qemu.git
2 years agopc: Support firmware configuration with -blockdev
Markus Armbruster [Mon, 11 Mar 2019 17:39:26 +0000 (18:39 +0100)] 
pc: Support firmware configuration with -blockdev

The PC machines put firmware in ROM by default.  To get it put into
flash memory (required by OVMF), you have to use -drive
if=pflash,unit=0,... and optionally -drive if=pflash,unit=1,...

Why two -drive?  This permits setting up one part of the flash memory
read-only, and the other part read/write.  It also makes upgrading
firmware on the host easier.  Below the hood, it creates two separate
flash devices, because we were too lazy to improve our flash device
models to support sector protection.

The problem at hand is to do the same with -blockdev somehow, as one
more step towards deprecating -drive.

Mapping -drive if=none,... to -blockdev is a solved problem.  With
if=T other than if=none, -drive additionally configures a block device
frontend.  For non-onboard devices, that part maps to -device.  Also a
solved problem.  For onboard devices such as PC flash memory, we have
an unsolved problem.

This is actually an instance of a wider problem: our general device
configuration interface doesn't cover onboard devices.  Instead, we have
a zoo of ad hoc interfaces that are much more limited.  One of them is
-drive, which we'd rather deprecate, but can't until we have suitable
replacements for all its uses.

Sadly, I can't attack the wider problem today.  So back to the narrow
problem.

My first idea was to reduce it to its solved buddy by using pluggable
instead of onboard devices for the flash memory.  Workable, but it
requires some extra smarts in firmware descriptors and libvirt.  Paolo
had an idea that is simpler for libvirt: keep the devices onboard, and
add machine properties for their block backends.

The implementation is less than straightforward, I'm afraid.

First, block backend properties are *qdev* properties.  Machines can't
have those, as they're not devices.  I could duplicate these qdev
properties as QOM properties, but I hate that.

More seriously, the properties do not belong to the machine, they
belong to the onboard flash devices.  Adding them to the machine would
then require bad magic to somehow transfer them to the flash devices.
Fortunately, QOM provides the means to handle exactly this case: add
alias properties to the machine that forward to the onboard devices'
properties.

Properties need to be created in .instance_init() methods.  For PC
machines, that's pc_machine_initfn().  To make alias properties work,
we need to create the onboard flash devices there, too.  Requires
several bug fixes, in the previous commits.  We also have to realize
the devices.  More on that below.

If the user sets pflash0, firmware resides in flash memory.
pc_system_firmware_init() maps and realizes the flash devices.

Else, firmware resides in ROM.  The onboard flash devices aren't used
then.  pc_system_firmware_init() destroys them unrealized, along with
the alias properties.

The existing code to pick up drives defined with -drive if=pflash is
replaced by code to desugar into the machine properties.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <87ftrtux81.fsf@dusky.pond.sub.org>

2 years agopc_sysfw: Pass PCMachineState to pc_system_firmware_init()
Philippe Mathieu-Daudé [Fri, 8 Mar 2019 13:14:43 +0000 (14:14 +0100)] 
pc_sysfw: Pass PCMachineState to pc_system_firmware_init()

pc_system_firmware_init() parameter @isapc_ram_fw is PCMachineState
member pci_enabled negated.  The next commit will need more of
PCMachineState.  To prepare for that, pass a PCMachineState *, and
drop the now redundant parameter @isapc_ram_fw.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190308131445.17502-11-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agopc_sysfw: Remove unused PcSysFwDevice
Philippe Mathieu-Daudé [Fri, 8 Mar 2019 13:14:42 +0000 (14:14 +0100)] 
pc_sysfw: Remove unused PcSysFwDevice

This structure is not used since commit 6dd2a5c98a.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190308131445.17502-10-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agopflash_cfi01: Add pflash_cfi01_get_blk() helper
Philippe Mathieu-Daudé [Fri, 8 Mar 2019 13:14:41 +0000 (14:14 +0100)] 
pflash_cfi01: Add pflash_cfi01_get_blk() helper

Add an helper to access the opaque struct PFlashCFI01.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190308131445.17502-9-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovl: Create block backends before setting machine properties
Markus Armbruster [Fri, 8 Mar 2019 13:14:40 +0000 (14:14 +0100)] 
vl: Create block backends before setting machine properties

qemu-system-FOO's main() acts on command line arguments in its own
idiosyncratic order.  There's not much method to its madness.
Whenever we find a case where one kind of command line argument needs
to refer to something created for another kind later, we rejigger the
order.

Block devices get created long after machine properties get processed.
Therefore, block device machine properties can be created, but not
set.  No such properties exist.  But the next commit will create some.
Time to rejigger again: create block devices earlier.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190308131445.17502-8-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovl: Factor configure_blockdev() out of main()
Markus Armbruster [Fri, 8 Mar 2019 13:14:39 +0000 (14:14 +0100)] 
vl: Factor configure_blockdev() out of main()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190308131445.17502-7-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovl: Improve legibility of BlockdevOptions queue
Markus Armbruster [Fri, 8 Mar 2019 13:14:38 +0000 (14:14 +0100)] 
vl: Improve legibility of BlockdevOptions queue

Give the queue head type a name: BlockdevOptionsQueue.

Rename the queue entry type from BlockdevOptions_queue to
BlockdevOptionsQueueEntry.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190308131445.17502-6-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agosysbus: Fix latent bug with onboard devices
Markus Armbruster [Fri, 8 Mar 2019 13:14:37 +0000 (14:14 +0100)] 
sysbus: Fix latent bug with onboard devices

The first call of sysbus_get_default() creates the main system bus and
stores it in QOM as "/machine/unattached/sysbus".  This must not
happen before main() creates "/machine", or else container_get() would
"helpfully" create it as "container" object, and the real creation of
"/machine" would later abort with "attempt to add duplicate property
'machine' to object (type 'container')".  Has been that way ever since
we wired up busses in QOM (commit f968fc6892d, v1.2.0).

I believe the bug is latent.  I got it to bite by trying to
qdev_create() a sysbus device from a machine's .instance_init()
method.

The fix is obvious: store the main system bus in QOM right after
creating "/machine".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190308131445.17502-5-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agovl: Fix latent bug with -global and onboard devices
Markus Armbruster [Fri, 8 Mar 2019 13:14:36 +0000 (14:14 +0100)] 
vl: Fix latent bug with -global and onboard devices

main() registers the user's -global only after we create the machine
object, i.e. too late for devices created in the machine's
.instance_init().

Fortunately, we know the bug is only latent: the commit before
previous fixed a bug that would've crashed any attempt to create a
device in an .instance_init().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190308131445.17502-4-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agoqom: Move compat_props machinery from qdev to QOM
Markus Armbruster [Fri, 8 Mar 2019 13:14:35 +0000 (14:14 +0100)] 
qom: Move compat_props machinery from qdev to QOM

See the previous commit for rationale.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190308131445.17502-3-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agoqdev: Fix latent bug with compat_props and onboard devices
Markus Armbruster [Fri, 8 Mar 2019 13:14:34 +0000 (14:14 +0100)] 
qdev: Fix latent bug with compat_props and onboard devices

Compatibility properties started life as a qdev property thing: we
supported them only for qdev properties, and implemented them with the
machinery backing command line option -global.

Recent commit fa0cb34d221 put them to use (tacitly) with memory
backend objects (subtypes of TYPE_MEMORY_BACKEND).  To make that
possible, we first moved the work of applying them from the -global
machinery into TYPE_DEVICE's .instance_post_init() method
device_post_init(), in commits ea9ce8934c5 and b66bbee39f6, then made
it available to TYPE_MEMORY_BACKEND's .instance_post_init() method
host_memory_backend_post_init() as object_apply_compat_props(), in
commit 1c3994f6d2a.

Note the code smell: we now have function name starting with object_
in hw/core/qdev.c.  It has to be there rather than in qom/, because it
calls qdev_get_machine() to find the current accelerator's and
machine's compat_props.

Turns out calling qdev_get_machine() there is problematic.  If we
qdev_create() from a machine's .instance_init() method, we call
device_post_init() and thus qdev_get_machine() before main() can
create "/machine" in QOM.  qdev_get_machine() tries to get it with
container_get(), which "helpfully" creates it as "container" object,
and returns that.  object_apply_compat_props() tries to paper over the
problem by doing nothing when the value of qdev_get_machine() isn't a
TYPE_MACHINE.  But the damage is done already: when main() later
attempts to create the real "/machine", it fails with "attempt to add
duplicate property 'machine' to object (type 'container')", and
aborts.

Since no machine .instance_init() calls qdev_create() so far, the bug
is latent.  But since I want to do that, I get to fix the bug first.

Observe that object_apply_compat_props() doesn't actually need the
MachineState, only its the compat_props member of its MachineClass and
AccelClass.  This permits a simple fix: register MachineClass and
AccelClass compat_props with the object_apply_compat_props() machinery
right after these classes get selected.

This is actually similar to how things worked before commits
ea9ce8934c5 and b66bbee39f6, except we now register much earlier.  The
old code registered them only after the machine's .instance_init()
ran, which would've broken compatibility properties for any devices
created there.

Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190308131445.17502-2-armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2 years agopflash: Clean up after commit 368a354f02b, part 2
Markus Armbruster [Fri, 8 Mar 2019 09:46:10 +0000 (10:46 +0100)] 
pflash: Clean up after commit 368a354f02b, part 2

Our pflash devices are simplistically modelled has having
"num-blocks" sectors of equal size "sector-length".  Real hardware
commonly has sectors of different sizes.  How our "sector-length"
property is related to the physical device's multiple sector sizes
is unclear.

Helper functions pflash_cfi01_register() and pflash_cfi02_register()
create a pflash device, set properties including "sector-length" and
"num-blocks", and realize.  They take parameters @size, @sector_len
and @nb_blocs.

QOMification left parameter @size unused.  Obviously, @size should
match @sector_len and @nb_blocs, i.e. size == sector_len * nb_blocs.
All callers satisfy this.

Remove @nb_blocs and compute it from @size and @sector_len.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20190308094610.21210-16-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agopflash: Clean up after commit 368a354f02b, part 1
Markus Armbruster [Fri, 8 Mar 2019 09:46:09 +0000 (10:46 +0100)] 
pflash: Clean up after commit 368a354f02b, part 1

QOMification left parameter @qdev unused in pflash_cfi01_register()
and pflash_cfi02_register().  All callers pass NULL.  Remove.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190308094610.21210-15-armbru@redhat.com>

2 years agomips_malta: Clean up definition of flash memory size somewhat
Markus Armbruster [Fri, 8 Mar 2019 09:46:08 +0000 (10:46 +0100)] 
mips_malta: Clean up definition of flash memory size somewhat

pflash_cfi01_register() takes a size in bytes, a block size in bytes
and a number of blocks.  mips_malta_init() passes BIOS_SIZE, 65536,
FLASH_SIZE >> 16.  Actually consistent only because BIOS_SIZE (defined
in include/hw/mips/bios.h as (4 * MiB)) matches FLASH_SIZE (defined
locally as 0x400000).  Confusing all the same.

Pass FLASH_SIZE instead of BIOS_SIZE.

Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20190308094610.21210-14-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agohw/mips/malta: Restrict 'bios_size' variable scope
Philippe Mathieu-Daudé [Fri, 8 Mar 2019 09:46:07 +0000 (10:46 +0100)] 
hw/mips/malta: Restrict 'bios_size' variable scope

The 'bios_size' variable is only used in the 'if (!kernel_filename &&
!dinfo)' clause. This is the case when we don't provide -pflash command
line option, and also don't provide a -kernel option. In this case we
will check for the -bios option, or use the default BIOS_FILENAME file.

The 'bios' term is valid in this if statement, but is confuse in the
whole mips_malta_init() scope. Restrict his scope.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190308094610.21210-13-armbru@redhat.com>

2 years agohw/mips/malta: Remove fl_sectors variable
Philippe Mathieu-Daudé [Fri, 8 Mar 2019 09:46:06 +0000 (10:46 +0100)] 
hw/mips/malta: Remove fl_sectors variable

Variable fl_sectors is used just once.  Since
fl_sectors = bios_size >> 16 and bios_size = FLASH_SIZE there,
we can simply use FLASH_SIZE >> 16, and eliminate variable.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190308094610.21210-12-armbru@redhat.com>

2 years agomips_malta: Delete disabled, broken DEBUG_BOARD_INIT code
Markus Armbruster [Fri, 8 Mar 2019 09:46:05 +0000 (10:46 +0100)] 
mips_malta: Delete disabled, broken DEBUG_BOARD_INIT code

The debug code under DEBUG_BOARD_INIT doesn't compile:

      hw/mips/mips_malta.c:1273:16: error: implicit declaration of function ‘blk_name’; did you mean ‘basename’? [-Werror=implicit-function-declaration]
                    blk_name(dinfo->bdrv), fl_sectors);
                    ^~~~~~~~
      hw/mips/mips_malta.c:1273:16: error: nested extern declaration of ‘blk_name’ [-Werror=nested-externs]
      hw/mips/mips_malta.c:1273:30: error: ‘DriveInfo’ {aka ‘struct DriveInfo’} has no member named ‘bdrv’
                    blk_name(dinfo->bdrv), fl_sectors);
                                    ^~

Delete it.

Reported-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-Id: <20190308094610.21210-11-armbru@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agor2d: Fix flash memory size, sector size, width, device ID
Markus Armbruster [Fri, 8 Mar 2019 09:46:04 +0000 (10:46 +0100)] 
r2d: Fix flash memory size, sector size, width, device ID

pflash_cfi02_register() takes a size in bytes, a block size in bytes
and a number of blocks.  r2d_init() passes FLASH_SIZE, 16 * KiB,
FLASH_SIZE >> 16.  Does not compute: size doesn't match block size *
number of blocks.  The latter happens to win: FLASH_SIZE / 4,
i.e. 8MiB.

The best information we have on the physical hardware lists a Cypress
S29PL127J60TFI130 128MiBit NOR flash addressable in words of 16 bits,
in sectors of 4 and 32 Kibiwords.  We don't model multiple sector
sizes.

Fix the flash size from 8 to 16MiB, and adjust the sector size from 16
to 64KiB.  Fix the width from 4 to 2.  While there, supply the real
device IDs 0x0001, 0x227e, 0x2220, 0x2200 instead of zeros.

Cc: Magnus Damm <magnus.damm@gmail.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190308094610.21210-10-armbru@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agoppc405_boards: Don't size flash memory to match backing image
Markus Armbruster [Fri, 8 Mar 2019 09:46:03 +0000 (10:46 +0100)] 
ppc405_boards: Don't size flash memory to match backing image

Machine "ref405ep" maps its flash memory at address 2^32 - image size.
Image size is rounded up to the next multiple of 64KiB.  Useless,
because pflash_cfi02_realize() fails with "failed to read the initial
flash content" unless the rounding is a no-op.

If the image size exceeds 0x80000 Bytes, we overlap first SRAM, then
other stuff.  No idea how that would play out, but useful outcomes
seem unlikely.

Map the flash memory at fixed address 0xFFF80000 with size 512KiB,
regardless of image size, to match the physical hardware.

Machine "taihu" maps its boot flash memory similarly.  The code even
has a comment /* XXX: should check that size is 2MB */, followed by
disabled code to adjust the size to 2MiB regardless of image size.

Its code to map its application flash memory looks the same, except
there the XXX comment asks for 32MiB, and the code to adjust the size
isn't disabled.  Note that pflash_cfi02_realize() fails with "failed
to read the initial flash content" for images smaller than 32MiB.

Map the boot flash memory at fixed address 0xFFE00000 with size 2MiB,
to match the physical hardware.  Delete dead code from application
flash mapping, and simplify some.

Cc: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20190308094610.21210-9-armbru@redhat.com>

2 years agoppc405_boards: Delete stale, disabled DEBUG_BOARD_INIT code
Markus Armbruster [Fri, 8 Mar 2019 09:46:02 +0000 (10:46 +0100)] 
ppc405_boards: Delete stale, disabled DEBUG_BOARD_INIT code

The disabled DEBUG_BOARD_INIT code goes back to the initial commit
1a6c0886203, and has since seen only mechanical updates.  It sure
feels like useless clutter now.  Delete it.

Suggested-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190308094610.21210-8-armbru@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2 years agosam460ex: Don't size flash memory to match backing image
Markus Armbruster [Fri, 8 Mar 2019 09:46:01 +0000 (10:46 +0100)] 
sam460ex: Don't size flash memory to match backing image

Machine "sam460ex" maps its flash memory at address 0xFFF00000.  When
no image is supplied, its size is 1MiB (0x100000), and 512KiB of ROM
get mapped on top of its second half.  Else, it's the size of the
image rounded up to the next multiple of 64KiB.

The rounding is actually useless: pflash_cfi01_realize() fails with
"failed to read the initial flash content" unless it's a no-op.

I have no idea what happens when the pflash's size exceeds 1MiB.
Useful outcomes seem unlikely.

I guess memory at the end of the address space remains unmapped when
it's smaller than 1MiB.  Again, useful outcomes seem unlikely.

The physical hardware appears to have 512KiB of flash memory:
https://eu.mouser.com/datasheet/2/268/atmel_AT49BV040B-1180330.pdf

For now, just set the flash memory size to 1MiB regardless of image
size, and document the mess.

Cc: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20190308094610.21210-7-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2 years agohw: Use PFLASH_CFI0{1,2} and TYPE_PFLASH_CFI0{1,2}
Markus Armbruster [Fri, 8 Mar 2019 09:46:00 +0000 (10:46 +0100)] 
hw: Use PFLASH_CFI0{1,2} and TYPE_PFLASH_CFI0{1,2}

We have two open-coded copies of macro PFLASH_CFI01().  Move the macro
to the header, so we can ditch the copies.  Move PFLASH_CFI02() to the
header for symmetry.

We define macros TYPE_PFLASH_CFI01 and TYPE_PFLASH_CFI02 for type name
strings, then mostly use the strings.  If the macros are worth
defining, they are worth using.  Replace the strings by the macros.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20190308094610.21210-6-armbru@redhat.com>

2 years agopflash: Rename *CFI_PFLASH* to *PFLASH_CFI*
Markus Armbruster [Fri, 8 Mar 2019 09:45:59 +0000 (10:45 +0100)] 
pflash: Rename *CFI_PFLASH* to *PFLASH_CFI*

pflash_cfi01.c and pflash_cfi02.c start their identifiers with
pflash_cfi01_ and pflash_cfi02_ respectively, except for
CFI_PFLASH01(), TYPE_CFI_PFLASH01, CFI_PFLASH02(), TYPE_CFI_PFLASH02.
Rename for consistency.

Suggested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20190308094610.21210-5-armbru@redhat.com>

2 years agopflash_cfi01: Log use of flawed "write to buffer"
Markus Armbruster [Fri, 8 Mar 2019 09:45:58 +0000 (10:45 +0100)] 
pflash_cfi01: Log use of flawed "write to buffer"

Our implementation of "write to buffer" (command 0xE8) is flawed.
LOG_UNIMP its use, and add some FIXME comments.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20190308094610.21210-4-armbru@redhat.com>

2 years agopflash_cfi01: Do not exit() on guest aborting "write to buffer"
Markus Armbruster [Fri, 8 Mar 2019 09:45:57 +0000 (10:45 +0100)] 
pflash_cfi01: Do not exit() on guest aborting "write to buffer"

When a guest tries to abort "write to buffer" (command 0xE8), we print
"PFLASH: Possible BUG - Write block confirm", then exit(1).  Letting
the guest terminate QEMU is not a good idea.  Instead, LOG_UNIMP we
screwed up, then reset the device.

Macro PFLASH_BUG() is now unused; delete it.

Suggested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20190308094610.21210-3-armbru@redhat.com>

2 years agopflash: Rename pflash_t to PFlashCFI01, PFlashCFI02
Markus Armbruster [Fri, 8 Mar 2019 09:45:56 +0000 (10:45 +0100)] 
pflash: Rename pflash_t to PFlashCFI01, PFlashCFI02

flash.h's incomplete struct pflash_t is completed both in
pflash_cfi01.c and in pflash_cfi02.c.  The complete types are
incompatible.  This can hide type errors, such as passing a pflash_t
created with pflash_cfi02_register() to pflash_cfi01_get_memory().

Furthermore, POSIX reserves typedef names ending with _t.

Rename the two structs to PFlashCFI01 and PFlashCFI02.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190308094610.21210-2-armbru@redhat.com>

2 years agoMerge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
Peter Maydell [Mon, 11 Mar 2019 18:26:37 +0000 (18:26 +0000)] 
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* allow building QEMU without TCG or KVM support (Anthony)
* update AMD IOMMU copyright (David)
* compilation fixes for GCC and BSDs (Alexey, David, Paolo, Philippe)
* coalesced I/O bugfix (Jagannathan)
* Processor Tracing cpuid fix (Luwei)
* Kconfig fixes (Paolo, David)
* Cleanups (Paolo, Wei)
* PVH vs. multiboot fix (Stefano)
* LSI bugfixes (Sven)
* elf2dmp Coverity fix (Victor)
* scsi-disk fix (Zhengui)
* authorization support for chardev TLS (Daniel)

# gpg: Signature made Mon 11 Mar 2019 16:12:00 GMT
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (31 commits)
  qemugdb: fix licensing
  chardev: add support for authorization for TLS clients
  qom: cpu: destroy work_mutex in cpu_common_finalize
  exec.c: refactor function flatview_add_to_dispatch()
  lsi: 810/895A are always little endian
  lsi: return dfifo value
  lsi: use SCSI phase names instead of numbers in trace
  lsi: use enum type for s->msg_action
  lsi: use enum type for s->waiting
  lsi: use ldn_le_p()/stn_le_p()
  scsi-disk: Fix crash if request is invaild or disk is no medium
  configure: Disable W^X on OpenBSD
  oslib-posix: Ignore fcntl("/dev/null", F_SETFL, O_NONBLOCK) failure
  accel: Allow to build QEMU without TCG or KVM support
  build: clean trace/generated-helpers.c
  build: remove unnecessary assignments from Makefile.target
  build: get rid of target-obj-y
  update copyright notice
  lsi: check if SIGP bit is already set in Wait reselect
  lsi: implement basic SBCL functionality
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-mar-11-2019' into...
Peter Maydell [Mon, 11 Mar 2019 17:16:38 +0000 (17:16 +0000)] 
Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-mar-11-2019' into staging

MIPS queue for March 11th, 2019

# gpg: Signature made Mon 11 Mar 2019 14:16:09 GMT
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic/tags/mips-queue-mar-11-2019:
  target/mips: Add tests for a variety of MSA integer subtract instructions
  target/mips: Add tests for a variety of MSA integer multiply instructions
  target/mips: Add tests for a variety of MSA integer dot product instructions
  target/mips: Add tests for a variety of MSA integer divide instructions
  target/mips: Add tests for a variety of MSA integer average instructions
  tests/tcg: target/mips: Rename two header files for consistency
  tests/tcg: target/mips: Correct preambles of test source files

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoMerge remote-tracking branch 'remotes/cohuck/tags/s390x-20190311' into staging
Peter Maydell [Mon, 11 Mar 2019 16:27:14 +0000 (16:27 +0000)] 
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20190311' into staging

s390x update:
- clean up LowCore definition
- first part of vector instruction support for tcg

# gpg: Signature made Mon 11 Mar 2019 08:59:02 GMT
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20190311: (33 commits)
  s390x/tcg: Implement VECTOR UNPACK *
  s390x/tcg: Implement VECTOR STORE WITH LENGTH
  s390x/tcg: Implement VECTOR STORE MULTIPLE
  s390x/tcg: Implement VECTOR STORE ELEMENT
  s390x/tcg: Implement VECTOR STORE
  s390x/tcg: Provide probe_write_access helper
  s390x/tcg: Implement VECTOR SIGN EXTEND TO DOUBLEWORD
  s390x/tcg: Implement VECTOR SELECT
  s390x/tcg: Implement VECTOR SCATTER ELEMENT
  s390x/tcg: Implement VECTOR REPLICATE IMMEDIATE
  s390x/tcg: Implement VECTOR REPLICATE
  s390x/tcg: Implement VECTOR PERMUTE DOUBLEWORD IMMEDIATE
  s390x/tcg: Implement VECTOR PERMUTE
  s390x/tcg: Implement VECTOR PACK *
  s390x/tcg: Implement VECTOR MERGE (HIGH|LOW)
  s390x/tcg: Implement VECTOR LOAD WITH LENGTH
  s390x/tcg: Implement VECTOR LOAD VR FROM GRS DISJOINT
  s390x/tcg: Implement VECTOR LOAD VR ELEMENT FROM GR
  s390x/tcg: Implement VECTOR LOAD TO BLOCK BOUNDARY
  s390x/tcg: Implement VECTOR LOAD MULTIPLE
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agoqemugdb: fix licensing
Paolo Bonzini [Mon, 11 Mar 2019 12:13:53 +0000 (13:13 +0100)] 
qemugdb: fix licensing

qemu-gdb.py was committed after 2012-01-13, so the notice about
GPL v2-only contributions does not apply.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agochardev: add support for authorization for TLS clients
Daniel P. Berrange [Fri, 8 Mar 2019 15:21:50 +0000 (15:21 +0000)] 
chardev: add support for authorization for TLS clients

Currently any client which can complete the TLS handshake is able to use
a chardev server. The server admin can turn on the 'verify-peer' option
for the x509 creds to require the client to provide a x509
certificate. This means the client will have to acquire a certificate
from the CA before they are permitted to use the chardev server. This is
still a fairly low bar.

This adds a 'tls-authz=OBJECT-ID' option to the socket chardev backend
which takes the ID of a previously added 'QAuthZ' object instance. This
will be used to validate the client's x509 distinguished name. Clients
failing the check will not be permitted to use the chardev server.

For example to setup authorization that only allows connection from a
client whose x509 certificate distinguished name contains 'CN=fred', you
would use:

  $QEMU -object tls-creds-x509,id=tls0,dir=/home/berrange/qemutls,\
                endpoint=server,verify-peer=yes \
        -object authz-simple,id=authz0,identity=CN=laptop.example.com,,\
                O=Example Org,,L=London,,ST=London,,C=GB \
        -chardev socket,host=127.0.0.1,port=9000,server,\
         tls-creds=tls0,tls-authz=authz0 \
        ...other qemu args...

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2 years agoqom: cpu: destroy work_mutex in cpu_common_finalize
Li Qiang [Wed, 2 Jan 2019 07:41:14 +0000 (23:41 -0800)] 
qom: cpu: destroy work_mutex in cpu_common_finalize

Commit 376692b9dc6(cpus: protect work list with work_mutex)
initialize a work_mutex in cpu_common_initfn, however forget
to destroy it. This will cause resource leak when hotunplug cpu
or hotplug cpu fails.

Signed-off-by: Li Qiang <liq3ea@163.com>
Message-Id: <20190102074114.26988-1-liq3ea@163.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoexec.c: refactor function flatview_add_to_dispatch()
Wei Yang [Mon, 11 Mar 2019 05:42:52 +0000 (13:42 +0800)] 
exec.c: refactor function flatview_add_to_dispatch()

flatview_add_to_dispatch() registers page based on the condition of
*section*, which may looks like this:

    |s|PPPPPPP|s|

where s stands for subpage and P for page.

The procedure of this function could be described as:

    - register first subpage
    - register page
    - register last subpage

This means the procedure could be simplified into these three steps
instead of a loop iteration.

This patch refactors the function into three corresponding steps and
adds some comment to clarify it.

Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190311054252.6094-1-richardw.yang@linux.intel.com>
[Paolo: move exit before adjustment of remain.offset_within_*,
 otherwise int128_get64 fails when a region is 2^64 bytes long]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agolsi: 810/895A are always little endian
Sven Schnelle [Mon, 18 Feb 2019 17:55:28 +0000 (18:55 +0100)] 
lsi: 810/895A are always little endian

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Message-Id: <20190218175529.11237-1-svens@stackframe.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agolsi: return dfifo value
Sven Schnelle [Tue, 5 Mar 2019 19:55:19 +0000 (20:55 +0100)] 
lsi: return dfifo value

Code was assigning DFIFO, but didn't return the value to users.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Message-Id: <20190305195519.24303-6-svens@stackframe.org>

2 years agolsi: use SCSI phase names instead of numbers in trace
Sven Schnelle [Tue, 5 Mar 2019 19:55:18 +0000 (20:55 +0100)] 
lsi: use SCSI phase names instead of numbers in trace

This makes trace logs much easier to read, especially for
people who are not fluent in SCSI.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190305195519.24303-5-svens@stackframe.org>

2 years agolsi: use enum type for s->msg_action
Sven Schnelle [Tue, 5 Mar 2019 19:55:17 +0000 (20:55 +0100)] 
lsi: use enum type for s->msg_action

This makes the code easier to read - no functional change.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190305195519.24303-4-svens@stackframe.org>

2 years agolsi: use enum type for s->waiting
Sven Schnelle [Tue, 5 Mar 2019 19:55:16 +0000 (20:55 +0100)] 
lsi: use enum type for s->waiting

This makes the code easier to read - no functional change.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190305195519.24303-3-svens@stackframe.org>

2 years agolsi: use ldn_le_p()/stn_le_p()
Sven Schnelle [Tue, 5 Mar 2019 19:55:15 +0000 (20:55 +0100)] 
lsi: use ldn_le_p()/stn_le_p()

Instead of using the open-coded versions, use the helper already
present as this makes the code easier to read and less error-prone.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190305195519.24303-2-svens@stackframe.org>

2 years agoscsi-disk: Fix crash if request is invaild or disk is no medium
Zhengui Li [Thu, 7 Mar 2019 09:12:46 +0000 (17:12 +0800)] 
scsi-disk: Fix crash if request is invaild or disk is no medium

Qemu will crash with the assertion error that "assert(r->req.aiocb !=
NULL)" in scsi_read_complete if request is invaild or disk is no medium.
The error is below:
qemu-kvm: hw/scsi/scsi_disk.c:299: scsi_read_complete: Assertion
`r->req.aiocb != NULL' failed.

This patch add a funtion scsi_read_complete_noio to fix it.

Signed-off-by: Zhengui Li <lizhengui@huawei.com>
Message-Id: <1551949966-20092-1-git-send-email-lizhengui@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoconfigure: Disable W^X on OpenBSD
Philippe Mathieu-Daudé [Thu, 7 Mar 2019 14:28:22 +0000 (15:28 +0100)] 
configure: Disable W^X on OpenBSD

Since OpenBSD 6.0 [1], W^X is enforced by default [2].
TCG requires WX access. Disable W^X if it is available.
This fixes:

  # lm32-softmmu/qemu-system-lm32
  Could not allocate dynamic translator buffer

  # sysctl kern.wxabort=1
  kern.wxabort: 0 -> 1
  # lm32-softmmu/qemu-system-lm32
  mmap: Not supported
  Abort trap (core dumped)
  # gdb -q lm32-softmmu/qemu-system-lm32 qemu-system-lm32.core
  (gdb) bt
  #0  0x000017e3c156c50a in _thread_sys___syscall () at {standard input}:5
  #1  0x000017e3c15e5d7a in *_libc_mmap (addr=Variable "addr" is not available.) at /usr/src/lib/libc/sys/mmap.c:47
  #2  0x000017e17d9abc8b in alloc_code_gen_buffer () at /usr/src/qemu/accel/tcg/translate-all.c:1064
  #3  0x000017e17d9abd04 in code_gen_alloc (tb_size=0) at /usr/src/qemu/accel/tcg/translate-all.c:1112
  #4  0x000017e17d9abe81 in tcg_exec_init (tb_size=0) at /usr/src/qemu/accel/tcg/translate-all.c:1149
  #5  0x000017e17d9897e9 in tcg_init (ms=0x17e45e456800) at /usr/src/qemu/accel/tcg/tcg-all.c:66
  #6  0x000017e17d9891b8 in accel_init_machine (acc=0x17e3c3f50800, ms=0x17e45e456800) at /usr/src/qemu/accel/accel.c:63
  #7  0x000017e17d989312 in configure_accelerator (ms=0x17e45e456800, progname=0x7f7fffff07b0 "lm32-softmmu/qemu-system-lm32") at /usr/src/qemu/accel/accel.c:111
  #8  0x000017e17d9d8616 in main (argc=1, argv=0x7f7fffff06b8, envp=0x7f7fffff06c8) at vl.c:4325

[1] https://www.openbsd.org/faq/upgrade60.html
[2] https://undeadly.org/cgi?action=article&sid=20160527203200

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190307142822.8531-3-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agooslib-posix: Ignore fcntl("/dev/null", F_SETFL, O_NONBLOCK) failure
Philippe Mathieu-Daudé [Thu, 7 Mar 2019 14:28:21 +0000 (15:28 +0100)] 
oslib-posix: Ignore fcntl("/dev/null", F_SETFL, O_NONBLOCK) failure

Previous to OpenBSD 6.3 [1], fcntl(F_SETFL) is not permitted on
memory devices.
Trying this call sets errno to ENODEV ("not a memory device"):

  19 ENODEV Operation not supported by device.
    An attempt was made to apply an inappropriate function to a device,
    for example, trying to read a write-only device such as a printer.

Do not assert fcntl failures in this specific case (errno set to ENODEV)
on OpenBSD. This fixes:

  $ lm32-softmmu/qemu-system-lm32
  assertion "f != -1" failed: file "util/oslib-posix.c", line 247, function "qemu_set_nonblock"
  Abort trap (core dumped)

[1] The fix seems https://github.com/openbsd/src/commit/c2a35b387f9d3c
  "fcntl(F_SETFL) invokes the FIONBIO and FIOASYNC ioctls internally, so
  the memory devices (/dev/null, /dev/zero, etc) need to permit them."

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190307142822.8531-2-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoaccel: Allow to build QEMU without TCG or KVM support
Anthony PERARD [Wed, 16 Jan 2019 17:35:27 +0000 (17:35 +0000)] 
accel: Allow to build QEMU without TCG or KVM support

Instead of deny build of QEMU without a default accelerator, simply
report an error when the user haven't passed -accel or -machine accel=
and TCG and KVM isn't builtin.

./configure already check that at least one accelerator is available.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agobuild: clean trace/generated-helpers.c
Paolo Bonzini [Fri, 15 Feb 2019 09:23:00 +0000 (10:23 +0100)] 
build: clean trace/generated-helpers.c

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agobuild: remove unnecessary assignments from Makefile.target
Paolo Bonzini [Fri, 15 Feb 2019 09:15:22 +0000 (10:15 +0100)] 
build: remove unnecessary assignments from Makefile.target

It is only necessary to clear block-obj-y because Makefile.objs
uses "+=" instead of "="; fix that and remove the assignment.
The other variables need not be cleared at all.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agobuild: get rid of target-obj-y
Paolo Bonzini [Fri, 8 Mar 2019 16:39:08 +0000 (17:39 +0100)] 
build: get rid of target-obj-y

It is possible to specify the trace/ directory already in objs-y;
there is no need to have a separate unnest-vars invocation.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoupdate copyright notice
David Kiarie [Mon, 4 Mar 2019 15:18:27 +0000 (18:18 +0300)] 
update copyright notice

Signed-off-by: David Kiarie <davidkiarie4@gmail.com>
Message-Id: <20190304151827.1813-2-davidkiarie4@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agolsi: check if SIGP bit is already set in Wait reselect
Sven Schnelle [Sun, 17 Feb 2019 11:37:17 +0000 (12:37 +0100)] 
lsi: check if SIGP bit is already set in Wait reselect

If SIGP is set, the 'Wait for Reselection' command should jump
immediately to the address stored in the second DWORD of the
instruction. This fixes spurious hangs in the HP-UX 11.11
installer when the SIGP bit gets set by the kernel before the
'Wait for Reselection' command is executed by SCRIPTS.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Tested-by: Helge Deller <deller@gmx.de>
Message-Id: <20190217113717.7077-1-svens@stackframe.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agolsi: implement basic SBCL functionality
Sven Schnelle [Fri, 15 Feb 2019 19:40:21 +0000 (20:40 +0100)] 
lsi: implement basic SBCL functionality

HP-UX checks this register after sending data to the target. If there's no valid
information present, it assumes the client disconnected because the kernel sent
to much data. Implement at least some of the SBCL functionality that is possible
without having a real SCSI bus.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Message-Id: <20190215194021.20543-1-svens@stackframe.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agovirtio-scsi: Fix build with gcc 9
Greg Kurz [Thu, 28 Feb 2019 17:59:42 +0000 (18:59 +0100)] 
virtio-scsi: Fix build with gcc 9

Build fails with gcc 9:

  CC      ppc64-softmmu/hw/scsi/virtio-scsi.o
hw/scsi/virtio-scsi.c: In function â€˜virtio_scsi_do_tmf’:
hw/scsi/virtio-scsi.c:265:39: error: taking address of packed member of â€˜struct virtio_scsi_ctrl_tmf_req’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
  265 |     virtio_tswap32s(VIRTIO_DEVICE(s), &req->req.tmf.subtype);
      |                                       ^~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

All the fields in struct virtio_scsi_ctrl_tmf_req are naturally aligned,
so we could in theory drop QEMU_PACKED. Unfortunately, the header file
is imported from linux which already has the packed attribute. Trying to
fix that in the update-linux-headers.sh script is likely to produce
ugliness. Turn the call to virtio_tswap32s() into an assignment instead.

Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <155137678223.44753.5438092367451176318.stgit@bahia.lan>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoi386: extended the cpuid_level when Intel PT is enabled
Luwei Kang [Tue, 29 Jan 2019 23:52:59 +0000 (18:52 -0500)] 
i386: extended the cpuid_level when Intel PT is enabled

Intel Processor Trace required CPUID[0x14] but the cpuid_level
have no change when create a kvm guest with
e.g. "-cpu qemu64,+intel-pt".

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Luwei Kang <luwei.kang@intel.com>
Message-Id: <1548805979-12321-1-git-send-email-luwei.kang@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotarget-i386: add kvm stubs to user-mode emulators
Paolo Bonzini [Thu, 28 Feb 2019 09:23:18 +0000 (10:23 +0100)] 
target-i386: add kvm stubs to user-mode emulators

The CPUID code will call kvm_arch_get_supported_cpuid() and, even though
it is undef kvm_enabled() so it never runs for user-mode emulators,
sometimes clang will not optimize it out at -O0.

That could be considered a compiler bug, however at -O0 we give it
a pass and just add the stubs.

Reported-by: Kamil Rytarowski <n54@gmx.com>
Tested-by: Kamil Rytarowski <n54@gmx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoconfigure: Enable werror for git worktrees
Alexey Kardashevskiy [Thu, 28 Feb 2019 04:35:03 +0000 (15:35 +1100)] 
configure: Enable werror for git worktrees

The configure script checks multiple times whether it works in a git
repository and it does this by "test -e "${source_path}/.git" in 4 cases
but in one case where it tries to enable werror "-d" is used there which
fails on git worktrees as .git is a file then and not a directory.

This changes the test to "-e" as other occurrences.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Message-Id: <20190228043503.68494-1-aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agocontrib/elf2dmp: add kernel start address checking
Viktor Prutyanov [Tue, 19 Feb 2019 21:19:36 +0000 (00:19 +0300)] 
contrib/elf2dmp: add kernel start address checking

Before this patch, if elf2dmp failed to find NT kernel PE magic in
allowed virtual address range, then it assumes NULL as NT kernel
address and cause segfault.

This patch fix the problem described above by checking NT kernel address
before futher processing.

Signed-off-by: Viktor Prutyanov <viktor.prutyanov@phystech.edu>
Message-Id: <20190219211936.6466-1-viktor.prutyanov@phystech.edu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoblock/iscsi: Restrict Linux-specific code
Philippe Mathieu-Daudé [Wed, 20 Feb 2019 00:05:53 +0000 (01:05 +0100)] 
block/iscsi: Restrict Linux-specific code

Some Linux specific code is missing guards, leading to
build failure on OSX:

  $ sudo brew install libiscsi
  $ ./configure && make
  [...]
    CC      block/iscsi.o
  qemu/block/iscsi.c:338:24: error: 'iscsi_aiocb_info' defined but not used [-Werror=unused-const-variable=]
   static const AIOCBInfo iscsi_aiocb_info = {
                          ^~~~~~~~~~~~~~~~
  qemu/block/iscsi.c:168:1: error: 'iscsi_schedule_bh' defined but not used [-Werror=unused-function]
   iscsi_schedule_bh(IscsiAIOCB *acb)
   ^~~~~~~~~~~~~~~~~
  cc1: all warnings being treated as errors

Add guards to restrict this code for Linux.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190220000553.28438-1-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agohw/i386/pc: run the multiboot loader before the PVH loader
Stefano Garzarella [Thu, 14 Feb 2019 18:02:16 +0000 (19:02 +0100)] 
hw/i386/pc: run the multiboot loader before the PVH loader

Some multiboot images could be in the ELF format. In the current
implementation QEMU fails because we try to load these images
as a PVH image.

In order to fix this issue, we should try multiboot first (we
already check the multiboot magic header before to load it).
If it is not a multiboot image, we can try the PVH loader.

Fixes: ab969087da6 ("pvh: Boot uncompressed kernel using direct boot ABI", 2019-01-15)
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Message-Id: <20190214180216.246707-1-sgarzare@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agotests: test-qgraph: fix a memory leak
Li Qiang [Sun, 10 Mar 2019 16:02:27 +0000 (09:02 -0700)] 
tests: test-qgraph: fix a memory leak

Spotted by ASAN when 'make check'.

Signed-off-by: Li Qiang <liq3ea@163.com>
Message-Id: <20190310160227.103090-1-liq3ea@163.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Fixes: fc281c80202
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoriscv/Kconfig: enable PCI_DEVICES
David Abdurachmanov [Mon, 11 Mar 2019 09:12:56 +0000 (10:12 +0100)] 
riscv/Kconfig: enable PCI_DEVICES

Re-enable PCI_DEVICES for RISC-V.
The patch is based on other <arch>/Kconfig.

Signed-off-by: David Abdurachmanov <david.abdurachmanov@gmail.com>
Fixes: 82a230d5a303 ("riscv-softmmu.mak: replace CONFIG_* with Kconfig "select" directives")
Message-Id: <20190311091256.18385-1-david.abdurachmanov@gmail.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/kraxel/tags/vga-20190311-v2-pull-request' into...
Peter Maydell [Mon, 11 Mar 2019 13:45:37 +0000 (13:45 +0000)] 
Merge remote-tracking branch 'remotes/kraxel/tags/vga-20190311-v2-pull-request' into staging

vga: virtio reset fix, add ati emulation.

# gpg: Signature made Mon 11 Mar 2019 08:50:12 GMT
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20190311-v2-pull-request:
  mips_fulong2e: Add on-board graphics chip
  hw/display: Add basic ATI VGA emulation
  virtio-gpu: make virtio_gpu_reset static
  virtio-vga: fix reset.
  virtio: add class_size to VirtioPCIDeviceTypeInfo

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agovfio-pci: enable by default
Paolo Bonzini [Fri, 8 Mar 2019 17:33:27 +0000 (18:33 +0100)] 
vfio-pci: enable by default

CONFIG_VFIO_PCI was not "default y" - and once you do that, it is also
important to disable it if PCI is not there.

Reported-by: Alex Williamson <alex.williamson@redhat.com>
Tested-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agomemory: Do not update coalesced IO range in the case of NOP
Jagannathan Raman [Tue, 5 Feb 2019 22:50:19 +0000 (17:50 -0500)] 
memory: Do not update coalesced IO range in the case of NOP

Do not add/del coalesced IO ranges in the case where the
same FlatRanges are present in both old and new FlatViews

Fixes: 3ac7d43a6fbb ("memory: update coalesced_range on transaction_commit")
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Message-Id: <59572a7353830be4b7aa57d79ccb7ad6b72f0dda.1549406119.git.jag.raman@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2 years agoMerge remote-tracking branch 'remotes/kraxel/tags/ui-20190311-v2-pull-request' into...
Peter Maydell [Mon, 11 Mar 2019 12:52:44 +0000 (12:52 +0000)] 
Merge remote-tracking branch 'remotes/kraxel/tags/ui-20190311-v2-pull-request' into staging

curses: wide char input support.
vnc: acl update, stall fix.

# gpg: Signature made Mon 11 Mar 2019 08:25:24 GMT
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/ui-20190311-v2-pull-request:
  monitor: deprecate acl_show, acl_reset, acl_policy, acl_add, acl_remove
  vnc: allow specifying a custom authorization object name
  vnc: fix update stalls
  curses: support wide input
  Reduce curses escdelay from 1s to 25ms

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 years agotarget/mips: Add tests for a variety of MSA integer subtract instructions
Mateja Marjanovic [Thu, 7 Mar 2019 13:22:09 +0000 (14:22 +0100)] 
target/mips: Add tests for a variety of MSA integer subtract instructions

Add tests for a variety of MSA integer subtract instructions.

Signed-off-by: Mateja Marjanovic <mateja.marjanovic@rt-rk.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-Id: <1551964929-17845-6-git-send-email-mateja.marjanovic@rt-rk.com>

2 years agotarget/mips: Add tests for a variety of MSA integer multiply instructions
Mateja Marjanovic [Thu, 7 Mar 2019 13:22:08 +0000 (14:22 +0100)] 
target/mips: Add tests for a variety of MSA integer multiply instructions

Add tests for a variety of MSA integer multiply instructions.

Signed-off-by: Mateja Marjanovic <mateja.marjanovic@rt-rk.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-Id: <1551964929-17845-5-git-send-email-mateja.marjanovic@rt-rk.com>

2 years agotarget/mips: Add tests for a variety of MSA integer dot product instructions
Mateja Marjanovic [Thu, 7 Mar 2019 13:22:07 +0000 (14:22 +0100)] 
target/mips: Add tests for a variety of MSA integer dot product instructions

Add tests for a variety of MSA integer dot product instructions.

Signed-off-by: Mateja Marjanovic <mateja.marjanovic@rt-rk.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-Id: <1551964929-17845-4-git-send-email-mateja.marjanovic@rt-rk.com>

2 years agotarget/mips: Add tests for a variety of MSA integer divide instructions
Mateja Marjanovic [Thu, 7 Mar 2019 13:22:06 +0000 (14:22 +0100)] 
target/mips: Add tests for a variety of MSA integer divide instructions

Add tests for a variety of MSA integer divide instructions.

Signed-off-by: Mateja Marjanovic <mateja.marjanovic@rt-rk.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-Id: <1551964929-17845-3-git-send-email-mateja.marjanovic@rt-rk.com>

2 years agotarget/mips: Add tests for a variety of MSA integer average instructions
Mateja Marjanovic [Thu, 7 Mar 2019 13:22:05 +0000 (14:22 +0100)] 
target/mips: Add tests for a variety of MSA integer average instructions

Add tests for a variety of MSA integer average instructions.

Signed-off-by: Mateja Marjanovic <mateja.marjanovic@rt-rk.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-Id: <1551964929-17845-2-git-send-email-mateja.marjanovic@rt-rk.com>

2 years agotests/tcg: target/mips: Rename two header files for consistency
Aleksandar Markovic [Thu, 7 Mar 2019 18:01:56 +0000 (19:01 +0100)] 
tests/tcg: target/mips: Rename two header files for consistency

Rename two header files for consistency and clarity. Do all other
changes to accommodate new names.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <amarkovic@wavecomp.com>
Message-Id: <1551981716-30664-3-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agotests/tcg: target/mips: Correct preambles of test source files
Aleksandar Markovic [Thu, 7 Mar 2019 18:01:55 +0000 (19:01 +0100)] 
tests/tcg: target/mips: Correct preambles of test source files

Correct preambles of test source files.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <amarkovic@wavecomp.com>
Message-Id: <1551981716-30664-2-git-send-email-aleksandar.markovic@rt-rk.com>

2 years agoMakefile: Don't install non-sphinx files in sphinx docs install
Peter Maydell [Fri, 8 Mar 2019 13:57:44 +0000 (13:57 +0000)] 
Makefile: Don't install non-sphinx files in sphinx docs install

If we're doing an out-of-tree build of Sphinx, then we
copy some extra spurious files to the install directory
as part of 'make install':
qemu-ga-qapi.texi
qemu-ga-ref.7
qemu-ga-ref.7.pod
qemu-ga-ref.html
qemu-ga-ref.txt
qemu-qmp-qapi.texi
qemu-qmp-ref.7
qemu-qmp-ref.7.pod
qemu-qmp-ref.html
qemu-qmp-ref.txt

because these have been built into build/docs/interop along
with the Sphinx interop documents. Filter them out of the
set of files we install when we're installing the Sphinx-built
manual files. (They are installed into their correct locations
as part of the main install-doc target already.)

Fixes: 5f71eac06e15b9a3fa1134d446f ("Makefile, configure: Support building rST documentation")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190308135744.6480-4-peter.maydell@linaro.org

2 years agoMakefile: Fix 'make distclean'
Peter Maydell [Fri, 8 Mar 2019 13:57:43 +0000 (13:57 +0000)] 
Makefile: Fix 'make distclean'

We forgot the '-r' option on the rm command to clean up the
Sphinx .doctrees working directory, which meant that
"make distclean" fails:
 rm: cannot remove '.doctrees': Is a directory

Add the missing option.

Fixes: 5f71eac06e15b9a3fa1134d446f ("Makefile, configure: Support building rST documentation")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190308135744.6480-3-peter.maydell@linaro.org

2 years agoMakefile: Fix Sphinx documentation builds for in-tree builds
Peter Maydell [Fri, 8 Mar 2019 13:57:42 +0000 (13:57 +0000)] 
Makefile: Fix Sphinx documentation builds for in-tree builds

The Sphinx build-sphinx tool does not permit building a manual
into the same directory as its source files. This meant that
commit 5f71eac06e15b9a3fa1134d446f broke QEMU in-source-tree
builds, which would fail with:
  Error: source directory and destination directory are same.

Fix this by making in-tree builds build the Sphinx manuals
into a subdirectory of docs/.

Fixes: 5f71eac06e15b9a3fa1134d446f ("Makefile, configure: Support building rST documentation")
Reported-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190308135744.6480-2-peter.maydell@linaro.org

2 years agos390x/tcg: Implement VECTOR UNPACK *
David Hildenbrand [Thu, 7 Mar 2019 12:15:39 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR UNPACK *

Combine all variant in a single handler. As source and destination
have different element sizes, we can't use gvec expansion. Expand
manually. Also watch out for overlapping source and destination
registers. Use a safe evaluation order depending on the operation.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-33-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR STORE WITH LENGTH
David Hildenbrand [Thu, 7 Mar 2019 12:15:38 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR STORE WITH LENGTH

Very similar to VECTOR LOAD WITH LENGTH, just the opposite direction.
Properly probe write access before modifying memory.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-32-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR STORE MULTIPLE
David Hildenbrand [Thu, 7 Mar 2019 12:15:37 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR STORE MULTIPLE

Similar to VECTOR LOAD MULTIPLE, just the opposite direction. Probe
write access first.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-31-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR STORE ELEMENT
David Hildenbrand [Thu, 7 Mar 2019 12:15:36 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR STORE ELEMENT

As we only store one element, there is nothing to consider regarding
exceptions.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-30-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR STORE
David Hildenbrand [Thu, 7 Mar 2019 12:15:35 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR STORE

Properly probe the whole access first.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-29-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Provide probe_write_access helper
David Hildenbrand [Thu, 7 Mar 2019 12:15:34 +0000 (13:15 +0100)] 
s390x/tcg: Provide probe_write_access helper

Instead of checking e.g. the first access on every touched page, we should
check the actual access, otherwise we might get false positives when Low
Address Protection (LAP) is active. As probe_write() can only deal with
accesses to one page, we have to loop.

Use i64 for the length, although not needed - easier to reuse
TCG temps we already have in the translation functions where this will
be used. Also allow it to be used from other helpers.

Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-28-david@redhat.com>
[CH: add missing page_check_range()]
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR SIGN EXTEND TO DOUBLEWORD
David Hildenbrand [Thu, 7 Mar 2019 12:15:33 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR SIGN EXTEND TO DOUBLEWORD

Load both elements signed and store them into the two 64 bit elements.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-27-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR SELECT
David Hildenbrand [Thu, 7 Mar 2019 12:15:32 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR SELECT

Provide an implementation based on i64 and on real host vectors.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-26-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR SCATTER ELEMENT
David Hildenbrand [Thu, 7 Mar 2019 12:15:31 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR SCATTER ELEMENT

Similar to VECTOR GATHER ELEMENT, but the other direction.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-25-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR REPLICATE IMMEDIATE
David Hildenbrand [Thu, 7 Mar 2019 12:15:30 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR REPLICATE IMMEDIATE

Like VECTOR REPLICATE, but the element to be replicated comes from an
immediate.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-24-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR REPLICATE
David Hildenbrand [Thu, 7 Mar 2019 12:15:29 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR REPLICATE

Replicate via the special gvec helper.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-23-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR PERMUTE DOUBLEWORD IMMEDIATE
David Hildenbrand [Thu, 7 Mar 2019 12:15:28 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR PERMUTE DOUBLEWORD IMMEDIATE

Read the whole input before modifying the destination vector.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-22-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR PERMUTE
David Hildenbrand [Thu, 7 Mar 2019 12:15:27 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR PERMUTE

Take care of overlying inputs and outputs by using a temporary vector.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-21-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR PACK *
David Hildenbrand [Thu, 7 Mar 2019 12:15:26 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR PACK *

This is a big one. Luckily we only have a limited set of such nasty
instructions.

We'll implement all variants with helpers, except when sources and
the destination don't overlap for VECTOR PACK. Provide different helpers
when the cc is to be modified. We'll return the cc then via env->cc_op.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-20-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR MERGE (HIGH|LOW)
David Hildenbrand [Thu, 7 Mar 2019 12:15:25 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR MERGE (HIGH|LOW)

We cannot use gvec expansion as source and destination elements are
have different element numbers. So we'll expand using a fancy loop.
Also, we have to take care of overlapping source and destination
registers, therefore use a safe evaluation irder depending on the
operation.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-19-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD WITH LENGTH
David Hildenbrand [Thu, 7 Mar 2019 12:15:24 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD WITH LENGTH

We can reuse the helper introduced along with VECTOR LOAD TO BLOCK
BOUNDARY. We just have to take care of converting the highest index into
a length.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-18-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD VR FROM GRS DISJOINT
David Hildenbrand [Thu, 7 Mar 2019 12:15:23 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD VR FROM GRS DISJOINT

Fairly easy, just load from to gprs into a single vector.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-17-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD VR ELEMENT FROM GR
David Hildenbrand [Thu, 7 Mar 2019 12:15:22 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD VR ELEMENT FROM GR

Very similar to VECTOR LOAD GR FROM VR ELEMENT, just the opposite
direction. Also provide a fast path in case we don't care about the
register content.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-16-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD TO BLOCK BOUNDARY
David Hildenbrand [Thu, 7 Mar 2019 12:15:21 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD TO BLOCK BOUNDARY

Very similar to LOAD COUNT TO BLOCK BOUNDARY, but instead of only
calculating, the actual vector is loaded. Use a temporary vector to
not modify the real vector on exceptions. Initialize that one to zero,
to not leak any data. Provide a fast path if we're loading a full
vector.

As we don't have gvec ool handlers for single vectors, just calculate
the vector address manually.

We can reuse the helper later on for VECTOR LOAD WITH LENGTH. In fact,
we are going to name it "vll" right from the beginning, because that's
a better match.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-15-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD MULTIPLE
David Hildenbrand [Thu, 7 Mar 2019 12:15:20 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD MULTIPLE

Try to load the last element first. Access to the first element will
be checked afterwards. This way, we can guarantee that the vector is
not modified before we checked for all possible exceptions. (16 vectors
cannot cross more than two pages)

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-14-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD LOGICAL ELEMENT AND ZERO
David Hildenbrand [Thu, 7 Mar 2019 12:15:19 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD LOGICAL ELEMENT AND ZERO

Fairly easy, zero out the vector before we load the desired element.
Load the element before touching the vector.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-13-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD GR FROM VR ELEMENT
David Hildenbrand [Thu, 7 Mar 2019 12:15:18 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD GR FROM VR ELEMENT

To avoid an helper, we have to do the actual calculation of the element
address (offset in cpu_env + cpu_env) manually. Factor that out into
get_vec_element_ptr_i64(). The same logic will be reused for "VECTOR
LOAD VR ELEMENT FROM GR".

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-12-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD ELEMENT IMMEDIATE
David Hildenbrand [Thu, 7 Mar 2019 12:15:17 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD ELEMENT IMMEDIATE

Take care of properly sign-extending the immediate.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-11-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD ELEMENT
David Hildenbrand [Thu, 7 Mar 2019 12:15:16 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD ELEMENT

Fairly easy, load with desired size and store it into the right element.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-10-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD AND REPLICATE
David Hildenbrand [Thu, 7 Mar 2019 12:15:15 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD AND REPLICATE

We can use tcg_gen_gvec_dup_i64() to carry out the duplication.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-9-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR LOAD
David Hildenbrand [Thu, 7 Mar 2019 12:15:14 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR LOAD

When loading from memory, load both elements into temps first before
modifying the target vector

Loading with strange alingment from the end of the address space will
not properly wrap, we can ignore that for now.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-8-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR GENERATE MASK
David Hildenbrand [Thu, 7 Mar 2019 12:15:13 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR GENERATE MASK

Add gen_gvec_dupi() for handling duplication of immediates, so it can
be reused later.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-7-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 years agos390x/tcg: Implement VECTOR GENERATE BYTE MASK
David Hildenbrand [Thu, 7 Mar 2019 12:15:12 +0000 (13:15 +0100)] 
s390x/tcg: Implement VECTOR GENERATE BYTE MASK

Let's optimize it for the common cases (setting a vector to zero or all
ones) - courtesy of Richard.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190307121539.12842-6-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>