qemu.git
9 hours agoMerge remote-tracking branch 'remotes/kraxel/tags/usb-20210122-pull-request' into... staging 245720912
Peter Maydell [Fri, 22 Jan 2021 22:37:55 +0000 (22:37 +0000)] 
Merge remote-tracking branch 'remotes/kraxel/tags/usb-20210122-pull-request' into staging

usb: cleanups and fixes.
usb: add pcap support.

# gpg: Signature made Fri 22 Jan 2021 17:48:35 GMT
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/usb-20210122-pull-request:
  usb-host: map LIBUSB_SPEED_SUPER_PLUS to USB_SPEED_SUPER
  usb: add pcap support.
  hw/usb/dev-uas: Report command additional adb length as unsupported
  scsi/utils: Add INVALID_PARAM_VALUE sense code definition
  hw/usb/hcd-xhci: Fix extraneous format-truncation error on 32-bit hosts
  hw/usb: Convert to qdev_realize()
  hw/usb: Fix bad printf format specifiers
  hw/usb/host-libusb.c: fix build with kernel < 5.0

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18 hours agousb-host: map LIBUSB_SPEED_SUPER_PLUS to USB_SPEED_SUPER
Gerd Hoffmann [Thu, 21 Jan 2021 15:08:32 +0000 (16:08 +0100)] 
usb-host: map LIBUSB_SPEED_SUPER_PLUS to USB_SPEED_SUPER

Handle host superspeedplus (usb 3.1+) devices like superspeed (usb 3.0)
devices.  That is enough to get them handled properly by xhci.  They show
up as superspeed devices inside the guest, but should be able to actually
run at higher speeds.

Reported-by: Angel Pagan <Angel.Pagan@stratus.com>
Tested-by: Angel Pagan <Angel.Pagan@stratus.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20210121150832.3564097-1-kraxel@redhat.com>

18 hours agousb: add pcap support.
Gerd Hoffmann [Tue, 19 Jan 2021 19:44:51 +0000 (20:44 +0100)] 
usb: add pcap support.

Log all traffic of a specific usb device to a pcap file for later
inspection.  File format is compatible with linux usb monitor.

Usage:
  qemu -device usb-${somedevice},pcap=file.pcap
  wireshark file.pcap

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210119194452.2148048-1-kraxel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
18 hours agohw/usb/dev-uas: Report command additional adb length as unsupported
Philippe Mathieu-Daudé [Wed, 20 Jan 2021 15:35:22 +0000 (16:35 +0100)] 
hw/usb/dev-uas: Report command additional adb length as unsupported

We are not ready to handle additional CDB data.

If a guest sends a packet with such additional data,
report the command parameter as not supported.

Specify a size (of 1 byte) for the add_cdb member we
are not using, to fix the following warning:

  usb/dev-uas.c:157:31: error: field 'status' with variable sized type 'uas_iu' not at the end of a struct or class is a GNU extension [-Werror,-Wgnu-variable-sized-type-not-at-end]
      uas_iu                    status;
                                ^

Reported-by: Ed Maste <emaste@FreeBSD.org>
Reported-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Reported-by: Han Han <hhan@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210120153522.1173897-4-philmd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
18 hours agoscsi/utils: Add INVALID_PARAM_VALUE sense code definition
Philippe Mathieu-Daudé [Wed, 20 Jan 2021 15:35:21 +0000 (16:35 +0100)] 
scsi/utils: Add INVALID_PARAM_VALUE sense code definition

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210120153522.1173897-3-philmd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
18 hours agohw/usb/hcd-xhci: Fix extraneous format-truncation error on 32-bit hosts
Philippe Mathieu-Daudé [Mon, 18 Jan 2021 18:11:15 +0000 (19:11 +0100)] 
hw/usb/hcd-xhci: Fix extraneous format-truncation error on 32-bit hosts

For some reason the assert() added in commit ccb799313a5
("hw/usb: avoid format truncation warning when formatting
port name") does not fix when building with GCC 10.

KISS and expand the buffer by 4 bytes to silent the following
error when using GCC 10.2.1 on Fedora 33:

  hw/usb/hcd-xhci.c: In function 'usb_xhci_realize':
  hw/usb/hcd-xhci.c:3309:54: error: '%d' directive output may be truncated writing between 1 and 8 bytes into a region of size 5 [-Werror=format-truncation=]
   3309 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
        |                                                      ^~~~~~~~~~~~~~~
  hw/usb/hcd-xhci.c:3309:54: note: directive argument in the range [1, 89478486]
  In file included from /usr/include/stdio.h:866,
                   from include/qemu/osdep.h:85,
                   from hw/usb/hcd-xhci.c:22:
  /usr/include/bits/stdio2.h:70:10: note: '__builtin___snprintf_chk' output between 13 and 20 bytes into a destination of size 16
     70 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
        |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     71 |        __bos (__s), __fmt, __va_arg_pack ());
        |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  hw/usb/hcd-xhci.c:3323:54: error: '%d' directive output may be truncated writing between 1 and 8 bytes into a region of size 5 [-Werror=format-truncation=]
   3323 |             snprintf(port->name, sizeof(port->name), "usb3 port #%d", i+1);
        |                                                      ^~~~~~~~~~~~~~~
  hw/usb/hcd-xhci.c:3323:54: note: directive argument in the range [1, 89478486]
  In file included from /usr/include/stdio.h:866,
                   from include/qemu/osdep.h:85,
                   from hw/usb/hcd-xhci.c:22:
  /usr/include/bits/stdio2.h:70:10: note: '__builtin___snprintf_chk' output between 13 and 20 bytes into a destination of size 16
     70 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
        |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     71 |        __bos (__s), __fmt, __va_arg_pack ());
        |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  cc1: all warnings being treated as errors

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210118181115.313742-1-philmd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
18 hours agohw/usb: Convert to qdev_realize()
Markus Armbruster [Tue, 19 Jan 2021 12:01:51 +0000 (13:01 +0100)] 
hw/usb: Convert to qdev_realize()

Device code shouldn't mess with QOM property "realized" since we have
proper interfaces (merge commit 6675a653).  Commit 8ddab8dd3d
"usb/hcd-xhci: Split pci wrapper for xhci base model" and commit
f00ff136ee "usb: hcd-xhci-sysbus: Attach xhci to sysbus device"
reintroduced two instances.  Clean them up.  Note that s->xhci is
a (bus-less) TYPE_XHCI device.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210119120151.53757-1-armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
18 hours agohw/usb: Fix bad printf format specifiers
Alex Chen [Thu, 19 Nov 2020 02:57:51 +0000 (02:57 +0000)] 
hw/usb: Fix bad printf format specifiers

We should use printf format specifier "%u" instead of "%d" for
argument of type "unsigned int".

Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Alex Chen <alex.chen@huawei.com>
Message-id: 20201119025751.45750-1-alex.chen@huawei.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
18 hours agohw/usb/host-libusb.c: fix build with kernel < 5.0
Fabrice Fontaine [Sun, 13 Dec 2020 21:30:16 +0000 (22:30 +0100)] 
hw/usb/host-libusb.c: fix build with kernel < 5.0

USBDEVFS_GET_SPEED is used since version 5.2.0 and
https://gitlab.com/qemu-project/qemu/-/commit/202d69a715a4b1824dcd7ec1683d027ed2bae6d3
resulting in the following build failure with kernel < 5.0:

../hw/usb/host-libusb.c: In function 'usb_host_open':
../hw/usb/host-libusb.c:953:32: error: 'USBDEVFS_GET_SPEED' undeclared (first use in this function); did you mean 'USBDEVFS_GETDRIVER'?
         int rc = ioctl(hostfd, USBDEVFS_GET_SPEED, NULL);
                                ^~~~~~~~~~~~~~~~~~
                                USBDEVFS_GETDRIVER

A tentative was made to fix this build failure with
https://gitlab.com/qemu-project/qemu/-/commit/4969e697c15ac536d5c0700381d5d026ef7f0588

However, the assumption that distros with old kernels also have old
libusb is just wrong so also add a check for defined(USBDEVFS_GET_SPEED)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Message-id: 20201213213016.457350-1-fontaine.fabrice@gmail.com

[ kraxel: codestyle whitespace fixup ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
21 hours agoMerge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-6.0-pull-request... master 245405650 245484926
Peter Maydell [Fri, 22 Jan 2021 10:35:55 +0000 (10:35 +0000)] 
Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging

linux-user pull request 20210119-v3

Remove obsolete F_SHLCK and F_EXLCK translation
Update sockopt
Add F_ADD_SEALS and F_GET_SEALS

# gpg: Signature made Thu 21 Jan 2021 12:33:04 GMT
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-6.0-pull-request:
  linux-user: Remove obsolete F_SHLCK and F_EXLCK translation
  linux-user: Add IPv6 options to do_print_sockopt()
  linux-user: add missing IPv6 get/setsockopt option
  linux-user: add missing UDP get/setsockopt option
  linux-user: Support F_ADD_SEALS and F_GET_SEALS fcntls

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
36 hours agoMerge remote-tracking branch 'remotes/cohuck-gitlab/tags/s390x-20210121' into staging 245122167 245403746
Peter Maydell [Thu, 21 Jan 2021 19:09:45 +0000 (19:09 +0000)] 
Merge remote-tracking branch 'remotes/cohuck-gitlab/tags/s390x-20210121' into staging

s390x updates:
- headers update to Linux 5.11-rc2
- fix tcg emulation for some instructions that are generated by
  clang Linux kernel builds
- vfio-ccw: wire up the device unplug notification mechanism
- fix a gcc 11 warning

# gpg: Signature made Thu 21 Jan 2021 12:08:12 GMT
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck-gitlab/tags/s390x-20210121:
  s390x: Use strpadcpy for copying vm name
  vfio-ccw: Connect the device request notifier
  Update linux headers to 5.11-rc2
  update-linux-headers: Include const.h
  s390x/tcg: Ignore register content if b1/b2 is zero when handling EXECUTE
  tests/tcg/s390x: Fix EXRL tests
  s390x/tcg: Don't ignore content in r0 when not specified via "b" or "x"
  s390x/tcg: Fix RISBHG
  s390x/tcg: Fix ALGSI

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
43 hours agolinux-user: Remove obsolete F_SHLCK and F_EXLCK translation
Michael Forney [Thu, 14 Jan 2021 22:36:02 +0000 (14:36 -0800)] 
linux-user: Remove obsolete F_SHLCK and F_EXLCK translation

These lock types are unsupported by Linux since v2.2[0][1] and
always return EINVAL (except on SPARC up until v2.6, which just
warned).

musl libc does not define these constants, so just remove them from
the translation cases.

[0] https://github.com/mpe/linux-fullhistory/blob/v2.2.0/fs/locks.c#L322-L324
[1] https://github.com/mpe/linux-fullhistory/blob/v2.2.0/fs/locks.c#L429-L445

Signed-off-by: Michael Forney <mforney@mforney.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210114223602.9004-1-mforney@mforney.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
43 hours agolinux-user: Add IPv6 options to do_print_sockopt()
Shu-Chun Weng [Fri, 18 Dec 2020 19:32:13 +0000 (11:32 -0800)] 
linux-user: Add IPv6 options to do_print_sockopt()

Signed-off-by: Shu-Chun Weng <scw@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201218193213.3566856-5-scw@google.com>
[lv: Add missing <linux/in6.h> include for IPV6_ADDR_PREFERENCES]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
45 hours agoMerge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2021-01-20' into staging 244852969 244880378
Peter Maydell [Thu, 21 Jan 2021 10:44:27 +0000 (10:44 +0000)] 
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2021-01-20' into staging

nbd patches for 2021-01-20

- minor resource leak fixes in qemu-nbd
- ensure proper aio context when nbd server uses iothreads
- iotest refactorings in preparation for rewriting ./check to be more
flexible, and preparing for more nbd server reconnect features

# gpg: Signature made Thu 21 Jan 2021 02:28:19 GMT
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2021-01-20:
  iotests.py: qemu_io(): reuse qemu_tool_pipe_and_status()
  iotests.py: fix qemu_tool_pipe_and_status()
  iotests/264: fix style
  iotests: define group in each iotest
  iotests/294: add shebang line
  iotests: make tests executable
  iotests: fix some whitespaces in test output files
  iotests/303: use dot slash for qcow2.py running
  iotests/277: use dot slash for nbd-fault-injector.py running
  nbd/server: Quiesce coroutines on context switch
  block: Honor blk_set_aio_context() context requirements
  qemu-nbd: Fix a memleak in nbd_client_thread()
  qemu-nbd: Fix a memleak in qemu_nbd_client_list()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
45 hours agos390x: Use strpadcpy for copying vm name
Miroslav Rezanina [Thu, 14 Jan 2021 07:07:36 +0000 (08:07 +0100)] 
s390x: Use strpadcpy for copying vm name

Using strncpy with length equal to the size of target array, GCC 11
reports following warning:

  warning: '__builtin_strncpy' specified bound 256 equals destination size [-Wstringop-truncation]

We can prevent this warning by using strpadcpy that copies string
up to specified length, zeroes target array after copied string
and does not raise warning when length is equal to target array
size (and ending '\0' is discarded).

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <6f86915755219cf6a671788075da4809b57f7d7b.1610607906.git.mrezanin@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
45 hours agovfio-ccw: Connect the device request notifier
Eric Farman [Mon, 4 Jan 2021 20:20:57 +0000 (21:20 +0100)] 
vfio-ccw: Connect the device request notifier

Now that the vfio-ccw code has a notifier interface to request that
a device be unplugged, let's wire that together.

Signed-off-by: Eric Farman <farman@linux.ibm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <20210104202057.48048-4-farman@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
45 hours agoUpdate linux headers to 5.11-rc2
Eric Farman [Mon, 4 Jan 2021 20:20:56 +0000 (21:20 +0100)] 
Update linux headers to 5.11-rc2

Signed-off-by: Eric Farman <farman@linux.ibm.com>
Message-Id: <20210104202057.48048-3-farman@linux.ibm.com>
[CH: dropped qatomic->atomic changes in pvrdma_ring.h]
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
45 hours agoupdate-linux-headers: Include const.h
Eric Farman [Mon, 4 Jan 2021 20:20:55 +0000 (21:20 +0100)] 
update-linux-headers: Include const.h

Kernel commit a85cbe6159ff ("uapi: move constants from
<linux/kernel.h> to <linux/const.h>") breaks our script
because of the unrecognized include. Let's add that to
our processing.

Signed-off-by: Eric Farman <farman@linux.ibm.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210104202057.48048-2-farman@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
45 hours agos390x/tcg: Ignore register content if b1/b2 is zero when handling EXECUTE
David Hildenbrand [Mon, 11 Jan 2021 16:38:45 +0000 (17:38 +0100)] 
s390x/tcg: Ignore register content if b1/b2 is zero when handling EXECUTE

In our EXECUTE fast path, we have to ignore the content of r0, if
specified by b1 or b2.

Fixes: d376f123c7de ("target/s390x: Re-implement a few EXECUTE target insns directly")
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210111163845.18148-6-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
45 hours agotests/tcg/s390x: Fix EXRL tests
David Hildenbrand [Mon, 11 Jan 2021 16:38:44 +0000 (17:38 +0100)] 
tests/tcg/s390x: Fix EXRL tests

The current EXRL tests crash on real machines: we must not use r0 as a base
register for trt/trtr, otherwise the content gets ignored. Also, we must
not use r0 for exrl, otherwise it gets ignored.

Let's use the "a" constraint so we get a general purpose register != r0.
For op2, we can simply specify a memory operand directly via "Q" (Memory
reference without index register and with short displacement).

Fixes: ad8c851d2e77 ("target/s390x: add EX support for TRT and TRTR")
Signed-off-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210111163845.18148-5-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
45 hours agos390x/tcg: Don't ignore content in r0 when not specified via "b" or "x"
David Hildenbrand [Mon, 11 Jan 2021 16:38:43 +0000 (17:38 +0100)] 
s390x/tcg: Don't ignore content in r0 when not specified via "b" or "x"

Using get_address() with register identifiers comming from an "r" field
is wrong: if the "r" field designates "r0", we don't read the content
and instead assume 0 - which should only be applied when the register
was specified via "b" or "x".

PoP 5-11 "Operand-Address Generation":
  "A zero in any of the B1, B2, X2, B3, or B4 fields indicates the absence
   of the corresponding address component. For the absent component, a zero
   is used in forming the intermediate sum, regardless of the contents of
   general register 0. A displacement of zero has no special significance."

This BUG became visible for CSPG as generated by LLVM-12 in the upstream
Linux kernel (v5.11-rc2), used while creating the linear mapping in
vmem_map_init(): Trying to store to address 0 results in a Low Address
Protection exception.

Debugging this was more complicated than it could have been: The program
interrupt handler in the kernel will try to crash the kernel: doing so, it
will enable DAT. As the linear mapping is not created yet (asce=0), we run
into an addressing exception while tring to walk non-existant DAT tables,
resulting in a program exception loop.

This allows for booting upstream Linux kernels compiled by clang-12. Most
of these cases seem to be broken forever.

Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Cc: Guenter Roeck <linux@roeck-us.net>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210111163845.18148-4-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
45 hours agos390x/tcg: Fix RISBHG
David Hildenbrand [Mon, 11 Jan 2021 16:38:42 +0000 (17:38 +0100)] 
s390x/tcg: Fix RISBHG

RISBHG is broken and currently hinders clang-11 builds of upstream kernels
from booting: the kernel crashes early, while decompressing the image.

  [...]
   Kernel fault: interruption code 0005 ilc:2
   Kernel random base: 0000000000000000
   PSW : 0000200180000000 0000000000017a1e
         R:0 T:0 IO:0 EX:0 Key:0 M:0 W:0 P:0 AS:0 CC:2 PM:0 RI:0 EA:3
   GPRS: 0000000000000001 0000000c00000000 00000003fffffff4 00000000fffffff0
         0000000000000000 00000000fffffff4 000000000000000c 00000000fffffff0
         00000000fffffffc 0000000000000000 00000000fffffff8 00000000008e25a8
         0000000000000009 0000000000000002 0000000000000008 000000000000bce0

One example of a buggy instruction is:

    17dde:       ec 1e 00 9f 20 5d       risbhg  %r1,%r14,0,159,32

With %r14 = 0x9 and %r1 = 0x7 should result in %r1 = 0x900000007, however,
results in %r1 = 0.

Let's interpret values of i3/i4 as documented in the PoP and make
computation of "mask" only based on i3 and i4 and use "pmask" only at the
very end to make sure wrapping is only applied to the high/low doubleword.

With this patch, I can successfully boot a v5.11-rc2 kernel built with
clang-11, and gcc builds keep on working.

Fixes: 2d6a869833d9 ("target-s390: Implement RISBG")
Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210111163845.18148-3-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
45 hours agos390x/tcg: Fix ALGSI
David Hildenbrand [Mon, 11 Jan 2021 16:38:41 +0000 (17:38 +0100)] 
s390x/tcg: Fix ALGSI

Looks like something went wrong whiel touching that line. Instead of "r1"
we need a new temporary. Also, we have to pass MO_TEQ, to indicate that
we are working with 64-bit values. Let's revert these changes.

Fixes: ff26d287bddc ("target/s390x: Improve cc computation for ADD LOGICAL")
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210111163845.18148-2-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2 days agoiotests.py: qemu_io(): reuse qemu_tool_pipe_and_status()
Vladimir Sementsov-Ogievskiy [Mon, 30 Nov 2020 13:40:20 +0000 (16:40 +0300)] 
iotests.py: qemu_io(): reuse qemu_tool_pipe_and_status()

Just drop code duplication.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20201130134024.19212-5-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoiotests.py: fix qemu_tool_pipe_and_status()
Vladimir Sementsov-Ogievskiy [Mon, 30 Nov 2020 13:40:19 +0000 (16:40 +0300)] 
iotests.py: fix qemu_tool_pipe_and_status()

qemu_img_args variable is unrelated here. We should print just args.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20201130134024.19212-4-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoiotests/264: fix style
Vladimir Sementsov-Ogievskiy [Wed, 18 Nov 2020 18:04:28 +0000 (21:04 +0300)] 
iotests/264: fix style

Fix long line, extra import and one mypy complaint about incompatible
int and float.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20201118180433.11931-7-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoiotests: define group in each iotest
Vladimir Sementsov-Ogievskiy [Sat, 16 Jan 2021 13:44:19 +0000 (16:44 +0300)] 
iotests: define group in each iotest

We are going to drop group file. Define group in tests as a preparatory
step.

The patch is generated by

    cd tests/qemu-iotests

    grep '^[0-9]\{3\} ' group | while read line; do
        file=$(awk '{print $1}' <<< "$line");
        groups=$(sed -e 's/^... //' <<< "$line");
        awk "NR==2{print \"# group: $groups\"}1" $file > tmp;
        cat tmp > $file;
    done

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210116134424.82867-7-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoiotests/294: add shebang line
Vladimir Sementsov-Ogievskiy [Sat, 16 Jan 2021 13:44:18 +0000 (16:44 +0300)] 
iotests/294: add shebang line

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210116134424.82867-6-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoiotests: make tests executable
Vladimir Sementsov-Ogievskiy [Sat, 16 Jan 2021 13:44:17 +0000 (16:44 +0300)] 
iotests: make tests executable

All other test files are executable. Fix these.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210116134424.82867-5-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoiotests: fix some whitespaces in test output files
Vladimir Sementsov-Ogievskiy [Sat, 16 Jan 2021 13:44:16 +0000 (16:44 +0300)] 
iotests: fix some whitespaces in test output files

We are going to be stricter about comparing test result with .out
files. So, fix some whitespaces now.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210116134424.82867-4-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoiotests/303: use dot slash for qcow2.py running
Vladimir Sementsov-Ogievskiy [Sat, 16 Jan 2021 13:44:15 +0000 (16:44 +0300)] 
iotests/303: use dot slash for qcow2.py running

If you run './check 303', check includes common.config which adjusts
$PATH to include '.' first, and therefore finds qcow2.py on PATH.  But
if you run './303' directly, there is nothing to adjust PATH, and if
'.' is not already on your PATH by other means, the test fails because
the executable is not found.  Adjust how we invoke the helper
executable to avoid needing a PATH search in the first place.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210116134424.82867-3-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoiotests/277: use dot slash for nbd-fault-injector.py running
Vladimir Sementsov-Ogievskiy [Sat, 16 Jan 2021 13:44:14 +0000 (16:44 +0300)] 
iotests/277: use dot slash for nbd-fault-injector.py running

If you run './check 277', check includes common.config which adjusts
$PATH to include '.' first, and therefore finds nbd-fault-injector.py
on PATH.  But if you run './277' directly, there is nothing to adjust
PATH, and if '.' is not already on your PATH by other means, the test
fails because the executable is not found.  Adjust how we invoke the
helper executable to avoid needing a PATH search in the first place.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210116134424.82867-2-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agonbd/server: Quiesce coroutines on context switch
Sergio Lopez [Mon, 14 Dec 2020 17:05:18 +0000 (18:05 +0100)] 
nbd/server: Quiesce coroutines on context switch

When switching between AIO contexts we need to me make sure that both
recv_coroutine and send_coroutine are not scheduled to run. Otherwise,
QEMU may crash while attaching the new context with an error like
this one:

aio_co_schedule: Co-routine was already scheduled in 'aio_co_schedule'

To achieve this we need a local implementation of
'qio_channel_readv_all_eof' named 'nbd_read_eof' (a trick already done
by 'nbd/client.c') that allows us to interrupt the operation and to
know when recv_coroutine is yielding.

With this in place, we delegate detaching the AIO context to the
owning context with a BH ('nbd_aio_detach_bh') scheduled using
'aio_wait_bh_oneshot'. This BH signals that we need to quiesce the
channel by setting 'client->quiescing' to 'true', and either waits for
the coroutine to finish using AIO_WAIT_WHILE or, if it's yielding in
'nbd_read_eof', actively enters the coroutine to interrupt it.

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1900326
Signed-off-by: Sergio Lopez <slp@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20201214170519.223781-4-slp@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoblock: Honor blk_set_aio_context() context requirements
Sergio Lopez [Mon, 14 Dec 2020 17:05:16 +0000 (18:05 +0100)] 
block: Honor blk_set_aio_context() context requirements

The documentation for bdrv_set_aio_context_ignore() states this:

 * The caller must own the AioContext lock for the old AioContext of bs, but it
 * must not own the AioContext lock for new_context (unless new_context is the
 * same as the current context of bs).

As blk_set_aio_context() makes use of this function, this rule also
applies to it.

Fix all occurrences where this rule wasn't honored.

Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Sergio Lopez <slp@redhat.com>
Message-Id: <20201214170519.223781-2-slp@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoqemu-nbd: Fix a memleak in nbd_client_thread()
Alex Chen [Tue, 8 Dec 2020 13:49:44 +0000 (13:49 +0000)] 
qemu-nbd: Fix a memleak in nbd_client_thread()

When the qio_channel_socket_connect_sync() fails
we should goto 'out_socket' label to free the 'sioc' instead of
goto 'out' label.
In addition, there's a lot of redundant code in the successful branch
and the error branch, optimize it.

Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Alex Chen <alex.chen@huawei.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20201208134944.27962-1-alex.chen@huawei.com>

2 days agoqemu-nbd: Fix a memleak in qemu_nbd_client_list()
Alex Chen [Mon, 30 Nov 2020 12:36:51 +0000 (12:36 +0000)] 
qemu-nbd: Fix a memleak in qemu_nbd_client_list()

When the qio_channel_socket_connect_sync() fails
we should goto 'out' label to free the 'sioc' instead of return.

Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Alex Chen <alex.chen@huawei.com>
Message-Id: <20201130123651.17543-1-alex.chen@huawei.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2 days agoMerge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2021-01-20' into... 244511112 244816938
Peter Maydell [Wed, 20 Jan 2021 17:44:31 +0000 (17:44 +0000)] 
Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2021-01-20' into staging

* Fixes for compiling QEMU on Alpine Linux
* Add Alpine Linux to the gitlab-CI
* Some small fixes for qtests
* Updates to the MAINTAINERS file

# gpg: Signature made Wed 20 Jan 2021 12:56:14 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2021-01-20:
  MAINTAINERS: Make status spellings consistent
  MAINTAINERS: Remove Ben Warren
  tests: Fix memory leak in tpm-util.c
  qtest/npcm7xx_pwm-test: Fix memleak in pwm_qom_get
  gitlab-ci: Add alpine to pipeline
  tests/check-block.sh: Refuse to run the iotests with BusyBox' sed
  tests/docker: Add dockerfile for Alpine Linux
  accel/kvm: avoid using predefined PAGE_SIZE
  tests: Rename PAGE_SIZE definitions
  elf2dmp: Rename PAGE_SIZE to ELF2DMP_PAGE_SIZE
  hw/block/nand: Rename PAGE_SIZE to NAND_PAGE_SIZE
  libvhost-user: Include poll.h instead of sys/poll.h
  configure: Add sys/timex.h to probe clock_adjtime
  osdep.h: Remove <sys/signal.h> include

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2 days agolinux-user: add missing IPv6 get/setsockopt option
Shu-Chun Weng [Fri, 18 Dec 2020 19:32:12 +0000 (11:32 -0800)] 
linux-user: add missing IPv6 get/setsockopt option

IPV6_ADDR_PREFERENCES (RFC5014: Source address selection) was not supported.

Signed-off-by: Shu-Chun Weng <scw@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201218193213.3566856-4-scw@google.com>
[PMD: Add missing <linux/in6.h> include for IPV6_ADDR_PREFERENCES]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2 days agolinux-user: add missing UDP get/setsockopt option
Shu-Chun Weng [Fri, 18 Dec 2020 19:32:11 +0000 (11:32 -0800)] 
linux-user: add missing UDP get/setsockopt option

SOL_UDP manipulate options at UDP level. All six options currently defined
in linux source include/uapi/linux/udp.h take integer values.

Signed-off-by: Shu-Chun Weng <scw@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201218193213.3566856-3-scw@google.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2 days agolinux-user: Support F_ADD_SEALS and F_GET_SEALS fcntls
Shu-Chun Weng [Fri, 18 Dec 2020 19:32:10 +0000 (11:32 -0800)] 
linux-user: Support F_ADD_SEALS and F_GET_SEALS fcntls

Also reorder blocks so that they are all in the same order everywhere.

Signed-off-by: Shu-Chun Weng <scw@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201218193213.3566856-2-scw@google.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2 days agoMAINTAINERS: Make status spellings consistent
John Snow [Fri, 30 Oct 2020 15:34:16 +0000 (11:34 -0400)] 
MAINTAINERS: Make status spellings consistent

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20201030153416.429791-3-jsnow@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agoMAINTAINERS: Remove Ben Warren
John Snow [Fri, 30 Oct 2020 15:34:15 +0000 (11:34 -0400)] 
MAINTAINERS: Remove Ben Warren

Ben's email bounces and he no longer works for Skyport Systems. I was
unable to reach Ben, so mark this section as Orphaned for now.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-Id: <20201030153416.429791-2-jsnow@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agotests: Fix memory leak in tpm-util.c
Stefan Berger [Fri, 15 Jan 2021 20:46:37 +0000 (15:46 -0500)] 
tests: Fix memory leak in tpm-util.c

This patch fixes the following memory leak detected by asan:

Indirect leak of 560320 byte(s) in 136 object(s) allocated from:
    #0 0x556b3b3f9b57 in calloc (/home/stefanb/tmp/qemu-tip/build/tests/qtest/tpm-crb-swtpm-test+0x23fb57)
    #1 0x152b0e96b9b0 in g_malloc0 (/lib64/libglib-2.0.so.0+0x589b0)
    #2 0x556b3b588f61 in parse_object /home/stefanb/tmp/qemu-tip/build/../qobject/json-parser.c:318:12
    #3 0x556b3b588f61 in parse_value /home/stefanb/tmp/qemu-tip/build/../qobject/json-parser.c:546:16
    #4 0x556b3b5886e8 in json_parser_parse /home/stefanb/tmp/qemu-tip/build/../qobject/json-parser.c:580:14
    #5 0x556b3b52ff4a in json_message_process_token /home/stefanb/tmp/qemu-tip/build/../qobject/json-streamer.c:92:12
    #6 0x556b3b59896f in json_lexer_feed_char /home/stefanb/tmp/qemu-tip/build/../qobject/json-lexer.c:313:13
    #7 0x556b3b598443 in json_lexer_feed /home/stefanb/tmp/qemu-tip/build/../qobject/json-lexer.c:350:9
    #8 0x556b3b436c70 in qmp_fd_receive /home/stefanb/tmp/qemu-tip/build/../tests/qtest/libqtest.c:614:9
    #9 0x556b3b435871 in qtest_qmp_receive_dict /home/stefanb/tmp/qemu-tip/build/../tests/qtest/libqtest.c:636:12
    #10 0x556b3b435871 in qtest_qmp_receive /home/stefanb/tmp/qemu-tip/build/../tests/qtest/libqtest.c:624:27
    #11 0x556b3b435c59 in qtest_vqmp /home/stefanb/tmp/qemu-tip/build/../tests/qtest/libqtest.c:715:12
    #12 0x556b3b435c59 in qtest_qmp /home/stefanb/tmp/qemu-tip/build/../tests/qtest/libqtest.c:756:16
    #13 0x556b3b4328c7 in tpm_util_wait_for_migration_complete /home/stefanb/tmp/qemu-tip/build/../tests/qtest/tpm-util.c:245:15
    #14 0x556b3b4333be in tpm_test_swtpm_migration_test /home/stefanb/tmp/qemu-tip/build/../tests/qtest/tpm-tests.c:117:5
    #15 0x152b0e98e29d  (/lib64/libglib-2.0.so.0+0x7b29d)

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210115204637.3332555-1-stefanb@linux.vnet.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agoqtest/npcm7xx_pwm-test: Fix memleak in pwm_qom_get
Gan Qixin [Fri, 15 Jan 2021 07:56:34 +0000 (15:56 +0800)] 
qtest/npcm7xx_pwm-test: Fix memleak in pwm_qom_get

The pwm_qom_get function didn't free "response", which caused an indirect
memory leak. So use qobject_unref() to fix it.

ASAN shows memory leak stack:

Indirect leak of 74160000 byte(s) in 18000 object(s) allocated from:
    #0 0x7f96e2f79d4e in __interceptor_calloc (/lib64/libasan.so.5+0x112d4e)
    #1 0x7f96e2d98a50 in g_malloc0 (/lib64/libglib-2.0.so.0+0x55a50)
    #2 0x556313112180 in qdict_new ../qobject/qdict.c:30
    #3 0x556313115bca in parse_object ../qobject/json-parser.c:318
    #4 0x556313117810 in parse_value ../qobject/json-parser.c:546
    #5 0x556313117bda in json_parser_parse ../qobject/json-parser.c:580
    #6 0x55631310fe67 in json_message_process_token ../qobject/json-streamer.c:92
    #7 0x5563131210b7 in json_lexer_feed_char ../qobject/json-lexer.c:313
    #8 0x556313121662 in json_lexer_feed ../qobject/json-lexer.c:350
    #9 0x5563131101e9 in json_message_parser_feed ../qobject/json-streamer.c:121
    #10 0x5563130cb81e in qmp_fd_receive ../tests/qtest/libqtest.c:614
    #11 0x5563130cba2b in qtest_qmp_receive_dict ../tests/qtest/libqtest.c:636
    #12 0x5563130cb939 in qtest_qmp_receive ../tests/qtest/libqtest.c:624
    #13 0x5563130cbe0d in qtest_vqmp ../tests/qtest/libqtest.c:715
    #14 0x5563130cc40f in qtest_qmp ../tests/qtest/libqtest.c:756
    #15 0x5563130c5623 in pwm_qom_get ../tests/qtest/npcm7xx_pwm-test.c:180
    #16 0x5563130c595e in pwm_get_duty ../tests/qtest/npcm7xx_pwm-test.c:210
    #17 0x5563130c7529 in test_toggle ../tests/qtest/npcm7xx_pwm-test.c:447

Reported-by: Euler Robot <euler.robot@huawei.com>
Message-Id: <20210115075634.717909-1-ganqixin@huawei.com>
Signed-off-by: Gan Qixin <ganqixin@huawei.com>
Reviewed-by: Havard Skinnemoen <hskinnemoen@google.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agogitlab-ci: Add alpine to pipeline
Jiaxun Yang [Mon, 18 Jan 2021 06:38:08 +0000 (14:38 +0800)] 
gitlab-ci: Add alpine to pipeline

[thuth: Enable "make check" tests, too, after tests/check-block.sh got fixed]

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210118063808.12471-10-jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agotests/check-block.sh: Refuse to run the iotests with BusyBox' sed
Thomas Huth [Tue, 19 Jan 2021 13:47:49 +0000 (14:47 +0100)] 
tests/check-block.sh: Refuse to run the iotests with BusyBox' sed

BusyBox' sed reports itself as "This is not GNU sed version 4.0"
when being run with the --version parameter. However, the iotests
really need GNU sed, they do not work with the BusyBox version.
So let's make sure that we really have GNU sed and refuse to run
the tests with BusyBox' sed.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210119134749.401311-1-thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agotests/docker: Add dockerfile for Alpine Linux
Jiaxun Yang [Mon, 18 Jan 2021 06:38:07 +0000 (14:38 +0800)] 
tests/docker: Add dockerfile for Alpine Linux

Alpine Linux[1] is a security-oriented, lightweight Linux distribution
based on musl libc and busybox.

It it popular among Docker guests and embedded applications.

Adding it to test against different libc.

[1]: https://alpinelinux.org/

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210118063808.12471-9-jiaxun.yang@flygoat.com>
[thuth: Dropped some unnecessary packages, replaced build-base with its deps]
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agoaccel/kvm: avoid using predefined PAGE_SIZE
Jiaxun Yang [Mon, 18 Jan 2021 06:38:06 +0000 (14:38 +0800)] 
accel/kvm: avoid using predefined PAGE_SIZE

As per POSIX specification of limits.h [1], OS libc may define
PAGE_SIZE in limits.h.

PAGE_SIZE is used in included kernel uapi headers.

To prevent collosion of definition, we discard PAGE_SIZE from
defined by libc and take QEMU's variable.

[1]: https://pubs.opengroup.org/onlinepubs/7908799/xsh/limits.h.html

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210118063808.12471-8-jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agotests: Rename PAGE_SIZE definitions
Jiaxun Yang [Mon, 18 Jan 2021 06:38:05 +0000 (14:38 +0800)] 
tests: Rename PAGE_SIZE definitions

As per POSIX specification of limits.h [1], OS libc may define
PAGE_SIZE in limits.h.

Self defined PAGE_SIZE is frequently used in tests, to prevent
collosion of definition, we give PAGE_SIZE definitons reasonable
prefixs.

[1]: https://pubs.opengroup.org/onlinepubs/7908799/xsh/limits.h.html

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210118063808.12471-7-jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agoelf2dmp: Rename PAGE_SIZE to ELF2DMP_PAGE_SIZE
Jiaxun Yang [Mon, 18 Jan 2021 06:38:04 +0000 (14:38 +0800)] 
elf2dmp: Rename PAGE_SIZE to ELF2DMP_PAGE_SIZE

As per POSIX specification of limits.h [1], OS libc may define
PAGE_SIZE in limits.h.

To prevent collosion of definition, we rename PAGE_SIZE here.

[1]: https://pubs.opengroup.org/onlinepubs/7908799/xsh/limits.h.html

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210118063808.12471-6-jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agohw/block/nand: Rename PAGE_SIZE to NAND_PAGE_SIZE
Jiaxun Yang [Mon, 18 Jan 2021 06:38:03 +0000 (14:38 +0800)] 
hw/block/nand: Rename PAGE_SIZE to NAND_PAGE_SIZE

As per POSIX specification of limits.h [1], OS libc may define
PAGE_SIZE in limits.h.

To prevent collosion of definition, we rename PAGE_SIZE here.

[1]: https://pubs.opengroup.org/onlinepubs/7908799/xsh/limits.h.html

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210118063808.12471-5-jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agolibvhost-user: Include poll.h instead of sys/poll.h
Jiaxun Yang [Mon, 18 Jan 2021 06:38:01 +0000 (14:38 +0800)] 
libvhost-user: Include poll.h instead of sys/poll.h

Musl libc complains about it's wrong usage.

In file included from ../subprojects/libvhost-user/libvhost-user.h:20,
                 from ../subprojects/libvhost-user/libvhost-user-glib.h:19,
                 from ../subprojects/libvhost-user/libvhost-user-glib.c:15:
/usr/include/sys/poll.h:1:2: error: #warning redirecting incorrect #include <sys/poll.h> to <poll.h> [-Werror=cpp]
    1 | #warning redirecting incorrect #include <sys/poll.h> to <poll.h>
      |  ^~~~~~~

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210118063808.12471-3-jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agoconfigure: Add sys/timex.h to probe clock_adjtime
Jiaxun Yang [Mon, 18 Jan 2021 06:38:00 +0000 (14:38 +0800)] 
configure: Add sys/timex.h to probe clock_adjtime

It is not a part of standard time.h. Glibc put it under
time.h however musl treat it as a sys timex extension.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210118063808.12471-2-jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2 days agoosdep.h: Remove <sys/signal.h> include
Michael Forney [Wed, 13 Jan 2021 21:56:00 +0000 (13:56 -0800)] 
osdep.h: Remove <sys/signal.h> include

Prior to 2a4b472c3c, sys/signal.h was only included on OpenBSD
(apart from two .c files). The POSIX standard location for this
header is just <signal.h> and in fact, OpenBSD's signal.h includes
sys/signal.h itself.

Unconditionally including <sys/signal.h> on musl causes warnings
for just about every source file:

  /usr/include/sys/signal.h:1:2: warning: #warning redirecting incorrect #include <sys/signal.h> to <signal.h> [-Wcpp]
      1 | #warning redirecting incorrect #include <sys/signal.h> to <signal.h>
        |  ^~~~~~~

Since there don't seem to be any platforms which require including
<sys/signal.h> in addition to <signal.h>, and some platforms like
Haiku lack it completely, just remove it.

Tested building on OpenBSD after removing this include.

Signed-off-by: Michael Forney <mforney@mforney.org>
Tested-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210113215600.16100-1-mforney@mforney.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
3 days agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210119-1' into... 243867919 243897079
Peter Maydell [Tue, 19 Jan 2021 15:47:23 +0000 (15:47 +0000)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210119-1' into staging

target-arm queue:
 * Implement IMPDEF pauth algorithm
 * Support ARMv8.4-SEL2
 * Fix bug where we were truncating predicate vector lengths in SVE insns
 * npcm7xx_adc-test: Fix memleak in adc_qom_set
 * target/arm/m_helper: Silence GCC 10 maybe-uninitialized error
 * docs: Build and install all the docs in a single manual

# gpg: Signature made Tue 19 Jan 2021 15:46:34 GMT
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20210119-1: (29 commits)
  docs: Build and install all the docs in a single manual
  target/arm/m_helper: Silence GCC 10 maybe-uninitialized error
  npcm7xx_adc-test: Fix memleak in adc_qom_set
  target/arm: Update REV, PUNPK for pred_desc
  target/arm: Update ZIP, UZP, TRN for pred_desc
  target/arm: Update PFIRST, PNEXT for pred_desc
  target/arm: Introduce PREDDESC field definitions
  target/arm: refactor vae1_tlbmask()
  target/arm: enable Secure EL2 in max CPU
  target/arm: Implement SCR_EL2.EEL2
  target/arm: revector to run-time pick target EL
  target/arm: set HPFAR_EL2.NS on secure stage 2 faults
  target/arm: secure stage 2 translation regime
  target/arm: generalize 2-stage page-walk condition
  target/arm: translate NS bit in page-walks
  target/arm: do S1_ptw_translate() before address space lookup
  target/arm: handle VMID change in secure state
  target/arm: add ARMv8.4-SEL2 system registers
  target/arm: add MMU stage 1 for Secure EL2
  target/arm: add 64-bit S-EL2 to EL exception table
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agodocs: Build and install all the docs in a single manual
Peter Maydell [Fri, 15 Jan 2021 15:44:49 +0000 (15:44 +0000)] 
docs: Build and install all the docs in a single manual

When we first converted our documentation to Sphinx, we split it into
multiple manuals (system, interop, tools, etc), which are all built
separately.  The primary driver for this was wanting to be able to
avoid shipping the 'devel' manual to end-users.  However, this is
working against the grain of the way Sphinx wants to be used and
causes some annoyances:
 * Cross-references between documents become much harder or
   possibly impossible
 * There is no single index to the whole documentation
 * Within one manual there's no links or table-of-contents info
   that lets you easily navigate to the others
 * The devel manual doesn't get published on the QEMU website
   (it would be nice to able to refer to it there)

Merely hiding our developer documentation from end users seems like
it's not enough benefit for these costs.  Combine all the
documentation into a single manual (the same way that the readthedocs
site builds it) and install the whole thing.  The previous manual
divisions remain as the new top level sections in the manual.

 * The per-manual conf.py files are no longer needed
 * The man_pages[] specifications previously in each per-manual
   conf.py move to the top level conf.py
 * docs/meson.build logic is simplified as we now only need to run
   Sphinx once for the HTML and then once for the manpages5B
 * The old index.html.in that produced the top-level page with
   links to each manual is no longer needed

Unfortunately this means that we now have to build the HTML
documentation into docs/manual in the build tree rather than directly
into docs/; otherwise it is too awkward to ensure we install only the
built manual and not also the dependency info, stamp file, etc.  The
manual still ends up in the same place in the final installed
directory, but anybody who was consulting documentation from within
the build tree will have to adjust where they're looking.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20210115154449.4801-1-peter.maydell@linaro.org

3 days agotarget/arm/m_helper: Silence GCC 10 maybe-uninitialized error
Philippe Mathieu-Daudé [Tue, 19 Jan 2021 06:27:39 +0000 (07:27 +0100)] 
target/arm/m_helper: Silence GCC 10 maybe-uninitialized error

When building with GCC 10.2 configured with --extra-cflags=-Os, we get:

  target/arm/m_helper.c: In function ‘arm_v7m_cpu_do_interrupt’:
  target/arm/m_helper.c:1811:16: error: ‘restore_s16_s31’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
   1811 |             if (restore_s16_s31) {
        |                ^
  target/arm/m_helper.c:1350:10: note: ‘restore_s16_s31’ was declared here
   1350 |     bool restore_s16_s31;
        |          ^~~~~~~~~~~~~~~
  cc1: all warnings being treated as errors

Initialize the 'restore_s16_s31' variable to silence the warning.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210119062739.589049-1-f4bug@amsat.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agonpcm7xx_adc-test: Fix memleak in adc_qom_set
Gan Qixin [Mon, 18 Jan 2021 06:56:27 +0000 (14:56 +0800)] 
npcm7xx_adc-test: Fix memleak in adc_qom_set

The adc_qom_set function didn't free "response", which caused an indirect
memory leak. So use qobject_unref() to fix it.

ASAN shows memory leak stack:

Indirect leak of 593280 byte(s) in 144 object(s) allocated from:
    #0 0x7f9a5e7e8d4e in __interceptor_calloc (/lib64/libasan.so.5+0x112d4e)
    #1 0x7f9a5e607a50 in g_malloc0 (/lib64/libglib-2.0.so.0+0x55a50)
    #2 0x55b1bebf636b in qdict_new ../qobject/qdict.c:30
    #3 0x55b1bec09699 in parse_object ../qobject/json-parser.c:318
    #4 0x55b1bec0b2df in parse_value ../qobject/json-parser.c:546
    #5 0x55b1bec0b6a9 in json_parser_parse ../qobject/json-parser.c:580
    #6 0x55b1bec060d1 in json_message_process_token ../qobject/json-streamer.c:92
    #7 0x55b1bec16a12 in json_lexer_feed_char ../qobject/json-lexer.c:313
    #8 0x55b1bec16fbd in json_lexer_feed ../qobject/json-lexer.c:350
    #9 0x55b1bec06453 in json_message_parser_feed ../qobject/json-streamer.c:121
    #10 0x55b1bebc2d51 in qmp_fd_receive ../tests/qtest/libqtest.c:614
    #11 0x55b1bebc2f5e in qtest_qmp_receive_dict ../tests/qtest/libqtest.c:636
    #12 0x55b1bebc2e6c in qtest_qmp_receive ../tests/qtest/libqtest.c:624
    #13 0x55b1bebc3340 in qtest_vqmp ../tests/qtest/libqtest.c:715
    #14 0x55b1bebc3942 in qtest_qmp ../tests/qtest/libqtest.c:756
    #15 0x55b1bebbd64a in adc_qom_set ../tests/qtest/npcm7xx_adc-test.c:127
    #16 0x55b1bebbd793 in adc_write_input ../tests/qtest/npcm7xx_adc-test.c:140
    #17 0x55b1bebbdf92 in test_convert_external ../tests/qtest/npcm7xx_adc-test.c:246

Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Gan Qixin <ganqixin@huawei.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Message-id: 20210118065627.79903-1-ganqixin@huawei.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Update REV, PUNPK for pred_desc
Richard Henderson [Wed, 13 Jan 2021 06:26:50 +0000 (20:26 -1000)] 
target/arm: Update REV, PUNPK for pred_desc

Update all users of do_perm_pred2 for the new
predicate descriptor field definitions.

Cc: qemu-stable@nongnu.org
Buglink: https://bugs.launchpad.net/bugs/1908551
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210113062650.593824-5-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Update ZIP, UZP, TRN for pred_desc
Richard Henderson [Wed, 13 Jan 2021 06:26:49 +0000 (20:26 -1000)] 
target/arm: Update ZIP, UZP, TRN for pred_desc

Update all users of do_perm_pred3 for the new
predicate descriptor field definitions.

Cc: qemu-stable@nongnu.org
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210113062650.593824-4-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Update PFIRST, PNEXT for pred_desc
Richard Henderson [Wed, 13 Jan 2021 06:26:48 +0000 (20:26 -1000)] 
target/arm: Update PFIRST, PNEXT for pred_desc

These two were odd, in that do_pfirst_pnext passed the
count of 64-bit words rather than bytes.  Change to pass
the standard pred_full_reg_size to avoid confusion.

Cc: qemu-stable@nongnu.org
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210113062650.593824-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Introduce PREDDESC field definitions
Richard Henderson [Wed, 13 Jan 2021 06:26:47 +0000 (20:26 -1000)] 
target/arm: Introduce PREDDESC field definitions

SVE predicate operations cannot use the "usual" simd_desc
encoding, because the lengths are not a multiple of 8.
But we were abusing the SIMD_* fields to store values anyway.
This abuse broke when SIMD_OPRSZ_BITS was modified in e2e7168a214.

Introduce a new set of field definitions for exclusive use
of predicates, so that it is obvious what kind of predicate
we are manipulating.  To be used in future patches.

Cc: qemu-stable@nongnu.org
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210113062650.593824-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: refactor vae1_tlbmask()
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:11 +0000 (12:45 +0200)] 
target/arm: refactor vae1_tlbmask()

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-19-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: enable Secure EL2 in max CPU
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:10 +0000 (12:45 +0200)] 
target/arm: enable Secure EL2 in max CPU

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-18-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Implement SCR_EL2.EEL2
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:09 +0000 (12:45 +0200)] 
target/arm: Implement SCR_EL2.EEL2

This adds handling for the SCR_EL3.EEL2 bit.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Message-id: 20210112104511.36576-17-remi.denis.courmont@huawei.com
[PMM: Applied fixes for review issues noted by RTH:
 - check for FEATURE_AARCH64 before checking sel2 isar feature
 - correct the commit message subject line]
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: revector to run-time pick target EL
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:08 +0000 (12:45 +0200)] 
target/arm: revector to run-time pick target EL

On ARMv8-A, accesses by 32-bit secure EL1 to monitor registers trap to
the upper (64-bit) EL. With Secure EL2 support, we can no longer assume
that that is always EL3, so make room for the value to be computed at
run-time.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-16-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: set HPFAR_EL2.NS on secure stage 2 faults
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:07 +0000 (12:45 +0200)] 
target/arm: set HPFAR_EL2.NS on secure stage 2 faults

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-15-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: secure stage 2 translation regime
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:06 +0000 (12:45 +0200)] 
target/arm: secure stage 2 translation regime

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-14-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: generalize 2-stage page-walk condition
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:05 +0000 (12:45 +0200)] 
target/arm: generalize 2-stage page-walk condition

The stage_1_mmu_idx() already effectively keeps track of which
translation regimes have two stages. Don't hard-code another test.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-13-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: translate NS bit in page-walks
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:04 +0000 (12:45 +0200)] 
target/arm: translate NS bit in page-walks

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-12-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: do S1_ptw_translate() before address space lookup
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:03 +0000 (12:45 +0200)] 
target/arm: do S1_ptw_translate() before address space lookup

In the secure stage 2 translation regime, the VSTCR.SW and VTCR.NSW
bits can invert the secure flag for pagetable walks. This patchset
allows S1_ptw_translate() to change the non-secure bit.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-11-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: handle VMID change in secure state
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:02 +0000 (12:45 +0200)] 
target/arm: handle VMID change in secure state

The VTTBR write callback so far assumes that the underlying VM lies in
non-secure state. This handles the secure state scenario.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-10-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: add ARMv8.4-SEL2 system registers
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:01 +0000 (12:45 +0200)] 
target/arm: add ARMv8.4-SEL2 system registers

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-9-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: add MMU stage 1 for Secure EL2
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:45:00 +0000 (12:45 +0200)] 
target/arm: add MMU stage 1 for Secure EL2

This adds the MMU indices for EL2 stage 1 in secure state.

To keep code contained, which is largelly identical between secure and
non-secure modes, the MMU indices are reassigned. The new assignments
provide a systematic pattern with a non-secure bit.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-8-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: add 64-bit S-EL2 to EL exception table
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:44:59 +0000 (12:44 +0200)] 
target/arm: add 64-bit S-EL2 to EL exception table

With the ARMv8.4-SEL2 extension, EL2 is a legal exception level in
secure mode, though it can only be AArch64.

This patch adds the target EL for exceptions from 64-bit S-EL2.

It also fixes the target EL to EL2 when HCR.{A,F,I}MO are set in secure
mode. Those values were never used in practice as the effective value of
HCR was always 0 in secure mode.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-7-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Define isar_feature function to test for presence of SEL2
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:44:58 +0000 (12:44 +0200)] 
target/arm: Define isar_feature function to test for presence of SEL2

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-6-remi.denis.courmont@huawei.com
[PMM: tweaked commit message to match reduced scope of patch
 following rebase]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: factor MDCR_EL2 common handling
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:44:57 +0000 (12:44 +0200)] 
target/arm: factor MDCR_EL2 common handling

This adds a common helper to compute the effective value of MDCR_EL2.
That is the actual value if EL2 is enabled in the current security
context, or 0 elsewise.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-5-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: use arm_hcr_el2_eff() where applicable
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:44:56 +0000 (12:44 +0200)] 
target/arm: use arm_hcr_el2_eff() where applicable

This will simplify accessing HCR conditionally in secure state.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-4-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: use arm_is_el2_enabled() where applicable
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:44:55 +0000 (12:44 +0200)] 
target/arm: use arm_is_el2_enabled() where applicable

Do not assume that EL2 is available in and only in non-secure context.
That equivalence is broken by ARMv8.4-SEL2.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-3-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: add arm_is_el2_enabled() helper
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:44:54 +0000 (12:44 +0200)] 
target/arm: add arm_is_el2_enabled() helper

This checks if EL2 is enabled (meaning EL2 registers take effects) in
the current security context.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-2-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: remove redundant tests
Rémi Denis-Courmont [Tue, 12 Jan 2021 10:44:53 +0000 (12:44 +0200)] 
target/arm: remove redundant tests

In this context, the HCR value is the effective value, and thus is
zero in secure mode. The tests for HCR.{F,I}MO are sufficient.

Signed-off-by: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210112104511.36576-1-remi.denis.courmont@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Use object_property_add_bool for "sve" property
Richard Henderson [Mon, 11 Jan 2021 23:57:40 +0000 (13:57 -1000)] 
target/arm: Use object_property_add_bool for "sve" property

The interface for object_property_add_bool is simpler,
making the code easier to understand.

Reviewed-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210111235740.462469-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Add cpu properties to control pauth
Richard Henderson [Mon, 11 Jan 2021 23:57:39 +0000 (13:57 -1000)] 
target/arm: Add cpu properties to control pauth

The crypto overhead of emulating pauth can be significant for
some workloads.  Add two boolean properties that allows the
feature to be turned off, on with the architected algorithm,
or on with an implementation defined algorithm.

We need two intermediate booleans to control the state while
parsing properties lest we clobber ID_AA64ISAR1 into an invalid
intermediate state.

Tested-by: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210111235740.462469-3-richard.henderson@linaro.org
[PMM: fixed docs typo, tweaked text to clarify that the impdef
algorithm is specific to QEMU]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agotarget/arm: Implement an IMPDEF pauth algorithm
Richard Henderson [Mon, 11 Jan 2021 23:57:38 +0000 (13:57 -1000)] 
target/arm: Implement an IMPDEF pauth algorithm

Without hardware acceleration, a cryptographically strong
algorithm is too expensive for pauth_computepac.

Even with hardware accel, we are not currently expecting
to link the linux-user binaries to any crypto libraries,
and doing so would generally make the --static build fail.

So choose XXH64 as a reasonably quick and decent hash.

Tested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210111235740.462469-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agoMerge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2021-01-19' into... 243732909 243796070
Peter Maydell [Tue, 19 Jan 2021 11:57:07 +0000 (11:57 +0000)] 
Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2021-01-19' into staging

* Refactor next-cube interrupt and register handling into a proper QOM device

# gpg: Signature made Tue 19 Jan 2021 08:15:39 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "huth@tuxfamily.org"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2021-01-19:
  hw/m68k/next-cube: Add missing header comment to next-cube.h
  hw/m68k/next-cube: Add vmstate for NeXTPC device
  hw/m68k/next-cube: Remove unused fields from NeXTState
  hw/m68k/next-cube: Move rtc into NeXTPC struct
  hw/m68k/next-cube: Make next_irq GPIO inputs to NEXT_PC device
  hw/m68k/next-cube: Move int_status and int_mask to NeXTPC struct
  hw/m68k/next-cube: Make next_irq take NeXTPC* as its opaque
  hw/m68k/next-cube: Move scr_ops into NeXTPC device
  hw/m68k/next-cube: Move mmio_ops into NeXTPC device
  hw/m68k/next-cube: Move register/interrupt functionality into a device
  hw/m68k/next-cube: Make next_irq() function static

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agoMerge remote-tracking branch 'remotes/dg-gitlab/tags/ppc-for-6.0-20210119' into staging 243728256
Peter Maydell [Tue, 19 Jan 2021 10:00:22 +0000 (10:00 +0000)] 
Merge remote-tracking branch 'remotes/dg-gitlab/tags/ppc-for-6.0-20210119' into staging

ppc patch queue 2021-01-19

Next pull request for qemu-6.0.  Not a huge amount here, but it does
have some important fixes from Greg Kurz.  Includes:

 * A number of minor cleanups from Daniel Barboza (preliminaries for
   some hotplug changes that are still under review)
 * Improved handling of memory hotplug from Greg Kurz
 * A number of fixes for sam460ex and other 440 based platforms from
   Zolan Balaton
 * Some fixes for the QOMification of the PPC 4xx UIC interrupt
   controller from Peter Maydell

# gpg: Signature made Tue 19 Jan 2021 06:22:45 GMT
# gpg:                using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full]
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full]
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full]
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown]
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dg-gitlab/tags/ppc-for-6.0-20210119:
  spapr_cpu_core.c: use g_auto* in spapr_create_vcpu()
  spapr_rtas.c: fix identation of rtas_ibm_suspend_me() args
  spapr_hcall.c: make do_client_architecture_support static
  spapr.h: fix trailing whitespace in phb_placement
  spapr: Improve handling of memory unplug with old guests
  sam460ex: Use type cast macro instead of simple cast
  Revert "ppc4xx: Move common dependency on serial to common option"
  Revert "sam460ex: Remove FDT_PPC dependency from KConfig"
  hw/ppc: Remove unused ppcuic_init()
  hw/ppc/ppc405_uc: Drop use of ppcuic_init()
  hw/intc/ppc-uic: Make default dcr-base 0xc0, not 0x30
  hw/ppc: Delete unused ppc405cr_init() code
  hw/ppc/sam460ex: Drop use of ppcuic_init()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 days agohw/m68k/next-cube: Add missing header comment to next-cube.h
Peter Maydell [Fri, 15 Jan 2021 20:12:06 +0000 (20:12 +0000)] 
hw/m68k/next-cube: Add missing header comment to next-cube.h

The next-cube.h file is missing the usual copyright-and-license
header; add it (same as the next-cube.c one).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-12-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Add vmstate for NeXTPC device
Peter Maydell [Fri, 15 Jan 2021 20:12:05 +0000 (20:12 +0000)] 
hw/m68k/next-cube: Add vmstate for NeXTPC device

Add the vmstate for the new NeXTPC devic; this is in theory
a migration compatibility break, but this machine doesn't have
working migration currently anyway.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-11-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Remove unused fields from NeXTState
Peter Maydell [Fri, 15 Jan 2021 20:12:04 +0000 (20:12 +0000)] 
hw/m68k/next-cube: Remove unused fields from NeXTState

The fields scsi_irq, scsi_dma, scsi_reset and fd_irq in
NeXTState are all unused, except in commented out
"this should do something like this" code. Remove the
unused fields. As and when the functionality that might
use them is added, we can put in the correct kind of
wiring (which might or might not need to be a qemu_irq,
but which in any case will need to be in the NeXTPC
device, not in NeXTState).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-10-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Move rtc into NeXTPC struct
Peter Maydell [Fri, 15 Jan 2021 20:12:03 +0000 (20:12 +0000)] 
hw/m68k/next-cube: Move rtc into NeXTPC struct

Move the rtc into the NeXTPC struct. Since this is the last
use of the 'backdoor' NextState pointer we can now remove that.

Probably the RTC should be its own device at some point: in hardware
there is a separate MCS1850 RTC chip connected to the Peripheral
Controller via a 1-bit serial interface.  That goes beyond the remit
of the current refactoring, though.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-9-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Make next_irq GPIO inputs to NEXT_PC device
Peter Maydell [Fri, 15 Jan 2021 20:12:02 +0000 (20:12 +0000)] 
hw/m68k/next-cube: Make next_irq GPIO inputs to NEXT_PC device

Make the next_irq function be GPIO inputs to the NEXT_PC
device, rather than a freestanding set of qemu_irq lines.

This fixes a minor Coverity issue where it correctly points
out the trivial memory leak of the memory allocated in the
call to qemu_allocate_irqs().

Fixes: CID 1421962
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-8-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Move int_status and int_mask to NeXTPC struct
Peter Maydell [Fri, 15 Jan 2021 20:12:01 +0000 (20:12 +0000)] 
hw/m68k/next-cube: Move int_status and int_mask to NeXTPC struct

All the code which accesses int_status and int_mask is now doing
so via the NeXTPC->NeXTState indirection, so we can move these
fields into the NeXTPC struct where they belong.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-7-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Make next_irq take NeXTPC* as its opaque
Peter Maydell [Fri, 15 Jan 2021 20:12:00 +0000 (20:12 +0000)] 
hw/m68k/next-cube: Make next_irq take NeXTPC* as its opaque

Make the next_irq function take a NeXTPC* as its opaque rather than
the M68kCPU*.  This will make it simpler to turn the next_irq
function into a gpio input line of the NeXTPC device in the next
commit.

For this to work we have to pass the CPU to the NeXTPC device via a
link property, in the same way we do in q800.c (and for the same
reason).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-6-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Move scr_ops into NeXTPC device
Peter Maydell [Fri, 15 Jan 2021 20:11:59 +0000 (20:11 +0000)] 
hw/m68k/next-cube: Move scr_ops into NeXTPC device

Move the registers handled by the scr_ops struct into the NeXTPC
device.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-5-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Move mmio_ops into NeXTPC device
Peter Maydell [Fri, 15 Jan 2021 20:11:58 +0000 (20:11 +0000)] 
hw/m68k/next-cube: Move mmio_ops into NeXTPC device

Move the registers handled by the mmio_ops struct into the NeXTPC
device.  This allows us to also move the scr1 and scr2 data fields.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-4-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Move register/interrupt functionality into a device
Peter Maydell [Fri, 15 Jan 2021 20:11:57 +0000 (20:11 +0000)] 
hw/m68k/next-cube: Move register/interrupt functionality into a device

Currently the next-cube board code open-codes a lot of handling of
interrupts and some miscellaneous registers.  Move this into a proper
QOM device.

In the real hardware this functionality seems to be the
responsibility of the Peripheral Controller (PC) chip, so name the
device that.

There are several different things that will need to be moved into
this device:
 * the mmio_iops register set
 * the scr_ops register set
 * the next_irq IRQ handling

To ease review, we structure the change as a sequence of commits: in
this first commit we create the skeleton of the NeXTPC device with no
content, but with a backdoor pointer to the NeXTState machine's state
struct so we can move parts of the code and still have refactored and
non-refactored code using the same struct data fields.  Further
commits will move functionality into the new device piece by piece.
At the end we will be able to remove the backdoor pointer because all
the data fields will be in the NeXTPC struct and not the NeXTState
struct.

We'll add the VMState for the new device at the end of all that; this
is in theory a migration compatibility break but this machine does
not currently support migration at all anyway.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-3-peter.maydell@linaro.org>
[huth: Add a comment in front of struct NeXTPC]
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
3 days agohw/m68k/next-cube: Make next_irq() function static
Peter Maydell [Fri, 15 Jan 2021 20:11:56 +0000 (20:11 +0000)] 
hw/m68k/next-cube: Make next_irq() function static

The next_irq() function is global, but isn't actually used anywhere
outside next-cube.c. Make it static.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210115201206.17347-2-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
4 days agospapr_cpu_core.c: use g_auto* in spapr_create_vcpu()
Daniel Henrique Barboza [Thu, 14 Jan 2021 18:06:26 +0000 (15:06 -0300)] 
spapr_cpu_core.c: use g_auto* in spapr_create_vcpu()

Use g_autoptr() with Object and g_autofree with the string to
avoid the need of a cleanup path.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <20210114180628.1675603-6-danielhb413@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
4 days agospapr_rtas.c: fix identation of rtas_ibm_suspend_me() args
Daniel Henrique Barboza [Thu, 14 Jan 2021 18:06:25 +0000 (15:06 -0300)] 
spapr_rtas.c: fix identation of rtas_ibm_suspend_me() args

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <20210114180628.1675603-5-danielhb413@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
4 days agospapr_hcall.c: make do_client_architecture_support static
Daniel Henrique Barboza [Thu, 14 Jan 2021 18:06:23 +0000 (15:06 -0300)] 
spapr_hcall.c: make do_client_architecture_support static

The function is called only inside spapr_hcall.c.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <20210114180628.1675603-3-danielhb413@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>