qemu.git
2 years agosun4u: add power_mem_read routine
Prasad J Pandit [Fri, 4 Jan 2019 09:49:10 +0000 (15:19 +0530)] 
sun4u: add power_mem_read routine

Define skeleton 'power_mem_read' routine. Avoid NULL dereference.

Reported-by: Fakhri Zulkifli <mohdfakhrizulkifli@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2 years agohw/sparc64: Create VGA device only if it has really been requested
Thomas Huth [Sun, 16 Dec 2018 21:52:10 +0000 (22:52 +0100)] 
hw/sparc64: Create VGA device only if it has really been requested

The sun4u/sun4v machine currently always creates a VGA device, even if
the user started QEMU with "-nodefaults" or "-vga none". That's likely
not what the users expect in this case, so add a check whether the VGA
adapter has really been requested.

Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190205' into...
Peter Maydell [Tue, 5 Feb 2019 18:25:07 +0000 (18:25 +0000)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190205' into staging

target-arm queue:
 * Implement Armv8.5-BTI extension for system emulation mode
 * Implement the PR_PAC_RESET_KEYS prctl() for linux-user mode's Armv8.3-PAuth support
 * Support TBI (top-byte-ignore) properly for linux-user mode
 * gdbstub: allow killing QEMU via vKill command
 * hw/arm/boot: Support DTB autoload for firmware-only boots
 * target/arm: Make FPSCR/FPCR trapped-exception bits RAZ/WI

# gpg: Signature made Tue 05 Feb 2019 17:04:22 GMT
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20190205: (22 commits)
  target/arm: Make FPSCR/FPCR trapped-exception bits RAZ/WI
  hw/arm/boot: Support DTB autoload for firmware-only boots
  hw/arm/boot: Clarify why arm_setup_firmware_boot() doesn't set env->boot_info
  hw/arm/boot: Factor out "set up firmware boot" code
  hw/arm/boot: Factor out "direct kernel boot" code into its own function
  hw/arm/boot: Fix block comment style in arm_load_kernel()
  gdbstub: allow killing QEMU via vKill command
  target/arm: Enable TBI for user-only
  target/arm: Compute TB_FLAGS for TBI for user-only
  target/arm: Clean TBI for data operations in the translator
  target/arm: Add TBFLAG_A64_TBID, split out gen_top_byte_ignore
  tests/tcg/aarch64: Add pauth smoke test
  linux-user: Implement PR_PAC_RESET_KEYS
  target/arm: Enable BTI for -cpu max
  target/arm: Set btype for indirect branches
  target/arm: Reset btype for direct branches
  target/arm: Default handling of BTYPE during translation
  target/arm: Cache the GP bit for a page in MemTxAttrs
  exec: Add target-specific tlb bits to MemTxAttrs
  target/arm: Add BT and BTYPE to tb->flags
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/cohuck/tags/s390x-20190205' into staging
Peter Maydell [Tue, 5 Feb 2019 17:39:15 +0000 (17:39 +0000)] 
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20190205' into staging

Fixes and improvements in tcg and the zPCI code.

# gpg: Signature made Tue 05 Feb 2019 16:36:09 GMT
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20190205:
  s390x/pci: Unplug remaining requested devices on pcihost reset
  s390x/pci: Warn when adding PCI devices without the 'zpci' feature
  s390x/pci: Fix hotplugging of PCI bridges
  s390x/pci: Fix primary bus number for PCI bridges
  s390x/tcg: Don't model FP registers as globals
  s390x/pci: mark zpci devices as unmigratable
  s390x/pci: Drop release timer and replace it with a flag
  s390x/pci: Introduce unplug requests and split unplug handler
  s390x: remove direct reference to mem_path global from s390x code
  target/s390x: define TCG_GUEST_DEFAULT_MO for MTTCG

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Make FPSCR/FPCR trapped-exception bits RAZ/WI
Peter Maydell [Tue, 5 Feb 2019 16:52:42 +0000 (16:52 +0000)] 
target/arm: Make FPSCR/FPCR trapped-exception bits RAZ/WI

The {IOE, DZE, OFE, UFE, IXE, IDE} bits in the FPSCR/FPCR are for
enabling trapped IEEE floating point exceptions (where IEEE exception
conditions cause a CPU exception rather than updating the FPSR status
bits). QEMU doesn't implement this (and nor does the hardware we're
modelling), but for implementations which don't implement trapped
exception handling these control bits are supposed to be RAZ/WI.
This allows guest code to test for whether the feature is present
by trying to write to the bit and checking whether it sticks.

QEMU is incorrectly making these bits read as written. Make them
RAZ/WI as the architecture requires.

In particular this was causing problems for the NetBSD automatic
test suite.

Reported-by: Martin Husemann <martin@netbsd.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190131130700.28392-1-peter.maydell@linaro.org

2 years agohw/arm/boot: Support DTB autoload for firmware-only boots
Peter Maydell [Tue, 5 Feb 2019 16:52:42 +0000 (16:52 +0000)] 
hw/arm/boot: Support DTB autoload for firmware-only boots

The arm_boot_info struct has a skip_dtb_autoload flag: if this is
set to true by the board code then arm_load_kernel() will not
load the DTB itself, but will leave this for the board code to
do itself later. However, the check for this is done in a
code path which is only executed for the case where we load
a kernel image file. If we're taking the "boot via firmware"
code path then the flag isn't honoured and the DTB is never
loaded.

We didn't notice this because the only real user of "boot
via firmware" that cares about the DTB is the virt board
(for UEFI boot), and that always wants skip_dtb_autoload
anyway. But the SBSA reference board model we're planning to
add will want the flag to behave correctly.

Now we've refactored the arm_load_kernel() function, the
fix is simple: drop the early 'return' so we fall into
the same "load the DTB" code the boot-direct-kernel path uses.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20190131112240.8395-6-peter.maydell@linaro.org

2 years agohw/arm/boot: Clarify why arm_setup_firmware_boot() doesn't set env->boot_info
Peter Maydell [Tue, 5 Feb 2019 16:52:42 +0000 (16:52 +0000)] 
hw/arm/boot: Clarify why arm_setup_firmware_boot() doesn't set env->boot_info

The code path for booting firmware doesn't set env->boot_info. At
first sight this looks odd, so add a comment saying why we don't.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20190131112240.8395-5-peter.maydell@linaro.org

2 years agohw/arm/boot: Factor out "set up firmware boot" code
Peter Maydell [Tue, 5 Feb 2019 16:52:42 +0000 (16:52 +0000)] 
hw/arm/boot: Factor out "set up firmware boot" code

Factor out the "boot via firmware" code path from arm_load_kernel()
into its own function.

This commit only moves code around; no semantic changes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20190131112240.8395-4-peter.maydell@linaro.org

2 years agohw/arm/boot: Factor out "direct kernel boot" code into its own function
Peter Maydell [Tue, 5 Feb 2019 16:52:41 +0000 (16:52 +0000)] 
hw/arm/boot: Factor out "direct kernel boot" code into its own function

Factor out the "direct kernel boot" code path from arm_load_kernel()
into its own function; this function is getting long enough that
the code flow is a bit confusing.

This commit only moves code around; no semantic changes.

We leave the "load the dtb" code in arm_load_kernel() -- this
is currently only used by the "direct kernel boot" path, but
this is a bug which we will fix shortly.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20190131112240.8395-3-peter.maydell@linaro.org

2 years agohw/arm/boot: Fix block comment style in arm_load_kernel()
Peter Maydell [Tue, 5 Feb 2019 16:52:41 +0000 (16:52 +0000)] 
hw/arm/boot: Fix block comment style in arm_load_kernel()

Fix the block comment style in arm_load_kernel() to QEMU's
current style preferences. This will allow us to do some
refactoring of this function without checkpatch complaining
about the code-motion patches.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20190131112240.8395-2-peter.maydell@linaro.org

2 years agogdbstub: allow killing QEMU via vKill command
Max Filippov [Tue, 5 Feb 2019 16:52:41 +0000 (16:52 +0000)] 
gdbstub: allow killing QEMU via vKill command

With multiprocess extensions gdb uses 'vKill' packet instead of 'k' to
kill the inferior. Handle 'vKill' the same way 'k' was handled in the
presence of single process.

Fixes: 7cf48f6752e5 ("gdbstub: add multiprocess support to
(f|s)ThreadInfo and ThreadExtraInfo")

Cc: Luc Michel <luc.michel@greensocs.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Tested-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-id: 20190130192403.13754-1-jcmvbkbc@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Enable TBI for user-only
Richard Henderson [Tue, 5 Feb 2019 16:52:40 +0000 (16:52 +0000)] 
target/arm: Enable TBI for user-only

This has been enabled in the linux kernel since v3.11
(commit d50240a5f6cea, 2013-09-03,
"arm64: mm: permit use of tagged pointers at EL0").

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190204132126.3255-5-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Compute TB_FLAGS for TBI for user-only
Peter Maydell [Tue, 5 Feb 2019 16:52:40 +0000 (16:52 +0000)] 
target/arm: Compute TB_FLAGS for TBI for user-only

Enables, but does not turn on, TBI for CONFIG_USER_ONLY.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190204132126.3255-4-richard.henderson@linaro.org
[PMM: adjusted #ifdeffery to placate clang, which otherwise complains
about static functions that are unused in the CONFIG_USER_ONLY build]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Clean TBI for data operations in the translator
Richard Henderson [Tue, 5 Feb 2019 16:52:40 +0000 (16:52 +0000)] 
target/arm: Clean TBI for data operations in the translator

This will allow TBI to be used in user-only mode, as well as
avoid ping-ponging the softmmu TLB when TBI is in use.  It
will also enable other armv8 extensions.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190204132126.3255-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Add TBFLAG_A64_TBID, split out gen_top_byte_ignore
Richard Henderson [Tue, 5 Feb 2019 16:52:39 +0000 (16:52 +0000)] 
target/arm: Add TBFLAG_A64_TBID, split out gen_top_byte_ignore

Split out gen_top_byte_ignore in preparation of handling these
data accesses; the new tbflags field is not yet honored.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190204132126.3255-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotests/tcg/aarch64: Add pauth smoke test
Richard Henderson [Tue, 5 Feb 2019 16:52:39 +0000 (16:52 +0000)] 
tests/tcg/aarch64: Add pauth smoke test

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190201195404.30486-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agolinux-user: Implement PR_PAC_RESET_KEYS
Richard Henderson [Tue, 5 Feb 2019 16:52:39 +0000 (16:52 +0000)] 
linux-user: Implement PR_PAC_RESET_KEYS

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190201195404.30486-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Enable BTI for -cpu max
Richard Henderson [Tue, 5 Feb 2019 16:52:38 +0000 (16:52 +0000)] 
target/arm: Enable BTI for -cpu max

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190128223118.5255-11-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Set btype for indirect branches
Richard Henderson [Tue, 5 Feb 2019 16:52:38 +0000 (16:52 +0000)] 
target/arm: Set btype for indirect branches

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190128223118.5255-9-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Reset btype for direct branches
Richard Henderson [Tue, 5 Feb 2019 16:52:38 +0000 (16:52 +0000)] 
target/arm: Reset btype for direct branches

This is all of the non-exception cases of DISAS_NORETURN.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190128223118.5255-8-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Default handling of BTYPE during translation
Richard Henderson [Tue, 5 Feb 2019 16:52:37 +0000 (16:52 +0000)] 
target/arm: Default handling of BTYPE during translation

The branch target exception for guarded pages has high priority,
and only 8 instructions are valid for that case.  Perform this
check before doing any other decode.

Clear BTYPE after all insns that neither set BTYPE nor exit via
exception (DISAS_NORETURN).

Not yet handled are insns that exit via DISAS_NORETURN for some
other reason, like direct branches.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190128223118.5255-7-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Cache the GP bit for a page in MemTxAttrs
Richard Henderson [Tue, 5 Feb 2019 16:52:37 +0000 (16:52 +0000)] 
target/arm: Cache the GP bit for a page in MemTxAttrs

Caching the bit means that we will not have to re-walk the
page tables to look up the bit during translation.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190128223118.5255-6-richard.henderson@linaro.org
[PMM: no need to OR in guarded bit status]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoexec: Add target-specific tlb bits to MemTxAttrs
Richard Henderson [Tue, 5 Feb 2019 16:52:37 +0000 (16:52 +0000)] 
exec: Add target-specific tlb bits to MemTxAttrs

These bits can be used to cache target-specific data in cputlb
read from the page tables.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190128223118.5255-5-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Add BT and BTYPE to tb->flags
Richard Henderson [Tue, 5 Feb 2019 16:52:36 +0000 (16:52 +0000)] 
target/arm: Add BT and BTYPE to tb->flags

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190128223118.5255-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Add PSTATE.BTYPE
Richard Henderson [Tue, 5 Feb 2019 16:52:36 +0000 (16:52 +0000)] 
target/arm: Add PSTATE.BTYPE

Place this in its own field within ENV, as that will
make it easier to reset from within TCG generated code.

With the change to pstate_read/write, exception entry
and return are automatically handled.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190128223118.5255-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/arm: Introduce isar_feature_aa64_bti
Richard Henderson [Tue, 5 Feb 2019 16:52:36 +0000 (16:52 +0000)] 
target/arm: Introduce isar_feature_aa64_bti

Also create field definitions for id_aa64pfr1 from ARMv8.5.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190128223118.5255-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Tue, 5 Feb 2019 16:52:19 +0000 (16:52 +0000)] 
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pci, pc, virtio: fixes, cleanups, features

vhost user blk discard/write zeroes features
misc cleanups and fixes all over the place

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Tue 05 Feb 2019 16:00:20 GMT
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  contrib/libvhost-user: cleanup casts
  r2d: fix build on mingw
  mmap-alloc: fix hugetlbfs misaligned length in ppc64
  mmap-alloc: unfold qemu_ram_mmap()
  i386, acpi: cleanup build_facs by removing second unused argument
  fw_cfg: fix the life cycle and the name of "qemu_extra_params_fw"
  acpi: Make TPM 2.0 with TIS available as MSFT0101
  hw/virtio: Use CONFIG_VIRTIO_PCI switch instead of CONFIG_PCI
  vhost-user-blk: add discard/write zeroes features support
  contrib/vhost-user-blk: fix the compilation issue
  pci/msi: export msi_is_masked()
  intel_iommu: reset intr_enabled when system reset
  intel_iommu: fix operator in vtd_switch_address_space
  hw: virtio-pci: drop DO_UPCAST
  include: update Linux headers to 4.21-rc1/5.0-rc1
  scripts/update-linux-headers.sh: adjust for Linux 4.21-rc1 (or 5.0-rc1)
  contrib/libvhost-user: switch to uint64_t
  virtio: add checks for the size of the indirect table

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agocontrib/libvhost-user: cleanup casts
Michael S. Tsirkin [Mon, 4 Feb 2019 05:04:34 +0000 (00:04 -0500)] 
contrib/libvhost-user: cleanup casts

Now that field types are all properly uint64_t,
drop the un-necessary cast.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agor2d: fix build on mingw
Michael S. Tsirkin [Fri, 1 Feb 2019 22:57:42 +0000 (17:57 -0500)] 
r2d: fix build on mingw

Comment near strncpy explains kernel_cmdline does
not need to be 0-terminated.

Accordingly mark it as QEMU_NONSTRING.

Without this, gcc warns:
    'strncpy' specified bound 256 equals destination size

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agommap-alloc: fix hugetlbfs misaligned length in ppc64
Murilo Opsfelder Araujo [Wed, 30 Jan 2019 23:36:05 +0000 (21:36 -0200)] 
mmap-alloc: fix hugetlbfs misaligned length in ppc64

The commit 7197fb4058bcb68986bae2bb2c04d6370f3e7218 ("util/mmap-alloc:
fix hugetlb support on ppc64") fixed Huge TLB mappings on ppc64.

However, we still need to consider the underlying huge page size
during munmap() because it requires that both address and length be a
multiple of the underlying huge page size for Huge TLB mappings.
Quote from "Huge page (Huge TLB) mappings" paragraph under NOTES
section of the munmap(2) manual:

  "For munmap(), addr and length must both be a multiple of the
  underlying huge page size."

On ppc64, the munmap() in qemu_ram_munmap() does not work for Huge TLB
mappings because the mapped segment can be aligned with the underlying
huge page size, not aligned with the native system page size, as
returned by getpagesize().

This has the side effect of not releasing huge pages back to the pool
after a hugetlbfs file-backed memory device is hot-unplugged.

This patch fixes the situation in qemu_ram_mmap() and
qemu_ram_munmap() by considering the underlying page size on ppc64.

After this patch, memory hot-unplug releases huge pages back to the
pool.

Fixes: 7197fb4058bcb68986bae2bb2c04d6370f3e7218
Signed-off-by: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
2 years agommap-alloc: unfold qemu_ram_mmap()
Murilo Opsfelder Araujo [Wed, 30 Jan 2019 23:36:04 +0000 (21:36 -0200)] 
mmap-alloc: unfold qemu_ram_mmap()

Unfold parts of qemu_ram_mmap() for the sake of understanding, moving
declarations to the top, and keeping architecture-specifics in the
ifdef-else blocks.  No changes in the function behaviour.

Give ptr and ptr1 meaningful names:
  ptr  -> guardptr : pointer to the PROT_NONE guard region
  ptr1 -> ptr      : pointer to the mapped memory returned to caller

Signed-off-by: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
2 years agoi386, acpi: cleanup build_facs by removing second unused argument
Wei Yang [Wed, 30 Jan 2019 03:02:07 +0000 (11:02 +0800)] 
i386, acpi: cleanup build_facs by removing second unused argument

The second argument of build_facs() is not used, just remove it.

Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agofw_cfg: fix the life cycle and the name of "qemu_extra_params_fw"
Laszlo Ersek [Fri, 18 Jan 2019 22:31:52 +0000 (23:31 +0100)] 
fw_cfg: fix the life cycle and the name of "qemu_extra_params_fw"

Commit 19bcc4bc3213 ("fw_cfg: Make qemu_extra_params_fw locally",
2019-01-04) changed the storage duration of the "qemu_extra_params_fw"
array from static to automatic. This broke the interface contract on the
fw_cfg_add_file() function, which is documented as follows, in
"include/hw/nvram/fw_cfg.h":

> [...] The data referenced by the starting pointer is only linked, NOT
> copied, into the data structure of the fw_cfg device. [...]

As a result, when guest firmware fetches the "etc/boot-menu-wait" fw_cfg
file, it now sees garbage. Fix the regression by changing the storage
duration to allocated. (The call is reached at most once, on the realize
path of the board-specific fw_cfg sysbus device.)

While at it, clean up the name and the assignment of the object as well.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Fixes: 19bcc4bc3213e78c303ad480a7a578f62258252d
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agoacpi: Make TPM 2.0 with TIS available as MSFT0101
Stefan Berger [Fri, 25 Jan 2019 21:00:58 +0000 (16:00 -0500)] 
acpi: Make TPM 2.0 with TIS available as MSFT0101

This patch makes the a TPM 2.0 with TIS interface available under the
HID 'MSF0101'. This is supported by Linux and also Windows now
recognizes the TPM 2.0 with TIS interface. Leave the TPM 1.2 as before.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2 years agohw/virtio: Use CONFIG_VIRTIO_PCI switch instead of CONFIG_PCI
Thomas Huth [Fri, 25 Jan 2019 12:56:00 +0000 (13:56 +0100)] 
hw/virtio: Use CONFIG_VIRTIO_PCI switch instead of CONFIG_PCI

For downstream s390x builds, we'd like to be able to build QEMU with
CONFIG_VIRTIO_PCI disabled (since virtio-ccw is used here instead),
but still with CONFIG_PCI enabled. This currently fails since the
virtio-*-pci.o files are still included in the build, but virtio-pci.o
is missing. Use the right config switch CONFIG_VIRTIO_PCI to exclude
the virtio-*-pci.o files from the build.

Reported-by: Miroslav Rezanina <mrezanin@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovhost-user-blk: add discard/write zeroes features support
Changpeng Liu [Wed, 16 Jan 2019 05:19:30 +0000 (13:19 +0800)] 
vhost-user-blk: add discard/write zeroes features support

Linux commit 1f23816b8 "virtio_blk: add discard and write zeroes support"
added the support in the Guest kernel, while here also enable the features
support with vhost-user-blk driver. Also enable the test example utility
with DISCARD and WRITE ZEROES commands.

Signed-off-by: Changpeng Liu <changpeng.liu@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agocontrib/vhost-user-blk: fix the compilation issue
Peter Xu [Wed, 16 Jan 2019 03:08:15 +0000 (11:08 +0800)] 
contrib/vhost-user-blk: fix the compilation issue

Signed-off-by: Changpeng Liu <changpeng.liu@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agopci/msi: export msi_is_masked()
Peter Xu [Wed, 16 Jan 2019 03:08:14 +0000 (11:08 +0800)] 
pci/msi: export msi_is_masked()

It is going to be used later on outside MSI code to detect whether one
MSI vector is masked out.

Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agointel_iommu: reset intr_enabled when system reset
Peter Xu [Wed, 16 Jan 2019 03:08:13 +0000 (11:08 +0800)] 
intel_iommu: reset intr_enabled when system reset

This is found when I was debugging another problem.  Until now no bug
is reported with this but we'd better reset the IR status correctly
after a system reset.

Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agointel_iommu: fix operator in vtd_switch_address_space
Peter Xu [Wed, 16 Jan 2019 03:08:12 +0000 (11:08 +0800)] 
intel_iommu: fix operator in vtd_switch_address_space

When calculating use_iommu, we wanted to first detect whether DMAR is
enabled, then check whether PT is enabled if DMAR is enabled.  However
in the current code we used "&" rather than "&&" so the ordering
requirement is lost (instead it'll be an "AND" operation).  This could
introduce errors dumped in QEMU console when rebooting a guest with
both assigned device and vIOMMU, like:

  qemu-system-x86_64: vtd_dev_to_context_entry: invalid root entry:
  rsvd=0xf000ff53f000e2c3, val=0xf000ff53f000ff53 (reserved nonzero)

Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agohw: virtio-pci: drop DO_UPCAST
Li Qiang [Sat, 3 Nov 2018 15:41:04 +0000 (08:41 -0700)] 
hw: virtio-pci: drop DO_UPCAST

Use VIRTIO_PCI MACRO instead.

Signed-off-by: Li Qiang <liq3ea@163.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/kraxel/tags/ui-20190205-pull-request' into...
Peter Maydell [Tue, 5 Feb 2019 14:01:29 +0000 (14:01 +0000)] 
Merge remote-tracking branch 'remotes/kraxel/tags/ui-20190205-pull-request' into staging

ui: add kbd stats tracker.
ui: gtk scroll fixes.
ui: egl cursor scale fix.
ui: more sdl1 cleanup.

# gpg: Signature made Tue 05 Feb 2019 10:57:42 GMT
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/ui-20190205-pull-request:
  keymap: fix keyup mappings
  keymap: pass full keyboard state to keysym2scancode
  kbd-state: use state tracker for vnc
  kbd-state: use state tracker for gtk
  sdl2: use only QKeyCode in sdl2_process_key()
  kbd-state: use state tracker for sdl2
  sdl2: remove sdl2_reset_keys() function
  kbd-state: add keyboard state tracker
  ui/egl-helpers: Augment parameter list of egl_texture_blend() to convey scales of viewport
  ui/cocoa.m: Fix macOS 10.14 deprecation warnings
  ui/sdl_keysym: Remove obsolete SDL1.2 related code
  ui: listen for GDK_SMOOTH_SCROLL events
  ui: don't send any event if delta_y == 0
  Remove deprecated -no-frame option

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-02-04' into staging
Peter Maydell [Tue, 5 Feb 2019 12:46:18 +0000 (12:46 +0000)] 
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-02-04' into staging

nbd patches for 2019-02-04

- deprecate 'qemu-nbd --partition'
- preparation for NBD reconnect, including better logging of read errors

# gpg: Signature made Tue 05 Feb 2019 03:50:56 GMT
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2019-02-04:
  block/nbd-client: rename read_reply_co to connection_co
  block/nbd-client: don't check ioc
  block/nbd-client: fix nbd_reply_chunk_iter_receive
  block/nbd-client: split connection from initialization
  block/nbd: move connection code from block/nbd to block/nbd-client
  block/nbd-client: split channel errors from export errors
  nbd: generalize usage of nbd_read
  qemu-nbd: Deprecate qemu-nbd --partition

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agokeymap: fix keyup mappings
Gerd Hoffmann [Tue, 22 Jan 2019 09:28:14 +0000 (10:28 +0100)] 
keymap: fix keyup mappings

It is possible that the modifier state on keyup is different from the
modifier state on keydown.  In that case the keycode lookup can end up
with different keys in case multiple keysym -> keycode mappings exist,
because it picks the mapping depending on modifier state.

To fix that change the lookup logic for keyup events.  Instead of
looking at the modifier state check the key state and prefer a keycodes
where the key is in "down" state right now.

Fixes: abb4f2c965 keymap: consider modifier state when picking a mapping
Buglink: https://bugs.launchpad.net/bugs/1738283
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1658676
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20190122092814.14919-9-kraxel@redhat.com

2 years agokeymap: pass full keyboard state to keysym2scancode
Gerd Hoffmann [Tue, 22 Jan 2019 09:28:13 +0000 (10:28 +0100)] 
keymap: pass full keyboard state to keysym2scancode

Pass the keyboard state tracker handle down to keysym2scancode(),
so the code can fully inspect the keyboard state as needed.  No
functional change.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20190122092814.14919-8-kraxel@redhat.com

2 years agokbd-state: use state tracker for vnc
Gerd Hoffmann [Tue, 22 Jan 2019 09:28:12 +0000 (10:28 +0100)] 
kbd-state: use state tracker for vnc

Use the new keyboard state tracked for vnc.  Allows to drop the
vnc-specific modifier state tracking code.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20190122092814.14919-7-kraxel@redhat.com

2 years agokbd-state: use state tracker for gtk
Gerd Hoffmann [Tue, 22 Jan 2019 09:28:11 +0000 (10:28 +0100)] 
kbd-state: use state tracker for gtk

Use the new keyboard state tracked for gtk.  Allows to drop the
gtk-specific modifier state tracking code.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20190122092814.14919-6-kraxel@redhat.com

2 years agosdl2: use only QKeyCode in sdl2_process_key()
Gerd Hoffmann [Tue, 22 Jan 2019 09:28:10 +0000 (10:28 +0100)] 
sdl2: use only QKeyCode in sdl2_process_key()

Also: sdl2_process_key is never called with scon == NULL.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20190122092814.14919-5-kraxel@redhat.com

2 years agokbd-state: use state tracker for sdl2
Gerd Hoffmann [Tue, 22 Jan 2019 09:28:09 +0000 (10:28 +0100)] 
kbd-state: use state tracker for sdl2

Use the new keyboard state tracked for sdl2.  We can drop the modifier
state tracking from sdl2.  Also keyup code is simpler, the state tracker
will take care to not send suspious keyup events to the guest.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20190122092814.14919-4-kraxel@redhat.com

2 years agosdl2: remove sdl2_reset_keys() function
Gerd Hoffmann [Tue, 22 Jan 2019 09:28:08 +0000 (10:28 +0100)] 
sdl2: remove sdl2_reset_keys() function

No users left, dead code.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20190122092814.14919-3-kraxel@redhat.com

2 years agokbd-state: add keyboard state tracker
Gerd Hoffmann [Tue, 22 Jan 2019 09:28:07 +0000 (10:28 +0100)] 
kbd-state: add keyboard state tracker

Now that most user interfaces are using QKeyCodes it is easier to have
common keyboard code useable by all user interfaces.

This patch adds helper code to track the state of all keyboard keys,
using a bitmap indexed by QKeyCode.  Modifier state is tracked too,
as separate bitmap.  That makes checking modifier state easier.
Likewise we can easily apply special handling for capslock & numlock
(toggles on keypress) and ctrl + shift (we have two keys for that).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20190122092814.14919-2-kraxel@redhat.com

[ kraxel: added license boilerplate header ]

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2 years agoui/egl-helpers: Augment parameter list of egl_texture_blend() to convey scales of...
Chen Zhang [Fri, 25 Jan 2019 07:47:23 +0000 (15:47 +0800)] 
ui/egl-helpers: Augment parameter list of egl_texture_blend() to convey scales of viewport

This would help gtk-egl display showing scaled DMABuf cursor images when
gtk window was zoomed. A default scale of (1.0, 1.0) was presumed for
call sites where no scaling is needed.

Signed-off-by: Chen Zhang <tgfbeta@me.com>
Message-id: 23B229B3-3095-4DFB-8369-866784808D30@me.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/xtensa/tags/20190204-xtensa' into staging
Peter Maydell [Tue, 5 Feb 2019 09:35:53 +0000 (09:35 +0000)] 
Merge remote-tracking branch 'remotes/xtensa/tags/20190204-xtensa' into staging

target/xtensa: SMP updates and various fixes

- fix CPU wakeup on runstall changes; expose runstall as an IRQ line;
- place mini-bootloader at the BSP reset vector;
- expose CPU core frequency in XTFPGA board FPGA register;
- rearrange access to external interrupts of xtensa cores;
- add MX interrupt distributor and use it on SMP XTFPGA boards;
- add test_mmuhifi_c3 xtensa core variant;
- raise number of CPUs that can be instantiated on XTFPGA boards.

# gpg: Signature made Mon 04 Feb 2019 18:59:32 GMT
# gpg:                using RSA key 2B67854B98E5327DCDEB17D851F9CC91F83FA044
# gpg:                issuer "jcmvbkbc@gmail.com"
# gpg: Good signature from "Max Filippov <filippov@cadence.com>" [unknown]
# gpg:                 aka "Max Filippov <max.filippov@cogentembedded.com>" [full]
# gpg:                 aka "Max Filippov <jcmvbkbc@gmail.com>" [full]
# Primary key fingerprint: 2B67 854B 98E5 327D CDEB  17D8 51F9 CC91 F83F A044

* remotes/xtensa/tags/20190204-xtensa:
  hw/xtensa: xtfpga: raise CPU number limit
  target/xtensa: add test_mmuhifi_c3 core
  hw/xtensa: xtfpga: use MX PIC for SMP
  target/xtensa: add MX interrupt controller
  target/xtensa: expose core runstall as an IRQ line
  target/xtensa: rearrange access to external interrupts
  target/xtensa: drop function xtensa_timer_irq
  target/xtensa: fix access to the INTERRUPT SR
  hw/xtensa: xtfpga: use core frequency
  hw/xtensa: xtfpga: fix bootloader placement in SMP
  target/xtensa: add qemu_cpu_kick to xtensa_runstall

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agos390x/pci: Unplug remaining requested devices on pcihost reset
David Hildenbrand [Wed, 30 Jan 2019 15:57:33 +0000 (16:57 +0100)] 
s390x/pci: Unplug remaining requested devices on pcihost reset

When resetting the guest we should unplug and remove all devices that
are still pending.

With this patch, the requested device will be unplugged on reboot
(S390_RESET_EXTERNAL and S390_RESET_REIPL, which reset the pcihost bridge
via qemu_devices_reset()).

This approach is similar to what's done for acpi PCI hotplug in
acpi_pcihp_reset() -> acpi_pcihp_update() ->
acpi_pcihp_update_hotplug_bus() -> acpi_pcihp_eject_slot().

s390_pci_generate_plug_event()'s will still be generated, I guess this
is not an issue. The same thing would happen right now when unplugging
a device just before starting the guest.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190130155733.32742-7-david@redhat.com>
Reviewed-by: Collin Walling <walling@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/pci: Warn when adding PCI devices without the 'zpci' feature
David Hildenbrand [Wed, 30 Jan 2019 15:57:30 +0000 (16:57 +0100)] 
s390x/pci: Warn when adding PCI devices without the 'zpci' feature

We decided to always create the PCI host bridge, even if 'zpci' is not
enabled (due to migration compatibility). This however right now allows
to add zPCI/PCI devices to a VM although the guest will never actually see
them, confusing people that are using a simple CPU model that has no
'zpci' enabled - "Why isn't this working" (David Hildenbrand)

Let's check for 'zpci' and at least print a warning that this will not
work as expected. We could also bail out, however that might break
existing QEMU commandlines.

Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190130155733.32742-4-david@redhat.com>
Reviewed-by: Collin Walling <walling@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/pci: Fix hotplugging of PCI bridges
David Hildenbrand [Wed, 30 Jan 2019 15:57:29 +0000 (16:57 +0100)] 
s390x/pci: Fix hotplugging of PCI bridges

When hotplugging a PCI bridge right now to the root port, we resolve
pci_get_bus(pdev)->parent_dev, which results in a SEGFAULT. Hotplugging
really only works right now when hotplugging to another bridge.

Instead, we have to properly check if we are already at the root.

Let's cleanup the code while at it a bit and factor out updating the
subordinate bus number into a separate function. The check for
"old_nr < nr" is right now not strictly necessary, but makes it more
obvious what is actually going on.

Most probably fixing up the topology is not our responsibility when
hotplugging. The guest has to sort this out. But let's keep it for now
and only fix current code to not crash.

Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190130155733.32742-3-david@redhat.com>
Reviewed-by: Collin Walling <walling@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/pci: Fix primary bus number for PCI bridges
David Hildenbrand [Wed, 30 Jan 2019 15:57:28 +0000 (16:57 +0100)] 
s390x/pci: Fix primary bus number for PCI bridges

The primary bus number corresponds always to the bus number of the
bus the bridge is attached to.

Right now, if we have two bridges attached to the same bus (e.g. root
bus) this is however not the case. The first bridge will have primary
bus 0, the second bridge primary bus 1, which is wrong. Fix the assignment.

While at it, drop setting the PCI_SUBORDINATE_BUS temporarily to 0xff.
Setting it temporarily to that value (as discussed e.g. in [1]), is
only relevant for a running system that probes the buses. The value is
effectively unused for us just doing a DFS.

Also add a comment why we have to reassign during every reset (which I
found to be surprising.

Please note that hotplugging of bridges is in general still broken, will
be fixed next.

[1] http://www.science.unitn.it/~fiorella/guidelinux/tlk/node76.html

Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190130155733.32742-2-david@redhat.com>
Reviewed-by: Collin Walling <walling@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agoui/cocoa.m: Fix macOS 10.14 deprecation warnings
Brendan Shanks [Fri, 1 Feb 2019 07:12:25 +0000 (23:12 -0800)] 
ui/cocoa.m: Fix macOS 10.14 deprecation warnings

macOS 10.14 deprecated NSOnState/NSOffState in favour of
NSControlStateValueOn/NSControlStateValueOff. Use the new constants,
and #define them to the old ones when compiling against a pre-10.13 SDK.
Also [NSGraphicsContext graphicsPort] is now deprecated, use
[NSGraphicsContext CGContext] when available.

Signed-off-by: Brendan Shanks <brendan@bslabs.net>
Message-id: 20190201071225.20576-1-brendan@bslabs.net
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agoui/sdl_keysym: Remove obsolete SDL1.2 related code
Thomas Huth [Mon, 4 Feb 2019 12:10:41 +0000 (13:10 +0100)] 
ui/sdl_keysym: Remove obsolete SDL1.2 related code

sdl_keysym.h has only been included by sdl.c which has recently been
removed recently with this commit:

  0015ca5cbabe0b31d31610ddfaafd90a9e5911a4
  ("ui: remove support for SDL1.2 in favour of SDL2")

So we can drop this header file now completely, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 1549282241-23535-1-git-send-email-thuth@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agoui: listen for GDK_SMOOTH_SCROLL events
Sergio Lopez [Mon, 4 Feb 2019 12:08:23 +0000 (13:08 +0100)] 
ui: listen for GDK_SMOOTH_SCROLL events

On Wayland, without grabbing focus, two-finger scrolling generates
GDK_SMOOTH_SCROLL events instead of GDK_SCROLL_*, so listen for them.

Signed-off-by: Sergio Lopez <slp@redhat.com>
Message-id: 20190204120823.41333-1-slp@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agoui: don't send any event if delta_y == 0
Sergio Lopez [Mon, 4 Feb 2019 12:20:43 +0000 (13:20 +0100)] 
ui: don't send any event if delta_y == 0

When the user raises their fingers from the touchpad, we may receive a
GDK_SMOOTH_SCROLL event with delta_y == 0. Avoid generating a WHEEL_UP
event in this situation.

Signed-off-by: Sergio Lopez <slp@redhat.com>
Message-id: 20190204122043.43007-1-slp@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agoRemove deprecated -no-frame option
Thomas Huth [Tue, 5 Feb 2019 07:29:29 +0000 (08:29 +0100)] 
Remove deprecated -no-frame option

The -no-frame option has been deprecated with QEMU v2.12. It was only
useful with SDL1.2 - now that we've removed support for SDL1.2, we
can certainly remove the -no-frame option, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1549351769-19620-1-git-send-email-thuth@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 years agoblock/nbd-client: rename read_reply_co to connection_co
Vladimir Sementsov-Ogievskiy [Fri, 1 Feb 2019 13:01:38 +0000 (16:01 +0300)] 
block/nbd-client: rename read_reply_co to connection_co

This coroutine will serve nbd reconnects, so, rename it to be something
more generic.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190201130138.94525-7-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 years agoblock/nbd-client: don't check ioc
Vladimir Sementsov-Ogievskiy [Fri, 1 Feb 2019 13:01:37 +0000 (16:01 +0300)] 
block/nbd-client: don't check ioc

We have several paranoid checks for ioc != NULL. But ioc may become
NULL only on close, which should not happen during requests handling.
Also, we check ioc only sometimes, not after each yield, which is
inconsistent. Let's drop these checks. However, for safety, let's leave
asserts instead.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190201130138.94525-6-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 years agoblock/nbd-client: fix nbd_reply_chunk_iter_receive
Vladimir Sementsov-Ogievskiy [Fri, 1 Feb 2019 13:01:36 +0000 (16:01 +0300)] 
block/nbd-client: fix nbd_reply_chunk_iter_receive

Use exported report, not the variable to be reused (should not really
matter).

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190201130138.94525-5-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 years agoblock/nbd-client: split connection from initialization
Vladimir Sementsov-Ogievskiy [Fri, 1 Feb 2019 13:01:35 +0000 (16:01 +0300)] 
block/nbd-client: split connection from initialization

Split connection code to reuse it for reconnect.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190201130138.94525-4-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 years agoblock/nbd: move connection code from block/nbd to block/nbd-client
Vladimir Sementsov-Ogievskiy [Fri, 1 Feb 2019 13:01:34 +0000 (16:01 +0300)] 
block/nbd: move connection code from block/nbd to block/nbd-client

Keep all connection code in one file, to be able to implement reconnect
in further patches.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20190201130138.94525-3-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: format tweak]
Signed-off-by: Eric Blake <eblake@redhat.com>
2 years agoblock/nbd-client: split channel errors from export errors
Vladimir Sementsov-Ogievskiy [Fri, 1 Feb 2019 13:01:33 +0000 (16:01 +0300)] 
block/nbd-client: split channel errors from export errors

To implement nbd reconnect in further patches, we need to distinguish
error codes, returned by nbd server, from channel errors, to reconnect
only in the latter case.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190201130138.94525-2-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 years agonbd: generalize usage of nbd_read
Vladimir Sementsov-Ogievskiy [Mon, 28 Jan 2019 16:58:30 +0000 (19:58 +0300)] 
nbd: generalize usage of nbd_read

We generally do very similar things around nbd_read: error_prepend
specifying what we have tried to read, and be_to_cpu conversion of
integers.

So, it seems reasonable to move common things to helper functions,
which:
1. simplify code a bit
2. generalize nbd_read error descriptions, all starting with
   "Failed to read"
3. make it more difficult to forget to convert things from BE

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190128165830.165170-1-vsementsov@virtuozzo.com>
[eblake: rename macro to DEF_NBD_READ_N and formatting tweaks;
checkpatch has false positive complaint]
Signed-off-by: Eric Blake <eblake@redhat.com>
2 years agoqemu-nbd: Deprecate qemu-nbd --partition
Eric Blake [Fri, 25 Jan 2019 23:48:37 +0000 (17:48 -0600)] 
qemu-nbd: Deprecate qemu-nbd --partition

The existing qemu-nbd --partition code claims to handle logical
partitions up to 8, since its introduction in 2008 (commit 7a5ca86).
However, the implementation is bogus (actual MBR logical partitions
form a sort of linked list, with one partition per extended table
entry, rather than four logical partitions in a single extended
table), making the code unlikely to work for anything beyond -P5 on
actual guest images. What's more, the code does not support GPT
partitions, which are becoming more popular, and maintaining device
subsetting in both NBD and the raw device is unnecessary duplication
of effort (even if it is not too difficult).

Note that obtaining the offsets of a partition (MBR or GPT) can be
learned by using 'qemu-nbd -c /dev/nbd0 file.qcow2 && sfdisk --dump
/dev/nbd0', but by the time you've done that, you might as well
just mount /dev/nbd0p1 that the kernel creates for you instead of
bothering with qemu exporting a subset.  Or, keeping to just
user-space code, use nbdkit's partition filter, which has already
known both GPT and primary MBR partitions for a while, and was
just recently enhanced to support arbitrary logical MBR parititions.

Start the clock on the deprecation cycle, with examples of how
to accomplish device subsetting without using -P.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190125234837.2272-1-eblake@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
2 years agos390x/tcg: Don't model FP registers as globals
David Hildenbrand [Mon, 4 Feb 2019 15:44:06 +0000 (16:44 +0100)] 
s390x/tcg: Don't model FP registers as globals

As floating point registers overlay some vector registers and we want
to make use of the general tcg_gvec infrastructure that assumes vectors
are not stored in globals but in memory, don't model floating point
registers as globals anymore. This is then similar to how arm handles
it.

Reading/writing a floating point register means reading/writing memory now.

Break up ugly in2_x2() handling that modifies both, in1 and in2 into
in2_x2l and in2_x2h. This makes things more readable. Also, in1_x1() is
ugly as it touches out/out2, get rid of that and use prep_x1() instead.

As we are no longer able to use the original global variables for
out/out2, we have to use new temporary variables and write from them to
the target registers using wout_ helpers.

E.g. an instruction that reads and writes x1 will use
- prep_x1 to get the values into out/out2
- wout_x1 to write the values from out/out2
This special handling is needed for x1 as it is often used along with
other inputs, so in1/in2 is already used.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190204154406.16122-1-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agotest-filter-mirror: pass UNIX domain socket through fd
Jason Wang [Wed, 30 Jan 2019 03:14:27 +0000 (11:14 +0800)] 
test-filter-mirror: pass UNIX domain socket through fd

The tests tries to let qemu server mode to process the connection
which turns out to be racy after commit 8258292e18c3 ("monitor: Remove
"x-oob", offer capability "oob" unconditionally"). This is because the
filter may try to mirror the packets before UNIX socket object is
ready (connected was set to true) from the view of qemu. In this case
the packet will be dropped silently.

Fixing this by passing pre-connected socket created by socketpair() to
qemu through fd.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Li Zhijian <lizhijian@cn.fujitsu.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Cc: Zhang Chen <zhangckid@gmail.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Zhang Chen <zhangckid@gmail.com>
Message-id: 20190130031427.13129-1-jasowang@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotests/docker/test-mingw and docs: Remove --with-sdlabi=2.0
Thomas Huth [Mon, 4 Feb 2019 08:25:43 +0000 (09:25 +0100)] 
tests/docker/test-mingw and docs: Remove --with-sdlabi=2.0

Patchew currently reports failures with the mingw docker test - this
is due to --with-sdlabi=2.0 configure flag which does not exist anymore.
Remove this remainder from the docker test and the docs now.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1549268743-18502-1-git-send-email-thuth@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/aperard/tags/pull-xen-20190204' into staging
Peter Maydell [Mon, 4 Feb 2019 12:57:26 +0000 (12:57 +0000)] 
Merge remote-tracking branch 'remotes/aperard/tags/pull-xen-20190204' into staging

Xen queue

* xen-block, the Xen PV backend, now handles resize.
* configure cleanup.
* xen-bus fix.

# gpg: Signature made Mon 04 Feb 2019 11:16:13 GMT
# gpg:                using RSA key F80C006308E22CFD8A92E7980CF5572FD7FB55AF
# gpg:                issuer "anthony.perard@citrix.com"
# gpg: Good signature from "Anthony PERARD <anthony.perard@gmail.com>" [marginal]
# gpg:                 aka "Anthony PERARD <anthony.perard@citrix.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 5379 2F71 024C 600F 778A  7161 D8D5 7199 DF83 42C8
#      Subkey fingerprint: F80C 0063 08E2 2CFD 8A92  E798 0CF5 572F D7FB 55AF

* remotes/aperard/tags/pull-xen-20190204:
  xen-block: handle resize callback
  xen: fix xen-bus state model to allow frontend re-connection
  configure: Don't add Xen's libs to LDFLAGS
  configure: xen: Stop build-testing for xc_domain_create

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agos390x/pci: mark zpci devices as unmigratable
Cornelia Huck [Fri, 1 Feb 2019 12:29:08 +0000 (13:29 +0100)] 
s390x/pci: mark zpci devices as unmigratable

We currently don't migrate any state for zpci devices, which are
coupled with standard pci devices. This means funny things happen
when we e.g. try to migrate with a virtio-pci device but the s390x-
specific zpci state is not migrated (vfio-pci is not affected, as
it is not migratable anyway.)

Until this is fixed, mark zpci devices as unmigratable.

Reported-by: David Hildenbrand <david@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Collin Walling <walling@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/pci: Drop release timer and replace it with a flag
David Hildenbrand [Wed, 30 Jan 2019 15:57:32 +0000 (16:57 +0100)] 
s390x/pci: Drop release timer and replace it with a flag

Let's handle it similar to x86 ACPI PCI code and don't use a timer.
Instead, remember if an unplug request is pending and keep it pending
for eternity. (a follow up patch will process the request on
reboot).

We expect that a guest that is up and running, will process the unplug
request and trigger the unplug. This is normal operation, no timer needed.

If the guest does not react, this usually means something in the guest
is going wrong. Simply removing the device after 30 seconds does not
really sound like a good idea. It might sometimes be wanted, but I
consider this rather an "opt-in" decision as it might harm a guest not
prepared for it.

If we ever actually want a "forced/surprise removal", we will have to
implement something on top of the existing "device_del" framework. E.g.
also x86 might want to do a forced/surprise removal of PCI devices under
some conditions. "device_del X, forced=true" could be an option and will
require changes to the hotplug handler infrastructure.

This will then move the responsibility on when to do a forced removal
to a higher level. Doing a forced removal right now over-complicates
things and doesn't really seem to be required.

Let's allow to send multiple requests.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190130155733.32742-6-david@redhat.com>
Reviewed-by: Collin Walling <walling@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/pci: Introduce unplug requests and split unplug handler
David Hildenbrand [Wed, 30 Jan 2019 15:57:31 +0000 (16:57 +0100)] 
s390x/pci: Introduce unplug requests and split unplug handler

PCI on s390x is really weird and how it was modeled in QEMU might not have
been the right choice. Anyhow, right now it is the case that:
- Hotplugging a PCI device will silently create a zPCI device
  (if none is provided)
- Hotunplugging a zPCI device will unplug the PCI device (if any)
- Hotunplugging a PCI device will unplug also the zPCI device
As far as I can see, we can no longer change this behavior. But we
should fix it.

Both device types are handled via a single hotplug handler call. This
is problematic for various reasons:
1. Unplugging via the zPCI device allows to unplug devices that are not
   hot removable. (check performed in qdev_unplug()) - bad.
2. Hotplug handler chains are not possible for the unplug case. In the
   future, the machine might want to override hotplug handlers, to
   process device specific stuff and to then branch off to the actual
   hotplug handler. We need separate hotplug handler calls for both the
   PCI and zPCI device to make this work reliably. All other PCI
   implementations are already prepared to handle this correctly, only
   s390x is missing.

Therefore, introduce the unplug_request handler and properly perform
unplug checks by redirecting to the separate unplug_request handlers.
When finally unplugging, perform two separate hotplug_handler_unplug()
calls, first for the PCI device, followed by the zPCI device. This now
nicely splits unplugging paths for both devices.

The redirect part is a little hairy, as the user is allowed to trigger
unplug either via the PCI or the zPCI device. So redirect always to the
PCI unplug request handler first and remember if that check has been
performed in the zPCI device. Redirect then to the zPCI device unplug
request handler to perform the magic. Remembering that we already
checked the PCI device breaks the redirect loop.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190130155733.32742-5-david@redhat.com>
Reviewed-by: Collin Walling <walling@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x: remove direct reference to mem_path global from s390x code
Igor Mammedov [Wed, 30 Jan 2019 07:55:06 +0000 (08:55 +0100)] 
s390x: remove direct reference to mem_path global from s390x code

I plan to deprecate -mem-path option and replace it with memory-backend,
for that it's necessary to get rid of mem_path global variable.
Do it for s390x case, replacing it with alternative way to enable
1Mb hugepages capability.

Todo that replace qemu_mempath_getpagesize() with qemu_getrampagesize()
which also checks for -mem-path provided RAM.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <1548834906-133241-1-git-send-email-imammedo@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agotarget/s390x: define TCG_GUEST_DEFAULT_MO for MTTCG
Alex Bennée [Fri, 18 Jan 2019 17:18:48 +0000 (17:18 +0000)] 
target/s390x: define TCG_GUEST_DEFAULT_MO for MTTCG

MTTCG should be enabled by default whenever the memory model allows
it. s390x was missing its definition of TCG_GUEST_DEFAULT_MO meaning
the user had to manually specify  --accel tcg,thread=multi.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Cc: David Hildenbrand <david@redhat.com>
Message-Id: <20190118171848.27332-1-alex.bennee@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agoxen-block: handle resize callback
Paul Durrant [Thu, 31 Jan 2019 15:33:16 +0000 (15:33 +0000)] 
xen-block: handle resize callback

Some frontend drivers will handle dynamic resizing of PV disks, so set up
the BlockDevOps resize_cb() method during xen_block_realize() to allow
this to be done.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2 years agoxen: fix xen-bus state model to allow frontend re-connection
Paul Durrant [Tue, 22 Jan 2019 15:53:46 +0000 (15:53 +0000)] 
xen: fix xen-bus state model to allow frontend re-connection

There is a flaw in the xen-bus state model. To allow a frontend to re-
connect the backend state of an online XenDevice is transitioned from
Closed to InitWait, but this is currently done unilaterally which is
incorrect. The backend state should remain Closed until the frontend state
transitions to Initialising.

This patch removes the automatic backend state transition from
xen_device_backend_state_changed() and, instead, adds an extra check in
xen_device_frontend_state_changed() to determine whether a frontend is
trying to re-connect to a previously Closed XenDevice. Only if this is
found to be the case is the backend state transitioned from Closed to
InitWait. Note that this transition will be common amongst all XenDevice
classes and hence xen_device_frontend_state_changed() returns immediately
afterwards without calling into the XenDeviceClass frontend_changed()
method.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2 years agoconfigure: Don't add Xen's libs to LDFLAGS
Anthony PERARD [Mon, 21 Jan 2019 14:48:41 +0000 (14:48 +0000)] 
configure: Don't add Xen's libs to LDFLAGS

When Xen is detected via pkg-config, it isn't necessary to modify
LDFLAGS as modifying libs_softmmu is enough.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agoconfigure: xen: Stop build-testing for xc_domain_create
Anthony PERARD [Mon, 21 Jan 2019 17:07:13 +0000 (17:07 +0000)] 
configure: xen: Stop build-testing for xc_domain_create

Its last uses was removed by: 6d7c06c213ddcfabcafdc178ccef81736f85a7c2
"Remove broken Xen PV domain builder".

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
2 years agoMerge remote-tracking branch 'remotes/dgibson/tags/ppc-for-4.0-20190204' into staging
Peter Maydell [Mon, 4 Feb 2019 10:33:40 +0000 (10:33 +0000)] 
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-4.0-20190204' into staging

ppc patch queue 2019-02-04

Here's the next batch of ppc target and spapr related changes.
Highlights are:
 * A number of endianness handling cleanups from Mark Cave-Ayland
 * Updated Mac VGA driver
 * Updated SLOF image
 * Some XIVE cleanups and small fixes
 * ppc4xx cleanups and fixes from BALATON Zoltan

There are a few chances not technically in the ppc target code:
 * Several MAINTAINERS updates
 * Fixes for unmapping of hugepages on power hosts

The latter is included because it's primarily of interest for ppc KVM setups.

# gpg: Signature made Mon 04 Feb 2019 07:52:26 GMT
# gpg:                using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full]
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full]
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full]
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown]
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-4.0-20190204: (37 commits)
  mmap-alloc: fix hugetlbfs misaligned length in ppc64
  mmap-alloc: unfold qemu_ram_mmap()
  hw/ppc: Don't include m48t59.h if it is not necessary
  spapr_pci: Fix endianness in assigned-addresses property
  target/ppc: remove various HOST_WORDS_BIGENDIAN hacks in int_helper.c
  target/ppc: remove ROTRu32 and ROTRu64 macros from int_helper.c
  target/ppc: simplify VEXT_SIGNED macro in int_helper.c
  target/ppc: eliminate use of EL_IDX macros from int_helper.c
  target/ppc: eliminate use of HI_IDX and LO_IDX macros from int_helper.c
  target/ppc: rework vmul{e,o}{s,u}{b,h,w} instructions to use Vsr* macros
  target/ppc: rework vmrg{l,h}{b,h,w} instructions to use Vsr* macros
  hw/ppc/spapr: Add support for "-vga cirrus"
  QemuMacDrivers: update qemu_vga.ndrv to 90c488d built from submodule
  MAINTAINERS: add myself as maintainer for Mac Old World and New World machines
  spapr: Drop unused parameters from fdt building helper
  MAINTAINERS: Merge the two e500 sections
  MAINTAINERS: XIVE is an interrupt controller, not a machine
  hw/ppc: Move ppc40x_*reset() functions from ppc405_uc.c to ppc.c
  ppc: remove the interrupt presenters from under PowerPCCPU
  target/ppc: implement complete set of Vsr* macros
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agommap-alloc: fix hugetlbfs misaligned length in ppc64
Murilo Opsfelder Araujo [Wed, 30 Jan 2019 23:36:05 +0000 (21:36 -0200)] 
mmap-alloc: fix hugetlbfs misaligned length in ppc64

The commit 7197fb4058bcb68986bae2bb2c04d6370f3e7218 ("util/mmap-alloc:
fix hugetlb support on ppc64") fixed Huge TLB mappings on ppc64.

However, we still need to consider the underlying huge page size
during munmap() because it requires that both address and length be a
multiple of the underlying huge page size for Huge TLB mappings.
Quote from "Huge page (Huge TLB) mappings" paragraph under NOTES
section of the munmap(2) manual:

  "For munmap(), addr and length must both be a multiple of the
  underlying huge page size."

On ppc64, the munmap() in qemu_ram_munmap() does not work for Huge TLB
mappings because the mapped segment can be aligned with the underlying
huge page size, not aligned with the native system page size, as
returned by getpagesize().

This has the side effect of not releasing huge pages back to the pool
after a hugetlbfs file-backed memory device is hot-unplugged.

This patch fixes the situation in qemu_ram_mmap() and
qemu_ram_munmap() by considering the underlying page size on ppc64.

After this patch, memory hot-unplug releases huge pages back to the
pool.

Fixes: 7197fb4058bcb68986bae2bb2c04d6370f3e7218
Signed-off-by: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agommap-alloc: unfold qemu_ram_mmap()
Murilo Opsfelder Araujo [Wed, 30 Jan 2019 23:36:04 +0000 (21:36 -0200)] 
mmap-alloc: unfold qemu_ram_mmap()

Unfold parts of qemu_ram_mmap() for the sake of understanding, moving
declarations to the top, and keeping architecture-specifics in the
ifdef-else blocks.  No changes in the function behaviour.

Give ptr and ptr1 meaningful names:
  ptr  -> guardptr : pointer to the PROT_NONE guard region
  ptr1 -> ptr      : pointer to the mapped memory returned to caller

Signed-off-by: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agohw/ppc: Don't include m48t59.h if it is not necessary
Thomas Huth [Wed, 30 Jan 2019 16:39:42 +0000 (17:39 +0100)] 
hw/ppc: Don't include m48t59.h if it is not necessary

These files don't use anything from m48t59.h, so no need to include
this header here.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agospapr_pci: Fix endianness in assigned-addresses property
Alexey Kardashevskiy [Fri, 1 Feb 2019 00:56:22 +0000 (11:56 +1100)] 
spapr_pci: Fix endianness in assigned-addresses property

reg->phys_hi and assigned->phys_hi are big endian but we do an extra
byteswap anyway when copying reg->phys_hi to assigned->phys_hi.
To make things slightly more messy, we also add a relocatable bit (b_n())
although in the right endianness.

This fixes endianness of assigned->phys_hi.

This is unlikely to produce any visible difference though as we should end up
there only in the case of PCI hotplug and even then I am not sure if
(d->io_regions[i].addr == PCI_BAR_UNMAPPED) == true.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agotarget/ppc: remove various HOST_WORDS_BIGENDIAN hacks in int_helper.c
Mark Cave-Ayland [Wed, 30 Jan 2019 20:36:38 +0000 (20:36 +0000)] 
target/ppc: remove various HOST_WORDS_BIGENDIAN hacks in int_helper.c

Following on from the previous work, there are numerous endian-related hacks
in int_helper.c that can now be replaced with Vsr* macros.

There are also a few places where the VECTOR_FOR_INORDER_I macro can be
replaced with a normal iterator since the processing order is irrelevant.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agotarget/ppc: remove ROTRu32 and ROTRu64 macros from int_helper.c
Mark Cave-Ayland [Wed, 30 Jan 2019 20:36:37 +0000 (20:36 +0000)] 
target/ppc: remove ROTRu32 and ROTRu64 macros from int_helper.c

Richard points out that these macros suffer from a -fsanitize=shift bug in that
they improperly handle n == 0 turning it into a shift by 32/64 respectively.
Replace them with QEMU's existing ror32() and ror64() functions instead.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agotarget/ppc: simplify VEXT_SIGNED macro in int_helper.c
Mark Cave-Ayland [Wed, 30 Jan 2019 20:36:36 +0000 (20:36 +0000)] 
target/ppc: simplify VEXT_SIGNED macro in int_helper.c

As pointed out by Richard: it does not need the mask argument, nor does it need
the recast argument. The masking is implied by the cast argument, and the
recast is implied by the assignment.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agotarget/ppc: eliminate use of EL_IDX macros from int_helper.c
Mark Cave-Ayland [Wed, 30 Jan 2019 20:36:35 +0000 (20:36 +0000)] 
target/ppc: eliminate use of EL_IDX macros from int_helper.c

These macros can be eliminated by instead using the relavant Vsr* macros in
the few locations where they appear.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agotarget/ppc: eliminate use of HI_IDX and LO_IDX macros from int_helper.c
Mark Cave-Ayland [Wed, 30 Jan 2019 20:36:34 +0000 (20:36 +0000)] 
target/ppc: eliminate use of HI_IDX and LO_IDX macros from int_helper.c

The original purpose of these macros was to correctly reference the high and low
parts of the VSRs regardless of the host endianness.

Replace these direct references to high and low parts with the relevant VsrD
macro instead, and completely remove the now-unused HI_IDX and LO_IDX macros.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agotarget/ppc: rework vmul{e,o}{s,u}{b,h,w} instructions to use Vsr* macros
Mark Cave-Ayland [Wed, 30 Jan 2019 20:36:33 +0000 (20:36 +0000)] 
target/ppc: rework vmul{e,o}{s,u}{b,h,w} instructions to use Vsr* macros

The current implementations make use of the endian-specific macros HI_IDX and
LO_IDX directly to calculate array offsets.

Rework the implementation to use the Vsr* macros so that these per-endian
references can be removed.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agotarget/ppc: rework vmrg{l,h}{b,h,w} instructions to use Vsr* macros
Mark Cave-Ayland [Wed, 30 Jan 2019 20:36:32 +0000 (20:36 +0000)] 
target/ppc: rework vmrg{l,h}{b,h,w} instructions to use Vsr* macros

The current implementations make use of the endian-specific macros MRGLO/MRGHI
and also reference HI_IDX and LO_IDX directly to calculate array offsets.

Rework the implementation to use the Vsr* macros so that these per-endian
references can be removed.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agohw/ppc/spapr: Add support for "-vga cirrus"
Thomas Huth [Wed, 30 Jan 2019 13:36:39 +0000 (14:36 +0100)] 
hw/ppc/spapr: Add support for "-vga cirrus"

The cirrus VGA card has been enabled in the PPC builds with
commit 29f9cef39eb1ae55e82c ("ppc: Include vga cirrus card into
the compiling process") last year. It also works on the pseries
machine, even SLOF contains support for this card, so we can
also support this for the "-vga" parameter here.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agoQemuMacDrivers: update qemu_vga.ndrv to 90c488d built from submodule
Mark Cave-Ayland [Mon, 28 Jan 2019 21:21:57 +0000 (21:21 +0000)] 
QemuMacDrivers: update qemu_vga.ndrv to 90c488d built from submodule

This update to qemu_vga.ndrv includes the following changes:

- Build guest resolution list from QEMU EDID data if enabled
- Fixes to re-enable 256 color mode

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agoMAINTAINERS: add myself as maintainer for Mac Old World and New World machines
Mark Cave-Ayland [Mon, 28 Jan 2019 21:21:56 +0000 (21:21 +0000)] 
MAINTAINERS: add myself as maintainer for Mac Old World and New World machines

I've unofficially been doing most of the work on the Mac machines for a while
now, so update MAINTAINERS to reflect this. David is still happy to be listed
as a reviewer as per our discussion at KVM forum.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agospapr: Drop unused parameters from fdt building helper
Alexey Kardashevskiy [Wed, 30 Jan 2019 01:42:16 +0000 (12:42 +1100)] 
spapr: Drop unused parameters from fdt building helper

spapr_load_rtas() handles now RTAS address and size information in the FDT
so drop them from spapr_build_fdt().

While we are here, fix a small typo.

Fixes: 3f5dabceba24 "pseries: Consolidate construction of /rtas device tree node"
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2 years agoMAINTAINERS: Merge the two e500 sections
Thomas Huth [Wed, 30 Jan 2019 16:22:25 +0000 (17:22 +0100)] 
MAINTAINERS: Merge the two e500 sections

There is currently a "e500" machine section and a "ppce500" device
section in the maintainers file - with some oddities: The wildcard
in the device section also covers the files from the machine section.
And hw/pci-host/ppce500.c is in the device section, while its header
is in the machine section.
This is really quite confusing, and I don't see a reason why we really
need two sections here, so let's simply merge them.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>