sdk/emulator/qemu.git
9 years agoscripts/text2pod.pl: Escape left brace
Fam Zheng [Tue, 20 Oct 2015 07:38:46 +0000 (15:38 +0800)]
scripts/text2pod.pl: Escape left brace

Latest perl now deprecates "{" literal in regex and print warnings like
"unescaped left brace in regex is deprecated".  Add escapes to keep it
happy.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1445326726-16031-1-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
9 years agofile_ram_alloc: propagate error to caller instead of terminating QEMU
Igor Mammedov [Mon, 19 Oct 2015 17:11:11 +0000 (19:11 +0200)]
file_ram_alloc: propagate error to caller instead of terminating QEMU

QEMU shouldn't exits from file_ram_alloc() if -mem-prealloc option is specified
and "object_add memory-backend-file,..." fails allocation during memory hotplug.

Propagate error to a caller and let it decide what to do with allocation failure.
That leaves QEMU alive if it can't create backend during hotplug time and
kills QEMU at startup time if backends or initial memory were misconfigured/
too large.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1445274671-17704-1-git-send-email-imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Thu, 29 Oct 2015 09:49:52 +0000 (09:49 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio, pc, memory: fixes+features for 2.5

New features:
    This enables hotplug for multifunction devices.
    Patches are very small, so I think it's OK to merge
    at this stage.

    There's also some new infrastructure for vhost-user testing
    not enabled yet so it's harmless to merge.

I've reverted the "gap between DIMMs" workaround, as it seems too risky, and
applied my own patch in virtio, but not in dataplane code.  This means that
dataplane is broken for some complex DIMM configurations for now.  Waiting for
Stefan to review the dataplane fix.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Thu 29 Oct 2015 09:36:16 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  enable multi-function hot-add
  remove function during multi-function hot-add
  tests/vhost-user-bridge: add vhost-user bridge application
  Revert "memhp: extend address auto assignment to support gaps"
  Revert "pc: memhp: force gaps between DIMM's GPA"
  virtio: drop virtqueue_map_sg
  virtio-scsi: convert to virtqueue_map
  virtio-serial: convert to virtio_map
  virtio-blk: convert to virtqueue_map
  virtio: switch to virtio_map
  virtio: introduce virtio_map
  mmap-alloc: fix error handling
  pc: memhp: do not emit inserting event for coldplugged DIMMs
  vhost-user-test: fix up rhel6 build
  vhost-user: cleanup msg size math
  vhost-user: cleanup struct size math

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoenable multi-function hot-add
Cao jin [Wed, 28 Oct 2015 06:20:31 +0000 (14:20 +0800)]
enable multi-function hot-add

Enable PCIe device multi-function hot-add, just ensure function 0 is added
last, then driver will get the notification to scan the slot.

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoremove function during multi-function hot-add
Cao jin [Wed, 28 Oct 2015 06:20:30 +0000 (14:20 +0800)]
remove function during multi-function hot-add

In case user want to cancel the hot-add operation, should roll back,
device_del the added function that still don`t work.

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agotests/vhost-user-bridge: add vhost-user bridge application
Victor Kaplansky [Wed, 28 Oct 2015 12:53:07 +0000 (14:53 +0200)]
tests/vhost-user-bridge: add vhost-user bridge application

The test existing in QEMU for vhost-user feature is good for
testing the management protocol, but does not allow actual
traffic. This patch proposes Vhost-User Bridge application, which
can serve the QEMU community as a comprehensive test by running
real internet traffic by means of vhost-user interface.

Essentially the Vhost-User Bridge is a very basic vhost-user
backend for QEMU. It runs as a standalone user-level process.
For packet processing Vhost-User Bridge uses an additional QEMU
instance with a backend configured by "-net socket" as a shared
VLAN.  This way another QEMU virtual machine can effectively
serve as a shared bus by means of UDP communication.

For a more simple setup, the another QEMU instance running the
SLiRP backend can be the same QEMU instance running vhost-user
client.

This Vhost-User Bridge implementation is very preliminary.  It is
missing many features. I has been studying vhost-user protocol
internals, so I've written vhost-user-bridge bit by bit as I
progressed through the protocol.  Most probably its internal
architecture will change significantly.

To run Vhost-User Bridge application:

1. Build vhost-user-bridge with a regular procedure. This will
create a vhost-user-bridge executable under tests directory:

    $ configure; make tests/vhost-user-bridge

2. Ensure the machine has hugepages enabled in kernel with
command line like:

    default_hugepagesz=2M hugepagesz=2M hugepages=2048

3. Run Vhost-User Bridge with:

    $ tests/vhost-user-bridge

The above will run vhost-user server listening for connections
on UNIX domain socket /tmp/vubr.sock, and will try to connect
by UDP to VLAN bridge to localhost:5555, while listening on
localhost:4444

Run qemu with a virtio-net backed by vhost-user:

    $ qemu \
        -enable-kvm -m 512 -smp 2 \
        -object memory-backend-file,id=mem,size=512M,mem-path=/dev/hugepages,share=on \
        -numa node,memdev=mem -mem-prealloc \
        -chardev socket,id=char0,path=/tmp/vubr.sock \
        -netdev type=vhost-user,id=mynet1,chardev=char0,vhostforce \
        -device virtio-net-pci,netdev=mynet1 \
        -net none \
        -net socket,vlan=0,udp=localhost:4444,localaddr=localhost:5555 \
        -net user,vlan=0 \
        disk.img

vhost-user-bridge was tested very lightly: it's able to bringup a
linux on client VM with the virtio-net driver, and execute transmits
and receives to the internet. I tested with "wget redhat.com",
"dig redhat.com".

PS. I've consulted DPDK's code for vhost-user during Vhost-User
Bridge implementation.

Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoRevert "memhp: extend address auto assignment to support gaps"
Michael S. Tsirkin [Wed, 28 Oct 2015 16:55:06 +0000 (18:55 +0200)]
Revert "memhp: extend address auto assignment to support gaps"

This reverts commit df0acded19ec4b826aa095cfc19d341bd66fafd3.

There's no point to it now that the only user has been reverted.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoRevert "pc: memhp: force gaps between DIMM's GPA"
Michael S. Tsirkin [Wed, 28 Oct 2015 16:54:05 +0000 (18:54 +0200)]
Revert "pc: memhp: force gaps between DIMM's GPA"

This reverts commit aa8580cddf011e8cedcf87f7a0fdea7549fc4704.

As described in
http://article.gmane.org/gmane.comp.emulators.qemu/371432
that commit causes linux guests to crash on memory hot-unplug.

The original problem it's trying to solve has now
been addressed within virtio.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agovirtio: drop virtqueue_map_sg
Michael S. Tsirkin [Tue, 27 Oct 2015 08:22:59 +0000 (10:22 +0200)]
virtio: drop virtqueue_map_sg

Deprecated in favor of virtqueue_map.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agovirtio-scsi: convert to virtqueue_map
Michael S. Tsirkin [Tue, 27 Oct 2015 08:22:13 +0000 (10:22 +0200)]
virtio-scsi: convert to virtqueue_map

Note: virtqueue_map already validates input
so virtio-scsi does not have to.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agovirtio-serial: convert to virtio_map
Michael S. Tsirkin [Tue, 27 Oct 2015 08:19:43 +0000 (10:19 +0200)]
virtio-serial: convert to virtio_map

This also fixes a minor bug:
-                virtqueue_map_sg(port->elem.out_sg, port->elem.out_addr,
-                                 port->elem.out_num, 1);
is wrong: out_sg is not written so should not be marked dirty.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agovirtio-blk: convert to virtqueue_map
Michael S. Tsirkin [Tue, 27 Oct 2015 08:18:24 +0000 (10:18 +0200)]
virtio-blk: convert to virtqueue_map

Drop deprecated use of virtqueue_map_sg.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agovirtio: switch to virtio_map
Michael S. Tsirkin [Tue, 27 Oct 2015 08:09:16 +0000 (10:09 +0200)]
virtio: switch to virtio_map

Drop use of the deprecated virtio_map_sg in virtio core.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agovirtio: introduce virtio_map
Michael S. Tsirkin [Tue, 27 Oct 2015 08:01:44 +0000 (10:01 +0200)]
virtio: introduce virtio_map

virtio_map_sg currently fails if one of the entries it's mapping is
contigious in GPA but not HVA address space.  Introduce virtio_map which
handles this by splitting sg entries.

This new API generally turns out to be a good idea since it's harder to
misuse: at least in one case the existing one was used incorrectly.

This will still fail if there's no space left in the sg, but luckily max
queue size in use is currently 256, while max sg size is 1024, so we
should be OK even is all entries happen to cross a single DIMM boundary.

Won't work well with very small DIMM sizes, unfortunately:
e.g. this will fail with 4K DIMMs where a single
request might span a large number of DIMMs.

Let's hope these are uncommon - at least we are not breaking things.

Note: virtio-scsi calls virtio_map_sg on data loaded from network, and
validates input, asserting on failure.  Copy the validating code here -
it will be dropped from virtio-scsi in a follow-up patch.

Reported-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agommap-alloc: fix error handling
Michael S. Tsirkin [Sun, 25 Oct 2015 15:07:45 +0000 (17:07 +0200)]
mmap-alloc: fix error handling

Existing callers are checking for MAP_FAILED,
so we should return that on error.

Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agopc: memhp: do not emit inserting event for coldplugged DIMMs
Igor Mammedov [Fri, 23 Oct 2015 12:55:26 +0000 (14:55 +0200)]
pc: memhp: do not emit inserting event for coldplugged DIMMs

currently acpi_memory_plug_cb() sets is_inserting for
cold- and hot-plugged DIMMs as result ASL MHPD.MSCN()
method issues device check even for every coldplugged
DIMM. There isn't much harm in it but if we try to
unplug such DIMM, OSPM will issue device check
intstead of device eject event. So OSPM won't eject
memory module as expected and it will try to eject it
only when another memory device is hot-(un)plugged.

As a fix do not set 'is_inserting' event and do not
issue SCI for cold-plugged DIMMs as they are
enumerated and activated by OSPM during guest's boot.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agovhost-user-test: fix up rhel6 build
Michael S. Tsirkin [Thu, 22 Oct 2015 19:28:37 +0000 (22:28 +0300)]
vhost-user-test: fix up rhel6 build

Build on RHEL6 fails:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=42875

Apparently unnamed unions couldn't use C99  named field initializers.
Let's just name the payload union field.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agovhost-user: cleanup msg size math
Michael S. Tsirkin [Thu, 22 Oct 2015 19:33:39 +0000 (22:33 +0300)]
vhost-user: cleanup msg size math

We are sending msg fields, use sizeof on these
and not on local variables which happen to
have a matching type.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agovhost-user: cleanup struct size math
Michael S. Tsirkin [Thu, 22 Oct 2015 19:31:28 +0000 (22:31 +0300)]
vhost-user: cleanup struct size math

We are using local msg structures everywhere, use them
for sizeof as well.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151028' into staging
Peter Maydell [Wed, 28 Oct 2015 20:10:22 +0000 (20:10 +0000)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151028' into staging

Breakpoint fixes

# gpg: Signature made Wed 28 Oct 2015 17:58:52 GMT using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-tcg-20151028:
  target-*: Advance pc after recognizing a breakpoint

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-*: Advance pc after recognizing a breakpoint
Richard Henderson [Tue, 13 Oct 2015 22:07:49 +0000 (22:07 +0000)]
target-*: Advance pc after recognizing a breakpoint

Some targets already had this within their logic, but make sure
it's present for all targets.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agoMerge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging
Peter Maydell [Wed, 28 Oct 2015 15:08:36 +0000 (15:08 +0000)]
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging

target-i386: finally enable "check" mode by default

# gpg: Signature made Wed 28 Oct 2015 14:13:10 GMT using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"

* remotes/ehabkost/tags/x86-pull-request:
  target-i386: Enable "check" mode by default
  target-i386: Don't left shift negative constant

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging
Peter Maydell [Wed, 28 Oct 2015 14:02:27 +0000 (14:02 +0000)]
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging

Update OpenBIOS images

# gpg: Signature made Wed 28 Oct 2015 00:02:46 GMT using RSA key ID AE0F321F
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>"

* remotes/mcayland/tags/qemu-openbios-signed:
  Update OpenBIOS images

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoUpdate OpenBIOS images
Mark Cave-Ayland [Wed, 28 Oct 2015 00:01:28 +0000 (00:01 +0000)]
Update OpenBIOS images

Update OpenBIOS images to SVN r1353 built from submodule.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
9 years agotarget-i386: Enable "check" mode by default
Eduardo Habkost [Wed, 26 Aug 2015 16:25:44 +0000 (13:25 -0300)]
target-i386: Enable "check" mode by default

Current default behavior of QEMU is to silently disable features that
are not supported by the host when a CPU model is requested in the
command-line. This means that in addition to risking breaking guest ABI
by default, we are silent about it.

I would like to enable "enforce" by default, but this can easily break
existing production systems because of the way libvirt makes assumptions
about CPU models today (this will change in the future, once QEMU
provide a proper interface for checking if a CPU model is runnable).

But there's no reason we should be silent about it. So, change
target-i386 to enable "check" mode by default so at least we have some
warning printed to stderr (and hopefully logged somewhere) when QEMU
disables a feature that is not supported by the host system.

Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
9 years agotarget-i386: Don't left shift negative constant
Eduardo Habkost [Tue, 29 Sep 2015 20:34:23 +0000 (17:34 -0300)]
target-i386: Don't left shift negative constant

Left shift of negative values is undefined behavior. Detected by clang:
  qemu/target-i386/translate.c:2423:26: runtime error:
    left shift of negative value -8

This changes the code to reverse the sign after the left shift.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151027-1' into...
Peter Maydell [Tue, 27 Oct 2015 16:17:55 +0000 (16:17 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151027-1' into staging

target-arm queue:
 * more EL2 preparation: handling for stage 2 translations
 * standardize debug macros in i.MX devices
 * improve error message in a corner case for virt board
 * disable live migration of KVM GIC if the kernel can't handle it
 * add SPSR_(ABT|UND|IRQ|FIQ) registers
 * handle non-executable page-straddling Thumb instructions
 * fix a "no 64-bit EL2" assumption in arm_excp_unmasked()

# gpg: Signature made Tue 27 Oct 2015 16:03:31 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20151027-1: (27 commits)
  target-arm: Add support for S1 + S2 MMU translations
  target-arm: Route S2 MMU faults to EL2
  target-arm: Add S2 translation to 32bit S1 PTWs
  target-arm: Add S2 translation to 64bit S1 PTWs
  target-arm: Add ARMMMUFaultInfo
  target-arm: Avoid inline for get_phys_addr
  target-arm: Add support for S2 page-table protection bits
  target-arm: Add computation of starting level for S2 PTW
  target-arm: lpae: Rename granule_sz to stride
  target-arm: lpae: Replace tsz with computed inputsize
  target-arm: Add support for AArch32 S2 negative t0sz
  target-arm: lpae: Move declaration of t0sz and t1sz
  target-arm: lpae: Make t0sz and t1sz signed integers
  target-arm: Add HPFAR_EL2
  i.MX: Standardize i.MX GPT debug
  i.MX: Standardize i.MX EPIT debug
  i.MX: Standardize i.MX FEC debug
  i.MX: Standardize i.MX CCM debug
  i.MX: Standardize i.MX AVIC debug
  i.MX: Standardize i.MX I2C debug
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add support for S1 + S2 MMU translations
Edgar E. Iglesias [Mon, 26 Oct 2015 13:02:07 +0000 (14:02 +0100)]
target-arm: Add support for S1 + S2 MMU translations

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-15-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Route S2 MMU faults to EL2
Edgar E. Iglesias [Mon, 26 Oct 2015 13:02:06 +0000 (14:02 +0100)]
target-arm: Route S2 MMU faults to EL2

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-14-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add S2 translation to 32bit S1 PTWs
Edgar E. Iglesias [Mon, 26 Oct 2015 13:02:05 +0000 (14:02 +0100)]
target-arm: Add S2 translation to 32bit S1 PTWs

Add support for applying S2 translation to 32bit S1
page-table walks.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-13-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add S2 translation to 64bit S1 PTWs
Edgar E. Iglesias [Mon, 26 Oct 2015 13:02:04 +0000 (14:02 +0100)]
target-arm: Add S2 translation to 64bit S1 PTWs

Add support for applying S2 translation to 64bit S1
page-table walks.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-12-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add ARMMMUFaultInfo
Edgar E. Iglesias [Mon, 26 Oct 2015 13:02:03 +0000 (14:02 +0100)]
target-arm: Add ARMMMUFaultInfo

Introduce ARMMMUFaultInfo to propagate MMU Fault information
across the MMU translation code path. This is in preparation for
adding Stage-2 translation.

No functional changes.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-11-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Avoid inline for get_phys_addr
Edgar E. Iglesias [Mon, 26 Oct 2015 13:02:02 +0000 (14:02 +0100)]
target-arm: Avoid inline for get_phys_addr

Avoid inline for get_phys_addr() to prepare for future recursive use.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-10-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add support for S2 page-table protection bits
Edgar E. Iglesias [Mon, 26 Oct 2015 13:02:01 +0000 (14:02 +0100)]
target-arm: Add support for S2 page-table protection bits

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-9-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add computation of starting level for S2 PTW
Edgar E. Iglesias [Mon, 26 Oct 2015 13:02:00 +0000 (14:02 +0100)]
target-arm: Add computation of starting level for S2 PTW

The starting level for S2 pagetable walks is computed
differently from the S1 starting level. Implement the S2
variant.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-8-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: lpae: Rename granule_sz to stride
Edgar E. Iglesias [Mon, 26 Oct 2015 13:01:59 +0000 (14:01 +0100)]
target-arm: lpae: Rename granule_sz to stride

Rename granule_sz to stride to better match the reference manuals.

No functional change.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-7-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: lpae: Replace tsz with computed inputsize
Edgar E. Iglesias [Mon, 26 Oct 2015 13:01:58 +0000 (14:01 +0100)]
target-arm: lpae: Replace tsz with computed inputsize

Remove the tsz variable and introduce inputsize.
This simplifies the code a little and makes it easier to
compare with the reference manuals.

No functional change.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-6-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add support for AArch32 S2 negative t0sz
Edgar E. Iglesias [Mon, 26 Oct 2015 13:01:57 +0000 (14:01 +0100)]
target-arm: Add support for AArch32 S2 negative t0sz

Add support for AArch32 S2 negative t0sz. In preparation for
using 40bit IPAs on AArch32.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-5-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: lpae: Move declaration of t0sz and t1sz
Edgar E. Iglesias [Mon, 26 Oct 2015 13:01:56 +0000 (14:01 +0100)]
target-arm: lpae: Move declaration of t0sz and t1sz

Move declaration of t0sz and t1sz to the top of the function
avoiding a mix of code and variable declarations.

No functional change.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-4-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: lpae: Make t0sz and t1sz signed integers
Edgar E. Iglesias [Mon, 26 Oct 2015 13:01:55 +0000 (14:01 +0100)]
target-arm: lpae: Make t0sz and t1sz signed integers

Make t0sz and t1sz signed integers to match tsz and to make
it easier to implement support for AArch32 negative t0sz.
t1sz is changed for consistensy.

No functional change.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-3-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add HPFAR_EL2
Edgar E. Iglesias [Mon, 26 Oct 2015 13:01:54 +0000 (14:01 +0100)]
target-arm: Add HPFAR_EL2

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-2-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoi.MX: Standardize i.MX GPT debug
Jean-Christophe Dubois [Sun, 25 Oct 2015 14:16:26 +0000 (15:16 +0100)]
i.MX: Standardize i.MX GPT debug

The goal is to have debug code always compiled during build.

We standardize all debug output on the following format:

[QOM_TYPE_NAME]reporting_function: debug message

We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output
is following the same format as the above debug.

Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: b7ce7e98a051479453744aded122789531d80a44.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoi.MX: Standardize i.MX EPIT debug
Jean-Christophe Dubois [Sun, 25 Oct 2015 14:16:24 +0000 (15:16 +0100)]
i.MX: Standardize i.MX EPIT debug

The goal is to have debug code always compiled during build.

We standardize all debug output on the following format:

[QOM_TYPE_NAME]reporting_function: debug message

We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output
is following the same format as the above debug.

Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 5bbad71517ca728d8865f7b9f998baa0df022794.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoi.MX: Standardize i.MX FEC debug
Jean-Christophe Dubois [Sun, 25 Oct 2015 14:16:21 +0000 (15:16 +0100)]
i.MX: Standardize i.MX FEC debug

The goal is to have debug code always compiled during build.

We standardize all debug output on the following format:

[QOM_TYPE_NAME]reporting_function: debug message

The qemu_log_mask() output is following the same format as the
above debug.

Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 57e565982db94fb433c32dfa17608888464d21de.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoi.MX: Standardize i.MX CCM debug
Jean-Christophe Dubois [Sun, 25 Oct 2015 14:16:19 +0000 (15:16 +0100)]
i.MX: Standardize i.MX CCM debug

The goal is to have debug code always compiled during build.

We standardize all debug output on the following format:

[QOM_TYPE_NAME]reporting_function: debug message

The qemu_log_mask() output is following the same format as the
above debug.

Adding some missing qemu_log_mask call for bad registers.

Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 293e08f31cbb4df84d58f693243e61e770c73b3a.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoi.MX: Standardize i.MX AVIC debug
Jean-Christophe Dubois [Sun, 25 Oct 2015 14:16:17 +0000 (15:16 +0100)]
i.MX: Standardize i.MX AVIC debug

The goal is to have debug code always compiled during build.

We standardize all debug output on the following format:

[QOM_TYPE_NAME]reporting_function: debug message

We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output
is following the same format as the above debug.

Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 29885ffea2577eaf2288c1d17fd87ee951748b49.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoi.MX: Standardize i.MX I2C debug
Jean-Christophe Dubois [Sun, 25 Oct 2015 14:16:14 +0000 (15:16 +0100)]
i.MX: Standardize i.MX I2C debug

The goal is to have debug code always compiled during build.

We standardize all debug output on the following format:

[QOM_TYPE_NAME]reporting_function: debug message

The qemu_log_mask() output is following the same format as
the above debug.

Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 328acfe6fc09a5afdbfbfd5220e0869fd5082660.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoi.MX: Standardize i.MX GPIO debug
Jean-Christophe Dubois [Sun, 25 Oct 2015 14:16:11 +0000 (15:16 +0100)]
i.MX: Standardize i.MX GPIO debug

The goal is to have debug code always compiled during build.

We standardize all debug output on the following format:

[QOM_TYPE_NAME]reporting_function: debug message

The qemu_log_mask() outputis following the same format as
the above debug.

Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 4f2007adcf0f579864bb4dd8a825824e0e9098b8.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoi.MX: Standardize i.MX serial debug.
Jean-Christophe Dubois [Sun, 25 Oct 2015 14:16:06 +0000 (15:16 +0100)]
i.MX: Standardize i.MX serial debug.

The goal is to have debug code always compiled during build.

We standardize all debug output on the following format:

[QOM_TYPE_NAME]reporting_function: debug message

We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output
is following the same format as the above debug.

Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 47b8759b251d356c633faf7ea34f897f340aea4e.1445781957.git.jcd@tribudubois.net
[PMM: Drop attempt to print the ram_addr of a memory region in
 one DPRINTF, which (a) was using the wrong format string so
 didn't build on 32-bit and (b) was incorrectly looking at a
 private field of a MemoryRegion struct]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agohw/arm/virt: don't use a15memmap directly
Andrew Jones [Tue, 27 Oct 2015 12:00:50 +0000 (12:00 +0000)]
hw/arm/virt: don't use a15memmap directly

We should always go through VirtBoardInfo when we need the memmap.
To avoid using a15memmap directly, in this case, we need to defer
the max-cpus check from class init time to instance init time. In
class init we now use MAX_CPUMASK_BITS for max_cpus initialization,
which is the maximum QEMU supports, and also, incidentally, the
maximum KVM/gicv3 currently supports. Also, a nice side-effect of
delaying the max-cpus check is that we now get more appropriate
error messages for gicv2 machines that try to configure more than
123 cpus. Before this patch it would complain that the requested
number of cpus was greater than 123, but for gicv2 configs, it
should complain that the number is greater than 8.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 1445189728-860-3-git-send-email-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoarm_gic_kvm: Disable live migration if not supported
Pavel Fedin [Tue, 27 Oct 2015 12:00:50 +0000 (12:00 +0000)]
arm_gic_kvm: Disable live migration if not supported

Currently, if the kernel does not have live migration API, the migration
will still be attempted, but vGIC save/restore functions will just not do
anything. This will result in a broken machine state.

This patch fixes the problem by adding migration blocker if kernel API is
not supported.

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add support for SPSR_(ABT|UND|IRQ|FIQ)
Soren Brinkmann [Tue, 27 Oct 2015 12:00:50 +0000 (12:00 +0000)]
target-arm: Add support for SPSR_(ABT|UND|IRQ|FIQ)

Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm/translate.c: Handle non-executable page-straddling Thumb insns
Peter Maydell [Tue, 27 Oct 2015 12:00:50 +0000 (12:00 +0000)]
target-arm/translate.c: Handle non-executable page-straddling Thumb insns

When the memory we're trying to translate code from is not executable we have
to turn this into a guest fault. In order to report the correct PC for this
fault, and to make sure it is not reported until after any other possible
faults for instructions earlier in execution, we must terminate TBs at
the end of a page, in case the next instruction is in a non-executable page.
This is simple for T16, A32 and A64 instructions, which are always aligned
to their size. However T32 instructions may be 32-bits but only 16-aligned,
so they can straddle a page boundary.

Correct the condition that checks whether the next instruction will touch
the following page, to ensure that if we're 2 bytes before the boundary
and this insn is T32 then we end the TB.

Reported-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Fix "no 64-bit EL2" assumption in arm_excp_unmasked()
Peter Maydell [Tue, 27 Oct 2015 12:00:50 +0000 (12:00 +0000)]
target-arm: Fix "no 64-bit EL2" assumption in arm_excp_unmasked()

The code in arm_excp_unmasked() suppresses the ability of PSTATE.AIF
to mask exceptions from a lower EL targeting EL2 or EL3 if the
CPU is 64-bit. This is correct for a target of EL3, but not correct
for targeting EL2. Further, we go to some effort to calculate
scr and hcr values which are not used at all for the 64-bit CPU
case.

Rearrange the code to correctly implement the 64-bit CPU logic
and keep the hcr/scr calculations in the 32-bit CPU codepath.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1444327729-4120-1-git-send-email-peter.maydell@linaro.org
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
9 years agoMerge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
Peter Maydell [Tue, 27 Oct 2015 10:10:46 +0000 (10:10 +0000)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Tue 27 Oct 2015 05:47:28 GMT using RSA key ID 398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  net: free the string returned by object_get_canonical_path_component
  net: make iov_to_buf take right size argument in nc_sendv_compat()
  net: Remove duplicate data from query-rx-filter on multiqueue net devices
  vmxnet3: Do not fill stats if device is inactive
  options: Add documentation for filter-dump
  net/dump: Provide the dumping facility as a net-filter
  net/dump: Separate the NetClientState from the DumpState
  net/dump: Rework net-dump init functions
  net/dump: Add support for receive_iov function
  net: cadence_gem: Set initial MAC address

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agonet: free the string returned by object_get_canonical_path_component
Yang Hongyang [Tue, 20 Oct 2015 01:51:26 +0000 (09:51 +0800)]
net: free the string returned by object_get_canonical_path_component

The value returned from object_get_canonical_path_component
must be freed.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet: make iov_to_buf take right size argument in nc_sendv_compat()
Yang Hongyang [Tue, 20 Oct 2015 01:51:25 +0000 (09:51 +0800)]
net: make iov_to_buf take right size argument in nc_sendv_compat()

We want "buf, sizeof(buf)" here.  sizeof(buffer) is the size of a
pointer, which is wrong.
Thanks to Paolo for pointing it out.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet: Remove duplicate data from query-rx-filter on multiqueue net devices
Vladislav Yasevich [Mon, 19 Oct 2015 13:04:38 +0000 (09:04 -0400)]
net: Remove duplicate data from query-rx-filter on multiqueue net devices

When responding to a query-rx-filter command on a multiqueue
netdev, qemu reports the data for each queue.  The data, however,
is not per-queue, but per device and the same data is reported
multiple times.  This causes confusion and may also cause extra
unnecessary processing when looking at the data.

Commit 638fb14169 (net: Make qmp_query_rx_filter() with name argument
more obvious) partially addresses this issue, by limiting the output
when the name is specified.  However, when the name is not specified,
the issue still persists.

Signed-off-by: Vladislav Yasevich <vyasevic@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agovmxnet3: Do not fill stats if device is inactive
Shmulik Ladkani [Thu, 15 Oct 2015 10:54:30 +0000 (13:54 +0300)]
vmxnet3: Do not fill stats if device is inactive

Guest OS may issue VMXNET3_CMD_GET_STATS even before device was
activated (for example in linux, after insmod but prior net-dev open).

Accessing shared descriptors prior device activation is illegal as the
VMXNET3State structures have not been fully initialized.

As a result, guest memory gets corrupted and may lead to guest OS
crashes.

Fix, by not filling the stats descriptors if device is inactive.

Reported-by: Leonid Shatz <leonid.shatz@ravellosystems.com>
Acked-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agooptions: Add documentation for filter-dump
Thomas Huth [Tue, 13 Oct 2015 10:40:02 +0000 (12:40 +0200)]
options: Add documentation for filter-dump

Add a short description for the filter-dump command line options.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet/dump: Provide the dumping facility as a net-filter
Thomas Huth [Tue, 13 Oct 2015 10:40:01 +0000 (12:40 +0200)]
net/dump: Provide the dumping facility as a net-filter

Use the net-filter infrastructure to provide the dumping
functions for netdev devices, too.

Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet/dump: Separate the NetClientState from the DumpState
Thomas Huth [Tue, 13 Oct 2015 10:40:00 +0000 (12:40 +0200)]
net/dump: Separate the NetClientState from the DumpState

With the upcoming dumping-via-netfilter patch, the DumpState
should not be related to NetClientState anymore, so move the
related information to a new struct called DumpNetClient.

Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet/dump: Rework net-dump init functions
Thomas Huth [Tue, 13 Oct 2015 10:39:59 +0000 (12:39 +0200)]
net/dump: Rework net-dump init functions

Move the creation of the dump client from net_dump_init() into
net_init_dump(), so we can later use the former function for
dump via netfilter, too. Also rename net_dump_init() to
net_dump_state_init() to make it easier distinguishable from
net_init_dump().

Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet/dump: Add support for receive_iov function
Thomas Huth [Tue, 13 Oct 2015 10:39:58 +0000 (12:39 +0200)]
net/dump: Add support for receive_iov function

Adding a proper receive_iov function to the net dump module.
This will make it easier to support the dump filter feature for
the -netdev option in later patches.

Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet: cadence_gem: Set initial MAC address
Sebastian Huber [Mon, 12 Oct 2015 08:25:01 +0000 (10:25 +0200)]
net: cadence_gem: Set initial MAC address

Set initial MAC address to the one specified by the command line.

Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/sstabellini/tags/xen-2015-10-26' into staging
Peter Maydell [Mon, 26 Oct 2015 13:13:38 +0000 (13:13 +0000)]
Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2015-10-26' into staging

Xen 2015-10-26

# gpg: Signature made Mon 26 Oct 2015 11:32:50 GMT using RSA key ID 70E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"

* remotes/sstabellini/tags/xen-2015-10-26:
  xen-platform: Replace assert() with appropriate error reporting
  xen_platform: switch to realize
  Qemu/Xen: Fix early freeing MSIX MMIO memory region

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoxen-platform: Replace assert() with appropriate error reporting
Eduardo Habkost [Wed, 21 Oct 2015 15:46:50 +0000 (13:46 -0200)]
xen-platform: Replace assert() with appropriate error reporting

Commit dbb7405d8caad0814ceddd568cb49f163a847561 made it possible to
trigger an assert using "-device xen-platform". Replace it with
appropriate error reporting.

Before:

  $ qemu-system-x86_64 -device xen-platform
  qemu-system-x86_64: hw/i386/xen/xen_platform.c:391: xen_platform_initfn: Assertion `xen_enabled()' failed.
  Aborted (core dumped)
  $

After:

  $ qemu-system-x86_64 -device xen-platform
  qemu-system-x86_64: -device xen-platform: xen-platform device requires the Xen accelerator
  $

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
9 years agoxen_platform: switch to realize
Stefano Stabellini [Wed, 21 Oct 2015 15:46:49 +0000 (13:46 -0200)]
xen_platform: switch to realize

Use realize to initialize the xen_platform device

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/elmarco/tags/ivshmem-pull-request' into staging
Peter Maydell [Mon, 26 Oct 2015 11:32:20 +0000 (11:32 +0000)]
Merge remote-tracking branch 'remotes/elmarco/tags/ivshmem-pull-request' into staging

ivshmem series

# gpg: Signature made Mon 26 Oct 2015 09:27:46 GMT using RSA key ID 75969CE5
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>"
# gpg:                 aka "Marc-André Lureau <marcandre.lureau@gmail.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 87A9 BD93 3F87 C606 D276  F62D DAE8 E109 7596 9CE5

* remotes/elmarco/tags/ivshmem-pull-request: (51 commits)
  doc: document ivshmem & hugepages
  ivshmem: use little-endian int64_t for the protocol
  ivshmem: use kvm irqfd for msi notifications
  ivshmem: rename MSI eventfd_table
  ivshmem: remove EventfdEntry.vector
  ivshmem: add hostmem backend
  ivshmem: use qemu_strtosz()
  ivshmem: do not keep shm_fd open
  tests: add ivshmem qtest
  qtest: add qtest_add_abrt_handler()
  msix: implement pba write (but read-only)
  contrib: remove unnecessary strdup()
  ivshmem: add check on protocol version in QEMU
  docs: update ivshmem device spec
  ivshmem-server: fix hugetlbfs support
  ivshmem-server: use a uint16 for client ID
  ivshmem-client: check the number of vectors
  contrib: add ivshmem client and server
  util: const event_notifier_get_fd() argument
  ivshmem: reset mask on device reset
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoQemu/Xen: Fix early freeing MSIX MMIO memory region
Lan Tianyu [Sun, 11 Oct 2015 15:19:24 +0000 (23:19 +0800)]
Qemu/Xen: Fix early freeing MSIX MMIO memory region

msix->mmio is added to XenPCIPassthroughState's object as property.
object_finalize_child_property is called for XenPCIPassthroughState's
object, which calls object_property_del_all, which is going to try to
delete msix->mmio. object_finalize_child_property() will access
msix->mmio's obj. But the whole msix struct has already been freed
by xen_pt_msix_delete. This will cause segment fault when msix->mmio
has been overwritten.

This patch is to fix the issue.

Signed-off-by: Lan Tianyu <tianyu.lan@intel.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
9 years agodoc: document ivshmem & hugepages
Marc-André Lureau [Wed, 7 Oct 2015 14:31:47 +0000 (16:31 +0200)]
doc: document ivshmem & hugepages

Document and give some examples of hugepages support with ivshmem device
and server.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
9 years agoivshmem: use little-endian int64_t for the protocol
Marc-André Lureau [Thu, 24 Sep 2015 10:55:01 +0000 (12:55 +0200)]
ivshmem: use little-endian int64_t for the protocol

The current ivshmem protocol uses 'long' for integers. But the
sizeof(long) depends on the host and the endianess is not defined, which
may cause portability troubles.

Instead, switch to using little-endian int64_t. This breaks the
protocol, except on x64 little-endian host where this change
should be compatible.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: use kvm irqfd for msi notifications
Marc-André Lureau [Thu, 9 Jul 2015 13:50:13 +0000 (15:50 +0200)]
ivshmem: use kvm irqfd for msi notifications

Use irqfd for improving context switch when notifying the guest.
If the host doesn't support kvm irqfd, regular msi notifications are
still supported.

Note: the ivshmem implementation doesn't allow switching between MSI and
IO interrupts, this patch doesn't either.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
9 years agoivshmem: rename MSI eventfd_table
Marc-André Lureau [Mon, 27 Jul 2015 10:59:19 +0000 (12:59 +0200)]
ivshmem: rename MSI eventfd_table

The array is used to have vector specific data, so use a more
descriptive name.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: remove EventfdEntry.vector
Marc-André Lureau [Fri, 24 Jul 2015 16:52:19 +0000 (18:52 +0200)]
ivshmem: remove EventfdEntry.vector

No need to store an extra int for the vector number when it can be
computed easily by looking at the position in the array.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: add hostmem backend
Marc-André Lureau [Mon, 29 Jun 2015 22:10:16 +0000 (00:10 +0200)]
ivshmem: add hostmem backend

Instead of handling allocation, teach ivshmem to use a memory backend.
This allows to use hugetlbfs backed memory now.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: use qemu_strtosz()
Marc-André Lureau [Mon, 29 Jun 2015 22:06:03 +0000 (00:06 +0200)]
ivshmem: use qemu_strtosz()

Use the common qemu utility function to parse the memory size.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: do not keep shm_fd open
Marc-André Lureau [Mon, 29 Jun 2015 22:04:19 +0000 (00:04 +0200)]
ivshmem: do not keep shm_fd open

Remove shm_fd from device state, closing it as early as possible to avoid leaks.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agotests: add ivshmem qtest
Marc-André Lureau [Wed, 2 Apr 2014 14:57:48 +0000 (16:57 +0200)]
tests: add ivshmem qtest

Adds 4 ivshmemtests:
- single qemu instance and basic IO
- pair of instances, check memory sharing
- pair of instances with server, and MSIX
- hot plug/unplug

A temporary shm is created as well as a directory to place server
socket, both should be clear on exit and abort.

Cc: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
9 years agoqtest: add qtest_add_abrt_handler()
Marc-André Lureau [Fri, 19 Jun 2015 16:45:14 +0000 (18:45 +0200)]
qtest: add qtest_add_abrt_handler()

Allow a test to add abort handlers, use GHook for all handlers.

There is currently no way to remove a handler, but it could be
later added if needed.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agomsix: implement pba write (but read-only)
Marc-André Lureau [Fri, 26 Jun 2015 12:25:29 +0000 (14:25 +0200)]
msix: implement pba write (but read-only)

qpci_msix_pending() writes on pba region, causing qemu to SEGV:

  Program received signal SIGSEGV, Segmentation fault.
  [Switching to Thread 0x7ffff7fba8c0 (LWP 25882)]
  0x0000000000000000 in ?? ()
  (gdb) bt
  #0  0x0000000000000000 in  ()
  #1  0x00005555556556c5 in memory_region_oldmmio_write_accessor (mr=0x5555579f3f80, addr=0, value=0x7fffffffbf68, size=4, shift=0, mask=4294967295, attrs=...) at /home/elmarco/src/qemu/memory.c:434
  #2  0x00005555556558e1 in access_with_adjusted_size (addr=0, value=0x7fffffffbf68, size=4, access_size_min=1, access_size_max=4, access=0x55555565563e <memory_region_oldmmio_write_accessor>, mr=0x5555579f3f80, attrs=...) at /home/elmarco/src/qemu/memory.c:506
  #3  0x00005555556581eb in memory_region_dispatch_write (mr=0x5555579f3f80, addr=0, data=0, size=4, attrs=...) at /home/elmarco/src/qemu/memory.c:1176
  #4  0x000055555560b6f9 in address_space_rw (as=0x555555eff4e0 <address_space_memory>, addr=3759147008, attrs=..., buf=0x7fffffffc1b0 "", len=4, is_write=true) at /home/elmarco/src/qemu/exec.c:2439
  #5  0x000055555560baa2 in cpu_physical_memory_rw (addr=3759147008, buf=0x7fffffffc1b0 "", len=4, is_write=1) at /home/elmarco/src/qemu/exec.c:2534
  #6  0x000055555564c005 in cpu_physical_memory_write (addr=3759147008, buf=0x7fffffffc1b0, len=4) at /home/elmarco/src/qemu/include/exec/cpu-common.h:80
  #7  0x000055555564cd9c in qtest_process_command (chr=0x55555642b890, words=0x5555578de4b0) at /home/elmarco/src/qemu/qtest.c:378
  #8  0x000055555564db77 in qtest_process_inbuf (chr=0x55555642b890, inbuf=0x55555641b340) at /home/elmarco/src/qemu/qtest.c:569
  #9  0x000055555564dc07 in qtest_read (opaque=0x55555642b890, buf=0x7fffffffc2e0 "writel 0xe0100800 0x0\n", size=22) at /home/elmarco/src/qemu/qtest.c:581
  #10 0x000055555574ce3e in qemu_chr_be_write (s=0x55555642b890, buf=0x7fffffffc2e0 "writel 0xe0100800 0x0\n", len=22) at qemu-char.c:306
  #11 0x0000555555751263 in tcp_chr_read (chan=0x55555642bcf0, cond=G_IO_IN, opaque=0x55555642b890) at qemu-char.c:2876
  #12 0x00007ffff64c9a8a in g_main_context_dispatch (context=0x55555641c400) at gmain.c:3122

(without this patch, this can be reproduced with the ivshmem qtest)

Implement an empty mmio write to avoid the crash.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
9 years agocontrib: remove unnecessary strdup()
Marc-André Lureau [Wed, 24 Jun 2015 11:33:32 +0000 (13:33 +0200)]
contrib: remove unnecessary strdup()

getopt() optarg points to argv memory, no need to dup those values,
fixes small leaks detected by clang-analyzer.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
9 years agoivshmem: add check on protocol version in QEMU
David Marchand [Tue, 16 Jun 2015 15:43:34 +0000 (17:43 +0200)]
ivshmem: add check on protocol version in QEMU

Send a protocol version as the first message from server, clients must
close communication if they don't support this protocol version.  Older
QEMUs should be fine with this change in the protocol since they
overrides their own vm_id on reception of an id associated to no
eventfd.

Signed-off-by: David Marchand <david.marchand@6wind.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
[use fifo_update_and_get()]
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agodocs: update ivshmem device spec
David Marchand [Mon, 8 Sep 2014 09:17:49 +0000 (11:17 +0200)]
docs: update ivshmem device spec

Add some notes on the parts needed to use ivshmem devices: more specifically,
explain the purpose of an ivshmem server and the basic concept to use the
ivshmem devices in guests.
Move some parts of the documentation and re-organise it.

Signed-off-by: David Marchand <david.marchand@6wind.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
9 years agoivshmem-server: fix hugetlbfs support
Marc-André Lureau [Mon, 29 Jun 2015 17:53:15 +0000 (19:53 +0200)]
ivshmem-server: fix hugetlbfs support

As pointed out on the ML by Andrew Jones, glibc no longer permits
creating POSIX shm on hugetlbfs directly. When given a hugetlbfs path,
create a shareable file there.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
9 years agoivshmem-server: use a uint16 for client ID
Marc-André Lureau [Tue, 23 Jun 2015 15:09:59 +0000 (17:09 +0200)]
ivshmem-server: use a uint16 for client ID

In practice, the number of VM is limited to MAXUINT16 in ivshmem, so use
the same limit on the server (removes a theorical infinite loop)

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem-client: check the number of vectors
Marc-André Lureau [Tue, 23 Jun 2015 14:41:58 +0000 (16:41 +0200)]
ivshmem-client: check the number of vectors

Check the number of vectors received from the server, to avoid
out of bound array access.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agocontrib: add ivshmem client and server
David Marchand [Mon, 8 Sep 2014 09:17:48 +0000 (11:17 +0200)]
contrib: add ivshmem client and server

When using ivshmem devices, notifications between guests can be sent as
interrupts using a ivshmem-server (typical use described in documentation).
The client is provided as a debug tool.

Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Signed-off-by: David Marchand <david.marchand@6wind.com>
[fix a valgrind warning, option and server_close() segvs, extra server
headers includes, getopt() return type, out-of-tree build, use qemu
event_notifier instead of eventfd, fix x86/osx warnings - Marc-André]
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
9 years agoutil: const event_notifier_get_fd() argument
Marc-André Lureau [Tue, 13 Oct 2015 10:12:16 +0000 (12:12 +0200)]
util: const event_notifier_get_fd() argument

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
9 years agoivshmem: reset mask on device reset
Marc-André Lureau [Tue, 23 Jun 2015 12:13:08 +0000 (14:13 +0200)]
ivshmem: reset mask on device reset

The interrupt mask is a state value, it should be reset, like the
interrupt status.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: error on too many eventfd received
Marc-André Lureau [Tue, 23 Jun 2015 12:07:11 +0000 (14:07 +0200)]
ivshmem: error on too many eventfd received

The number of eventfd that can be handled per peer is limited by the
number of vectors. Return an error when receiving too many of them.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: replace 'guest' for 'peer' appropriately
Marc-André Lureau [Tue, 23 Jun 2015 11:38:46 +0000 (13:38 +0200)]
ivshmem: replace 'guest' for 'peer' appropriately

The terms 'guest' and 'peer' are used sometime interchangeably which may
be confusing. Instead, use 'peer' for the remote instances of ivshmem
clients, and 'guest' for the local VM.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: fix pci_ivshmem_exit()
Marc-André Lureau [Tue, 23 Jun 2015 10:57:16 +0000 (12:57 +0200)]
ivshmem: fix pci_ivshmem_exit()

Free all objects owned by the device, making sure the device is free,
fixing hot-unplug.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: add device description
Marc-André Lureau [Tue, 23 Jun 2015 11:01:40 +0000 (13:01 +0200)]
ivshmem: add device description

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: check shm isn't already initialized
Marc-André Lureau [Tue, 23 Jun 2015 10:55:41 +0000 (12:55 +0200)]
ivshmem: check shm isn't already initialized

The server should not change the shm, and this isn't handled by qemu and
we should should verify this in qemu.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: shmfd can be 0
Marc-André Lureau [Tue, 23 Jun 2015 10:53:42 +0000 (12:53 +0200)]
ivshmem: shmfd can be 0

0 is a valid fd value, so change conditions and set -1 value early

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: migrate with VMStateDescription
Marc-André Lureau [Thu, 18 Jun 2015 12:05:46 +0000 (14:05 +0200)]
ivshmem: migrate with VMStateDescription

load_state_old() is used to keep compatibility with version 0.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: use common is_power_of_2()
Marc-André Lureau [Thu, 18 Jun 2015 14:10:33 +0000 (16:10 +0200)]
ivshmem: use common is_power_of_2()

The common version correctly checks for 0 value case.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: use common return
Marc-André Lureau [Fri, 19 Jun 2015 10:21:46 +0000 (12:21 +0200)]
ivshmem: use common return

Both if branches return, move this out to common end.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
9 years agoivshmem: simplify a bit the code
Marc-André Lureau [Fri, 19 Jun 2015 10:19:55 +0000 (12:19 +0200)]
ivshmem: simplify a bit the code

Use some more explicit variables to simplify the code.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>