qemu.git
3 years agousb:xhci:fix memory leak in usb_xhci_exit
Li Qiang [Tue, 13 Sep 2016 10:20:03 +0000 (03:20 -0700)] 
usb:xhci:fix memory leak in usb_xhci_exit

If the xhci uses msix, it doesn't free the corresponding
memory, thus leading a memory leak. This patch avoid this.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Message-id: 57d7d2e0.d4301c0a.d13e9.9a55@mx.google.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agousb-host: fix streams detection in usb_host_speed_compat
Gerd Hoffmann [Fri, 9 Sep 2016 07:41:30 +0000 (09:41 +0200)] 
usb-host: fix streams detection in usb_host_speed_compat

The companion descriptor is present on all usb3 devices, not only
those with streams support.  We need to check attributes to see
whenever the device uses streams or not.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1473406890-30164-1-git-send-email-kraxel@redhat.com

3 years agoxhci: Fix remainder field for TR_SETUP completion event.
Hans Petter Selasky [Tue, 23 Aug 2016 11:39:49 +0000 (13:39 +0200)] 
xhci: Fix remainder field for TR_SETUP completion event.

Previously the code would incorrectly report the remainder as 8 bytes. A
remainder of 0 bytes should be reported when the SETUP packet is
successfully transferred. Found using FreeBSD's XHCI driver.

Signed-off-by: Hans Petter Selasky <hps@selasky.org>
[ kraxel: codestyle fixup ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agoMerge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging
Peter Maydell [Mon, 12 Sep 2016 14:09:47 +0000 (15:09 +0100)] 
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging

Update OpenBIOS images

# gpg: Signature made Mon 12 Sep 2016 11:51:09 BST
# gpg:                using RSA key 0x5BC2C56FAE0F321F
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>"
# Primary key fingerprint: CC62 1AB9 8E82 200D 915C  C9C4 5BC2 C56F AE0F 321F

* remotes/mcayland/tags/qemu-openbios-signed:
  Update OpenBIOS images to c5542f2 built from submodule.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/berrange/tags/pull-qcrypto-2016-09-12-1' into...
Peter Maydell [Mon, 12 Sep 2016 11:48:47 +0000 (12:48 +0100)] 
Merge remote-tracking branch 'remotes/berrange/tags/pull-qcrypto-2016-09-12-1' into staging

Merge qcrypto 2016/09/12 v1

# gpg: Signature made Mon 12 Sep 2016 12:02:20 BST
# gpg:                using RSA key 0xBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/pull-qcrypto-2016-09-12-1:
  crypto: report enum strings instead of values in errors
  crypto: fix building complaint
  crypto: ensure XTS is only used with ciphers with 16 byte blocks

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agocrypto: report enum strings instead of values in errors
Daniel P. Berrange [Mon, 5 Sep 2016 17:02:05 +0000 (18:02 +0100)] 
crypto: report enum strings instead of values in errors

Several error messages print out the raw enum value, which
is less than helpful to users, as these values are not
documented, nor stable across QEMU releases. Switch to use
the enum string instead.

The nettle impl also had two typos where it mistakenly
said "algorithm" instead of "mode", and actually reported
the algorithm value too.

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
3 years agocrypto: fix building complaint
Gonglei [Mon, 5 Sep 2016 12:36:19 +0000 (20:36 +0800)] 
crypto: fix building complaint

gnutls commit 846753877d renamed LIBGNUTLS_VERSION_NUMBER to GNUTLS_VERSION_NUMBER.
If using gnutls before that verion, we'll get the below warning:
crypto/tlscredsx509.c:618:5: warning: "GNUTLS_VERSION_NUMBER" is not defined

Because gnutls 3.x still defines LIBGNUTLS_VERSION_NUMBER for back compat, Let's
use LIBGNUTLS_VERSION_NUMBER instead of GNUTLS_VERSION_NUMBER to fix building
complaint.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
3 years agocrypto: ensure XTS is only used with ciphers with 16 byte blocks
Daniel P. Berrange [Wed, 24 Aug 2016 15:28:15 +0000 (16:28 +0100)] 
crypto: ensure XTS is only used with ciphers with 16 byte blocks

The XTS cipher mode needs to be used with a cipher which has
a block size of 16 bytes. If a mis-matching block size is used,
the code will either corrupt memory beyond the IV array, or
not fully encrypt/decrypt the IV.

This fixes a memory corruption crash when attempting to use
cast5-128 with xts, since the former has an 8 byte block size.

A test case is added to ensure the cipher creation fails with
such an invalid combination.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
3 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Mon, 12 Sep 2016 10:25:40 +0000 (11:25 +0100)] 
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,vhost,pc: fixes and updates

balloon fixes wrt migration
virtio-vsock device support

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Fri 09 Sep 2016 22:36:13 BST
# gpg:                using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  vhost-vsock: add virtio sockets device
  tests/acpi: speedup acpi tests
  virtio-pci: minor refactoring
  vhost: don't set vring call if no vector
  virtio-pci: error out when both legacy and modern modes are disabled
  virtio-balloon: fix stats vq migration
  virtio: add virtqueue_rewind()
  virtio-balloon: discard virtqueue element on reset
  virtio: zero vq->inuse in virtio_reset()
  virtio-pci: reduce modern_mem_bar size
  target-i386: present virtual L3 cache info for vcpus
  pc: Add 2.8 machine
  virtio-pci: use size from correct structure
  virtio: Tell the user what went wrong when event_notifier_init failed

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoUpdate OpenBIOS images to c5542f2 built from submodule.
Mark Cave-Ayland [Mon, 12 Sep 2016 07:12:44 +0000 (08:12 +0100)] 
Update OpenBIOS images to c5542f2 built from submodule.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
3 years agovhost-vsock: add virtio sockets device
Stefan Hajnoczi [Tue, 16 Aug 2016 12:27:22 +0000 (13:27 +0100)] 
vhost-vsock: add virtio sockets device

Implement the new virtio sockets device for host<->guest communication
using the Sockets API.  Most of the work is done in a vhost kernel
driver so that virtio-vsock can hook into the AF_VSOCK address family.
The QEMU vhost-vsock device handles configuration and live migration
while the rx/tx happens in the vhost_vsock.ko Linux kernel driver.

The vsock device must be given a CID (host-wide unique address):

  # qemu -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=3 ...

For more information see:
http://qemu-project.org/Features/VirtioVsock

[Endianness fixes and virtio-ccw support by Claudio Imbrenda
<imbrenda@linux.vnet.ibm.com>]

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
[mst: rebase to master]
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agotests/acpi: speedup acpi tests
Marcel Apfelbaum [Tue, 6 Sep 2016 19:19:22 +0000 (22:19 +0300)] 
tests/acpi: speedup acpi tests

Use kvm acceleration if available.
Disable kernel-irqchip and use qemu64 cpu
for both kvm and tcg cases.

Using kvm acceleration saves about a second
and disabling kernel-irqchip has no visible
performance impact.

Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovirtio-pci: minor refactoring
Michael S. Tsirkin [Fri, 9 Sep 2016 17:56:27 +0000 (20:56 +0300)] 
virtio-pci: minor refactoring

!legacy && !modern is shorter than !(legacy || modern).
I also perfer this (less ()s) as a matter of taste.

Cc: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovhost: don't set vring call if no vector
Jason Wang [Mon, 1 Aug 2016 08:07:58 +0000 (16:07 +0800)] 
vhost: don't set vring call if no vector

We used to set vring call fd unconditionally even if guest driver does
not use MSIX for this vritqueue at all. This will cause lots of
unnecessary userspace access and other checks for drivers does not use
interrupt at all (e.g virtio-net pmd). So check and clean vring call
fd if guest does not use any vector for this virtqueue at
all.

Perf diffs (on rx) shows lots of cpus wasted on vhost_signal() were saved:

#
    28.12%  -27.82%  [vhost]           [k] vhost_signal
    14.44%   -1.69%  [kernel.vmlinux]  [k] copy_user_generic_string
     7.05%   +1.53%  [kernel.vmlinux]  [k] __free_page_frag
     6.51%   +5.53%  [vhost]           [k] vhost_get_vq_desc
...

Pktgen tests shows 15.8% improvement on rx pps and 6.5% on tx pps.

Before: RX 2.08Mpps TX 1.35Mpps
After:  RX 2.41Mpps TX 1.44Mpps

Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovirtio-pci: error out when both legacy and modern modes are disabled
Greg Kurz [Fri, 9 Sep 2016 09:00:59 +0000 (11:00 +0200)] 
virtio-pci: error out when both legacy and modern modes are disabled

Without presuming if we got there because of a user mistake or some
more subtle bug in the tooling, it really does not make sense to
implement a non-functional device.

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovirtio-balloon: fix stats vq migration
Ladi Prosek [Wed, 7 Sep 2016 15:20:49 +0000 (17:20 +0200)] 
virtio-balloon: fix stats vq migration

The statistics virtqueue is not migrated properly because virtio-balloon
does not include s->stats_vq_elem in the migration stream.

After migration the statistics virtqueue hangs because the host never
completes the last element (s->stats_vq_elem is NULL on the destination
QEMU).  Therefore the guest never submits new elements and the virtqueue
is hung.

Instead of changing the migration stream format in an incompatible way,
detect the migration case and rewind the virtqueue so the last element
can be completed.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Roman Kagan <rkagan@virtuozzo.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Suggested-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovirtio: add virtqueue_rewind()
Stefan Hajnoczi [Wed, 7 Sep 2016 15:20:48 +0000 (17:20 +0200)] 
virtio: add virtqueue_rewind()

virtqueue_discard() requires a VirtQueueElement but virtio-balloon does
not migrate its in-use element.  Introduce a new function that is
similar to virtqueue_discard() but doesn't require a VirtQueueElement.

This will allow virtio-balloon to access element again after migration
with the usual proviso that the guest may have modified the vring since
last time.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Roman Kagan <rkagan@virtuozzo.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovirtio-balloon: discard virtqueue element on reset
Ladi Prosek [Wed, 7 Sep 2016 15:20:47 +0000 (17:20 +0200)] 
virtio-balloon: discard virtqueue element on reset

The one pending element is being freed but not discarded on device
reset, which causes svq->inuse to creep up, eventually hitting the
"Virtqueue size exceeded" error.

Properly discarding the element on device reset makes sure that its
buffers are unmapped and the inuse counter stays balanced.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Roman Kagan <rkagan@virtuozzo.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovirtio: zero vq->inuse in virtio_reset()
Stefan Hajnoczi [Wed, 7 Sep 2016 15:51:25 +0000 (11:51 -0400)] 
virtio: zero vq->inuse in virtio_reset()

vq->inuse must be zeroed upon device reset like most other virtqueue
fields.

In theory, virtio_reset() just needs assert(vq->inuse == 0) since
devices must clean up in-flight requests during reset (requests cannot
not be leaked!).

In practice, it is difficult to achieve vq->inuse == 0 across reset
because balloon, blk, 9p, etc implement various different strategies for
cleaning up requests.  Most devices call g_free(elem) directly without
telling virtio.c that the VirtQueueElement is cleaned up.  Therefore
vq->inuse is not decremented during reset.

This patch zeroes vq->inuse and trusts that devices are not leaking
VirtQueueElements across reset.

I will send a follow-up series that refactors request life-cycle across
all devices and converts vq->inuse = 0 into assert(vq->inuse == 0) but
this more invasive approach is not appropriate for stable trees.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Cc: qemu-stable <qemu-stable@nongnu.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Ladi Prosek <lprosek@redhat.com>
3 years agovirtio-pci: reduce modern_mem_bar size
Marcel Apfelbaum [Wed, 7 Sep 2016 15:02:25 +0000 (18:02 +0300)] 
virtio-pci: reduce modern_mem_bar size

Currently each VQ Notification Virtio Capability is allocated
on a different page. The idea is to enable split drivers within
guests, however there are no known plans to do that.
The allocation will result in a 8MB BAR, more than various
guest firmwares pre-allocates for PCI Bridges hotplug process.

Reserve 4 bytes per VQ by default and add a new parameter
"page-per-vq" to be used with split drivers.

Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agotarget-i386: present virtual L3 cache info for vcpus
Longpeng(Mike) [Wed, 7 Sep 2016 05:21:13 +0000 (13:21 +0800)] 
target-i386: present virtual L3 cache info for vcpus

Some software algorithms are based on the hardware's cache info, for example,
for x86 linux kernel, when cpu1 want to wakeup a task on cpu2, cpu1 will trigger
a resched IPI and told cpu2 to do the wakeup if they don't share low level
cache. Oppositely, cpu1 will access cpu2's runqueue directly if they share llc.
The relevant linux-kernel code as bellow:

static void ttwu_queue(struct task_struct *p, int cpu)
{
struct rq *rq = cpu_rq(cpu);
......
if (... && !cpus_share_cache(smp_processor_id(), cpu)) {
......
ttwu_queue_remote(p, cpu); /* will trigger RES IPI */
return;
}
......
ttwu_do_activate(rq, p, 0); /* access target's rq directly */
......
}

In real hardware, the cpus on the same socket share L3 cache, so one won't
trigger a resched IPIs when wakeup a task on others. But QEMU doesn't present a
virtual L3 cache info for VM, then the linux guest will trigger lots of RES IPIs
under some workloads even if the virtual cpus belongs to the same virtual socket.

For KVM, there will be lots of vmexit due to guest send IPIs.
The workload is a SAP HANA's testsuite, we run it one round(about 40 minuates)
and observe the (Suse11sp3)Guest's amounts of RES IPIs which triggering during
the period:
        No-L3           With-L3(applied this patch)
cpu0: 363890 44582
cpu1: 373405 43109
cpu2: 340783 43797
cpu3: 333854 43409
cpu4: 327170 40038
cpu5: 325491 39922
cpu6: 319129 42391
cpu7: 306480 41035
cpu8: 161139 32188
cpu9: 164649 31024
cpu10: 149823 30398
cpu11: 149823 32455
cpu12: 164830 35143
cpu13: 172269 35805
cpu14: 179979 33898
cpu15: 194505 32754
avg: 268963.6 40129.8

The VM's topology is "1*socket 8*cores 2*threads".
After present virtual L3 cache info for VM, the amounts of RES IPIs in guest
reduce 85%.

For KVM, vcpus send IPIs will cause vmexit which is expensive, so it can cause
severe performance degradation. We had tested the overall system performance if
vcpus actually run on sparate physical socket. With L3 cache, the performance
improves 7.2%~33.1%(avg:15.7%).

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agopc: Add 2.8 machine
Longpeng(Mike) [Wed, 7 Sep 2016 05:21:12 +0000 (13:21 +0800)] 
pc: Add 2.8 machine

This will used by the next patch.

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovirtio-pci: use size from correct structure
Michael S. Tsirkin [Tue, 6 Sep 2016 10:36:51 +0000 (13:36 +0300)] 
virtio-pci: use size from correct structure

PIO MR registration should use size from the correct notify struct.
Doesn't affect any visible behaviour because the field values are the
same (both are 4).

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agovirtio: Tell the user what went wrong when event_notifier_init failed
Thomas Huth [Mon, 27 Jun 2016 22:12:03 +0000 (00:12 +0200)] 
virtio: Tell the user what went wrong when event_notifier_init failed

event_notifier_init() can fail in real life, for example when there
are not enough open file handles available (EMFILE) when using a lot
of devices. So instead of leaving the average user with a cryptic
error number only, print out a proper error message with strerror()
instead, so that the user has a better way to figure out what is
going on and that using "ulimit -n" might help here for example.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
3 years agoMerge remote-tracking branch 'remotes/famz/tags/docker-pull-request' into staging
Peter Maydell [Fri, 9 Sep 2016 11:49:41 +0000 (12:49 +0100)] 
Merge remote-tracking branch 'remotes/famz/tags/docker-pull-request' into staging

# gpg: Signature made Fri 09 Sep 2016 05:54:35 BST
# gpg:                using RSA key 0xCA35624C6A9171C6
# gpg: Good signature from "Fam Zheng <famz@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 5003 7CB7 9706 0F76 F021  AD56 CA35 624C 6A91 71C6

* remotes/famz/tags/docker-pull-request:
  docker: silence debootstrap when --quiet is given
  docker: build debootstrap after cloning
  docker: make sure debootstrap is at least 1.0.67
  docker: print warning if EXECUTABLE is not set when building debootstrap image
  docker: debian-bootstrap.pre: print helpful message if DEB_ARCH/DEB_TYPE unset
  docker: debian-bootstrap.pre: print error messages to stderr
  docker: avoid dependency on 'realpath' package
  docker.py: don't hang on large docker output
  docker: Add a glib2-2.22 image

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoqtest.c: Allow zero size in memset qtest commands
Peter Maydell [Fri, 5 Aug 2016 10:43:20 +0000 (11:43 +0100)] 
qtest.c: Allow zero size in memset qtest commands

Some tests use the qtest protocol "memset" command with a zero
size, expecting it to do nothing. However in the current code this
will result in calling memset() with a NULL pointer, which is
undefined behaviour. Detect and specially handle zero sizes to
avoid this.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1470393800-7882-1-git-send-email-peter.maydell@linaro.org

3 years agoMerge remote-tracking branch 'remotes/elmarco/tags/leak-pull-request' into staging
Peter Maydell [Thu, 8 Sep 2016 14:22:50 +0000 (15:22 +0100)] 
Merge remote-tracking branch 'remotes/elmarco/tags/leak-pull-request' into staging

Pull request

v2:
- dropped "tests: fix small leak in test-io-channel-command" that Daniel Berrange will pick
- fixed "tests: add qtest_add_data_func_full" to work with glib < 2.26

# gpg: Signature made Thu 08 Sep 2016 15:16:54 BST
# gpg:                using RSA key 0xDAE8E10975969CE5
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>"
# gpg:                 aka "Marc-André Lureau <marcandre.lureau@gmail.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 87A9 BD93 3F87 C606 D276  F62D DAE8 E109 7596 9CE5

* remotes/elmarco/tags/leak-pull-request: (25 commits)
  tests: fix postcopy-test leaks
  tests: fix rsp leak in postcopy-test
  tests: pc-cpu-test leaks fixes
  tests: add qtest_add_data_func_full
  bus: simplify name handling
  ipmi: free extern timer
  sd: free timer
  pc: keep gsi reference
  pc: free i8259
  tests: fix qom-test leaks
  acpi-build: fix array leak
  machine: use class base init generated name
  pc: don't leak a20_line
  pc: simplify passing qemu_irq
  portio: keep references on portio
  tests: fix leak in test-string-input-visitor
  tests: fix check-qom-proplist leaks
  tests: fix check-qom-interface leaks
  tests: fix test-iov leaks
  tests: fix test-vmstate leaks
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agotests: fix postcopy-test leaks
Marc-André Lureau [Mon, 18 Jul 2016 12:24:09 +0000 (16:24 +0400)] 
tests: fix postcopy-test leaks

A few strings are allocated and never freed.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agotests: fix rsp leak in postcopy-test
Marc-André Lureau [Mon, 18 Jul 2016 11:11:36 +0000 (15:11 +0400)] 
tests: fix rsp leak in postcopy-test

In all cases, even when the dict doesn't contain 'ram', the qmp response
must be unref.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agotests: pc-cpu-test leaks fixes
Marc-André Lureau [Mon, 18 Jul 2016 10:56:51 +0000 (14:56 +0400)] 
tests: pc-cpu-test leaks fixes

The path is allocated and should be freed.

The qmp response should be unref, but then 'machine' must be duplicated.

Use a destroy function for the PCTestData.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agotests: add qtest_add_data_func_full
Marc-André Lureau [Tue, 19 Jul 2016 11:42:01 +0000 (15:42 +0400)] 
tests: add qtest_add_data_func_full

Allows one to specify a destroy function for the test data.

Add a fallback using glib g_test_add_vtable() internal function, whose
signature changed over time. Tested with glib 2.22, 2.26 and 2.48, which
according to git log should be enough to cover all variations.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agobus: simplify name handling
Marc-André Lureau [Fri, 15 Jul 2016 10:04:49 +0000 (12:04 +0200)] 
bus: simplify name handling

Simplify a bit the code by using g_strdup_printf() and store it in a
non-const value so casting is no longer needed, and ownership is
clearer.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agoipmi: free extern timer
Marc-André Lureau [Fri, 15 Jul 2016 08:58:05 +0000 (10:58 +0200)] 
ipmi: free extern timer

Free the timer allocated during instance init.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Corey Minyard <cminyard@mvista.com>
3 years agosd: free timer
Marc-André Lureau [Thu, 14 Jul 2016 16:03:49 +0000 (18:03 +0200)] 
sd: free timer

Free the timer allocated in instance_init.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
3 years agopc: keep gsi reference
Marc-André Lureau [Thu, 14 Jul 2016 16:03:29 +0000 (18:03 +0200)] 
pc: keep gsi reference

Further cleanup would need to call qemu_free_irq() at the appropriate
time, but for now this silences ASAN about direct leaks.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
3 years agopc: free i8259
Marc-André Lureau [Thu, 14 Jul 2016 12:27:17 +0000 (14:27 +0200)] 
pc: free i8259

Simiarly to 2ba154cf4eb8636cdd3aa90f392ca9e77206ca39

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
3 years agotests: fix qom-test leaks
Marc-André Lureau [Thu, 14 Jul 2016 02:27:20 +0000 (04:27 +0200)] 
tests: fix qom-test leaks

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agoacpi-build: fix array leak
Marc-André Lureau [Wed, 13 Jul 2016 10:56:01 +0000 (12:56 +0200)] 
acpi-build: fix array leak

The free_ranges array is used as a temporary pointer array, the segment
should still be freed, however, it shouldn't free the elements themself.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
3 years agomachine: use class base init generated name
Marc-André Lureau [Wed, 13 Jul 2016 10:45:50 +0000 (12:45 +0200)] 
machine: use class base init generated name

machine_class_base_init() member name is allocated by
machine_class_base_init(), but not freed by
machine_class_finalize().  Simply freeing there doesn't work,
because DEFINE_PC_MACHINE() overwrites it with a literal string.

Fix DEFINE_PC_MACHINE() not to overwrite it, and add the missing
free to machine_class_finalize().

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
3 years agopc: don't leak a20_line
Marc-André Lureau [Wed, 13 Jul 2016 00:53:46 +0000 (02:53 +0200)] 
pc: don't leak a20_line

The irqs array is no longer being used

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agopc: simplify passing qemu_irq
Marc-André Lureau [Fri, 15 Jul 2016 16:42:05 +0000 (18:42 +0200)] 
pc: simplify passing qemu_irq

qemu_irq is already a pointer, no need to have an extra pointer level.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agoportio: keep references on portio
Marc-André Lureau [Wed, 13 Jul 2016 00:11:59 +0000 (02:11 +0200)] 
portio: keep references on portio

The isa_register_portio_list() function allocates ioports
data/state. Let's keep the reference to this data on some owner.  This
isn't enough to fix leaks, but at least, ASAN stops complaining of
direct leaks. Further cleanup would require calling
portio_list_del/destroy().

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agotests: fix leak in test-string-input-visitor
Marc-André Lureau [Tue, 12 Jul 2016 14:08:47 +0000 (16:08 +0200)] 
tests: fix leak in test-string-input-visitor

Free the list returned by visit_type_intList().

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agotests: fix check-qom-proplist leaks
Marc-André Lureau [Thu, 7 Jul 2016 19:49:41 +0000 (21:49 +0200)] 
tests: fix check-qom-proplist leaks

Found thanks to ASAN.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agotests: fix check-qom-interface leaks
Marc-André Lureau [Thu, 7 Jul 2016 19:30:32 +0000 (21:30 +0200)] 
tests: fix check-qom-interface leaks

Found thanks to ASAN.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agotests: fix test-iov leaks
Marc-André Lureau [Thu, 7 Jul 2016 19:00:05 +0000 (21:00 +0200)] 
tests: fix test-iov leaks

Spotted thanks to ASAN.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agotests: fix test-vmstate leaks
Marc-André Lureau [Thu, 7 Jul 2016 18:48:06 +0000 (20:48 +0200)] 
tests: fix test-vmstate leaks

Spotted thanks to ASAN.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agotests: fix test-cutils leaks
Marc-André Lureau [Thu, 7 Jul 2016 18:43:40 +0000 (20:43 +0200)] 
tests: fix test-cutils leaks

Spotted thanks to ASAN.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agoqga: free remaining leaking state
Marc-André Lureau [Fri, 15 Jul 2016 15:52:52 +0000 (17:52 +0200)] 
qga: free remaining leaking state

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agoqga: free the whole blacklist
Marc-André Lureau [Fri, 15 Jul 2016 16:17:41 +0000 (18:17 +0200)] 
qga: free the whole blacklist

Free the config blacklist list, not just the elements. Do it so in the
more appropriate function config_free().

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agoglib-compat: add g_(s)list_free_full()
Marc-André Lureau [Fri, 5 Aug 2016 07:16:07 +0000 (11:16 +0400)] 
glib-compat: add g_(s)list_free_full()

Those functions are only available since glib 2.28.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
3 years agotests: fix test-qga leaks
Marc-André Lureau [Fri, 15 Jul 2016 16:00:18 +0000 (18:00 +0200)] 
tests: fix test-qga leaks

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
3 years agodocker: silence debootstrap when --quiet is given
Sascha Silbe [Tue, 6 Sep 2016 20:05:51 +0000 (22:05 +0200)] 
docker: silence debootstrap when --quiet is given

If we silence docker when --quiet is given, we should also silence the
.pre script (i.e. debootstrap).

Only discards stdout, so some diagnostics (e.g. from git clone) are
still printed. Most of the verbose output is gone however and this way
we still have a chance to see error messages.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Message-Id: <1473192351-601-9-git-send-email-silbe@linux.vnet.ibm.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
3 years agodocker: build debootstrap after cloning
Sascha Silbe [Tue, 6 Sep 2016 20:05:50 +0000 (22:05 +0200)] 
docker: build debootstrap after cloning

When using the git version of debootstrap (because no usable version
of debootstrap was installed on the host), we need to run 'make' so
that devices.tar.gz gets built. Otherwise the first debootstrap stage
will fail without printing any error message.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Message-Id: <1473192351-601-8-git-send-email-silbe@linux.vnet.ibm.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
3 years agodocker: make sure debootstrap is at least 1.0.67
Sascha Silbe [Tue, 6 Sep 2016 20:05:49 +0000 (22:05 +0200)] 
docker: make sure debootstrap is at least 1.0.67

debootstrap prior to 1.0.67 generated an empty sources.list during
foreign bootstraps (Debian#732255 [1]). Fall back to the git checkout
if the installed debootstrap version is too old.

[1] https://bugs.debian.org/732255

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Message-Id: <1473192351-601-7-git-send-email-silbe@linux.vnet.ibm.com>
[Update 'sort -C' to 'sorc -c &>/dev/null' - Fam]
Signed-off-by: Fam Zheng <famz@redhat.com>
3 years agodocker: print warning if EXECUTABLE is not set when building debootstrap image
Sascha Silbe [Tue, 6 Sep 2016 20:05:48 +0000 (22:05 +0200)] 
docker: print warning if EXECUTABLE is not set when building debootstrap image

Building the debian-debootstrap image will usually fail if EXECUTABLE
isn't set (when using the Makefile). Warn the user in this case so
they know why it's failing.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Message-Id: <1473192351-601-6-git-send-email-silbe@linux.vnet.ibm.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
3 years agodocker: debian-bootstrap.pre: print helpful message if DEB_ARCH/DEB_TYPE unset
Sascha Silbe [Tue, 6 Sep 2016 20:05:47 +0000 (22:05 +0200)] 
docker: debian-bootstrap.pre: print helpful message if DEB_ARCH/DEB_TYPE unset

The debian-bootstrap image doesn't choose a default architecture and
distribution version, instead the user has to set both DEB_ARCH and
DEB_TYPE in the environment. Print a reasonably helpful message if
either of them isn't set instead of complaining about "qemu-" being
missing or erroring out because we cannot cd to the mirror URL.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Message-Id: <1473192351-601-5-git-send-email-silbe@linux.vnet.ibm.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
3 years agodocker: debian-bootstrap.pre: print error messages to stderr
Sascha Silbe [Tue, 6 Sep 2016 20:05:46 +0000 (22:05 +0200)] 
docker: debian-bootstrap.pre: print error messages to stderr

Send error messages where they belong so they're seen even if stdout
is redirected to /dev/null.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Message-Id: <1473192351-601-4-git-send-email-silbe@linux.vnet.ibm.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
3 years agodocker: avoid dependency on 'realpath' package
Sascha Silbe [Tue, 6 Sep 2016 20:05:45 +0000 (22:05 +0200)] 
docker: avoid dependency on 'realpath' package

The 'realpath' executable is shipped in a separate package that isn't
installed by default on some distros.

We already use 'readlink -e' (provided by GNU coreutils) in some other
part of the code, so let's settle for that instead.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Message-Id: <1473192351-601-3-git-send-email-silbe@linux.vnet.ibm.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
3 years agodocker.py: don't hang on large docker output
Sascha Silbe [Tue, 6 Sep 2016 20:05:44 +0000 (22:05 +0200)] 
docker.py: don't hang on large docker output

Unlike Popen.communicate(), subprocess.call() doesn't read from the
stdout file descriptor. If the child process produces more output than
fits into the pipe buffer, it will block indefinitely.

If we don't intend to consume the output, just send it straight to
/dev/null to avoid this issue.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Reviewed-by: Janosch Frank <frankja@linux.vnet.ibm.com>
Message-Id: <1473192351-601-2-git-send-email-silbe@linux.vnet.ibm.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
3 years agodocker: Add a glib2-2.22 image
Fam Zheng [Tue, 9 Aug 2016 02:15:08 +0000 (10:15 +0800)] 
docker: Add a glib2-2.22 image

It's a variation of our existing centos6, plus two more lines to
downgrade glib2 to version 2.22 which we download from vault.centos.org.

Suggested-by: Paolo Bonzini <pbonzoni@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1470708908-12885-1-git-send-email-famz@redhat.com>

3 years agoMerge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.8-20160907' into staging
Peter Maydell [Thu, 8 Sep 2016 10:28:11 +0000 (11:28 +0100)] 
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.8-20160907' into staging

ppc patch queue for 2016-Sep-7

This is my first pull request for the newly opened qemu-2.8 tree.  It
contains a heap of things that were too late for 2.7 and have been
queued for a while.  In particular:
    * A number of preliminary patches for the powernv machine type
        * A substantial cleanup of exception handling which will be
          necessary to support running a TCG with hypervisor
          facilities
    * A start on support for POWER9
        * Some TCG implementations for new POWER9 instructions
        * Some TCG and related cleanups in preparation for POWER9
    * Some assorted TCG optimizations
    * An implementation of the H_CHANGE_LOGICAL_LAN_MAC hypercall
      which allows the MAC address to be changed on the PAPR virtual
      NIC.
    * Add some extra test cases for several machines (this isn't
      strictly in the ppc code, but is most value to ppc)

NOTE: This pull request supersedes ppc-for-2.8-20160906, which had
some problems.  Changes:
  * Dropped BenH's lmw/stmw speedups, which break for
    qemu-system-ppc64 on BE hosts
  * A small fix to Thomas' serial output test to avoid a warning on
    the isapc machine type.
  * Some trivial checkpatch fixes

Note that some of the patches in this series still have large numbers
of checkpatch warnings.  This is because they're moving existing code
that predates most of the checkpatch style conventions.

# gpg: Signature made Wed 07 Sep 2016 07:09:27 BST
# gpg:                using RSA key 0x6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.8-20160907: (64 commits)
  tests: Check serial output of firmware boot of some machines
  tests: Resort check-qtest entries in Makefile.include
  spapr: implement H_CHANGE_LOGICAL_LAN_MAC h_call
  ppc: Improve a few more helper flags
  ppc: Improve the exception helpers flags
  ppc: Improve flags for helpers loading/writing the time facilities
  ppc: Don't generate dead code on unconditional branches
  ppc: Stop dumping state on all exceptions in linux-user
  ppc: Fix catching some segfaults in user mode
  ppc: Fix macio ESCC legacy mapping
  hw/ppc: add a ppc_create_page_sizes_prop() helper routine
  hw/ppc: use error_report instead of fprintf
  ppc: Rename #include'd .c files to .inc.c
  target-ppc: add extswsli[.] instruction
  target-ppc: add vsrv instruction
  target-ppc: add vslv instruction
  target-ppc: add vcmpnez[b,h,w][.] instructions
  target-ppc: add vabsdu[b,h,w] instructions
  target-ppc: add dtstsfi[q] instructions
  target-ppc: implement branch-less divd[o][.]
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agotests/hd-geo-test: Don't pass NULL to unlink()
Peter Maydell [Fri, 5 Aug 2016 10:03:12 +0000 (11:03 +0100)] 
tests/hd-geo-test: Don't pass NULL to unlink()

The unlink() function doesn't accept a NULL pointer, so
don't pass it one. Spotted by the clang sanitizer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 1470391392-28274-1-git-send-email-peter.maydell@linaro.org

3 years agotests: Check serial output of firmware boot of some machines
Thomas Huth [Sat, 3 Sep 2016 09:57:51 +0000 (11:57 +0200)] 
tests: Check serial output of firmware boot of some machines

Some of the machines that we have got a firmware image for write
some output to the serial console while booting up. We can use
this output to make sure that the machine is basically working,
so this adds a test that checks the output of these machines
for some well-known "magic" strings.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotests: Resort check-qtest entries in Makefile.include
Thomas Huth [Sat, 3 Sep 2016 09:57:50 +0000 (11:57 +0200)] 
tests: Resort check-qtest entries in Makefile.include

The rather random list of check-qtest-xxx entries caused some
confusion in the past, where to use "=" and where to use "+="
(see commits 0ccac16f59462b8e2b9afbc1 and 1f5c1cfbaec0792cd2e5da
for example).
Sorting the check-qtest-xxx entries by architecure instead and
using some empty lines inbetween should help to ease this
situation a little bit, so that it is hopefully now obvious
that new tests should be added with "+=" instead of "=".
While we are at it, this patch also comments out two of the
"gcov-files-..." lines since the corresponding m48t59-test is
disabled for sparc and sparc64, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agospapr: implement H_CHANGE_LOGICAL_LAN_MAC h_call
Laurent Vivier [Thu, 1 Sep 2016 08:10:49 +0000 (10:10 +0200)] 
spapr: implement H_CHANGE_LOGICAL_LAN_MAC h_call

Since kernel v4.0, linux uses H_CHANGE_LOGICAL_LAN_MAC to change lively
the MAC address of an ibmveth interface.

As QEMU doesn't implement this h_call, we can't change anymore the
MAC address of an spapr-vlan interface.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Improve a few more helper flags
Benjamin Herrenschmidt [Sun, 31 Jul 2016 05:13:12 +0000 (15:13 +1000)] 
ppc: Improve a few more helper flags

Mostly turn "store" type of helpers into TCG_CALL_NO_WG because
they can take exceptions. Also fixup_thrm doesn't read nor write
the tracked environment.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Improve the exception helpers flags
Benjamin Herrenschmidt [Sun, 31 Jul 2016 05:13:11 +0000 (15:13 +1000)] 
ppc: Improve the exception helpers flags

They generate exceptions, but they don't update the environment

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Improve flags for helpers loading/writing the time facilities
Benjamin Herrenschmidt [Sun, 31 Jul 2016 05:13:10 +0000 (15:13 +1000)] 
ppc: Improve flags for helpers loading/writing the time facilities

Those helpers never load from or store to the TCG tracked environment,
not do they generate synchronous exceptions (they might generate an
asynchronous interrupt but that's not an issue here).

So we can make them all use TCG_CALL_NO_RWG

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't generate dead code on unconditional branches
Benjamin Herrenschmidt [Sun, 31 Jul 2016 05:13:09 +0000 (15:13 +1000)] 
ppc: Don't generate dead code on unconditional branches

We are always generating the "else" case of the condition even when
generating an unconditional branch that will never hit it.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Stop dumping state on all exceptions in linux-user
Benjamin Herrenschmidt [Wed, 3 Aug 2016 11:44:08 +0000 (21:44 +1000)] 
ppc: Stop dumping state on all exceptions in linux-user

Other archs don't do it, some programs catch signals just fine
and those dumps just clutter the output. Keep the dumps for cases
that aren't supposed to happen such as unknown codes.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Fix catching some segfaults in user mode
Benjamin Herrenschmidt [Wed, 3 Aug 2016 07:55:23 +0000 (17:55 +1000)] 
ppc: Fix catching some segfaults in user mode

The usermode "translate" code generates an error code value that
has the "is_write" bit set, which causes our switch/case to miss
and display "Invalid segfault errno" and a spurrious second state
dump. Fix it.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Fix macio ESCC legacy mapping
Benjamin Herrenschmidt [Tue, 2 Aug 2016 09:22:43 +0000 (19:22 +1000)] 
ppc: Fix macio ESCC legacy mapping

The current mapping, while correct for the base ports (which is all the
driver uses these days), is wrong for the extended registers.

I suspect the bugs come from incorrect tables in the CHRP IO Ref document,
I have verified the new values here match Apple's MacTech.pdf.

Note: Nothing that I know of actually uses these registers so it's not a
huge deal, but this patch has the added advantage of adding comments to
document what the registers are.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agohw/ppc: add a ppc_create_page_sizes_prop() helper routine
Cédric Le Goater [Tue, 2 Aug 2016 17:38:01 +0000 (19:38 +0200)] 
hw/ppc: add a ppc_create_page_sizes_prop() helper routine

The exact same routine will be used in PowerNV.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agohw/ppc: use error_report instead of fprintf
Cédric Le Goater [Tue, 2 Aug 2016 17:38:00 +0000 (19:38 +0200)] 
hw/ppc: use error_report instead of fprintf

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Rename #include'd .c files to .inc.c
Benjamin Herrenschmidt [Mon, 1 Aug 2016 10:17:42 +0000 (20:17 +1000)] 
ppc: Rename #include'd .c files to .inc.c

Also while at it, group the #include statements in translate.c

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotarget-ppc: add extswsli[.] instruction
Nikunj A Dadhania [Thu, 28 Jul 2016 18:14:18 +0000 (23:44 +0530)] 
target-ppc: add extswsli[.] instruction

extswsli : Extend Sign Word & Shift Left Immediate

Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotarget-ppc: add vsrv instruction
Vivek Andrew Sha [Thu, 28 Jul 2016 18:14:17 +0000 (23:44 +0530)] 
target-ppc: add vsrv instruction

Adds Vector Shift Right Variable instruction.

Signed-off-by: Vivek Andrew Sha <vivekandrewsha@gmail.com>
[ reverse the order of computation to avoid temporary array ]
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotarget-ppc: add vslv instruction
Vivek Andrew Sha [Thu, 28 Jul 2016 18:14:16 +0000 (23:44 +0530)] 
target-ppc: add vslv instruction

vslv: Vector Shift Left Variable

Signed-off-by: Vivek Andrew Sha <vivekandrewsha@gmail.com>
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotarget-ppc: add vcmpnez[b,h,w][.] instructions
Swapnil Bokade [Thu, 28 Jul 2016 18:14:15 +0000 (23:44 +0530)] 
target-ppc: add vcmpnez[b,h,w][.] instructions

Adds following instructions:

vcmpnezb[.]: Vector Compare Not Equal or Zero Byte
vcmpnezh[.]: Vector Compare Not Equal or Zero Halfword
vcmpnezw[.]: Vector Compare Not Equal or Zero Word

Signed-off-by: Swapnil Bokade <bokadeswapnil@gmail.com>
[ collapse switch case ]
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotarget-ppc: add vabsdu[b,h,w] instructions
Sandipan Das [Thu, 28 Jul 2016 18:14:14 +0000 (23:44 +0530)] 
target-ppc: add vabsdu[b,h,w] instructions

Adds following instructions:

vabsdub: Vector Absolute Difference Unsigned Byte
vabsduh: Vector Absolute Difference Unsigned Halfword
vabsduw: Vector Absolute Difference Unsigned Word

Signed-off-by: Sandipan Das <sandipandas1990@gmail.com>
[ use ISA300 define. Drop etype ]
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotarget-ppc: add dtstsfi[q] instructions
Sandipan Das [Thu, 28 Jul 2016 18:14:13 +0000 (23:44 +0530)] 
target-ppc: add dtstsfi[q] instructions

DFP Test Significance Immediate [Quad]

Signed-off-by: Sandipan Das <sandipandas1990@gmail.com>
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotarget-ppc: implement branch-less divd[o][.]
Nikunj A Dadhania [Thu, 28 Jul 2016 18:14:12 +0000 (23:44 +0530)] 
target-ppc: implement branch-less divd[o][.]

Similar to divw, implement branch-less divd.

Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agotarget-ppc: implement branch-less divw[o][.]
Nikunj A Dadhania [Thu, 28 Jul 2016 18:14:11 +0000 (23:44 +0530)] 
target-ppc: implement branch-less divw[o][.]

While implementing modulo instructions figured out that the
implementation uses many branches. Change the logic to achieve the
branch-less code. Undefined value is set to dividend in case of invalid
input.

Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: load/store multiple and string insns don't do LE
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:48 +0000 (16:56 +1000)] 
ppc: load/store multiple and string insns don't do LE

Just generate an alignment interrupt

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Use a helper to generate "LE unsupported" alignment interrupts
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:47 +0000 (16:56 +1000)] 
ppc: Use a helper to generate "LE unsupported" alignment interrupts

Some operations aren't allowed in LE mode, use a helper rather than
open coding the exception generation.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't set access_type on all load/stores on hash64
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:46 +0000 (16:56 +1000)] 
ppc: Don't set access_type on all load/stores on hash64

We don't use it so let's not generate the updates.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Fix CFAR updates
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:44 +0000 (16:56 +1000)] 
ppc: Fix CFAR updates

We were one instruction off

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Speed up dcbz
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:43 +0000 (16:56 +1000)] 
ppc: Speed up dcbz

Use tlb_vaddr_to_host to do a fast path single translate for
the whole cache line. Also make the reservation check match
the entire range.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Handle unconditional (always/never) traps at translation time
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:42 +0000 (16:56 +1000)] 
ppc: Handle unconditional (always/never) traps at translation time

We don't need to call a helper for trap always and trap never
which are used by Linux under some circumstances.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
--

v2. Don't generate the helper call when trapping always
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Make alignment exceptions suck less
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:41 +0000 (16:56 +1000)] 
ppc: Make alignment exceptions suck less

The current alignment exception generation tries to load the opcode
to put in DSISR from a context where a cpu_ldl_code() is really not
a good idea. It might fault and longjmp out and that's not something
we want happening here.

Instead, pass the releavant opcode bits via the error_code.

There are a couple of cases of alignment interrupts that won't set
anything, the ones coming from access to direct store segments, but
that doesn't happen in practice, nobody used direct store segments
and they are gone from newer chips.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't update NIP in dcbz and lscbx
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:40 +0000 (16:56 +1000)] 
ppc: Don't update NIP in dcbz and lscbx

Instead, pass GETPC() result to the corresponding helpers.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't update NIP if not taking alignment exceptions
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:39 +0000 (16:56 +1000)] 
ppc: Don't update NIP if not taking alignment exceptions

Move the NIP update to after the conditional branch so that we
don't do it if we aren't going to take the alignment exception

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't update NIP on conditional trap instructions
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:38 +0000 (16:56 +1000)] 
ppc: Don't update NIP on conditional trap instructions

This is no longer necessary as the helpers will properly retrieve
the return address when needed.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't update NIP BookE 2.06 tlbwe
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:37 +0000 (16:56 +1000)] 
ppc: Don't update NIP BookE 2.06 tlbwe

This is no longer necessary as the helpers will properly retrieve
the return address when needed.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't update NIP in facility unavailable interrupts
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:36 +0000 (16:56 +1000)] 
ppc: Don't update NIP in facility unavailable interrupts

This is no longer necessary as the helpers will properly retrieve
the return address when needed. Also remove gen_update_current_nip()
which didn't seem to make much sense to me.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't update NIP in DCR access routines
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:35 +0000 (16:56 +1000)] 
ppc: Don't update NIP in DCR access routines

This is no longer necessary as the helpers will properly retrieve
the return address when needed

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Fix source NIP on SLB related interrupts
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:34 +0000 (16:56 +1000)] 
ppc: Fix source NIP on SLB related interrupts

We need to pass it to the raise helper since we don't update it
before the calls.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Make tlb_fill() use new exception helper
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:32 +0000 (16:56 +1000)] 
ppc: Make tlb_fill() use new exception helper

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
3 years agoppc: Don't update NIP in lmw/stmw/icbi
Benjamin Herrenschmidt [Wed, 27 Jul 2016 06:56:31 +0000 (16:56 +1000)] 
ppc: Don't update NIP in lmw/stmw/icbi

Instead, pass GETPC() result to the corresponding helpers.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>