sdk/emulator/qemu.git
8 years agoio: add QIOTask class for async operations
Daniel P. Berrange [Wed, 18 Mar 2015 17:25:45 +0000 (17:25 +0000)]
io: add QIOTask class for async operations

A number of I/O operations need to be performed asynchronously
to avoid blocking the main loop. The caller of such APIs need
to provide a callback to be invoked on completion/error and
need access to the error, if any. The small QIOTask provides
a simple framework for dealing with such probes. The API
docs inline provide an outline of how this is to be used.

Some functions don't have the ability to run asynchronously
(eg getaddrinfo always blocks), so to facilitate their use,
the task class provides a mechanism to run a blocking
function in a thread, while triggering the completion
callback in the main event loop thread. This easily allows
any synchronous function to be made asynchronous, albeit
at the cost of spawning a thread.

In this series, the QIOTask class will be used for things like
the TLS handshake, the websockets handshake and TCP connect()
progress.

The concept of QIOTask is inspired by the GAsyncResult
interface / GTask class in the GIO libraries. The min
version requirements on glib don't allow those to be
used from QEMU, so QIOTask provides a facsimilie which
can be easily switched to GTask in the future if the
min version is increased.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
8 years agoio: add helper module for creating watches on FDs
Daniel P. Berrange [Tue, 3 Mar 2015 12:59:16 +0000 (12:59 +0000)]
io: add helper module for creating watches on FDs

A number of the channel implementations will require the
ability to create watches on file descriptors / sockets.
To avoid duplicating this code in each channel, provide a
helper API for dealing with file descriptor watches.

There are two watch implementations provided. The first
is useful for bi-directional file descriptors such as
sockets, regular files, character devices, etc. The
second works with a pair of unidirectional file descriptors
such as pipes.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
8 years agoio: add abstract QIOChannel classes
Daniel P. Berrange [Fri, 27 Feb 2015 16:19:33 +0000 (16:19 +0000)]
io: add abstract QIOChannel classes

Start the new generic I/O channel framework by defining a
QIOChannel abstract base class. This is designed to feel
similar to GLib's GIOChannel, but with the addition of
support for using iovecs, qemu error reporting, file
descriptor passing, coroutine integration and use of
the QOM framework for easier sub-classing.

The intention is that anywhere in QEMU that almost
anywhere that deals with sockets will use this new I/O
infrastructure, so that it becomes trivial to then layer
in support for TLS encryption. This will at least include
the VNC server, char device backend and migration code.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
Peter Maydell [Thu, 17 Dec 2015 18:07:09 +0000 (18:07 +0000)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* KVM: synic support, split irqchip support
* memory: cleanups, optimizations, ioeventfd emulation
* SCSI: small fixes, vmw_pvscsi compatibility improvements
* qemu_log cleanups
* Coverity model improvements

# gpg: Signature made Thu 17 Dec 2015 16:35:21 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (45 commits)
  coverity: Model g_memdup()
  coverity: Model g_poll()
  scsi: always call notifier on async cancellation
  scsi: use scsi_req_cancel_async when purging requests
  target-i386: kvm: clear unusable segments' flags in migration
  rcu: optimize rcu_read_lock
  memory: try to inline constant-length reads
  memory: inline a few small accessors
  memory: extract first iteration of address_space_read and address_space_write
  memory: split address_space_read and address_space_write
  memory: avoid unnecessary object_ref/unref
  memory: reorder MemoryRegion fields
  exec: make qemu_ram_ptr_length more similar to qemu_get_ram_ptr
  exec: always call qemu_get_ram_ptr within rcu_read_lock
  linux-user: convert DEBUG_SIGNAL logging to tracepoints
  linux-user: avoid "naked" qemu_log
  user: introduce "-d page"
  xtensa: avoid "naked" qemu_log
  tricore: avoid "naked" qemu_log
  ppc: cleanup logging
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agocoverity: Model g_memdup()
Markus Armbruster [Mon, 30 Nov 2015 16:32:32 +0000 (17:32 +0100)]
coverity: Model g_memdup()

We model all the non-deprecated memory allocation functions from
https://developer.gnome.org/glib/stable/glib-Memory-Allocation.html
except for g_memdup(), g_clear_pointer(), g_steal_pointer().  We don't
use the latter two.  Model the former.

Coverity now reports an OVERRUN
vl.c:2317: alloc_strlen: Allocating insufficient memory for the terminating null of the string.
Correct, but we omit the terminating null intentionally there.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448901152-11716-1-git-send-email-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agocoverity: Model g_poll()
Markus Armbruster [Thu, 17 Dec 2015 07:20:33 +0000 (08:20 +0100)]
coverity: Model g_poll()

In my testing, Coverity reported two more CHECKED_RETURN:

* qemu-char.c:1248: fixed in commit c1f2448: "qemu-char: retry g_poll
  on EINTR".

* migration/qemu-file-unix.c:75: harmless, cleaned up in commit
  4e39f57 "migration: Clean up use of g_poll() in
  socket_writev_buffer()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1450336833-27710-1-git-send-email-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoscsi: always call notifier on async cancellation
Paolo Bonzini [Wed, 16 Dec 2015 18:33:44 +0000 (19:33 +0100)]
scsi: always call notifier on async cancellation

This was found by code inspection.  If the request is cancelled twice,
the notifier is never called on the second cancellation request,
and hence for example a TMF might never finish.

All the calls in scsi_req_cancel_async are idempotent, so the change
is safe.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1450290827-30508-2-git-send-email-pbonzini@redhat.com>

8 years agoscsi: use scsi_req_cancel_async when purging requests
Paolo Bonzini [Wed, 16 Dec 2015 18:33:43 +0000 (19:33 +0100)]
scsi: use scsi_req_cancel_async when purging requests

This avoids calls to aio_poll without having acquired the context first.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1450290827-30508-1-git-send-email-pbonzini@redhat.com>

8 years agotarget-i386: kvm: clear unusable segments' flags in migration
Michael Chapman [Mon, 7 Dec 2015 04:54:07 +0000 (15:54 +1100)]
target-i386: kvm: clear unusable segments' flags in migration

This commit fixes migration of a QEMU/KVM guest from kernel >= v3.9 to
kernel <= v3.7 (e.g. from RHEL 7 to RHEL 6). Without this commit a guest
migrated across these kernel versions fails to resume on the target host
as its segment descriptors are invalid.

Two separate kernel commits combined together to result in this bug:

  commit f0495f9b9992f80f82b14306946444b287193390
  Author: Avi Kivity <avi@redhat.com>
  Date:   Thu Jun 7 17:06:10 2012 +0300

      KVM: VMX: Relax check on unusable segment

      Some userspace (e.g. QEMU 1.1) munge the d and g bits of segment
      descriptors, causing us not to recognize them as unusable segments
      with emulate_invalid_guest_state=1.  Relax the check by testing for
      segment not present (a non-present segment cannot be usable).

Signed-off-by: Avi Kivity <avi@redhat.com>
  commit 25391454e73e3156202264eb3c473825afe4bc94
  Author: Gleb Natapov <gleb@redhat.com>
  Date:   Mon Jan 21 15:36:46 2013 +0200

      KVM: VMX: don't clobber segment AR of unusable segments.

      Usability is returned in unusable field, so not need to clobber entire
      AR. Callers have to know how to deal with unusable segments already
      since if emulate_invalid_guest_state=true AR is not zeroed.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
The first commit changed the KVM_SET_SREGS ioctl so that it did no treat
segment flags == 0 as an unusable segment, instead only looking at the
"present" flag.

The second commit changed KVM_GET_SREGS so that it did not clear the
flags of an unusable segment.

Since QEMU does not itself maintain the "unusable" flag across a
migration, the end result is that unusable segments read from a kernel
with these commits and loaded into a kernel without these commits are
not properly recognised as being unusable.

This commit updates both get_seg and set_seg so that the problem is
avoided even when migrating to or migrating from a QEMU without this
commit. In get_seg, we clear the segment flags if the segment is marked
unusable. In set_seg, we mark the segment unusable if the segment's
"present" flag is not set.

Signed-off-by: Michael Chapman <mike@very.puzzling.org>
Message-Id: <1449464047-17467-1-git-send-email-mike@very.puzzling.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agorcu: optimize rcu_read_lock
Paolo Bonzini [Wed, 16 Dec 2015 11:32:22 +0000 (12:32 +0100)]
rcu: optimize rcu_read_lock

rcu_read_lock cannot change rcu_gp_ongoing from true to false
(the previous value of p_rcu_reader->ctr is zero), hence
there is no need to check p_rcu_reader->waiting and wake up
a concurrent synchronize_rcu.

While at it mark the wakeup as unlikely in rcu_read_unlock.

Reviewed-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1450265542-4323-1-git-send-email-pbonzini@redhat.com>

8 years agomemory: try to inline constant-length reads
Paolo Bonzini [Wed, 9 Dec 2015 09:34:13 +0000 (10:34 +0100)]
memory: try to inline constant-length reads

memcpy can take a large amount of time for small reads and writes.
Handle the common case of reading s/g descriptors from memory (there
is no corresponding "write" case that is as common, because writes
often use address_space_st* functions) by inlining the relevant
parts of address_space_read into the caller.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: inline a few small accessors
Paolo Bonzini [Wed, 9 Dec 2015 16:47:39 +0000 (17:47 +0100)]
memory: inline a few small accessors

These are used in the address_space_* fast paths.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: extract first iteration of address_space_read and address_space_write
Paolo Bonzini [Wed, 9 Dec 2015 09:18:57 +0000 (10:18 +0100)]
memory: extract first iteration of address_space_read and address_space_write

We want to inline the case where there is only one iteration, because
then the compiler can also inline the memcpy.  As a start, extract
everything after the first address_space_translate call.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: split address_space_read and address_space_write
Paolo Bonzini [Wed, 9 Dec 2015 09:06:31 +0000 (10:06 +0100)]
memory: split address_space_read and address_space_write

Rather than dispatching on is_write for every iteration, make
address_space_rw call one of the two functions.  The amount of
duplicate logic is pretty small, and memory_access_is_direct can
be tweaked so that it inlines better in the callers.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: avoid unnecessary object_ref/unref
Paolo Bonzini [Wed, 9 Dec 2015 10:44:25 +0000 (11:44 +0100)]
memory: avoid unnecessary object_ref/unref

For the common case of DMA into non-hotplugged RAM, it is unnecessary
but expensive to do object_ref/unref.  Add back an owner field to
MemoryRegion, so that these memory regions can skip the reference
counting.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: reorder MemoryRegion fields
Paolo Bonzini [Wed, 9 Dec 2015 10:40:14 +0000 (11:40 +0100)]
memory: reorder MemoryRegion fields

Order fields so that all fields accessed during a RAM read/write fit in
the same cache line.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoexec: make qemu_ram_ptr_length more similar to qemu_get_ram_ptr
Paolo Bonzini [Wed, 16 Dec 2015 09:31:26 +0000 (10:31 +0100)]
exec: make qemu_ram_ptr_length more similar to qemu_get_ram_ptr

Notably, use qemu_get_ram_block to enjoy the MRU optimization.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoexec: always call qemu_get_ram_ptr within rcu_read_lock
Paolo Bonzini [Wed, 16 Dec 2015 09:30:47 +0000 (10:30 +0100)]
exec: always call qemu_get_ram_ptr within rcu_read_lock

Simplify the code and document the assumption.  The only caller
that is not within rcu_read_lock is memory_region_get_ram_ptr.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agolinux-user: convert DEBUG_SIGNAL logging to tracepoints
Paolo Bonzini [Fri, 13 Nov 2015 12:52:21 +0000 (13:52 +0100)]
linux-user: convert DEBUG_SIGNAL logging to tracepoints

"Unimplemented" messages go to stderr, everything else goes to tracepoints

Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agolinux-user: avoid "naked" qemu_log
Paolo Bonzini [Fri, 13 Nov 2015 12:20:35 +0000 (13:20 +0100)]
linux-user: avoid "naked" qemu_log

Ensure that all log writes are protected by qemu_loglevel_mask or,
in serious cases, go to both the log and stderr.

Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agouser: introduce "-d page"
Paolo Bonzini [Fri, 13 Nov 2015 11:32:19 +0000 (12:32 +0100)]
user: introduce "-d page"

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoxtensa: avoid "naked" qemu_log
Paolo Bonzini [Fri, 13 Nov 2015 12:43:35 +0000 (13:43 +0100)]
xtensa: avoid "naked" qemu_log

Cc: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agotricore: avoid "naked" qemu_log
Paolo Bonzini [Fri, 13 Nov 2015 12:35:27 +0000 (13:35 +0100)]
tricore: avoid "naked" qemu_log

Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoppc: cleanup logging
Paolo Bonzini [Fri, 13 Nov 2015 12:34:23 +0000 (13:34 +0100)]
ppc: cleanup logging

Avoid "naked" qemu_log, bring documentation for DEBUG #defines
up to date.

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agos390x: avoid "naked" qemu_log
Paolo Bonzini [Fri, 13 Nov 2015 12:25:21 +0000 (13:25 +0100)]
s390x: avoid "naked" qemu_log

Convert to debug-only qemu_log.

Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomicroblaze: avoid "naked" qemu_log
Paolo Bonzini [Fri, 13 Nov 2015 12:24:57 +0000 (13:24 +0100)]
microblaze: avoid "naked" qemu_log

Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agocris: avoid "naked" qemu_log
Paolo Bonzini [Fri, 13 Nov 2015 12:24:26 +0000 (13:24 +0100)]
cris: avoid "naked" qemu_log

Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoalpha: convert "naked" qemu_log to tracepoint
Paolo Bonzini [Fri, 13 Nov 2015 12:23:45 +0000 (13:23 +0100)]
alpha: convert "naked" qemu_log to tracepoint

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoqemu-log: introduce qemu_log_separate
Paolo Bonzini [Fri, 13 Nov 2015 12:16:27 +0000 (13:16 +0100)]
qemu-log: introduce qemu_log_separate

In some cases, the same message is printed both on stderr and in the log.
Avoid duplicate output in the default case where stderr _is_ the log,
and standardize this to stderr+log where it used to use stdio+log.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoqemu-char: append opt to stop truncation of serial file
Olga Krishtal [Fri, 4 Dec 2015 06:42:04 +0000 (09:42 +0300)]
qemu-char: append opt to stop truncation of serial file

Our QA team wants to preserve serial output of the guest in between QEMU
runs to perform post-analysis.

By default this behavior is off (file is truncated each time QEMU is
started or device is plugged).

Signed-off-by: Olga Krishtal <okrishtal@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Eric Blake <eblake@redhat.com>
CC: Markus Armbruster <armbru@redhat.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1449211324-17856-1-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agokvm: x86: add support for KVM_CAP_SPLIT_IRQCHIP
Paolo Bonzini [Thu, 17 Dec 2015 16:16:08 +0000 (17:16 +0100)]
kvm: x86: add support for KVM_CAP_SPLIT_IRQCHIP

This patch adds support for split IRQ chip mode. When
KVM_CAP_SPLIT_IRQCHIP is enabled:

    1.) The PIC, PIT, and IOAPIC are implemented in userspace while
    the LAPIC is implemented by KVM.

    2.) The software IOAPIC delivers interrupts to the KVM LAPIC via
    kvm_set_irq. Interrupt delivery is configured via the MSI routing
    table, for which routes are reserved in target-i386/kvm.c then
    configured in hw/intc/ioapic.c

    3.) KVM delivers IOAPIC EOIs via a new exit KVM_EXIT_IOAPIC_EOI,
    which is handled in target-i386/kvm.c and relayed to the software
    IOAPIC via ioapic_eoi_broadcast.

Signed-off-by: Matt Gingell <gingell@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agokvm: add support for -machine kernel_irqchip=split
Matt Gingell [Mon, 16 Nov 2015 18:03:06 +0000 (10:03 -0800)]
kvm: add support for -machine kernel_irqchip=split

This patch adds the initial plumbing for split IRQ chip mode via
KVM_CAP_SPLIT_IRQCHIP. In addition to option processing, a number of
kvm_*_in_kernel macros are defined to help clarify which component is
where.

Signed-off-by: Matt Gingell <gingell@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agotarget-i386/kvm: Hyper-V SynIC timers MSR's support
Andrey Smetanin [Wed, 25 Nov 2015 15:21:25 +0000 (18:21 +0300)]
target-i386/kvm: Hyper-V SynIC timers MSR's support

Hyper-V SynIC timers are host timers that are configurable
by guest through corresponding MSR's (HV_X64_MSR_STIMER*).
Guest setup and use fired by host events(SynIC interrupt
and appropriate timer expiration message) as guest clock
events.

The state of Hyper-V SynIC timers are stored in corresponding
MSR's. This patch seria implements such MSR's support and migration.

Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
CC: "Andreas Färber" <afaerber@suse.de>
CC: Marcelo Tosatti <mtosatti@redhat.com>
CC: Denis V. Lunev <den@openvz.org>
CC: Roman Kagan <rkagan@virtuozzo.com>
CC: kvm@vger.kernel.org
Message-Id: <1448464885-8300-3-git-send-email-asmetanin@virtuozzo.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agohw/misc: Hyper-V test device 'hyperv-testdev'
Andrey Smetanin [Tue, 10 Nov 2015 12:52:44 +0000 (15:52 +0300)]
hw/misc: Hyper-V test device 'hyperv-testdev'

'hyperv-testdev' will be used by kvm-unit-tests
to setup Hyper-V SynIC SINT's routing and to inject
Hyper-V SynIC SINT's.

Hyper-V test device is ISA type device that creates 0x3000
IO memory region and catches write access into it. Every
write operation data decoded into ctl code and parameters
for Hyper-V test device.

Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
Reviewed-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
CC: "Andreas Färber" <afaerber@suse.de>
CC: Marcelo Tosatti <mtosatti@redhat.com>
CC: Roman Kagan <rkagan@virtuozzo.com>
CC: Denis V. Lunev <den@openvz.org>
CC: kvm@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agotarget-i386/hyperv: Hyper-V SynIC SINT routing and vcpu exit
Andrey Smetanin [Tue, 10 Nov 2015 12:52:43 +0000 (15:52 +0300)]
target-i386/hyperv: Hyper-V SynIC SINT routing and vcpu exit

Hyper-V SynIC(synthetic interrupt controller) helpers for
Hyper-V SynIC irq routing setup, irq injection, irq ack
notifications event/message pages changes tracking for future use.

Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
Reviewed-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
CC: "Andreas Färber" <afaerber@suse.de>
CC: Marcelo Tosatti <mtosatti@redhat.com>
CC: Roman Kagan <rkagan@virtuozzo.com>
CC: Denis V. Lunev <den@openvz.org>
CC: kvm@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agokvm: Hyper-V SynIC irq routing support
Andrey Smetanin [Tue, 10 Nov 2015 12:52:42 +0000 (15:52 +0300)]
kvm: Hyper-V SynIC irq routing support

Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
Reviewed-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
CC: "Andreas Färber" <afaerber@suse.de>
CC: Marcelo Tosatti <mtosatti@redhat.com>
CC: Roman Kagan <rkagan@virtuozzo.com>
CC: Denis V. Lunev <den@openvz.org>
CC: kvm@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agotarget-i386/kvm: Hyper-V SynIC MSR's support
Andrey Smetanin [Wed, 11 Nov 2015 10:18:38 +0000 (13:18 +0300)]
target-i386/kvm: Hyper-V SynIC MSR's support

This patch does Hyper-V Synthetic interrupt
controller(Hyper-V SynIC) MSR's support and
migration. Hyper-V SynIC is enabled by cpu's
'hv-synic' option.

This patch does not allow cpu creation if
'hv-synic' option specified but kernel
doesn't support Hyper-V SynIC.

Changes v3:
* removed 'msr_hv_synic_version' migration because
it's value always the same
* moved SynIC msr's initialization into kvm_arch_init_vcpu

Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
Reviewed-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
CC: "Andreas Färber" <afaerber@suse.de>
CC: Marcelo Tosatti <mtosatti@redhat.com>
CC: Roman Kagan <rkagan@virtuozzo.com>
CC: Denis V. Lunev <den@openvz.org>
CC: kvm@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agolinux-headers: update from kvm/next
Paolo Bonzini [Tue, 15 Dec 2015 14:00:27 +0000 (15:00 +0100)]
linux-headers: update from kvm/next

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agovmw_pvscsi: Introduce 'x-disable-pcie' backword compatability property
Shmulik Ladkani [Sun, 13 Dec 2015 08:08:32 +0000 (10:08 +0200)]
vmw_pvscsi: Introduce 'x-disable-pcie' backword compatability property

Following the previous patch which changed pvscsi to be a pci express
device, this patch introduces a boolean property 'x-disable-pcie'.

Its default value is false, exposing pvscsi as a pcie device.

Setting 'x-disable-pcie' to 'on' preserves the old 'pci device' (non
express) behavior. This allows migration to older versions.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Message-Id: <1449994112-7054-7-git-send-email-shmulik.ladkani@ravellosystems.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agovmw_pvscsi: The pvscsi device is a PCIE endpoint
Shmulik Ladkani [Sun, 13 Dec 2015 08:08:31 +0000 (10:08 +0200)]
vmw_pvscsi: The pvscsi device is a PCIE endpoint

Report the 'express endpoint' capability if on a PCIE bus.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Message-Id: <1449994112-7054-6-git-send-email-shmulik.ladkani@ravellosystems.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agovmw_pvscsi: coding: Introduce PVSCSIClass
Shmulik Ladkani [Sun, 13 Dec 2015 08:08:30 +0000 (10:08 +0200)]
vmw_pvscsi: coding: Introduce PVSCSIClass

Introduce a class type for pvscsi, and the usual
DEVICE_CLASS/DEVICE_GET_CLASS macros.

No semantic change.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Message-Id: <1449994112-7054-5-git-send-email-shmulik.ladkani@ravellosystems.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agovmw_pvscsi: Introduce 'x-old-pci-configuration' backword compatability property
Shmulik Ladkani [Sun, 13 Dec 2015 08:08:29 +0000 (10:08 +0200)]
vmw_pvscsi: Introduce 'x-old-pci-configuration' backword compatability property

Following the previous patches, which introduced various changes in
pvscsi's pci configuration space (device subsystem id and revision, msi
offset), this patch introduces a boolean property
'x-old-pci-configuration' to pvscsi.

Its default value is false, exposing the above changes in the pci config
space.

Setting 'x-old-pci-configuration' to 'on' preserves the old behavior,
which allows migration to older versions.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Message-Id: <1449994112-7054-4-git-send-email-shmulik.ladkani@ravellosystems.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agovmw_pvscsi: Change offset of msi pci capability
Shmulik Ladkani [Sun, 13 Dec 2015 08:08:28 +0000 (10:08 +0200)]
vmw_pvscsi: Change offset of msi pci capability

Place device reported MSI capability at the same offset as placed by
the VMware virtual hardware - at offset 0x7c.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Message-Id: <1449994112-7054-3-git-send-email-shmulik.ladkani@ravellosystems.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agovmw_pvscsi: Set device subsystem and revision
Shmulik Ladkani [Sun, 13 Dec 2015 08:08:27 +0000 (10:08 +0200)]
vmw_pvscsi: Set device subsystem and revision

To be VMware PVSCSI SCSI Controller, rev 02.
As reported by the VMware virtual hardware.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Message-Id: <1449994112-7054-2-git-send-email-shmulik.ladkani@ravellosystems.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: emulate ioeventfd
Pavel Fedin [Fri, 20 Nov 2015 09:37:16 +0000 (12:37 +0300)]
memory: emulate ioeventfd

The ioeventfd mechanism is used by vhost, dataplane, and virtio-pci to
turn guest MMIO/PIO writes into eventfd file descriptor events.  This
allows arbitrary threads to be notified when the guest writes to a
specific MMIO/PIO address.

qtest and TCG do not support ioeventfd because memory writes are not
checked against registered ioeventfds in QEMU.  This patch implements
this in memory_region_dispatch_write() so qtest can use ioeventfd.

Also this patch fixes vhost aborting on some misconfigured old kernels
like 3.18.0 on ARM. It is possible to explicitly enable CONFIG_EVENTFD
in expert settings, while MMIO binding support in KVM will still be
missing.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Message-Id: <006e01d12377$0b9c2d40$22d487c0$@samsung.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agokvm-all: PAGE_SIZE should be real host page size
Andrew Jones [Tue, 10 Nov 2015 00:23:42 +0000 (19:23 -0500)]
kvm-all: PAGE_SIZE should be real host page size

Just noticed this while grepping TARGET_PAGE_SIZE for an unrelated
reason. I didn't use qemu_real_host_page_size as kvm_set_phys_mem()
does, because we'd need to make sure page_size_init() has run first.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-Id: <1447115022-4142-1-git-send-email-drjones@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoexec: Remove unnecessary RAM_FILE flag
Eduardo Habkost [Fri, 6 Nov 2015 22:11:21 +0000 (20:11 -0200)]
exec: Remove unnecessary RAM_FILE flag

The only code that sets RAMBlock.fd is file_ram_alloc(), and the only
code that calls file_ram_alloc() sets the RAM_FILE flag. That means the
flag is always set when RAMBlock.fd >= 0, and the munmap() call at
reclaim_ramblock() is dead code that never runs.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1446847881-9385-1-git-send-email-ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: Eliminate memory_region_destructor_ram_from_ptr()
Eduardo Habkost [Fri, 6 Nov 2015 21:20:05 +0000 (19:20 -0200)]
memory: Eliminate memory_region_destructor_ram_from_ptr()

The function is equivalent to memory_region_destructor_ram(), so
it's not needed anymore.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1446844805-14492-3-git-send-email-ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoexec: Eliminate qemu_ram_free_from_ptr()
Eduardo Habkost [Fri, 6 Nov 2015 21:20:04 +0000 (19:20 -0200)]
exec: Eliminate qemu_ram_free_from_ptr()

Replace qemu_ram_free_from_ptr() with qemu_ram_free().

The only difference between qemu_ram_free_from_ptr() and
qemu_ram_free() is that g_free_rcu() is used instead of
call_rcu(reclaim_ramblock). We can safely replace it because:

* RAM blocks allocated by qemu_ram_alloc_from_ptr() always have
  RAM_PREALLOC set;
* reclaim_ramblock(block) will do nothing except g_free(block)
  if RAM_PREALLOC is set at block->flags.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1446844805-14492-2-git-send-email-ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151217-1' into...
Peter Maydell [Thu, 17 Dec 2015 13:38:34 +0000 (13:38 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151217-1' into staging

target-arm queue:
 * i.MX CCM patches
 * support guest debug for AArch64 KVM
 * support power button on virt board via GPIO
 * clean up AArch32 singlestep code
 * raise exception on misaligned LDREX operands
 * soc-dma: use hwaddr instead of target_ulong in printf
 * explicitly mark some ARM device loads as little-endian
 * i.MX: add support for lower and upper interrupt in GPIO

# gpg: Signature made Thu 17 Dec 2015 13:38:09 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20151217-1: (25 commits)
  i.MX: Add an i.MX25 specific CCM class/instance
  i.MX: Split the CCM class into an abstract base class and a concrete class
  i.MX: rename i.MX CCM get_clock() function and CLK ID enum names
  i.MX: Fix i.MX31 default/reset configuration
  tests/guest-debug: introduce basic gdbstub tests
  target-arm: kvm - re-inject guest debug exceptions
  target-arm: kvm - add support for HW assisted debug
  target-arm: kvm - support for single step
  target-arm: kvm - implement software breakpoints
  target-arm: kvm64 - introduce kvm_arm_init_debug()
  ARM: Virt: Add gpio-keys node for Poweroff using DT
  ARM: Virt: Add QEMU powerdown notifier and hook it to GPIO Pin 3
  ARM: ACPI: Add _E03 for Power Button
  ACPI: Add aml_gpio_int() wrapper for GPIO Interrupt Connection
  ACPI: Add GPIO Connection Descriptor
  ARM: ACPI: Add power button device in ACPI DSDT table
  ARM: ACPI: Add GPIO controller in ACPI DSDT table
  ARM: Virt: Add a GPIO controller
  acpi: extend aml_interrupt() to support multiple irqs
  acpi: support serialized method
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoi.MX: Add an i.MX25 specific CCM class/instance
Jean-Christophe Dubois [Thu, 17 Dec 2015 13:37:16 +0000 (13:37 +0000)]
i.MX: Add an i.MX25 specific CCM class/instance

With this CCM, i.MX25 timer is accurate with "real world time".

Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 2c0cf90be767bfc8520661eca891ab22c61f18fe.1449528242.git.jcd@tribudubois.net
Reviewed-by Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoi.MX: Split the CCM class into an abstract base class and a concrete class
Jean-Christophe Dubois [Thu, 17 Dec 2015 13:37:15 +0000 (13:37 +0000)]
i.MX: Split the CCM class into an abstract base class and a concrete class

The IMX_CCM class is now the base abstract class that is used by EPIT
and GPT timer implementation.

IMX31_CCM class is the concrete class implementing CCM for i.MX31 SOC.

For now the i.MX25 continues to use the i.MX31 CCM implementation.

An i.MX25 specific CCM will be introduced in a later patch.

We also rework initialization to stop using deprecated sysbus device init.

Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: fd3c7f87b50f5ebc99ec91f01413db35017f116d.1449528242.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoi.MX: rename i.MX CCM get_clock() function and CLK ID enum names
Jean-Christophe Dubois [Thu, 17 Dec 2015 13:37:15 +0000 (13:37 +0000)]
i.MX: rename i.MX CCM get_clock() function and CLK ID enum names

This is to prepare for CCM code refactoring.

This is just a bit of function and enum values renaming.

We also remove some useless intermediate variables.

Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 53c4d9b9611988a5f56f178f285e04490747925e.1449528242.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoi.MX: Fix i.MX31 default/reset configuration
Jean-Christophe Dubois [Thu, 17 Dec 2015 13:37:15 +0000 (13:37 +0000)]
i.MX: Fix i.MX31 default/reset configuration

Linux on i.MX31/KZM is expecting the CCM to use the CKIH ref clock
instead of the CKIL plus the FPM multiplier.

We change the CCMR reg reset value to match linux expected config.

This allows the CCM to provide a 39MHz clk (as expected by linux)
instead of the actual 50MHz.

With this change the "sleep 60" command on linux is time accurate
with "real world time".

Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 6dc5bc4e0a450b20cecdb2991112e7281b653345.1449528242.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotests/guest-debug: introduce basic gdbstub tests
Alex Bennée [Thu, 17 Dec 2015 13:37:15 +0000 (13:37 +0000)]
tests/guest-debug: introduce basic gdbstub tests

The aim of these tests is to combine with an appropriate kernel
image (with symbol-file vmlinux) and check it behaves as it should.
Given a kernel it checks:

  - single step
  - software breakpoint
  - hardware breakpoint
  - access, read and write watchpoints

On success it returns 0 to the calling process.

I've not plumbed this into the "make check" logic though as we need a
solution for providing non-host binaries to the tests. However the test
is structured to work with pretty much any Linux kernel image as it
uses the basic kernel_init code which is common across architectures.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1449599553-24713-7-git-send-email-alex.bennee@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: kvm - re-inject guest debug exceptions
Alex Bennée [Thu, 17 Dec 2015 13:37:15 +0000 (13:37 +0000)]
target-arm: kvm - re-inject guest debug exceptions

If we can't find details for the debug exception in our debug state
then we can assume the exception is due to debugging inside the guest.
To inject the exception into the guest state we re-use the TCG exception
code (do_interrupt).

However while guest debugging is in effect we currently can't handle the
guest using single step as we will keep trapping to back to userspace.
GDB makes heavy use of single-step behind the scenes which effectively
means the guest's ability to debug itself is disabled while it is being
debugged.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1449599553-24713-6-git-send-email-alex.bennee@linaro.org
[PMM: Fixed a few typos in comments and commit message]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: kvm - add support for HW assisted debug
Alex Bennée [Thu, 17 Dec 2015 13:37:15 +0000 (13:37 +0000)]
target-arm: kvm - add support for HW assisted debug

This adds basic support for HW assisted debug. The ioctl interface to
KVM allows us to pass an implementation defined number of break and
watch point registers. When KVM_GUESTDBG_USE_HW is specified these
debug registers will be installed in place on the world switch into the
guest.

The hardware is actually capable of more advanced matching but it is
unclear if this expressiveness is available via the gdbstub protocol.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1449599553-24713-5-git-send-email-alex.bennee@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: kvm - support for single step
Alex Bennée [Thu, 17 Dec 2015 13:37:15 +0000 (13:37 +0000)]
target-arm: kvm - support for single step

This adds support for single-step. There isn't much to do on the QEMU
side as after we set-up the request for single step via the debug ioctl
it is all handled within the kernel.

The actual setting of the KVM_GUESTDBG_SINGLESTEP flag is already in the
common code. If the kernel doesn't support guest debug the ioctl will
simply error.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1449599553-24713-4-git-send-email-alex.bennee@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: kvm - implement software breakpoints
Alex Bennée [Thu, 17 Dec 2015 13:37:15 +0000 (13:37 +0000)]
target-arm: kvm - implement software breakpoints

These don't involve messing around with debug registers, just setting
the breakpoint instruction in memory. GDB will not use this mechanism if
it can't access the memory to write the breakpoint.

All the kernel has to do is ensure the hypervisor traps the breakpoint
exceptions and returns to userspace.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1449599553-24713-3-git-send-email-alex.bennee@linaro.org
[PMM: Fixed typo in comment]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: kvm64 - introduce kvm_arm_init_debug()
Alex Bennée [Thu, 17 Dec 2015 13:37:14 +0000 (13:37 +0000)]
target-arm: kvm64 - introduce kvm_arm_init_debug()

As we haven't always had guest debug support we need to probe for it.
Additionally we don't do this in the start-up capability code so we
don't fall over on old kernels.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1449599553-24713-2-git-send-email-alex.bennee@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoARM: Virt: Add gpio-keys node for Poweroff using DT
Shannon Zhao [Thu, 17 Dec 2015 13:37:14 +0000 (13:37 +0000)]
ARM: Virt: Add gpio-keys node for Poweroff using DT

Add a gpio-keys node. This is used for Poweroff for the systems which
use DT not ACPI.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Tested-by: Wei Huang <wei@redhat.com>
Message-id: 1449804086-3464-11-git-send-email-zhaoshenglong@huawei.com
[PMM: use "standard-headers/linux/input.h" rather than <linux/input.h>]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoARM: Virt: Add QEMU powerdown notifier and hook it to GPIO Pin 3
Shannon Zhao [Thu, 17 Dec 2015 13:37:14 +0000 (13:37 +0000)]
ARM: Virt: Add QEMU powerdown notifier and hook it to GPIO Pin 3

Currently mach-virt model doesn't support powerdown request. Guest VM
doesn't react to system_powerdown from monitor console (or QMP) because
there is no communication mechanism for such requests. This patch registers
GPIO Pin 3 with powerdown notification. So guest VM can receive notification
when such powerdown request is triggered.

Signed-off-by: Wei Huang <wei@redhat.com>
Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Wei Huang <wei@redhat.com>
Tested-by: Wei Huang <wei@redhat.com>
Message-id: 1449804086-3464-10-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoARM: ACPI: Add _E03 for Power Button
Shannon Zhao [Thu, 17 Dec 2015 13:37:14 +0000 (13:37 +0000)]
ARM: ACPI: Add _E03 for Power Button

Here GPIO pin 3 is used for Power Button, add _E03 in ACPI DSDT table.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Tested-by: Wei Huang <wei@redhat.com>
Message-id: 1449804086-3464-9-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoACPI: Add aml_gpio_int() wrapper for GPIO Interrupt Connection
Shannon Zhao [Thu, 17 Dec 2015 13:37:14 +0000 (13:37 +0000)]
ACPI: Add aml_gpio_int() wrapper for GPIO Interrupt Connection

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Tested-by: Wei Huang <wei@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 1449804086-3464-8-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoACPI: Add GPIO Connection Descriptor
Shannon Zhao [Thu, 17 Dec 2015 13:37:14 +0000 (13:37 +0000)]
ACPI: Add GPIO Connection Descriptor

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Tested-by: Wei Huang <wei@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 1449804086-3464-7-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoARM: ACPI: Add power button device in ACPI DSDT table
Shannon Zhao [Thu, 17 Dec 2015 13:37:14 +0000 (13:37 +0000)]
ARM: ACPI: Add power button device in ACPI DSDT table

Add power button device in ACPI DSDT table.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Wei Huang <wei@redhat.com>
Tested-by: Wei Huang <wei@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 1449804086-3464-6-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoARM: ACPI: Add GPIO controller in ACPI DSDT table
Shannon Zhao [Thu, 17 Dec 2015 13:37:14 +0000 (13:37 +0000)]
ARM: ACPI: Add GPIO controller in ACPI DSDT table

Add GPIO controller in ACPI DSDT table. It can be used for gpio event.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Tested-by: Wei Huang <wei@redhat.com>
Message-id: 1449804086-3464-5-git-send-email-zhaoshenglong@huawei.com
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoARM: Virt: Add a GPIO controller
Shannon Zhao [Thu, 17 Dec 2015 13:37:13 +0000 (13:37 +0000)]
ARM: Virt: Add a GPIO controller

ACPI 5.0 supports GPIO-signaled ACPI Events. This can be used for
powerdown, hotplug evnets. Add a GPIO controller in machine virt,
to support powerdown, maybe can be used for cpu hotplug. And
here we use pl061.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Wei Huang <wei@redhat.com>
Tested-by: Wei Huang <wei@redhat.com>
Message-id: 1449804086-3464-4-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoacpi: extend aml_interrupt() to support multiple irqs
Igor Mammedov [Thu, 17 Dec 2015 13:37:13 +0000 (13:37 +0000)]
acpi: extend aml_interrupt() to support multiple irqs

ASL Interrupt() macro translates to Extended Interrupt Descriptor
which supports variable number of IRQs. It will be used for
conversion of ASL code for pc/q35 machines that use it for
returning several IRQs in _PSR object.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Message-id: 1449804086-3464-3-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoacpi: support serialized method
Xiao Guangrong [Thu, 17 Dec 2015 13:37:13 +0000 (13:37 +0000)]
acpi: support serialized method

Add serialized method support so that explicit Mutex can be
avoided

Signed-off-by: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Message-id: 1449804086-3464-2-git-send-email-zhaoshenglong@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: Fix and improve AA32 singlestep translation completion code
Sergey Fedorov [Thu, 17 Dec 2015 13:37:13 +0000 (13:37 +0000)]
target-arm: Fix and improve AA32 singlestep translation completion code

The AArch32 translation completion code for singlestep enabled/active
case was a way more confusing and too repetitive then it needs to be.
Probably that was the cause for a bug to be introduced into it at some
point. The bug was that SWI/HVC/SMC exception would be generated in
condition-failed instruction code path whereas it shouldn't.

This patch rewrites the code in a way similar to the non-singlestep
case.

In the condition-passed/unconditional instruction code path we need to:
 - Write the condexec bits back to the CPU state
 - Advance the singlestep state machine and generate a corresponding
   exception in case of SWI/HVC/SMC
 - Write the PC back to the CPU state if it hasn't already been written
   and generate an appropriate singlestep exception otherwise

In the condition-failed instruction code path we need to:
 - Set a TCG label to jump to it if the condition is failed
 - Write the condexec bits back to the CPU state
 - Write the PC back to the CPU state since it hasn't been written in
   this case
 - Generate an appropriate singlestep exception

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1448474560-22475-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: raise exception on misaligned LDREX operands
Andrew Baumann [Thu, 17 Dec 2015 13:37:13 +0000 (13:37 +0000)]
target-arm: raise exception on misaligned LDREX operands

Qemu does not generally perform alignment checks. However, the ARM ARM
requires implementation of alignment exceptions for a number of cases
including LDREX, and Windows-on-ARM relies on this.

This change adds plumbing to enable alignment checks on loads using
MO_ALIGN, a do_unaligned_access hook to raise the exception (data
abort), and uses the new aligned loads in LDREX (for all but
single-byte loads).

Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Message-id: 1449167808-5656-1-git-send-email-Andrew.Baumann@microsoft.com
[PMM: set WnR bits in syndrome and FSR as appropriate]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoarm: soc-dma: use hwaddr instead of target_ulong in printf
Paolo Bonzini [Thu, 17 Dec 2015 13:37:13 +0000 (13:37 +0000)]
arm: soc-dma: use hwaddr instead of target_ulong in printf

This is a first baby step towards removing widespread inclusion of
cpu.h and compiling more devices once (so that arm, aarch64 and
in the future target-multi can share the object files).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: changed __FUNCTION__ to __func__ since we're touching
 these lines of code anyway]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoarm: explicitly mark device loads as little-endian
Paolo Bonzini [Thu, 17 Dec 2015 13:37:13 +0000 (13:37 +0000)]
arm: explicitly mark device loads as little-endian

Behaviour of emulated devices should not depend on the endianness
of the CPU, so avoid using the endian-dependent load and store
functions in the PXA2xx and OMAP display devices. These devices
are little endian when they do DMA access.

(Since ARM softmmu is always compiled as little endian, this means
that the endian-dependent load and store functions are always little
endian, so this commit makes no functionally visible change.)

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: rewrote commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoi.MX: add support for lower and upper interrupt in GPIO.
Jean-Christophe Dubois [Thu, 17 Dec 2015 13:37:13 +0000 (13:37 +0000)]
i.MX: add support for lower and upper interrupt in GPIO.

The i.MX6 GPIO device supports 2 interrupts instead of one.

* 1 for the lower 16 GPIOs.
* 1 for the upper 16 GPIOs.

i.MX31 and i.MX25 only support 1 interrupt for the 32 GPIOs.

So we add a property to turn the behavior on when required.

Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 1447497668-1603-1-git-send-email-jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20151217-1' into staging
Peter Maydell [Thu, 17 Dec 2015 12:40:07 +0000 (12:40 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20151217-1' into staging

fw_cfg: doc updates, various optimizations.

# gpg: Signature made Thu 17 Dec 2015 08:59:32 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-fw-cfg-20151217-1:
  fw_cfg: replace ioport data read with generic method
  fw_cfg: add generic non-DMA read method
  fw_cfg: avoid calculating invalid current entry pointer
  fw_cfg: remove offset argument from callback prototype
  fw_cfg: amend callback behavior spec to once per select
  fw_cfg: move internal function call docs to header file

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-12-17' into staging
Peter Maydell [Thu, 17 Dec 2015 11:50:46 +0000 (11:50 +0000)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-12-17' into staging

QAPI patches for 2015-12-17

# gpg: Signature made Thu 17 Dec 2015 07:33:41 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-qapi-2015-12-17: (40 commits)
  qapi: Detect base class loops
  qapi: Move duplicate collision checks to schema check()
  qapi: Enforce (or whitelist) case conventions on qapi members
  qapi: Track enum values by QAPISchemaMember, not string
  qapi: Prepare new QAPISchemaMember base class
  qapi: Shorter visits of optional fields
  qapi: Simplify visits of optional fields
  qapi: Fix alternates that accept 'number' but not 'int'
  qapi: Inline _make_implicit_tag()
  qapi-types: Drop unnedeed ._fwdefn
  qapi: Simplify visiting of alternate types
  qapi: Convert QType into QAPI built-in enum type
  qobject: Rename qtype_code to QType
  qobject: Simplify QObject
  qapi: Change munging of CamelCase enum values
  qapi: Add alias for ErrorClass
  cpu: Convert CpuInfo into flat union
  qapi: Remove obsolete tests for MAX collision
  qapi: Don't let implicit enum MAX member collide
  qapi: Tighten the regex on valid names
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20151215-1' into staging
Peter Maydell [Thu, 17 Dec 2015 11:10:03 +0000 (11:10 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20151215-1' into staging

coreaudio: use new-in-OSX-10.6 APIs, cleanups.

# gpg: Signature made Tue 15 Dec 2015 10:15:24 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-audio-20151215-1:
  audio/coreaudio.c: Avoid deprecated AudioDeviceAdd/RemoveIOProc APIs
  audio/coreaudio.c: Use new-in-OSX-10.6 APIs when available
  audio/coreaudio.c: Factor out uses of AudioDeviceGet/SetProperty
  audio/coreaudio.c: Use new-in-OSX-10.6 API for getting default voice
  audio/coreaudio.c: Factor out use of AudioHardwareGetProperty

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20151215-1' into staging
Peter Maydell [Thu, 17 Dec 2015 10:26:17 +0000 (10:26 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20151215-1' into staging

usb: ehci idt fix, event support for mtp

# gpg: Signature made Tue 15 Dec 2015 09:54:22 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-usb-20151215-1:
  ehci: make idt processing more robust
  usb-mtp: add support for basic mtp events
  usb-mtp: Add support for inotify based file monitoring
  usb-mtp: free objects on a mtp reset
  usb-mtp: use a list for keeping track of children

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoOpen 2.6 development tree
Peter Maydell [Thu, 17 Dec 2015 10:17:08 +0000 (10:17 +0000)]
Open 2.6 development tree

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoqapi: Detect base class loops
Eric Blake [Wed, 2 Dec 2015 05:20:59 +0000 (22:20 -0700)]
qapi: Detect base class loops

It should be fairly obvious that qapi base classes need to
form an acyclic graph, since QMP cannot specify the same
key more than once, while base classes are included as flat
members alongside other members added by the child.  But the
old check_member_clash() parser function was not prepared to
check for this, and entered an infinite recursion (at least
until Python gives up, complaining about nesting too deep).

Now that check_member_clash() has been recently removed,
attempts at self-inheritance trigger an assertion failure
introduced by commit ac88219a.  The obvious fix is to turn
the assertion into a conditional.

This patch includes both the tests (base-cycle-direct and
base-cycle-indirect) and the fix, since the .err file output
for the unfixed case is not useful (particularly when it was
warning about unbounded recursion, as that limit may be
platform-specific).

We don't need to worry about cycles in flat unions (neither
the base type nor the type of a variant can be a union) nor
in alternates (alternate branches cannot themselves be an
alternate).  But if we later allow a union type as a variant,
we will still be okay, as QAPISchemaObjectTypeVariants.check()
triggers the same QAPISchemaObjectType.check() that will
detect any loops.

Likewise, we need not worry about the case of diamond
inheritance where the same class is used for a flat union base
class and one of its variants; either both uses will introduce
a collision in trying to insert the same member name twice, or
the shared type is empty and changes nothing.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-16-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Move duplicate collision checks to schema check()
Eric Blake [Wed, 2 Dec 2015 05:20:58 +0000 (22:20 -0700)]
qapi: Move duplicate collision checks to schema check()

With the recent commit 'qapi: Detect collisions in C member
names', we have two different locations for detecting clashes -
one at parse time, and another at QAPISchema*.check() time.
Remove all of the ad hoc parser checks, and delete associated
code (for example, the global check_member_clash() method is
no longer needed).

Testing this showed that the test union-bad-branch wasn't adding
much: union-clash-branches also exposes the error message when
branches collide, and we've recently fixed things to avoid an
implicit collision with max.  Likewise, the error for
enum-clash-member changes to report our new detection of
upper case in a value name, unless we modify the test to use
all lower case.

The wording of several error messages has changed, but the
change is generally an improvement rather than a regression.

No change to generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-15-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Enforce (or whitelist) case conventions on qapi members
Eric Blake [Wed, 2 Dec 2015 05:20:57 +0000 (22:20 -0700)]
qapi: Enforce (or whitelist) case conventions on qapi members

We document that members of enums and objects should be
'lower-case', although we were not enforcing it.  We have to
whitelist a few pre-existing entities that violate the norms.
Add three new tests to expose the new error message, each of
which first uses the whitelisted name 'UuidInfo' to prove the
whitelist works, then triggers the failure (this is the same
pattern used in the existing returns-whitelist.json test).

Note that by adding this check, we have effectively forbidden
an entity with a case-insensitive clash of member names, for
any entity that is not on the whitelist (although there is
still the possibility to clash via '-' vs. '_').

Not done here: a future patch should also add naming convention
support and whitelist exceptions for command, event, and type
names.

The additions to QAPISchemaMember.check_clash() check whether
info['name'] is in the whitelist (the top-most entity name at
the point 'info' tracks), rather than self.owner (the type,
possibly implicit, that directly owns the member), because it
is easier to maintain the whitelist by the names actually in
the user's .json file, rather than worrying about the names
of implicit types.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-14-git-send-email-eblake@redhat.com>
[Simplified a bit as per discussion with Eric]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Track enum values by QAPISchemaMember, not string
Eric Blake [Wed, 2 Dec 2015 05:20:55 +0000 (22:20 -0700)]
qapi: Track enum values by QAPISchemaMember, not string

Rather than using just an array of strings, make enum.values be
an array of the new QAPISchemaMember type, and add a helper
member_names() method to get back at the original list of names.
Likewise, creating an enum requires wrapping strings, via a new
QAPISchema._make_enum_members() method.  The benefit of wrapping
enum members in a QAPISchemaMember Python object is that we now
share the existing code for C name clash detection (although the
code is not yet active until a later commit removes the earlier
ad hoc parser checks).

In a related change, the QAPISchemaMember._pretty_owner() method
needs to learn about one more implicit type name: the generated
enum associated with a simple union.

In the interest of keeping the changes of this patch local to one
file, the visitor interface still passes just a list of names
rather than the full list of QAPISchemaMember instances.  We may
want to revisit this in the future, if the consistency with
visit_object_type() is worth it.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-12-git-send-email-eblake@redhat.com>
[Eric's simplifying followup squashed in]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Prepare new QAPISchemaMember base class
Eric Blake [Wed, 2 Dec 2015 05:20:54 +0000 (22:20 -0700)]
qapi: Prepare new QAPISchemaMember base class

We want to share some clash detection code between enum values
and object type members.  To assist with that, split off part
of QAPISchemaObjectTypeMember into a new base class
QAPISchemaMember that tracks name, owner, and common clash
detection code; while the former keeps the additional fields
for type and optional flag.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-11-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Shorter visits of optional fields
Eric Blake [Wed, 2 Dec 2015 05:20:53 +0000 (22:20 -0700)]
qapi: Shorter visits of optional fields

For less code, reflect the determined boolean value of an optional
visit back to the caller instead of making the caller read the
boolean after the fact.

The resulting generated code has the following diff:

|-    visit_optional(v, &has_fdset_id, "fdset-id");
|-    if (has_fdset_id) {
|+    if (visit_optional(v, &has_fdset_id, "fdset-id")) {
|         visit_type_int(v, &fdset_id, "fdset-id", &err);
|         if (err) {
|             goto out;
|         }
|     }

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-10-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Simplify visits of optional fields
Eric Blake [Wed, 2 Dec 2015 05:20:52 +0000 (22:20 -0700)]
qapi: Simplify visits of optional fields

None of the visitor callbacks would set an error when testing
if an optional field was present; make this part of the interface
contract by eliminating the errp argument.

The resulting generated code has a nice diff:

|-    visit_optional(v, &has_fdset_id, "fdset-id", &err);
|-    if (err) {
|-        goto out;
|-    }
|+    visit_optional(v, &has_fdset_id, "fdset-id");
|     if (has_fdset_id) {
|         visit_type_int(v, &fdset_id, "fdset-id", &err);
|         if (err) {
|             goto out;
|         }
|     }

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-9-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Fix alternates that accept 'number' but not 'int'
Eric Blake [Wed, 2 Dec 2015 05:20:51 +0000 (22:20 -0700)]
qapi: Fix alternates that accept 'number' but not 'int'

The QMP input visitor allows integral values to be assigned by
promotion to a QTYPE_QFLOAT.  However, when parsing an alternate,
we did not take this into account, such that an alternate that
accepts 'number' and some other type, but not 'int', would reject
integral values.

With this patch, we now have the following desirable table:

    alternate has      case selected for
    'int'  'number'    QTYPE_QINT  QTYPE_QFLOAT
      no        no     error       error
      no       yes     'number'    'number'
     yes        no     'int'       error
     yes       yes     'int'       'number'

While it is unlikely that we will ever use 'number' in an
alternate other than in the testsuite, it never hurts to be
more precise in what we allow.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-8-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Inline _make_implicit_tag()
Eric Blake [Wed, 2 Dec 2015 05:20:50 +0000 (22:20 -0700)]
qapi: Inline _make_implicit_tag()

Now that alternates no longer use an implicit tag, we can
inline _make_implicit_tag() into its one caller,
_def_union_type().

No change to generated code.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-7-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi-types: Drop unnedeed ._fwdefn
Eric Blake [Wed, 2 Dec 2015 05:20:49 +0000 (22:20 -0700)]
qapi-types: Drop unnedeed ._fwdefn

Previously, the generated code in qapi-types.c initialized all
enum lookup tables first, prior to any other definitions.  But
there are no topological sorting requirements that mandate this
layout, so we can drop the QAPISchemaGenTypeVisitor._fwdefn
field and just generate all definitions in visitation order.

The generated code shows some churn due to reordering, but it
is still fairly straightforward to follow (all the deletions
occur in one hunk, and all the deleted lines are re-inserted
in the same order later in the same files, just spread across
multiple insertion points).

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-6-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Simplify visiting of alternate types
Eric Blake [Wed, 2 Dec 2015 05:20:48 +0000 (22:20 -0700)]
qapi: Simplify visiting of alternate types

Previously, working with alternates required two lookup arrays
and some indirection: for type Foo, we created Foo_qtypes[]
which maps each qtype to a value of the generated FooKind enum,
then look up that value in FooKind_lookup[] like we do for other
union types.

This has a couple of subtle bugs.  First, the generator was
creating a call with a parameter '(int *) &(*obj)->type' where
type is an enum type; this is unsafe if the compiler chooses
to store the enum type in a different size than int, where
assigning through the wrong size pointer can corrupt data or
cause a SIGBUS.

Related bug, not not fixed in this patch: qapi-visit.py's
gen_visit_enum() generates a cast of its enum * argument to
int *. Marked FIXME.

Second, since the values of the FooKind enum start at zero, all
entries of the Foo_qtypes[] array that were not explicitly
initialized will map to the same branch of the union as the
first member of the alternate, rather than triggering a desired
failure in visit_get_next_type().  Fortunately, the bug seldom
bites; the very next thing the input visitor does is try to
parse the incoming JSON with the wrong parser, which normally
fails; the output visitor is not used with a C struct in that
state, and the dealloc visitor has nothing to clean up (so
there is no leak).

However, the second bug IS observable in one case: parsing an
integer causes unusual behavior in an alternate that contains
at least a 'number' member but no 'int' member, because the
'number' parser accepts QTYPE_QINT in addition to the expected
QTYPE_QFLOAT (that is, since 'int' is not a member, the type
QTYPE_QINT accidentally maps to FooKind 0; if this enum value
is the 'number' branch the integer parses successfully, but if
the 'number' branch is not first, some other branch tries to
parse the integer and rejects it).  A later patch will worry
about fixing alternates to always parse all inputs that a
non-alternate 'number' would accept, for now this is still
marked FIXME in the updated test-qmp-input-visitor.c, to
merely point out that new undesired behavior of 'ans' matches
the existing undesired behavior of 'asn'.

This patch fixes the default-initialization bug by deleting the
indirection, and modifying get_next_type() to directly assign a
QTypeCode parameter.  This in turn fixes the type-casting bug,
as we are no longer casting a pointer to enum to a questionable
size. There is no longer a need to generate an implicit FooKind
enum associated with the alternate type (since the QMP wire
format never uses the stringized counterparts of the C union
member names).  Since the updated visit_get_next_type() does not
know which qtypes are expected, the generated visitor is
modified to generate an error statement if an unexpected type is
encountered.

Callers now have to know the QTYPE_* mapping when looking at the
discriminator; but so far, only the testsuite was even using the
C struct of an alternate types.  I considered the possibility of
keeping the internal enum FooKind, but initialized differently
than most generated arrays, as in:
  typedef enum FooKind {
      FOO_KIND_A = QTYPE_QDICT,
      FOO_KIND_B = QTYPE_QINT,
  } FooKind;
to create nicer aliases for knowing when to use foo->a or foo->b
when inspecting foo->type; but it turned out to add too much
complexity, especially without a client.

There is a user-visible side effect to this change, but I
consider it to be an improvement. Previously,
the invalid QMP command:
  {"execute":"blockdev-add", "arguments":{"options":
    {"driver":"raw", "id":"a", "file":true}}}
failed with:
  {"error": {"class": "GenericError",
    "desc": "Invalid parameter type for 'file', expected: QDict"}}
(visit_get_next_type() succeeded, and the error comes from the
visit_type_BlockdevOptions() expecting {}; there is no mention of
the fact that a string would also work).  Now it fails with:
  {"error": {"class": "GenericError",
    "desc": "Invalid parameter type for 'file', expected: BlockdevRef"}}
(the error when the next type doesn't match any expected types for
the overall alternate).

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-5-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Convert QType into QAPI built-in enum type
Eric Blake [Wed, 2 Dec 2015 05:20:47 +0000 (22:20 -0700)]
qapi: Convert QType into QAPI built-in enum type

What's more meta than using qapi to define qapi? :)

Convert QType into a full-fledged[*] builtin qapi enum type, so
that a subsequent patch can then use it as the discriminator
type of qapi alternate types.  Fortunately, the judicious use of
'prefix' in the qapi definition avoids churn to the spelling of
the enum constants.

To avoid circular definitions, we have to flip the order of
inclusion between "qobject.h" vs. "qapi-types.h".  Back in commit
28770e0, we had the latter include the former, so that we could
use 'QObject *' for our implementation of 'any'.  But that usage
also works with only a forward declaration, whereas the
definition of QObject requires QType to be a complete type.

[*] The type has to be builtin, rather than declared in
qapi/common.json, because we want to use it for alternates even
when common.json is not included. But since it is the first
builtin enum type, we have to add special cases to qapi-types
and qapi-visit to only emit definitions once, even when two
qapi files are being compiled into the same binary (the way we
already handled builtin list types like 'intList').  We may
need to revisit how multiple qapi files share common types,
but that's a project for another day.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-4-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqobject: Rename qtype_code to QType
Eric Blake [Wed, 2 Dec 2015 05:20:46 +0000 (22:20 -0700)]
qobject: Rename qtype_code to QType

The name QType matches our CODING_STYLE conventions for type names
in CamelCase.  It also matches the fact that we are already naming
all the enum members with a prefix of QTYPE, not QTYPE_CODE.  And
doing the rename will also make it easier for the next patch to use
QAPI for providing the enum, which also wants CamelCase type names.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-3-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqobject: Simplify QObject
Eric Blake [Wed, 2 Dec 2015 05:20:45 +0000 (22:20 -0700)]
qobject: Simplify QObject

The QObject hierarchy is small enough, and unlikely to grow further
(since we only use it to map to JSON and already cover all JSON
types), that we can simplify things by not tracking a separate
vtable, but just inline the code element of the vtable QType
directly into QObject (renamed to type), and track a separate array
of destroy functions.  We can drop qnull_destroy_obj() in the
process.

The remaining QObject subclasses must export their destructor.

This also has the nice benefit of moving the typename 'QType'
out of the way, so that the next patch can repurpose it for a
nicer name for 'qtype_code'.

The various objects are still the same size (so no change in cache
line pressure), but now have less indirection (although I didn't
bother benchmarking to see if there is a noticeable speedup, as
we don't have hard evidence that this was in a performance hotspot
in the first place).

A future patch could drop the refcnt size to 32 bits for a smaller
struct on 64-bit architectures, if desired (we have limits on the
largest JSON that we are willing to parse, and will probably never
need to take full advantage of a 64-bit refcnt).

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-2-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Change munging of CamelCase enum values
Eric Blake [Wed, 18 Nov 2015 08:53:01 +0000 (01:53 -0700)]
qapi: Change munging of CamelCase enum values

When munging enum values, the fact that we were passing the entire
prefix + value through camel_to_upper() meant that enum values
spelled with CamelCase could be turned into CAMEL_CASE.  However,
this provides a potential collision (both OneTwo and One-Two would
munge into ONE_TWO) for enum types, when the same two names are
valid side-by-side as QAPI member names.  By changing the generation
of enum constants to always be prefix + '_' + c_name(value,
False).upper(), and ensuring that there are no case collisions (in
the next patches), we no longer have to worry about names that
would be distinct as QAPI members but collide as variant tag names,
without having to think about what munging the heuristics in
camel_to_upper() will actually perform on an enum value.

Making the change will affect enums that did not follow coding
conventions, using 'CamelCase' rather than desired 'lower-case'.

Thankfully, there are only two culprits: InputButton and ErrorClass.
We already tweaked ErrorClass to make it an alias of QapiErrorClass,
where only the alias needs changing rather than the whole tree.  So
the bulk of this change is modifying INPUT_BUTTON_WHEEL_UP to the
new INPUT_BUTTON_WHEELUP (and likewise for WHEELDOWN).  That part
of this commit may later need reverting if we rename the enum
constants from 'WheelUp' to 'wheel-up' as part of moving
x-input-send-event to a stable interface; but at least we have
documentation bread crumbs in place to remind us (commit 513e7cd),
and it matches the fact that SDL constants are also spelled
SDL_BUTTON_WHEELUP.

Suggested by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1447836791-369-27-git-send-email-eblake@redhat.com>
[Commit message tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Add alias for ErrorClass
Eric Blake [Wed, 18 Nov 2015 08:53:00 +0000 (01:53 -0700)]
qapi: Add alias for ErrorClass

The qapi enum ErrorClass is unusual that it uses 'CamelCase' names,
contrary to our documented convention of preferring 'lower-case'.
However, this enum is entrenched in the API; we cannot change
what strings QMP outputs.  Meanwhile, we want to simplify how
c_enum_const() is used to generate enum constants, by moving away
from the heuristics of camel_to_upper() to a more straightforward
c_name(N).upper() - but doing so will rename all of the ErrorClass
constants and cause churn to all client files, where the new names
are aesthetically less pleasing (ERROR_CLASS_DEVICENOTFOUND looks
like we can't make up our minds on whether to break between words).

So as always in computer science, solve the problem by some more
indirection: rename the qapi type to QapiErrorClass, and add a
new enum ErrorClass in error.h whose members are aliases of the
qapi type, but with the spelling expected elsewhere in the tree.
Then, when c_enum_const() changes the munging, we only have to
adjust the one alias spot.

Suggested by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1447836791-369-26-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agocpu: Convert CpuInfo into flat union
Eric Blake [Wed, 18 Nov 2015 08:52:59 +0000 (01:52 -0700)]
cpu: Convert CpuInfo into flat union

The CpuInfo struct is used only by the 'query-cpus' output
command, so we are free to modify it by adding fields (clients
are already supposed to ignore unknown output fields), or by
changing optional members to mandatory, while still keeping
QMP wire compatibility with older versions of qemu.

When qapi type CpuInfo was originally created for 0.14, we had
no notion of a flat union, and instead just listed a bunch of
optional fields with documentation about the mutually-exclusive
choice of which instruction pointer field(s) would be provided
for a given architecture.  But now that we have flat unions and
introspection, it is better to segregate off which fields will
be provided according to the actual architecture.  With this in
place, we no longer need the fields to be optional, because the
choice of the new 'arch' discriminator serves that role.

This has an additional benefit: the old all-in-one struct was
the only place in the code base that had a case-sensitive
naming of members 'pc' vs. 'PC'.  Separating these spellings
into different branches of the flat union will allow us to add
restrictions against future case-insensitive collisions, since
that is generally a poor interface practice.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1447836791-369-25-git-send-email-eblake@redhat.com>
[Spelling of CPUInfo{SPARC,PPC,MIPS} fixed]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Remove obsolete tests for MAX collision
Eric Blake [Wed, 18 Nov 2015 08:52:58 +0000 (01:52 -0700)]
qapi: Remove obsolete tests for MAX collision

Now that we no longer collide with an implicit _MAX enum member,
we no longer need to reject it in the ad hoc parser, and can
remove several tests that are no longer needed.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1447836791-369-24-git-send-email-eblake@redhat.com>
[Commit message tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Don't let implicit enum MAX member collide
Eric Blake [Wed, 18 Nov 2015 08:52:57 +0000 (01:52 -0700)]
qapi: Don't let implicit enum MAX member collide

Now that we guarantee the user doesn't have any enum values
beginning with a single underscore, we can use that for our
own purposes.  Renaming ENUM_MAX to ENUM__MAX makes it obvious
that the sentinel is generated.

This patch was mostly generated by applying a temporary patch:

|diff --git a/scripts/qapi.py b/scripts/qapi.py
|index e6d014b..b862ec9 100644
|--- a/scripts/qapi.py
|+++ b/scripts/qapi.py
|@@ -1570,6 +1570,7 @@ const char *const %(c_name)s_lookup[] = {
|     max_index = c_enum_const(name, 'MAX', prefix)
|     ret += mcgen('''
|     [%(max_index)s] = NULL,
|+// %(max_index)s
| };
| ''',
|                max_index=max_index)

then running:

$ cat qapi-{types,event}.c tests/test-qapi-types.c |
    sed -n 's,^// \(.*\)MAX,s|\1MAX|\1_MAX|g,p' > list
$ git grep -l _MAX | xargs sed -i -f list

The only things not generated are the changes in scripts/qapi.py.

Rejecting enum members named 'MAX' is now useless, and will be dropped
in the next patch.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1447836791-369-23-git-send-email-eblake@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
[Rebased to current master, commit message tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Tighten the regex on valid names
Eric Blake [Wed, 18 Nov 2015 08:52:56 +0000 (01:52 -0700)]
qapi: Tighten the regex on valid names

We already documented that qapi names should match specific
patterns (such as starting with a letter unless it was an enum
value or a downstream extension).  Tighten that from a suggestion
into a hard requirement, which frees up names beginning with a
single underscore for qapi internal usage.

The tighter regex doesn't forbid everything insane that a user
could provide (for example, a user could name a type 'Foo-lookup'
to collide with the generated 'Foo_lookup[]' for an enum 'Foo'),
but does a good job at protecting the most obvious uses, and
also happens to reserve single leading underscore for later use.

The handling of enum values starting with a digit is tricky:
commit 9fb081e introduced a subtle bug by using c_name() on
a munged value, which would allow an enum to include the
member 'q-int' in spite of our reservation.  Furthermore,
munging with a leading '_' would fail our tighter regex.  So
fix it by only munging for leading digits (which are never
ticklish in c_name()) and by using a different prefix (I
picked 'D', although any letter should do).

Add new tests, reserved-member-underscore and reserved-enum-q,
to demonstrate the tighter checking.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1447836791-369-22-git-send-email-eblake@redhat.com>
Message-Id: <1447883135-18020-1-git-send-email-eblake@redhat.com>
[Eric's fixup squashed in]
Signed-off-by: Markus Armbruster <armbru@redhat.com>