pull-request:
  Travis: print acceptance tests logs in case of job failure
  Revert "travis: Make check-acceptance job more verbose"

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoblock/null: Expose read-zeroes option in QAPI schema
Kevin Wolf [Mon, 17 Jun 2019 11:54:48 +0000 (13:54 +0200)] 
block/null: Expose read-zeroes option in QAPI schema

Commit cd219eb1e55 added the read-zeroes option for the null-co and
null-aio block driver, but forgot to add them to the QAPI schema.
Therefore, this option wasn't available in -blockdev and blockdev-add
until now.

Add the missing option in the schema to make it available there, too.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2 years agoiotests: Test failure to loosen restrictions
Max Reitz [Wed, 22 May 2019 17:03:52 +0000 (19:03 +0200)] 
iotests: Test failure to loosen restrictions

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock: Ignore loosening perm restrictions failures
Max Reitz [Wed, 22 May 2019 17:03:51 +0000 (19:03 +0200)] 
block: Ignore loosening perm restrictions failures

We generally assume that loosening permission restrictions can never
fail.  We have seen in the past that this assumption is wrong.  This has
led to crashes because we generally pass &error_abort when loosening
permissions.

However, a failure in such a case should actually be handled in quite
the opposite way: It is very much not fatal, so qemu may report it, but
still consider the operation successful.  The only realistic problem is
that qemu may then retain permissions and thus locks on images it
actually does not require.  But again, that is not fatal.

To implement this behavior, we make all functions that change
permissions and that pass &error_abort to the initiating function
(bdrv_check_perm() or bdrv_child_check_perm()) evaluate the
@loosen_restrictions value introduced in the previous patch.  If it is
true and an error did occur, we abort the permission update, discard the
error, and instead report success to the caller.

bdrv_child_try_set_perm() itself does not pass &error_abort, but it is
the only public function to change permissions.  As such, callers may
pass &error_abort to it, expecting dropping permission restrictions to
never fail.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock: Add *tighten_restrictions to *check*_perm()
Max Reitz [Wed, 22 May 2019 17:03:50 +0000 (19:03 +0200)] 
block: Add *tighten_restrictions to *check*_perm()

This patch makes three functions report whether the necessary permission
change tightens restrictions or not.  These functions are:
- bdrv_check_perm()
- bdrv_check_update_perm()
- bdrv_child_check_perm()

Callers can use this result to decide whether a failure is fatal or not
(see the next patch).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock: Fix order in bdrv_replace_child()
Max Reitz [Wed, 22 May 2019 17:03:49 +0000 (19:03 +0200)] 
block: Fix order in bdrv_replace_child()

We have to start by applying the permission restrictions to new_bs
before we can loosen them on old_bs.  See the comment for the
explanation.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock/commit: Drop bdrv_child_try_set_perm()
Max Reitz [Wed, 22 May 2019 17:03:48 +0000 (19:03 +0200)] 
block/commit: Drop bdrv_child_try_set_perm()

commit_top_bs never requests or unshares any permissions.  There is no
reason to make this so explicit here.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock/mirror: Fix child permissions
Max Reitz [Wed, 22 May 2019 17:03:47 +0000 (19:03 +0200)] 
block/mirror: Fix child permissions

We cannot use bdrv_child_try_set_perm() to give up all restrictions on
the child edge, and still have bdrv_mirror_top_child_perm() request
BLK_PERM_WRITE.  Fix this by making bdrv_mirror_top_child_perm() return
0/BLK_PERM_ALL when we want to give up all permissions, and replacing
bdrv_child_try_set_perm() by bdrv_child_refresh_perms().

The bdrv_child_try_set_perm() before removing the node with
bdrv_replace_node() is then unnecessary.  No permissions have changed
since the previous invocation of bdrv_child_try_set_perm().

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock: Add bdrv_child_refresh_perms()
Max Reitz [Wed, 22 May 2019 17:03:46 +0000 (19:03 +0200)] 
block: Add bdrv_child_refresh_perms()

If a block node uses bdrv_child_try_set_perm() to change the permission
it takes on its child, the result may be very short-lived.  If anything
makes the block layer recalculate the permissions internally, it will
invoke the node driver's .bdrv_child_perm() implementation.  The
permission/shared permissions masks that returns will then override the
values previously passed to bdrv_child_try_set_perm().

If drivers want a child edge to have specific values for the
permissions/shared permissions mask, it must return them in
.bdrv_child_perm().  Consequentially, there is no need for them to pass
the same values to bdrv_child_try_set_perm() then: It is better to have
a function that invokes .bdrv_child_perm() and calls
bdrv_child_try_set_perm() with the result.  This patch adds such a
function under the name of bdrv_child_refresh_perms().

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agofile-posix: Update open_flags in raw_set_perm()
Max Reitz [Wed, 22 May 2019 17:03:45 +0000 (19:03 +0200)] 
file-posix: Update open_flags in raw_set_perm()

raw_check_perm() + raw_set_perm() can change the flags associated with
the current FD.  If so, we have to update BDRVRawState.open_flags
accordingly.  Otherwise, we may keep reopening the FD even though the
current one already has the correct flags.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock: drop bs->job
Vladimir Sementsov-Ogievskiy [Thu, 6 Jun 2019 15:41:32 +0000 (18:41 +0300)] 
block: drop bs->job

Drop remaining users of bs->job:
1. assertions actually duplicated by assert(!bs->refcnt)
2. trace-point seems not enough reason to change stream_start to return
   BlockJob pointer
3. Restricting creation of two jobs based on same bs is bad idea, as
   3.1 Some jobs creates filters to be their main node, so, this check
   don't actually prevent creating second job on same real node (which
   will create another filter node) (but I hope it is restricted by
   other mechanisms)
   3.2 Even without bs->job we have two systems of permissions:
   op-blockers and BLK_PERM
   3.3 We may want to run several jobs on one node one day

And finally, drop bs->job pointer itself. Hurrah!

Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblockdev: blockdev_mark_auto_del: drop usage of bs->job
Vladimir Sementsov-Ogievskiy [Thu, 6 Jun 2019 15:41:31 +0000 (18:41 +0300)] 
blockdev: blockdev_mark_auto_del: drop usage of bs->job

We are going to remove bs->job pointer. Drop it's usage in
blockdev_mark_auto_del: instead of looking at bs->job let's check all
jobs for references to bs.

Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock/block-backend: blk_iostatus_reset: drop usage of bs->job
Vladimir Sementsov-Ogievskiy [Thu, 6 Jun 2019 15:41:30 +0000 (18:41 +0300)] 
block/block-backend: blk_iostatus_reset: drop usage of bs->job

We are going to remove bs->job pointer. Drop it's usage in
blk_iostatus_reset.

blk_iostatus_reset() has only two callers:

1. blk_attach_dev(). This doesn't have anything to do with jobs and
    attaching a new guest device won't solve any problem the job
    encountered, so no reason to reset the iostatus for the job.

2. qmp_cont(). This resets the iostatus for everything. We can just
    call block_job_iostatus_reset() for all block jobs instead of going
    through BlockBackend.

Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoblock/replication: drop usage of bs->job
Vladimir Sementsov-Ogievskiy [Thu, 6 Jun 2019 15:41:29 +0000 (18:41 +0300)] 
block/replication: drop usage of bs->job

We are going to remove bs->job pointer. Drop it's usage in replication
code. Additionally we have to return job pointer from some mirror APIs.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoiotests: Hide timestamps for skipped tests
Max Reitz [Thu, 13 Jun 2019 18:37:27 +0000 (20:37 +0200)] 
iotests: Hide timestamps for skipped tests

Currently, the "thistime" variable is not reinitialized on every loop
iteration.  This leads to tests that do not yield a run time (because
they failed or were skipped) printing the run time of the previous test
that did.  Fix that by reinitializing "thistime" for every test.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2 years agoTravis: print acceptance tests logs in case of job failure
Cleber Rosa [Fri, 7 Jun 2019 15:22:16 +0000 (11:22 -0400)] 
Travis: print acceptance tests logs in case of job failure

Because Travis doesn't allow us to keep files produced during tests
(such as log files), let's print the complete job log to the "console"
in case of job failures.

This is a debugging aid, and given that there's been some timeouts
happening on some tests, we absolutely needs the logs to have a proper
action.

Signed-off-by: Cleber Rosa <crosa@redhat.com>
Message-Id: <20190607152223.9467-2-crosa@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2 years agoRevert "travis: Make check-acceptance job more verbose"
Eduardo Habkost [Tue, 18 Jun 2019 14:10:43 +0000 (11:10 -0300)] 
Revert "travis: Make check-acceptance job more verbose"

This reverts commit 6d7a134da4afebe8551a69329478415cfb4cbe91.

We'll have a better fix, that will show the full avocado job log
only if a test case failed.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2 years agotarget/arm: Check for dp support for dp VFM, not sp
Peter Maydell [Mon, 17 Jun 2019 16:01:30 +0000 (17:01 +0100)] 
target/arm: Check for dp support for dp VFM, not sp

In commit 1120827fa182f0e7622 we accidentally put the
"UNDEF unless FPU has double-precision support" check in
the single-precision VFM function. Put it in the dp
function where it belongs.

Fixes: 1120827fa182f0e7622
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190617160130.3207-1-peter.maydell@linaro.org

2 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2019-06-17-v2' into...
Peter Maydell [Tue, 18 Jun 2019 09:47:00 +0000 (10:47 +0100)] 
Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2019-06-17-v2' into staging

Monitor patches for 2019-06-17

# gpg: Signature made Tue 18 Jun 2019 07:20:25 BST
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-monitor-2019-06-17-v2:
  vl: Deprecate -mon pretty=... for HMP monitors
  monitor: Replace monitor_init() with monitor_init_{hmp, qmp}()
  monitor: Split Monitor.flags into separate bools
  monitor: Split out monitor/monitor.c
  monitor: Split out monitor/hmp.c
  monitor: Split out monitor/qmp.c
  monitor: Create monitor-internal.h with common definitions
  monitor: Move {hmp, qmp}.c to monitor/{hmp, qmp}-cmds.c
  Move monitor.c to monitor/misc.c
  monitor: Rename HMP command type and tables
  monitor: Remove Monitor.cmd_table indirection
  monitor: Create MonitorHMP with readline state
  monitor: Make MonitorQMP a child class of Monitor
  monitor: Split monitor_init in HMP and QMP function
  monitor: Remove unused password prompting fields
  monitor: Fix return type of monitor_fdset_dup_fd_find

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agovl: Deprecate -mon pretty=... for HMP monitors
Kevin Wolf [Thu, 13 Jun 2019 15:34:05 +0000 (17:34 +0200)] 
vl: Deprecate -mon pretty=... for HMP monitors

The -mon pretty=on|off switch of the -mon option applies only to QMP
monitors. It's silently ignored for HMP. Deprecate this combination so
that we can make it an error in future versions.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20190613153405.24769-16-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Commit message tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Replace monitor_init() with monitor_init_{hmp, qmp}()
Kevin Wolf [Thu, 13 Jun 2019 15:34:04 +0000 (17:34 +0200)] 
monitor: Replace monitor_init() with monitor_init_{hmp, qmp}()

Most callers know which monitor type they want to have. Instead of
calling monitor_init() with flags that can describe both types of
monitors, make monitor_init_{hmp,qmp}() public interfaces that take
specific bools instead of flags and call these functions directly.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20190613153405.24769-15-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Split Monitor.flags into separate bools
Kevin Wolf [Thu, 13 Jun 2019 15:34:03 +0000 (17:34 +0200)] 
monitor: Split Monitor.flags into separate bools

Monitor.flags contains three different flags: One to distinguish HMP
from QMP; one specific to HMP (MONITOR_USE_READLINE) that is ignored
with QMP; and another one specific to QMP (MONITOR_USE_PRETTY) that is
ignored with HMP.

Split the flags field into three bools and move them to the right
subclass. Flags are still in use for the monitor_init() interface.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20190613153405.24769-14-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Split out monitor/monitor.c
Kevin Wolf [Thu, 13 Jun 2019 15:34:02 +0000 (17:34 +0200)] 
monitor: Split out monitor/monitor.c

Move the monitor core infrastructure from monitor/misc.c to
monitor/monitor.c. This is code that can be shared for all targets, so
compile it only once.

What remains in monitor/misc.c after this patch is mostly monitor
command implementations (which could move to hmp-cmds.c or qmp-cmds.c
later) and code that requires a system emulator or is even
target-dependent (including HMP command completion code).

The amount of function and particularly extern variables in
monitor_int.h is probably a bit larger than it needs to be, but this way
no non-trivial code modifications are needed. The interfaces between all
monitor parts can be cleaned up later.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20190613153405.24769-13-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Superfluous #include dropped]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Split out monitor/hmp.c
Kevin Wolf [Thu, 13 Jun 2019 15:34:01 +0000 (17:34 +0200)] 
monitor: Split out monitor/hmp.c

Move HMP infrastructure from monitor/misc.c to monitor/hmp.c. This is
code that can be shared for all targets, so compile it only once.

The amount of function and particularly extern variables in
monitor_int.h is probably a bit larger than it needs to be, but this way
no non-trivial code modifications are needed. The interfaces between HMP
and the monitor core can be cleaned up later.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20190613153405.24769-12-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Comment reformatted to make checkpatch.pl happy, #include <dirent.h>
moved to fix Windows build, superfluous #include dropped]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Split out monitor/qmp.c
Kevin Wolf [Thu, 13 Jun 2019 15:34:00 +0000 (17:34 +0200)] 
monitor: Split out monitor/qmp.c

Move QMP infrastructure from monitor/misc.c to monitor/qmp.c. This is
code that can be shared for all targets, so compile it only once.

The amount of function and particularly extern variables in
monitor_int.h is probably a bit larger than it needs to be, but this way
no non-trivial code modifications are needed. The interfaces between QMP
and the monitor core can be cleaned up later.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190613153405.24769-11-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[monitor_is_qmp() tidied up to make checkpatch.pl happy,
superfluous #include dropped]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Create monitor-internal.h with common definitions
Kevin Wolf [Thu, 13 Jun 2019 15:33:59 +0000 (17:33 +0200)] 
monitor: Create monitor-internal.h with common definitions

Before we can split monitor/misc.c, we need to create a header file that
contains the common definitions that will be used by multiple source
files.

For a start, add the type definitions for Monitor, MonitorHMP and
MonitorQMP and their dependencies. We'll add functions as needed when
splitting monitor/misc.c.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190613153405.24769-10-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Header guard symbol tidied up, superfluous #include dropped, FIXME in
hmp_change() resolved]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Move {hmp, qmp}.c to monitor/{hmp, qmp}-cmds.c
Kevin Wolf [Thu, 13 Jun 2019 15:33:58 +0000 (17:33 +0200)] 
monitor: Move {hmp, qmp}.c to monitor/{hmp, qmp}-cmds.c

Now that we have a monitor/ subdirectory, let's move hmp.c and qmp.c
from the root directory there. As they contain implementations of
monitor commands, rename them to {hmp,qmp}-cmds.c, so that {hmp,qmp}.c
are free for the HMP and QMP infrastructure.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190613153405.24769-9-kwolf@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agoMove monitor.c to monitor/misc.c
Kevin Wolf [Thu, 13 Jun 2019 15:33:57 +0000 (17:33 +0200)] 
Move monitor.c to monitor/misc.c

Create a new monitor/ subdirectory and move monitor.c there. As the plan
is to move the monitor core into separate files, use the chance to
rename it to misc.c.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190613153405.24769-8-kwolf@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Rename HMP command type and tables
Kevin Wolf [Thu, 13 Jun 2019 15:33:56 +0000 (17:33 +0200)] 
monitor: Rename HMP command type and tables

This renames the type for HMP monitor commands and the tables holding
the commands to make clear that they are related to HMP and to allow
making them public later:

* mon_cmd_t -> HMPCommand (fixing use of a reserved name, too)
* mon_cmds -> hmp_cmds
* info_cmds -> hmp_info_cmds

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20190613153405.24769-7-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[sortcmdlist() cleaned up to make checkpatch.pl happy]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Remove Monitor.cmd_table indirection
Kevin Wolf [Thu, 13 Jun 2019 15:33:55 +0000 (17:33 +0200)] 
monitor: Remove Monitor.cmd_table indirection

Monitor.cmd_table is initialised to point to mon_cmds and never changed
afterwards. We can remove the indirection and just reference mon_cmds
directly instead.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20190613153405.24769-6-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Create MonitorHMP with readline state
Kevin Wolf [Thu, 13 Jun 2019 15:33:54 +0000 (17:33 +0200)] 
monitor: Create MonitorHMP with readline state

The ReadLineState in Monitor is only used for HMP monitors. Create
MonitorHMP and move it there.

Can't use container_of() in hmp_change().  Cast instead, and mark
FIXME.  Will be cleaned up shortly.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190613153405.24769-5-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Superfluous variable in monitor_data_destroy() eliminated, whitespace
tweaked in hmp_change(), commit message improved]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Make MonitorQMP a child class of Monitor
Kevin Wolf [Thu, 13 Jun 2019 15:33:53 +0000 (17:33 +0200)] 
monitor: Make MonitorQMP a child class of Monitor

Currently, struct Monitor mixes state that is only relevant for HMP,
state that is only relevant for QMP, and some actually shared state.
In particular, a MonitorQMP field is present in the state of any
monitor, even if it's not a QMP monitor and therefore doesn't use the
state.

As a first step towards a clean separation between QMP and HMP, let
MonitorQMP extend Monitor and create a MonitorQMP object only when the
monitor is actually a QMP monitor.

Some places accessed Monitor.qmp unconditionally, even for HMP monitors.
They can't keep doing this now, so during the conversion, they are
either changed to become conditional on monitor_is_qmp() or to assert()
that they always get a QMP monitor.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190613153405.24769-4-kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Superfluous variable in monitor_data_destroy() eliminated]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Split monitor_init in HMP and QMP function
Kevin Wolf [Thu, 13 Jun 2019 15:33:52 +0000 (17:33 +0200)] 
monitor: Split monitor_init in HMP and QMP function

Instead of mixing HMP and QMP monitors in the same function, separate
the monitor creation function for both.

While in theory, one could pass both MONITOR_USE_CONTROL and
MONITOR_USE_READLINE before this patch and both flags would do
something, readline support is tightly coupled with HMP: QMP never feeds
its input to readline, and the tab completion function treats the input
as an HMP command. Therefore, this configuration is useless.

After this patch, the QMP path asserts that MONITOR_USE_READLINE is not
set. The HMP path can be used with or without MONITOR_USE_READLINE, like
before.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190613153405.24769-3-kwolf@redhat.com>
[Zero initialization of Monitor moved from monitor_data_init() to
callers]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Remove unused password prompting fields
Kevin Wolf [Thu, 13 Jun 2019 15:33:51 +0000 (17:33 +0200)] 
monitor: Remove unused password prompting fields

Commit 788cf9f8c removed the code for password prompting from the
monitor. Since then, the Monitor fields password_completion_cb and
password_opaque have been unused. Remove them.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190613153405.24769-2-kwolf@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agomonitor: Fix return type of monitor_fdset_dup_fd_find
Yury Kotov [Thu, 23 May 2019 09:44:33 +0000 (12:44 +0300)] 
monitor: Fix return type of monitor_fdset_dup_fd_find

monitor_fdset_dup_fd_find_remove() and monitor_fdset_dup_fd_find()
return mon_fdset->id which is int64_t. Downcasting from int64_t to int
leads to a bug with removing fd from fdset with id >= 2^32.
So, fix return types for these function.

Signed-off-by: Yury Kotov <yury-kotov@yandex-team.ru>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190523094433.30297-1-yury-kotov@yandex-team.ru>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-docs-20190617' into staging
Peter Maydell [Mon, 17 Jun 2019 15:41:25 +0000 (16:41 +0100)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-docs-20190617' into staging

docs infrastructure queue:
 * fix some minor syntax issues in docs/specs/index.rst
 * build and install the 'specs' manual, since it now has some content
 * delete the "QEMU compared to other emulators" section of the docs
 * Convert "translator internals" docs to RST, move to devel manual

# gpg: Signature made Mon 17 Jun 2019 15:56:07 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-docs-20190617:
  docs: Build and install specs manual
  docs/specs/index.rst: Fix minor syntax issues
  qemu-tech.texi: Remove "QEMU compared to other emulators" section
  Convert "translator internals" docs to RST, move to devel manual

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agodocs: Build and install specs manual
Peter Maydell [Mon, 17 Jun 2019 14:35:31 +0000 (15:35 +0100)] 
docs: Build and install specs manual

Now we have some rST format docs in the docs/specs/ manual, we should
actually build and install it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-id: 20190610152444.20859-3-peter.maydell@linaro.org

2 years agodocs/specs/index.rst: Fix minor syntax issues
Peter Maydell [Mon, 17 Jun 2019 14:35:31 +0000 (15:35 +0100)] 
docs/specs/index.rst: Fix minor syntax issues

The docs/specs/index.rst has a couple of minor issues which
we didn't notice because we weren't building the manual:
 * the ToC entry for the new PPC XIVE docs points to
   a nonexistent file
 * the initial comment needs to be marked by '..', not '.',
   or it will appear in the output
 * the title doesn't match the capitialization used by
   the existing interop or devel manuals, and uses
   'full-system emulation' rather than the 'system emulation'
   that the interop manual title uses

Fix these minor issues before we start trying to build the manual.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Acked-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-id: 20190610152444.20859-2-peter.maydell@linaro.org

2 years agoqemu-tech.texi: Remove "QEMU compared to other emulators" section
Peter Maydell [Mon, 17 Jun 2019 14:35:31 +0000 (15:35 +0100)] 
qemu-tech.texi: Remove "QEMU compared to other emulators" section

The "QEMU compared to other emulators" section of our documentation
hasn't been updated since 2015 (and parts of the text are even older).
We're clearly not very well placed to track the evolution of a
dozen other emulation projects, and an inaccurate or out of date
comparison doesn't serve anybody, so we're best off just removing
the whole documentation section.

If anybody cares strongly about maintaining a comparison page,
it's probably better to do that on the project's wiki where
we can update it more dynamically.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190607152827.18003-3-peter.maydell@linaro.org
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoConvert "translator internals" docs to RST, move to devel manual
Peter Maydell [Mon, 17 Jun 2019 14:35:30 +0000 (15:35 +0100)] 
Convert "translator internals" docs to RST, move to devel manual

Our user-facing manual currently has a section "translator internals"
which has some high-level information about the design of the
TCG translator. This should really be in our new devel/ manual.
Convert it to RST format and move it there.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190607152827.18003-2-peter.maydell@linaro.org
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190617' into...
Peter Maydell [Mon, 17 Jun 2019 14:35:21 +0000 (15:35 +0100)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190617' into staging

target-arm queue:
 * support large kernel images in bootloader (by avoiding
   putting the initrd over the top of them)
 * correctly disable FPU/DSP in the CPU for the mps2-an521, musca-a boards
 * arm_gicv3: Fix decoding of ID register range
 * arm_gicv3: GICD_TYPER.SecurityExtn is RAZ if GICD_CTLR.DS == 1
 * some code cleanups following on from the VFP decodetree conversion
 * Only implement doubles if the FPU supports them
   (so we now correctly model Cortex-M4, -M33 as single precision only)

# gpg: Signature made Mon 17 Jun 2019 15:33:01 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20190617: (24 commits)
  target/arm: Only implement doubles if the FPU supports them
  target/arm: Fix typos in trans function prototypes
  target/arm: Remove unused cpu_F0s, cpu_F0d, cpu_F1s, cpu_F1d
  target/arm: Stop using deprecated functions in NEON_2RM_VCVT_F32_F16
  target/arm: stop using deprecated functions in NEON_2RM_VCVT_F16_F32
  target/arm: Stop using cpu_F0s in Neon VCVT fixed-point ops
  target/arm: Stop using cpu_F0s for Neon f32/s32 VCVT
  target/arm: Stop using cpu_F0s for NEON_2RM_VRECPE_F and NEON_2RM_VRSQRTE_F
  target/arm: Stop using cpu_F0s for NEON_2RM_VCVT[ANPM][US]
  target/arm: Stop using cpu_F0s for NEON_2RM_VRINT*
  target/arm: Stop using cpu_F0s for NEON_2RM_VNEG_F
  target/arm: Stop using cpu_F0s for NEON_2RM_VABS_F
  target/arm: Use vfp_expand_imm() for AArch32 VFP VMOV_imm
  target/arm: Move vfp_expand_imm() to translate.[ch]
  hw/intc/arm_gicv3: GICD_TYPER.SecurityExtn is RAZ if GICD_CTLR.DS == 1
  hw/intc/arm_gicv3: Fix decoding of ID register range
  hw/arm: Correctly disable FPU/DSP for some ARMSSE-based boards
  hw/arm/armv7m: Forward "vfp" and "dsp" properties to CPU
  target/arm: Allow M-profile CPUs to disable the DSP extension via CPU property
  target/arm: Allow VFP and Neon to be disabled via a CPU property
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Only implement doubles if the FPU supports them
Peter Maydell [Fri, 14 Jun 2019 10:44:57 +0000 (11:44 +0100)] 
target/arm: Only implement doubles if the FPU supports them

The architecture permits FPUs which have only single-precision
support, not double-precision; Cortex-M4 and Cortex-M33 are
both like that. Add the necessary checks on the MVFR0 FPDP
field so that we UNDEF any double-precision instructions on
CPUs like this.

Note that even if FPDP==0 the insns like VMOV-to/from-gpreg,
VLDM/VSTM, VLDR/VSTR which take double precision registers
still exist.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190614104457.24703-3-peter.maydell@linaro.org

2 years agotarget/arm: Fix typos in trans function prototypes
Peter Maydell [Fri, 14 Jun 2019 10:44:56 +0000 (11:44 +0100)] 
target/arm: Fix typos in trans function prototypes

In several places cut and paste errors meant we were using the wrong
type for the 'arg' struct in trans_ functions called by the
decodetree decoder, because we were using the _sp version of the
struct in the _dp function.  These were harmless, because the two
structs were identical and so decodetree made them typedefs of the
same underlying structure (and we'd have had a compile error if they
were not harmless), but we should clean them up anyway.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190614104457.24703-2-peter.maydell@linaro.org

2 years agotarget/arm: Remove unused cpu_F0s, cpu_F0d, cpu_F1s, cpu_F1d
Peter Maydell [Thu, 13 Jun 2019 16:39:17 +0000 (17:39 +0100)] 
target/arm: Remove unused cpu_F0s, cpu_F0d, cpu_F1s, cpu_F1d

Remove the now unused TCG globals cpu_F0s, cpu_F0d, cpu_F1s, cpu_F1d.

cpu_M0 is still used by the iwmmxt code, and cpu_V0 and
cpu_V1 are used by both iwmmxt and Neon.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-13-peter.maydell@linaro.org

2 years agotarget/arm: Stop using deprecated functions in NEON_2RM_VCVT_F32_F16
Peter Maydell [Thu, 13 Jun 2019 16:39:16 +0000 (17:39 +0100)] 
target/arm: Stop using deprecated functions in NEON_2RM_VCVT_F32_F16

Remove some old constructns from NEON_2RM_VCVT_F16_F32 code:
 * don't use CPU_F0s
 * don't use tcg_gen_st_f32

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-12-peter.maydell@linaro.org

2 years agotarget/arm: stop using deprecated functions in NEON_2RM_VCVT_F16_F32
Peter Maydell [Thu, 13 Jun 2019 16:39:15 +0000 (17:39 +0100)] 
target/arm: stop using deprecated functions in NEON_2RM_VCVT_F16_F32

Remove some old constructs from NEON_2RM_VCVT_F16_F32 code:
 * don't use cpu_F0s
 * don't use tcg_gen_ld_f32

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-11-peter.maydell@linaro.org

2 years agotarget/arm: Stop using cpu_F0s in Neon VCVT fixed-point ops
Peter Maydell [Thu, 13 Jun 2019 16:39:14 +0000 (17:39 +0100)] 
target/arm: Stop using cpu_F0s in Neon VCVT fixed-point ops

Stop using cpu_F0s in the Neon VCVT fixed-point operations.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-10-peter.maydell@linaro.org

2 years agotarget/arm: Stop using cpu_F0s for Neon f32/s32 VCVT
Peter Maydell [Thu, 13 Jun 2019 16:39:13 +0000 (17:39 +0100)] 
target/arm: Stop using cpu_F0s for Neon f32/s32 VCVT

Stop using cpu_F0s for the Neon f32/s32 VCVT operations.
Since this is the last user of cpu_F0s in the Neon 2rm-op
loop, we can remove the handling code for it too.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-9-peter.maydell@linaro.org

2 years agotarget/arm: Stop using cpu_F0s for NEON_2RM_VRECPE_F and NEON_2RM_VRSQRTE_F
Peter Maydell [Thu, 13 Jun 2019 16:39:12 +0000 (17:39 +0100)] 
target/arm: Stop using cpu_F0s for NEON_2RM_VRECPE_F and NEON_2RM_VRSQRTE_F

Stop using cpu_F0s for NEON_2RM_VRECPE_F and NEON_2RM_VRSQRTE_F.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-8-peter.maydell@linaro.org

2 years agotarget/arm: Stop using cpu_F0s for NEON_2RM_VCVT[ANPM][US]
Peter Maydell [Thu, 13 Jun 2019 16:39:11 +0000 (17:39 +0100)] 
target/arm: Stop using cpu_F0s for NEON_2RM_VCVT[ANPM][US]

Stop using cpu_F0s for the NEON_2RM_VCVT[ANPM][US] ops.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-7-peter.maydell@linaro.org

2 years agotarget/arm: Stop using cpu_F0s for NEON_2RM_VRINT*
Peter Maydell [Thu, 13 Jun 2019 16:39:10 +0000 (17:39 +0100)] 
target/arm: Stop using cpu_F0s for NEON_2RM_VRINT*

Switch NEON_2RM_VRINT* away from using cpu_F0s.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-6-peter.maydell@linaro.org

2 years agotarget/arm: Stop using cpu_F0s for NEON_2RM_VNEG_F
Peter Maydell [Thu, 13 Jun 2019 16:39:09 +0000 (17:39 +0100)] 
target/arm: Stop using cpu_F0s for NEON_2RM_VNEG_F

Switch NEON_2RM_VABS_F away from using cpu_F0s.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-5-peter.maydell@linaro.org

2 years agotarget/arm: Stop using cpu_F0s for NEON_2RM_VABS_F
Peter Maydell [Thu, 13 Jun 2019 16:39:08 +0000 (17:39 +0100)] 
target/arm: Stop using cpu_F0s for NEON_2RM_VABS_F

Where Neon instructions are floating point operations, we
mostly use the old VFP utility functions like gen_vfp_abs()
which work on the TCG globals cpu_F0s and cpu_F1s. The
Neon for-each-element loop conditionally loads the inputs
into either a plain old TCG temporary for most operations
or into cpu_F0s for float operations, and similarly stores
back either cpu_F0s or the temporary.

Switch NEON_2RM_VABS_F away from using cpu_F0s, and
update neon_2rm_is_float_op() accordingly.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190613163917.28589-4-peter.maydell@linaro.org