qemu.git
4 years agoslirp: correct size computation while concatenating mbuf
Prasad J Pandit [Tue, 5 Jun 2018 18:08:35 +0000 (23:38 +0530)] 
slirp: correct size computation while concatenating mbuf

While reassembling incoming fragmented datagrams, 'm_cat' routine
extends the 'mbuf' buffer, if it has insufficient room. It computes
a wrong buffer size, which leads to overwriting adjacent heap buffer
area. Correct this size computation in m_cat.

Reported-by: ZDI Disclosures <zdi-disclosures@trendmicro.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agoslirp: fix domainname version availability
Samuel Thibault [Thu, 31 May 2018 19:51:02 +0000 (21:51 +0200)] 
slirp: fix domainname version availability

The change missed the 2.12 deadline.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
4 years agoslirp: Add Samuel Thibault's staging tree for slirp
Samuel Thibault [Thu, 31 May 2018 19:45:10 +0000 (21:45 +0200)] 
slirp: Add Samuel Thibault's staging tree for slirp

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Acked-by: Thomas Huth <thuth@redhat.com>
4 years agoslirp: Fix spurious error report when sending directly
Samuel Thibault [Thu, 31 May 2018 19:24:19 +0000 (21:24 +0200)] 
slirp: Fix spurious error report when sending directly

Move check to where it actually is useful, and reduce scope of 'len'
variable along the way.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
4 years agoMerge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging
Peter Maydell [Fri, 1 Jun 2018 13:58:53 +0000 (14:58 +0100)] 
Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging

slirp updates

Alexey Kardashevskiy
  slirp: Improve debugging messages

Andreas Gustafsson, Samuel Thibault, James Clarke
  slirp: Improve bandwidth in GDB remote debugging and FreeBSD guests

Benjamin Drung:
  slirp/dhcp: Add domainname option

Cédric Le Goater (3):
  slirp/ncsi: fix "Get Version ID" payload length
  slirp/ncsi: add a "Get Parameters" response
  slirp/ncsi: add checksum support

Nia Alarie:
  net/slirp: Convert atoi to qemu_strtoi to allow error checking

# gpg: Signature made Fri 01 Jun 2018 14:54:45 BST
# gpg:                using RSA key 996849C1CF560478
# gpg: Good signature from "Samuel Thibault <samuel.thibault@aquilenet.fr>"
# gpg:                 aka "Samuel Thibault <sthibault@debian.org>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@gnu.org>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@inria.fr>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@labri.fr>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@ens-lyon.org>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@u-bordeaux.fr>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 900C B024 B679 31D4 0F82  304B D017 8C76 7D06 9EE6
#      Subkey fingerprint: 3A3A 5D46 4660 E867 610C  A427 9968 49C1 CF56 0478

* remotes/thibault/tags/samuel-thibault:
  slirp/ncsi: add checksum support
  slirp/ncsi: add a "Get Parameters" response
  slirp/ncsi: fix "Get Version ID" payload length
  slirp: Send window updates to guest after window was closed
  net/slirp: Convert atoi to qemu_strtoi to allow error checking
  slirp/debug: Print IP addresses in human readable form
  slirp: disable Nagle in ingoing connections
  slirp: disable Nagle in outgoing connections
  slirp: Add domainname option to slirp's DHCP server

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20180601' into staging
Peter Maydell [Fri, 1 Jun 2018 12:11:30 +0000 (13:11 +0100)] 
Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20180601' into staging

pull-seccomp-20180601

# gpg: Signature made Fri 01 Jun 2018 13:01:18 BST
# gpg:                using RSA key DF32E7C0F0FFF9A2
# gpg: Good signature from "Eduardo Otubo (Senior Software Engineer) <otubo@redhat.com>"
# Primary key fingerprint: D67E 1B50 9374 86B4 0723  DBAB DF32 E7C0 F0FF F9A2

* remotes/otubo/tags/pull-seccomp-20180601:
  sandbox: disable -sandbox if CONFIG_SECCOMP undefined

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agosandbox: disable -sandbox if CONFIG_SECCOMP undefined
Yi Min Zhao [Thu, 31 May 2018 03:29:37 +0000 (11:29 +0800)] 
sandbox: disable -sandbox if CONFIG_SECCOMP undefined

If CONFIG_SECCOMP is undefined, the option 'elevatedprivileges' remains
compiled. This would make libvirt set the corresponding capability and
then trigger failure during guest startup. This patch moves the code
regarding seccomp command line options to qemu-seccomp.c file and
wraps qemu_opts_foreach finding sandbox option with CONFIG_SECCOMP.
Because parse_sandbox() is moved into qemu-seccomp.c file, change
seccomp_start() to static function.

Signed-off-by: Yi Min Zhao <zyimin@linux.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Tested-by: Ján Tomko <jtomko@redhat.com>
Acked-by: Eduardo Otubo <otubo@redhat.com>
4 years agoMerge remote-tracking branch 'remotes/sstabellini-http/tags/xen-20180531-tag' into...
Peter Maydell [Fri, 1 Jun 2018 09:16:48 +0000 (10:16 +0100)] 
Merge remote-tracking branch 'remotes/sstabellini-http/tags/xen-20180531-tag' into staging

Xen 2018/05/31

# gpg: Signature made Thu 31 May 2018 20:05:49 BST
# gpg:                using RSA key 894F8F4870E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"
# gpg:                 aka "Stefano Stabellini <sstabellini@kernel.org>"
# Primary key fingerprint: D04E 33AB A51F 67BA 07D3  0AEA 894F 8F48 70E1 AE90

* remotes/sstabellini-http/tags/xen-20180531-tag:
  xen-hvm: stop faking I/O to access PCI config space
  xen-hvm: try to use xenforeignmemory_map_resource() to map ioreq pages
  xen/hvm: correct reporting of modified memory under physmap during migration

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoslirp/ncsi: add checksum support
Cédric Le Goater [Wed, 30 May 2018 06:10:35 +0000 (08:10 +0200)] 
slirp/ncsi: add checksum support

The checksum field of a NC-SI packet contains a value that may be
included in each command and response. The verification is optional
but the Linux driver does so when a non-zero value is provided. Let's
extend the model to compute the checksum value and exercise a little
more the Linux driver.

See section "8.2.2.3 - 2's Complement Checksum Compensation" in the
Network Controller Sideband Interface (NC-SI) Specification for more
details.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agoslirp/ncsi: add a "Get Parameters" response
Cédric Le Goater [Wed, 30 May 2018 06:10:34 +0000 (08:10 +0200)] 
slirp/ncsi: add a "Get Parameters" response

Command 0x17 'Get Parameters' is used to get configuration parameter
values currently in effect on the controller and it is mandatory in
the NS-CI specification.

Provide a minimum response to exercise the kernel.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agoslirp/ncsi: fix "Get Version ID" payload length
Cédric Le Goater [Wed, 30 May 2018 06:10:33 +0000 (08:10 +0200)] 
slirp/ncsi: fix "Get Version ID" payload length

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agoslirp: Send window updates to guest after window was closed
James Clarke [Tue, 17 Apr 2018 14:10:58 +0000 (15:10 +0100)] 
slirp: Send window updates to guest after window was closed

If the receive window presented to the guest closes, slirp should send a
window update once the window reopens sufficiently, rather than forcing
the guest to send a window probe, which can take several seconds.

Signed-off-by: James Clarke <jrtc27@jrtc27.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agonet/slirp: Convert atoi to qemu_strtoi to allow error checking
Nia Alarie [Fri, 16 Mar 2018 14:39:21 +0000 (14:39 +0000)] 
net/slirp: Convert atoi to qemu_strtoi to allow error checking

Signed-off-by: Nia Alarie <nia.alarie@gmail.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agoslirp/debug: Print IP addresses in human readable form
Alexey Kardashevskiy [Tue, 13 Mar 2018 04:49:44 +0000 (15:49 +1100)] 
slirp/debug: Print IP addresses in human readable form

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agoslirp: disable Nagle in ingoing connections
Samuel Thibault [Wed, 7 Mar 2018 22:29:41 +0000 (23:29 +0100)] 
slirp: disable Nagle in ingoing connections

This follows 3929766fb3e4 ('slirp: disable Nagle in outgoing connections'):
for the same reasons, ingoing connections should have the Nagle algorithm disabled.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
4 years agoslirp: disable Nagle in outgoing connections
Andreas Gustafsson [Wed, 7 Mar 2018 22:26:15 +0000 (23:26 +0100)] 
slirp: disable Nagle in outgoing connections

When setting up an outgoing user mode networking TCP connection,
disable the Nagle algorithm in the host-side connection.  Either the
guest is already doing Nagle, in which case there is no point in doing
it twice, or it has chosen to disable it, in which case we should
respect that choice.

This change speeds up GDB remote debugging over TCP over user mode
networking (with GDB runing on the guest) by multiple orders of
magnitude, and has been part of the local patches applied by pkgsrc
since 2012 with no reported ill effects.

Signed-off-by: Andreas Gustafsson <gson@gson.org>
Reviewed-by: Kamil Rytarowski <n54@gmx.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agoslirp: Add domainname option to slirp's DHCP server
Benjamin Drung [Tue, 27 Feb 2018 16:06:01 +0000 (17:06 +0100)] 
slirp: Add domainname option to slirp's DHCP server

This patch will allow the user to include the domainname option in
replies from the built-in DHCP server.

Signed-off-by: Benjamin Drung <benjamin.drung@profitbricks.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
4 years agoxen-hvm: stop faking I/O to access PCI config space
Paul Durrant [Thu, 31 May 2018 18:01:13 +0000 (11:01 -0700)] 
xen-hvm: stop faking I/O to access PCI config space

This patch removes the current hackery where IOREQ_TYPE_PCI_CONFIG
requests are handled by faking PIO to 0xcf8 and 0xcfc and replaces it
with direct calls to pci_host_config_read/write_common().
Doing so necessitates mapping BDFs to PCIDevices but maintaining a simple
QLIST in xen_device_realize/unrealize() will suffice.

NOTE: whilst config space accesses are currently limited to
      PCI_CONFIG_SPACE_SIZE, this patch paves the way to increasing the
      limit to PCIE_CONFIG_SPACE_SIZE when Xen gains the ability to
      emulate MCFG table accesses.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
4 years agoxen-hvm: try to use xenforeignmemory_map_resource() to map ioreq pages
Paul Durrant [Tue, 15 May 2018 16:40:53 +0000 (17:40 +0100)] 
xen-hvm: try to use xenforeignmemory_map_resource() to map ioreq pages

Xen 4.11 has a new API to directly map guest resources. Among the resources
that can be mapped using this API are ioreq pages.

This patch modifies QEMU to attempt to use the new API should it exist,
falling back to the previous mechanism if it is unavailable.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
4 years agoxen/hvm: correct reporting of modified memory under physmap during migration
Igor Druzhinin [Wed, 25 Apr 2018 13:46:47 +0000 (14:46 +0100)] 
xen/hvm: correct reporting of modified memory under physmap during migration

When global_log_dirty is enabled VRAM modification tracking never
worked correctly. The address that is passed to xen_hvm_modified_memory()
is not the effective PFN but RAM block address which is not the same
for VRAM.

We need to make a translation for this address into PFN using
physmap. Since there is no way to access physmap properly inside
xen_hvm_modified_memory() let's make it a global structure.

Signed-off-by: Igor Druzhinin <igor.druzhinin@citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
4 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180531-1' into...
Peter Maydell [Thu, 31 May 2018 16:00:55 +0000 (17:00 +0100)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180531-1' into staging

target-arm queue:
 * target/arm: Honour FPCR.FZ in FRECPX
 * MAINTAINERS: Add entries for newer MPS2 boards and devices
 * hw/intc/arm_gicv3: Fix APxR<n> register dispatching
 * arm_gicv3_kvm: fix bug in writing zero bits back to the in-kernel
   GIC state
 * tcg: Fix helper function vs host abi for float16
 * arm: fix qemu crash on startup with -bios option
 * arm: fix malloc type mismatch
 * xlnx-zdma: Correct mem leaks and memset to zero on desc unaligned errors
 * Correct CPACR reset value for v7 cores
 * memory.h: Improve IOMMU related documentation
 * exec: Plumb transaction attributes through various functions in
   preparation for allowing IOMMUs to see them
 * vmstate.h: Provide VMSTATE_BOOL_SUB_ARRAY
 * ARM: ACPI: Fix use-after-free due to memory realloc
 * KVM: GIC: Fix memory leak due to calling kvm_init_irq_routing twice

# gpg: Signature made Thu 31 May 2018 16:54:40 BST
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20180531-1: (25 commits)
  KVM: GIC: Fix memory leak due to calling kvm_init_irq_routing twice
  ARM: ACPI: Fix use-after-free due to memory realloc
  vmstate.h: Provide VMSTATE_BOOL_SUB_ARRAY
  Make address_space_translate_iommu take a MemTxAttrs argument
  Make flatview_do_translate() take a MemTxAttrs argument
  Make address_space_get_iotlb_entry() take a MemTxAttrs argument
  Make flatview_translate() take a MemTxAttrs argument
  Make flatview_access_valid() take a MemTxAttrs argument
  Make MemoryRegion valid.accepts callback take a MemTxAttrs argument
  Make memory_region_access_valid() take a MemTxAttrs argument
  Make flatview_extend_translation() take a MemTxAttrs argument
  Make address_space_access_valid() take a MemTxAttrs argument
  Make address_space_map() take a MemTxAttrs argument
  Make address_space_translate{, _cached}() take a MemTxAttrs argument
  Make tb_invalidate_phys_addr() take a MemTxAttrs argument
  memory.h: Improve IOMMU related documentation
  Correct CPACR reset value for v7 cores
  xlnx-zdma: Correct mem leaks and memset to zero on desc unaligned errors
  arm: fix malloc type mismatch
  arm: fix qemu crash on startup with -bios option
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoKVM: GIC: Fix memory leak due to calling kvm_init_irq_routing twice
Shannon Zhao [Thu, 31 May 2018 07:16:34 +0000 (15:16 +0800)] 
KVM: GIC: Fix memory leak due to calling kvm_init_irq_routing twice

kvm_irqchip_create called by kvm_init will call kvm_init_irq_routing to
initialize global capability variables. If we call kvm_init_irq_routing in
GIC realize function, previous allocated memory will leak.

Fix this by deleting the unnecessary call.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 1527750994-14360-1-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoARM: ACPI: Fix use-after-free due to memory realloc
Shannon Zhao [Thu, 31 May 2018 13:50:53 +0000 (14:50 +0100)] 
ARM: ACPI: Fix use-after-free due to memory realloc

acpi_data_push uses g_array_set_size to resize the memory size. If there
is no enough contiguous memory, the address will be changed. So previous
pointer could not be used any more. It must update the pointer and use
the new one.

Also, previous codes wrongly use le32 conversion of iort->node_offset
for subsequent computations that will result incorrect value if host is
not litlle endian. So use the non-converted one instead.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 1527663951-14552-1-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agovmstate.h: Provide VMSTATE_BOOL_SUB_ARRAY
Peter Maydell [Thu, 31 May 2018 13:50:53 +0000 (14:50 +0100)] 
vmstate.h: Provide VMSTATE_BOOL_SUB_ARRAY

Provide a VMSTATE_BOOL_SUB_ARRAY to go with VMSTATE_UINT8_SUB_ARRAY
and friends.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180521140402.23318-23-peter.maydell@linaro.org

4 years agoMake address_space_translate_iommu take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:53 +0000 (14:50 +0100)] 
Make address_space_translate_iommu take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_translate_iommu().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-14-peter.maydell@linaro.org

4 years agoMake flatview_do_translate() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:53 +0000 (14:50 +0100)] 
Make flatview_do_translate() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to flatview_do_translate().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-13-peter.maydell@linaro.org

4 years agoMake address_space_get_iotlb_entry() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:53 +0000 (14:50 +0100)] 
Make address_space_get_iotlb_entry() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_get_iotlb_entry().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-12-peter.maydell@linaro.org

4 years agoMake flatview_translate() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make flatview_translate() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to flatview_translate(); all its
callers now have attrs available.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-11-peter.maydell@linaro.org

4 years agoMake flatview_access_valid() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make flatview_access_valid() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to flatview_access_valid().
Its callers now all have an attrs value to hand, so we can
correct our earlier temporary use of MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-10-peter.maydell@linaro.org

4 years agoMake MemoryRegion valid.accepts callback take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make MemoryRegion valid.accepts callback take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to the MemoryRegion valid.accepts
callback. We'll need this for subpage_accepts().

We could take the approach we used with the read and write
callbacks and add new a new _with_attrs version, but since there
are so few implementations of the accepts hook we just change
them all.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-9-peter.maydell@linaro.org

4 years agoMake memory_region_access_valid() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make memory_region_access_valid() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to memory_region_access_valid().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

The callsite in flatview_access_valid() is part of a recursive
loop flatview_access_valid() -> memory_region_access_valid() ->
 subpage_accepts() -> flatview_access_valid(); we make it pass
MEMTXATTRS_UNSPECIFIED for now, until the next several commits
have plumbed an attrs parameter through the rest of the loop
and we can add an attrs parameter to flatview_access_valid().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-8-peter.maydell@linaro.org

4 years agoMake flatview_extend_translation() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make flatview_extend_translation() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to flatview_extend_translation().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-7-peter.maydell@linaro.org

4 years agoMake address_space_access_valid() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make address_space_access_valid() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_access_valid().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-6-peter.maydell@linaro.org

4 years agoMake address_space_map() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make address_space_map() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_map().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-5-peter.maydell@linaro.org

4 years agoMake address_space_translate{, _cached}() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make address_space_translate{, _cached}() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to address_space_translate()
and address_space_translate_cached(). Callers either have an
attrs value to hand, or don't care and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521140402.23318-4-peter.maydell@linaro.org

4 years agoMake tb_invalidate_phys_addr() take a MemTxAttrs argument
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Make tb_invalidate_phys_addr() take a MemTxAttrs argument

As part of plumbing MemTxAttrs down to the IOMMU translate method,
add MemTxAttrs as an argument to tb_invalidate_phys_addr().
Its callers either have an attrs value to hand, or don't care
and can use MEMTXATTRS_UNSPECIFIED.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20180521140402.23318-3-peter.maydell@linaro.org

4 years agomemory.h: Improve IOMMU related documentation
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
memory.h: Improve IOMMU related documentation

Add more detail to the documentation for memory_region_init_iommu()
and other IOMMU-related functions and data structures.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20180521140402.23318-2-peter.maydell@linaro.org

4 years agoCorrect CPACR reset value for v7 cores
Peter Maydell [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
Correct CPACR reset value for v7 cores

In commit f0aff255700 we made cpacr_write() enforce that some CPACR
bits are RAZ/WI and some are RAO/WI for ARMv7 cores. Unfortunately
we forgot to also update the register's reset value. The effect
was that (a) a guest that read CPACR on reset would not see ones in
the RAO bits, and (b) if you did a migration before the guest did
a write to the CPACR then the migration would fail because the
destination would enforce the RAO bits and then complain that they
didn't match the zero value from the source.

Implement reset for the CPACR using a custom reset function
that just calls cpacr_write(), to avoid having to duplicate
the logic for which bits are RAO.

This bug would affect migration for TCG CPUs which are ARMv7
with VFP but without one of Neon or VFPv3.

Reported-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Message-id: 20180522173713.26282-1-peter.maydell@linaro.org

4 years agoxlnx-zdma: Correct mem leaks and memset to zero on desc unaligned errors
Francisco Iglesias [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
xlnx-zdma: Correct mem leaks and memset to zero on desc unaligned errors

Coverity found that the string return by 'object_get_canonical_path' was not
being freed at two locations in the model (CID 1391294 and CID 1391293) and
also that a memset was being called with a value greater than the max of a byte
on the second argument (CID 1391286). This patch corrects this by adding the
freeing of the strings and also changing to memset to zero instead on
descriptor unaligned errors.

Signed-off-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180528184859.3530-1-frasse.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoarm: fix malloc type mismatch
Paolo Bonzini [Thu, 31 May 2018 13:50:52 +0000 (14:50 +0100)] 
arm: fix malloc type mismatch

cpregs_keys is an uint32_t* so the allocation should use uint32_t.
g_new is even better because it is type-safe.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoarm: fix qemu crash on startup with -bios option
Igor Mammedov [Thu, 31 May 2018 13:50:51 +0000 (14:50 +0100)] 
arm: fix qemu crash on startup with -bios option

When QEMU is started with following CLI
 -machine virt,gic-version=3,accel=kvm -cpu host -bios AAVMF_CODE.fd
it crashes with abort at
 accel/kvm/kvm-all.c:2164:
 KVM_SET_DEVICE_ATTR failed: Group 6 attr 0x000000000000c665: Invalid argument

Which is caused by implicit dependency of kvm_arm_gicv3_reset() on
arm_gicv3_icc_reset() where the later is called by CPU reset
reset callback.

However commit:
 3b77f6c arm/boot: split load_dtb() from arm_load_kernel()
broke CPU reset callback registration in case

  arm_load_kernel()
      ...
      if (!info->kernel_filename || info->firmware_loaded)

branch is taken, i.e. it's sufficient to provide a firmware
or do not provide kernel on CLI to skip cpu reset callback
registration, where before offending commit the callback
has been registered unconditionally.

Fix it by registering the callback right at the beginning of
arm_load_kernel() unconditionally instead of doing it at the end.

NOTE:
 we probably should eliminate that dependency anyways as well as
 separate arch CPU reset parts from arm_load_kernel() into CPU
 itself, but that refactoring that I probably would have to do
 anyways later for CPU hotplug to work.

Reported-by: Auger Eric <eric.auger@redhat.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Message-id: 1527070950-208350-1-git-send-email-imammedo@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agotcg: Fix helper function vs host abi for float16
Richard Henderson [Thu, 31 May 2018 13:50:51 +0000 (14:50 +0100)] 
tcg: Fix helper function vs host abi for float16

Depending on the host abi, float16, aka uint16_t, values are
passed and returned either zero-extended in the host register
or with garbage at the top of the host register.

The tcg code generator has so far been assuming garbage, as that
matches the x86 abi, but this is incorrect for other host abis.
Further, target/arm has so far been assuming zero-extended results,
so that it may store the 16-bit value into a 32-bit slot with the
high 16-bits already clear.

Rectify both problems by mapping "f16" in the helper definition
to uint32_t instead of (a typedef for) uint16_t.  This forces
the host compiler to assume garbage in the upper 16 bits on input
and to zero-extend the result on output.

Cc: qemu-stable@nongnu.org
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20180522175629.24932-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoarm_gicv3_kvm: increase clroffset accordingly
Shannon Zhao [Thu, 31 May 2018 13:50:51 +0000 (14:50 +0100)] 
arm_gicv3_kvm: increase clroffset accordingly

It forgot to increase clroffset during the loop. So it only clear the
first 4 bytes.

Fixes: 367b9f527becdd20ddf116e17a3c0c2bbc486920
Cc: qemu-stable@nongnu.org
Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 1527047633-12368-1-git-send-email-zhaoshenglong@huawei.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agohw/intc/arm_gicv3: Fix APxR<n> register dispatching
Jan Kiszka [Thu, 31 May 2018 13:50:51 +0000 (14:50 +0100)] 
hw/intc/arm_gicv3: Fix APxR<n> register dispatching

There was a nasty flip in identifying which register group an access is
targeting. The issue caused spuriously raised priorities of the guest
when handing CPUs over in the Jailhouse hypervisor.

Cc: qemu-stable@nongnu.org
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Message-id: 28b927d3-da58-bce4-cc13-bfec7f9b1cb9@siemens.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMAINTAINERS: Add entries for newer MPS2 boards and devices
Peter Maydell [Thu, 31 May 2018 13:50:51 +0000 (14:50 +0100)] 
MAINTAINERS: Add entries for newer MPS2 boards and devices

Add entries to MAINTAINERS to cover the newer MPS2 boards and
the new devices they use.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20180518153157.14899-1-peter.maydell@linaro.org

4 years agotarget/arm: Honour FPCR.FZ in FRECPX
Peter Maydell [Thu, 31 May 2018 13:50:51 +0000 (14:50 +0100)] 
target/arm: Honour FPCR.FZ in FRECPX

The FRECPX instructions should (like most other floating point operations)
honour the FPCR.FZ bit which specifies whether input denormals should
be flushed to zero (or FZ16 for the half-precision version).
We forgot to implement this, which doesn't affect the results (since
the calculation doesn't actually care about the mantissa bits) but did
mean we were failing to set the FPSR.IDC bit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180521172712.19930-1-peter.maydell@linaro.org

4 years agoMerge remote-tracking branch 'remotes/ehabkost/tags/numa-next-pull-request' into...
Peter Maydell [Thu, 31 May 2018 10:12:36 +0000 (11:12 +0100)] 
Merge remote-tracking branch 'remotes/ehabkost/tags/numa-next-pull-request' into staging

NUMA queue, 2018-05-30

* New command-line option: --preconfig
  This option allows pausing QEMU and allow the configuration
  using QMP commands before running board initialization code.
* New QMP set-numa-node, now made possible because of --preconfig
* Small update on -numa error messages

# gpg: Signature made Thu 31 May 2018 00:02:59 BST
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/numa-next-pull-request:
  tests: functional tests for QMP command set-numa-node
  qmp: add set-numa-node command
  qmp: permit query-hotpluggable-cpus in preconfig state
  tests: extend qmp test with preconfig checks
  cli: add --preconfig option
  tests: qapi-schema tests for allow-preconfig
  qapi: introduce new cmd option "allow-preconfig"
  hmp: disable monitor in preconfig state
  qapi: introduce preconfig runstate
  numa: split out NumaOptions parsing into set_numa_options()
  numa: postpone options post-processing till machine_run_board_init()
  numa: clarify error message when node index is out of range in -numa dist, ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Peter Maydell [Thu, 31 May 2018 08:40:19 +0000 (09:40 +0100)] 
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Add blockdev-create job
- qcow2: Silence Coverity false positive

# gpg: Signature made Wed 30 May 2018 16:55:31 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  block/create: Mark blockdev-create stable
  qemu-iotests: Rewrite 213 for blockdev-create job
  qemu-iotests: Rewrite 212 for blockdev-create job
  qemu-iotests: Rewrite 211 for blockdev-create job
  qemu-iotests: Rewrite 210 for blockdev-create job
  qemu-iotests: Rewrite 207 for blockdev-create job
  qemu-iotests: Rewrite 206 for blockdev-create job
  qemu-iotests: iotests.py helper for non-file protocols
  qemu-iotests: Add VM.run_job()
  qemu-iotests: Add iotests.img_info_log()
  qemu-iotests: Add VM.qmp_log()
  qemu-iotests: Add VM.get_qmp_events_filtered()
  block/create: Make x-blockdev-create a job
  job: Add error message for failing jobs
  vhdx: Fix vhdx_co_create() return value
  vdi: Fix vdi_co_do_create() return value
  qcow2: Fix Coverity warning when calculating the refcount cache size

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agotests: functional tests for QMP command set-numa-node
Igor Mammedov [Thu, 17 May 2018 11:30:07 +0000 (13:30 +0200)] 
tests: functional tests for QMP command set-numa-node

 * start QEMU with 2 unmapped cpus,
 * while in preconfig state
    * add 2 numa nodes
    * assign cpus to them
 * exit preconfig and in running state check that cpus
   are mapped correctly.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1526556607-268163-1-git-send-email-imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqmp: add set-numa-node command
Igor Mammedov [Fri, 4 May 2018 08:37:48 +0000 (10:37 +0200)] 
qmp: add set-numa-node command

Command is allowed to run only in preconfig stage and
will allow to configure numa mapping for CPUs depending
on possible CPUs layout (query-hotpluggable-cpus) for
given machine instance.

Example of configuration session:
$QEMU -smp 2 --preconfig ...

QMP:
-> {'execute': 'query-hotpluggable-cpus' }
<- {'return': [
       {'props': {'core-id': 0, 'thread-id': 0, 'socket-id': 1}, ... },
       {'props': {'core-id': 0, 'thread-id': 0, 'socket-id': 0}, ... }
   ]}

-> {'execute': 'set-numa-node', 'arguments': { 'type': 'node', 'nodeid': 0 } }
<- {'return': {}}
-> {'execute': 'set-numa-node', 'arguments': { 'type': 'cpu',
       'node-id': 0, 'core-id': 0, 'thread-id': 0, 'socket-id': 1, }
   }
<- {'return': {}}

-> {'execute': 'set-numa-node', 'arguments': { 'type': 'node', 'nodeid': 1 } }
-> {'execute': 'set-numa-node', 'arguments': { 'type': 'cpu',
       'node-id': 1, 'core-id': 0, 'thread-id': 0, 'socket-id': 0 }
   }
<- {'return': {}}

-> {'execute': 'query-hotpluggable-cpus' }
<- {'return': [
       {'props': {'core-id': 0, 'thread-id': 0, 'node-id': 0, 'socket-id': 1}, ... },
       {'props': {'core-id': 0, 'thread-id': 0, 'node-id': 1, 'socket-id': 0}, ... }
   ]}

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1525423069-61903-11-git-send-email-imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
[ehabkost: Changed "since 2.13" to "since 3.0"]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqmp: permit query-hotpluggable-cpus in preconfig state
Igor Mammedov [Fri, 4 May 2018 08:37:47 +0000 (10:37 +0200)] 
qmp: permit query-hotpluggable-cpus in preconfig state

it will allow mgmt to query possible CPUs, which depends on
used machine(version)/-smp options, without restarting
QEMU and use results to configure numa mapping or adding
CPUs with device_add* later.

PS:
*) device_add is not allowed to run at preconfig in this series
   but later it could be dealt with by injecting -device
   in preconfig state and letting existing -device handling
   to actually plug devices

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1525423069-61903-10-git-send-email-imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agotests: extend qmp test with preconfig checks
Igor Mammedov [Thu, 17 May 2018 11:28:44 +0000 (13:28 +0200)] 
tests: extend qmp test with preconfig checks

Add permission checks for commands at 'preconfig' stage.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1526556524-267991-1-git-send-email-imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agocli: add --preconfig option
Igor Mammedov [Fri, 11 May 2018 17:24:43 +0000 (19:24 +0200)] 
cli: add --preconfig option

This option allows pausing QEMU in the new RUN_STATE_PRECONFIG state,
allowing the configuration of QEMU from QMP before the machine jumps
into board initialization code of machine_run_board_init()

The intent is to allow management to query machine state and additionally
configure it using previous query results within one QEMU instance
(i.e. eliminate the need to start QEMU twice, 1st to query board specific
parameters and 2nd for actual VM start using query results for
additional parameters).

The new option complements -S option and could be used with or without
it. The difference is that -S pauses QEMU when the machine is completely
initialized with all devices wired up and ready to execute guest code
(QEMU needs only to unpause VCPUs to let guest execute its code),
while the "preconfig" option pauses QEMU early before board specific init
callback (machine_run_board_init) is executed and allows the configuration
of machine parameters which will be used by board init code.

When early introspection/configuration is done, command 'exit-preconfig'
should be used to exit RUN_STATE_PRECONFIG and transition to the next
requested state (i.e. if -S is used then QEMU will pause the second
time when board/device initialization is completed or start guest
execution if -S isn't provided on CLI)

PS:
Initially 'preconfig' is planned to be used for configuring numa
topology depending on board specified possible cpus layout.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1526059483-42847-1-git-send-email-imammedo@redhat.com>
[ehabkost: Changed "since 2.13" to "since 3.0"]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agotests: qapi-schema tests for allow-preconfig
Igor Mammedov [Fri, 11 May 2018 17:15:59 +0000 (19:15 +0200)] 
tests: qapi-schema tests for allow-preconfig

use new allow-preconfig parameter in tests and make sure that
the QAPISchema can parse allow-preconfig correctly

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1526058959-41425-1-git-send-email-imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqapi: introduce new cmd option "allow-preconfig"
Igor Mammedov [Fri, 11 May 2018 16:51:43 +0000 (18:51 +0200)] 
qapi: introduce new cmd option "allow-preconfig"

New option will be used to allow commands, which are prepared/need
to run, during preconfig state. Other commands that should be able
to run in preconfig state, should be amended to not expect machine
in initialized state or deal with it.

For compatibility reasons, commands that don't use new flag
'allow-preconfig' explicitly are not permitted to run in
preconfig state but allowed in all other states like they used
to be.

Within this patch allow following commands in preconfig state:
   qmp_capabilities
   query-qmp-schema
   query-commands
   query-command-line-options
   query-status
   exit-preconfig
to allow qmp connection, basic introspection and moving to the next
state.

PS:
set-numa-node and query-hotpluggable-cpus will be enabled later in
a separate patches.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1526057503-39287-1-git-send-email-imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[ehabkost: Changed "since 2.13" to "since 3.0"]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agohmp: disable monitor in preconfig state
Igor Mammedov [Fri, 4 May 2018 08:37:42 +0000 (10:37 +0200)] 
hmp: disable monitor in preconfig state

Ban it for now, if someone would need it to work early,
one would have to implement checks if HMP command is valid
at preconfig state.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1525423069-61903-5-git-send-email-imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqapi: introduce preconfig runstate
Igor Mammedov [Fri, 4 May 2018 08:37:41 +0000 (10:37 +0200)] 
qapi: introduce preconfig runstate

New preconfig runstate will be used in follow up patches
related to introducing --preconfig CLI option and is
intended to replace prelaunch runstate from QEMU start
up to machine_init callback.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1525423069-61903-4-git-send-email-imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[ehabkost: Changed "since 2.13" to "since 3.0"]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agonuma: split out NumaOptions parsing into set_numa_options()
Igor Mammedov [Fri, 4 May 2018 08:37:40 +0000 (10:37 +0200)] 
numa: split out NumaOptions parsing into set_numa_options()

it will allow to reuse set_numa_options() for parsing
configuration commands received via QMP interface

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1525423069-61903-3-git-send-email-imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agonuma: postpone options post-processing till machine_run_board_init()
Igor Mammedov [Fri, 4 May 2018 08:37:39 +0000 (10:37 +0200)] 
numa: postpone options post-processing till machine_run_board_init()

in preparation for numa options to being handled via QMP before
machine_run_board_init(), move final numa configuration checks
and processing to machine_run_board_init() so it could take into
account both CLI (via parse_numa_opts()) and QMP input

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1525423069-61903-2-git-send-email-imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agonuma: clarify error message when node index is out of range in -numa dist, ...
Igor Mammedov [Wed, 16 May 2018 15:06:14 +0000 (17:06 +0200)] 
numa: clarify error message when node index is out of range in -numa dist, ...

When using following CLI:
  -numa dist,src=128,dst=1,val=20
user gets a rather confusing error message:
   "Invalid node 128, max possible could be 128"

Where 128 is number of nodes that QEMU supports (MAX_NODES),
while src/dst is an index up to that limit, so it should be
MAX_NODES - 1 in error message.
Make error message to explicitly state valid range for node
index to be more clear.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1526483174-169008-1-git-send-email-imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoblock/create: Mark blockdev-create stable
Kevin Wolf [Fri, 25 May 2018 16:24:51 +0000 (18:24 +0200)] 
block/create: Mark blockdev-create stable

We're ready to declare the blockdev-create job stable. This renames the
corresponding QMP command from x-blockdev-create to blockdev-create.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agoqemu-iotests: Rewrite 213 for blockdev-create job
Kevin Wolf [Wed, 23 May 2018 16:19:00 +0000 (18:19 +0200)] 
qemu-iotests: Rewrite 213 for blockdev-create job

This rewrites the test case 213 to work with the new x-blockdev-create
job rather than the old synchronous version of the command.

All of the test cases stay the same as before, but in order to be able
to implement proper job handling, the test case is rewritten in Python.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
4 years agoqemu-iotests: Rewrite 212 for blockdev-create job
Kevin Wolf [Wed, 23 May 2018 16:19:00 +0000 (18:19 +0200)] 
qemu-iotests: Rewrite 212 for blockdev-create job

This rewrites the test case 212 to work with the new x-blockdev-create
job rather than the old synchronous version of the command.

All of the test cases stay the same as before, but in order to be able
to implement proper job handling, the test case is rewritten in Python.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
4 years agoqemu-iotests: Rewrite 211 for blockdev-create job
Kevin Wolf [Wed, 23 May 2018 16:19:00 +0000 (18:19 +0200)] 
qemu-iotests: Rewrite 211 for blockdev-create job

This rewrites the test case 211 to work with the new x-blockdev-create
job rather than the old synchronous version of the command.

All of the test cases stay the same as before, but in order to be able
to implement proper job handling, the test case is rewritten in Python.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
4 years agoqemu-iotests: Rewrite 210 for blockdev-create job
Kevin Wolf [Wed, 23 May 2018 16:19:00 +0000 (18:19 +0200)] 
qemu-iotests: Rewrite 210 for blockdev-create job

This rewrites the test case 210 to work with the new x-blockdev-create
job rather than the old synchronous version of the command.

All of the test cases stay the same as before, but in order to be able
to implement proper job handling, the test case is rewritten in Python.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agoqemu-iotests: Rewrite 207 for blockdev-create job
Kevin Wolf [Wed, 23 May 2018 16:19:00 +0000 (18:19 +0200)] 
qemu-iotests: Rewrite 207 for blockdev-create job

This rewrites the test case 207 to work with the new x-blockdev-create
job rather than the old synchronous version of the command.

Most of the test cases stay the same as before (the exception being some
improved 'size' options that allow distinguishing which command created
the image), but in order to be able to implement proper job handling,
the test case is rewritten in Python.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
4 years agoqemu-iotests: Rewrite 206 for blockdev-create job
Kevin Wolf [Wed, 23 May 2018 16:19:00 +0000 (18:19 +0200)] 
qemu-iotests: Rewrite 206 for blockdev-create job

This rewrites the test case 206 to work with the new x-blockdev-create
job rather than the old synchronous version of the command.

All of the test cases stay the same as before, but in order to be able
to implement proper job handling, the test case is rewritten in Python.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
4 years agoqemu-iotests: iotests.py helper for non-file protocols
Kevin Wolf [Tue, 29 May 2018 19:44:47 +0000 (21:44 +0200)] 
qemu-iotests: iotests.py helper for non-file protocols

This adds two helper functions that are useful for test cases that make
use of a non-file protocol (specifically ssh).

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agoqemu-iotests: Add VM.run_job()
Kevin Wolf [Tue, 29 May 2018 18:52:57 +0000 (20:52 +0200)] 
qemu-iotests: Add VM.run_job()

Add an iotests.py function that runs a job and only returns when it is
destroyed. An error is logged when the job failed and job-finalize and
job-dismiss commands are issued if necessary.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agoqemu-iotests: Add iotests.img_info_log()
Kevin Wolf [Thu, 24 May 2018 11:12:56 +0000 (13:12 +0200)] 
qemu-iotests: Add iotests.img_info_log()

This adds a filter function to postprocess 'qemu-img info' input
(similar to what _img_info does), and an img_info_log() function that
calls 'qemu-img info' and logs the filtered output.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agoqemu-iotests: Add VM.qmp_log()
Kevin Wolf [Wed, 23 May 2018 16:17:45 +0000 (18:17 +0200)] 
qemu-iotests: Add VM.qmp_log()

This adds a helper function that logs both the QMP request and the
received response before returning it.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
4 years agoqemu-iotests: Add VM.get_qmp_events_filtered()
Kevin Wolf [Wed, 23 May 2018 15:59:46 +0000 (17:59 +0200)] 
qemu-iotests: Add VM.get_qmp_events_filtered()

This adds a helper function that returns a list of QMP events that are
already filtered through filter_qmp_event().

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agoblock/create: Make x-blockdev-create a job
Kevin Wolf [Thu, 18 Jan 2018 13:33:04 +0000 (14:33 +0100)] 
block/create: Make x-blockdev-create a job

This changes the x-blockdev-create QMP command so that it doesn't block
the monitor and the main loop any more, but starts a background job that
performs the image creation.

The basic job as implemented here is all that is necessary to make image
creation asynchronous and to provide a QMP interface that can be marked
stable, but it still lacks a few features that jobs usually provide: The
job will ignore pause commands and it doesn't publish more than very
basic progress yet (total-progress is 1 and current-progress advances
from 0 to 1 when the driver callbacks returns). These features can be
added later without breaking compatibility.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agojob: Add error message for failing jobs
Kevin Wolf [Thu, 24 May 2018 13:26:10 +0000 (15:26 +0200)] 
job: Add error message for failing jobs

So far we relied on job->ret and strerror() to produce an error message
for failed jobs. Not surprisingly, this tends to result in completely
useless messages.

This adds a Job.error field that can contain an error string for a
failing job, and a parameter to job_completed() that sets the field. As
a default, if NULL is passed, we continue to use strerror(job->ret).

All existing callers are changed to pass NULL. They can be improved in
separate patches.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agovhdx: Fix vhdx_co_create() return value
Kevin Wolf [Fri, 25 May 2018 12:48:16 +0000 (14:48 +0200)] 
vhdx: Fix vhdx_co_create() return value

.bdrv_co_create() is supposed to return 0 on success, but vhdx could
return a positive value instead. Fix this.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agovdi: Fix vdi_co_do_create() return value
Kevin Wolf [Fri, 25 May 2018 12:48:16 +0000 (14:48 +0200)] 
vdi: Fix vdi_co_do_create() return value

.bdrv_co_create() is supposed to return 0 on success, but vdi could
return a positive value instead. Fix this.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
4 years agoui/cocoa: Suppress NSFileHandlingPanelOKButton deprecation warning
Peter Maydell [Tue, 29 May 2018 18:15:23 +0000 (19:15 +0100)] 
ui/cocoa: Suppress NSFileHandlingPanelOKButton deprecation warning

OSX 10.13 deprecates the NSFileHandlingPanelOKButton constant, and
would rather you use NSModalResponseOK, which was introduced in OS 10.9.
Use the recommended new constant name, with a backward compatibility
define if we're building on an older OSX.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 20180529181523.19185-1-peter.maydell@linaro.org

4 years agoqcow2: Fix Coverity warning when calculating the refcount cache size
Alberto Garcia [Mon, 28 May 2018 15:01:28 +0000 (17:01 +0200)] 
qcow2: Fix Coverity warning when calculating the refcount cache size

MIN_REFCOUNT_CACHE_SIZE is 4 and the cluster size is guaranteed to be
at most 2MB, so the minimum refcount cache size (in bytes) is always
going to fit in a 32-bit integer.

Coverity doesn't know that, and since we're storing the result in a
uint64_t (*refcount_cache_size) it thinks that we need the 64 bits and
that we probably want to do a 64-bit multiplication to prevent the
result from being truncated.

This is a false positive in this case, but it's a fair warning.
We could do a 64-bit multiplication to get rid of it, but since we
know that a 32-bit variable is enough to store this value let's simply
reuse min_refcount_cache, make it a normal int and stop doing casts.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
4 years agoMerge remote-tracking branch 'remotes/edgar/tags/edgar/xilinx-next-2018-05-29-v1...
Peter Maydell [Tue, 29 May 2018 12:01:11 +0000 (13:01 +0100)] 
Merge remote-tracking branch 'remotes/edgar/tags/edgar/xilinx-next-2018-05-29-v1.for-upstream' into staging

Tag edgar/xilinx-next-2018-05-29-v1.for-upstream

# gpg: Signature made Tue 29 May 2018 09:58:30 BST
# gpg:                using RSA key 29C596780F6BCA83
# gpg: Good signature from "Edgar E. Iglesias (Xilinx key) <edgar.iglesias@xilinx.com>"
# gpg:                 aka "Edgar E. Iglesias <edgar.iglesias@gmail.com>"
# Primary key fingerprint: AC44 FEDC 14F7 F1EB EDBF  4151 29C5 9678 0F6B CA83

* remotes/edgar/tags/edgar/xilinx-next-2018-05-29-v1.for-upstream: (38 commits)
  target-microblaze: Consolidate MMU enabled checks
  target-microblaze: cpu_mmu_index: Fixup indentation
  target-microblaze: Use tcg_gen_movcond in eval_cond_jmp
  target-microblaze: Convert env_btarget to i64
  target-microblaze: Remove argument b in eval_cc()
  target-microblaze: Use table based condition-codes conversion
  target-microblaze: mmu: Cleanup debug log messages
  target-microblaze: Simplify address computation using tcg_gen_addi_i32()
  target-microblaze: Allow address sizes between 32 and 64 bits
  target-microblaze: Add support for extended access to TLBLO
  target-microblaze: dec_msr: Plug a temp leak
  target-microblaze: mmu: Add a configurable output address mask
  target-microblaze: mmu: Prepare for 64-bit addresses
  target-microblaze: mmu: Remove unused register state
  target-microblaze: mmu: Add R_TBLX_MISS macros
  target-microblaze: Implement MFSE EAR
  target-microblaze: Add Extended Addressing
  target-microblaze: Setup for 64bit addressing
  target-microblaze: Make special registers 64-bit
  target-microblaze: dec_msr: Fix MTS to FSR
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoqemu-doc.texi: Rename references to 2.13 to 3.0
Peter Maydell [Tue, 22 May 2018 10:40:00 +0000 (11:40 +0100)] 
qemu-doc.texi: Rename references to 2.13 to 3.0

Update references to 2.13 to read 3.0, since that's the
number we're using for the next release.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20180522104000.9044-6-peter.maydell@linaro.org

4 years agoppc: Rename 2.13 machines to 3.0
Peter Maydell [Tue, 22 May 2018 10:39:59 +0000 (11:39 +0100)] 
ppc: Rename 2.13 machines to 3.0

Rename the 2.13 machines to match the number we're going to
use for the next release.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Message-id: 20180522104000.9044-5-peter.maydell@linaro.org

4 years agohw/s390x: Rename 2.13 machines to 3.0
Peter Maydell [Tue, 22 May 2018 10:39:58 +0000 (11:39 +0100)] 
hw/s390x: Rename 2.13 machines to 3.0

Rename the 2.13 machines to match the number we're going to
use for the next release.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20180522104000.9044-4-peter.maydell@linaro.org

4 years agohw/i386: Rename 2.13 machine types to 3.0
Peter Maydell [Tue, 22 May 2018 10:39:57 +0000 (11:39 +0100)] 
hw/i386: Rename 2.13 machine types to 3.0

Rename the 2.13 machine types to match what we're going to
use as our next release number.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-id: 20180522104000.9044-3-peter.maydell@linaro.org

4 years agoqapi: Change "since 2.13" annotations to "since 3.0"
Peter Maydell [Tue, 22 May 2018 10:39:56 +0000 (11:39 +0100)] 
qapi: Change "since 2.13" annotations to "since 3.0"

We're going to make the next release be 3.0, not 2.13; change
the annotations in our json appropriately.

Changes produced with
  sed -i -e 's/2\.13/3.0/g' qapi/*.json

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20180522104000.9044-2-peter.maydell@linaro.org

4 years agoMerge remote-tracking branch 'remotes/stefanberger/tags/pull-tpm-2018-05-23-4' into...
Peter Maydell [Tue, 29 May 2018 08:57:09 +0000 (09:57 +0100)] 
Merge remote-tracking branch 'remotes/stefanberger/tags/pull-tpm-2018-05-23-4' into staging

Merge tpm 2018/05/23 v4

# gpg: Signature made Sat 26 May 2018 03:52:12 BST
# gpg:                using RSA key 75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* remotes/stefanberger/tags/pull-tpm-2018-05-23-4:
  test: Add test cases that use the external swtpm with CRB interface
  docs: tpm: add VM save/restore example and troubleshooting guide
  tpm: extend TPM TIS with state migration support
  tpm: extend TPM emulator with state migration support

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agotarget-microblaze: Consolidate MMU enabled checks
Edgar E. Iglesias [Tue, 15 May 2018 21:44:28 +0000 (23:44 +0200)] 
target-microblaze: Consolidate MMU enabled checks

Consolidate MMU enabled checks to cpu_mmu_index().
No functional changes.

Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: cpu_mmu_index: Fixup indentation
Edgar E. Iglesias [Tue, 15 May 2018 21:35:16 +0000 (23:35 +0200)] 
target-microblaze: cpu_mmu_index: Fixup indentation

Fixup the indentation of cpu_mmu_index in preparation for
future edits.
No functional changes.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: Use tcg_gen_movcond in eval_cond_jmp
Edgar E. Iglesias [Tue, 8 May 2018 16:42:31 +0000 (18:42 +0200)] 
target-microblaze: Use tcg_gen_movcond in eval_cond_jmp

Cleanup eval_cond_jmp to use tcg_gen_movcond_i64().
No functional change.

Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: Convert env_btarget to i64
Edgar E. Iglesias [Tue, 8 May 2018 16:31:06 +0000 (18:31 +0200)] 
target-microblaze: Convert env_btarget to i64

Convert env_btarget to i64.
No functional change.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: Remove argument b in eval_cc()
Edgar E. Iglesias [Tue, 8 May 2018 15:34:21 +0000 (17:34 +0200)] 
target-microblaze: Remove argument b in eval_cc()

Remove argument b in eval_cc() as it is always set to zero.
No functional change.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: Use table based condition-codes conversion
Edgar E. Iglesias [Tue, 8 May 2018 15:31:50 +0000 (17:31 +0200)] 
target-microblaze: Use table based condition-codes conversion

Use a table based conversion to map condition-codes between
MicroBlaze ISA encoding and TCG.
No functional change.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: mmu: Cleanup debug log messages
Edgar E. Iglesias [Sat, 5 May 2018 13:55:25 +0000 (15:55 +0200)] 
target-microblaze: mmu: Cleanup debug log messages

Cleanup debug log messages:
* Avoid long 80+ character lines.
* Remove D() macro and use qemu_log_mask.
* Remove logs that are not very useful

Suggested-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: Simplify address computation using tcg_gen_addi_i32()
Edgar E. Iglesias [Sat, 5 May 2018 12:27:23 +0000 (14:27 +0200)] 
target-microblaze: Simplify address computation using tcg_gen_addi_i32()

Simplify address computation using tcg_gen_addi_i32().
tcg_gen_addi_i32() already optimizes the case when the
immediate is zero.

No functional change.

Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: Allow address sizes between 32 and 64 bits
Edgar E. Iglesias [Tue, 17 Apr 2018 16:17:40 +0000 (18:17 +0200)] 
target-microblaze: Allow address sizes between 32 and 64 bits

Allow address sizes between 32 and 64 bits.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: Add support for extended access to TLBLO
Edgar E. Iglesias [Mon, 16 Apr 2018 19:25:01 +0000 (21:25 +0200)] 
target-microblaze: Add support for extended access to TLBLO

Add support for extended access to TLBLO's upper 32 bits.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: dec_msr: Plug a temp leak
Edgar E. Iglesias [Tue, 15 May 2018 22:04:54 +0000 (00:04 +0200)] 
target-microblaze: dec_msr: Plug a temp leak

Plug a temp leak.

Reported-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: mmu: Add a configurable output address mask
Edgar E. Iglesias [Mon, 16 Apr 2018 17:37:16 +0000 (19:37 +0200)] 
target-microblaze: mmu: Add a configurable output address mask

Add a configurable output address mask, used to mimic the
configurable physical address bit width.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: mmu: Prepare for 64-bit addresses
Edgar E. Iglesias [Mon, 16 Apr 2018 19:03:01 +0000 (21:03 +0200)] 
target-microblaze: mmu: Prepare for 64-bit addresses

Prepare for 64-bit addresses.
This makes no functional difference as the upper parts of
the 64-bit addresses are not yet reachable.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: mmu: Remove unused register state
Edgar E. Iglesias [Sun, 15 Apr 2018 21:25:58 +0000 (23:25 +0200)] 
target-microblaze: mmu: Remove unused register state

Add explicit handling for MMU_R_TLBX and log accesses to
invalid MMU registers. We can now remove the state for
all regs but PID, ZPR and TLBX (0 - 2).

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
4 years agotarget-microblaze: mmu: Add R_TBLX_MISS macros
Edgar E. Iglesias [Sun, 15 Apr 2018 21:18:49 +0000 (23:18 +0200)] 
target-microblaze: mmu: Add R_TBLX_MISS macros

Add a R_TBLX_MISS MASK and SHIFT macros.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>