aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2022-03-15ui/cocoa: add option to swap Option and CommandGustavo Noronha Silva3-12/+46
On Mac OS X the Option key maps to Alt and Command to Super/Meta. This change swaps them around so that Alt is the key closer to the space bar and Meta/Super is between Control and Alt, like on non-Mac keyboards. It is a cocoa display option, disabled by default. Acked-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gustavo Noronha Silva <gustavo@noronha.dev.br> Message-Id: <20210713213200.2547-3-gustavo@noronha.dev.br> Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com> Message-Id: <20220306121119.45631-3-akihiko.odaki@gmail.com> Reviewed-by: Will Cohen <wwcohen@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15ui/cocoa: capture all keys and combos when mouse is grabbedGustavo Noronha Silva3-2/+74
Applications such as Gnome may use Alt-Tab and Super-Tab for different purposes, some use Ctrl-arrows so we want to allow qemu to handle everything when it captures the mouse/keyboard. However, Mac OS handles some combos like Command-Tab and Ctrl-arrows at an earlier part of the event handling chain, not letting qemu see it. We add a global Event Tap that allows qemu to see all events when the mouse is grabbed. Note that this requires additional permissions. See: https://developer.apple.com/documentation/coregraphics/1454426-cgeventtapcreate?language=objc#discussion https://support.apple.com/en-in/guide/mac-help/mh32356/mac Acked-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gustavo Noronha Silva <gustavo@noronha.dev.br> Message-Id: <20210713213200.2547-2-gustavo@noronha.dev.br> Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com> Message-Id: <20220306121119.45631-2-akihiko.odaki@gmail.com> Reviewed-by: Will Cohen <wwcohen@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15ui/cocoa: release mouse when user switches away from QEMU windowCarwyn Ellis1-0/+2
This resolves an issue where using command-tab to switch between QEMU and other windows on the host can leave the mouse pointer visible. By releasing the mouse when the user switches away, the user must left click on the QEMU window when switching back in order to hide the pointer and return control to the guest. This appraoch ensures that the calls to NSCursor hide and unhide are always balanced and thus work correctly when invoked. Signed-off-by: Carwyn Ellis <carwynellis@gmail.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15ui/cocoa: add option to disable left-command forwarding to guestCarwyn Ellis3-1/+37
When switching between guest and host on a Mac using command-tab the command key is sent to the guest which can trigger functionality in the guest OS. Specifying left-command-key=off disables forwarding this key to the guest. Defaults to enabled. Also updated the cocoa display documentation to reference the new left-command-key option along with the existing show-cursor option. Signed-off-by: Carwyn Ellis <carwynellis@gmail.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> [PMD: Set QAPI structure @since tag to 7.0] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15ui/cocoa: Constify qkeycode translation arraysPhilippe Mathieu-Daudé1-2/+2
Reported-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15configure: Pass filtered QEMU_OBJCFLAGS to mesonPhilippe Mathieu-Daudé2-1/+28
Filter unsupported Objective-C options, to avoid 'unknown-warning-option' warnings when using Clang: [34/373] Compiling Objective-C object libcommon.fa.p/audio_coreaudio.m.o warning: unknown warning option '-Wold-style-declaration'; did you mean '-Wout-of-line-declaration'? [-Wunknown-warning-option] warning: unknown warning option '-Wimplicit-fallthrough=2'; did you mean '-Wimplicit-fallthrough'? [-Wunknown-warning-option] 2 warnings generated. Acked-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15meson: Log QEMU_CXXFLAGS content in summaryPhilippe Mathieu-Daudé1-0/+1
Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15meson: Resolve the entitlement.sh script once for goodPhilippe Mathieu-Daudé1-1/+4
Commit 235b523dba ("meson: Use find_program() to resolve the entitlement.sh script") didn't correctly fixed the issue, as the script is still resolved for each target. Move the check earlier, before processing each target. Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15osdep: Avoid using Clang-specific __builtin_available()Philippe Mathieu-Daudé1-7/+3
Remove the Clang specific __builtin_available() to allow building with GCC, otherwise we get: include/qemu/osdep.h: In function 'qemu_thread_jit_write': include/qemu/osdep.h:787:9: warning: implicit declaration of function '__builtin_available'; did you mean '__builtin_scalbl'? [-Wimplicit-function-declaration] 787 | if (__builtin_available(macOS 11.0, *)) { | ^~~~~~~~~~~~~~~~~~~ | __builtin_scalbl include/qemu/osdep.h:787:9: warning: nested extern declaration of '__builtin_available' [-Wnested-externs] include/qemu/osdep.h:787:29: error: 'macOS' undeclared (first use in this function) 787 | if (__builtin_available(macOS 11.0, *)) { | ^~~~~ include/qemu/osdep.h:787:29: note: each undeclared identifier is reported only once for each function it appears in include/qemu/osdep.h:787:34: error: expected ')' before numeric constant 787 | if (__builtin_available(macOS 11.0, *)) { | ~ ^~~~~ | ) Beside, on macOS Catalina we get 2254 times: include/qemu/osdep.h:780:5: warning: 'pthread_jit_write_protect_np' is only available on macOS 11.0 or newer [-Wunguarded-availability-new] pthread_jit_write_protect_np(true); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ Fix by using a stricker toolchain version low range, replacing MAC_OS_X_VERSION_MAX_ALLOWED by MAC_OS_X_VERSION_MIN_REQUIRED. Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15audio: Rename coreaudio extension to use Objective-C compilerPhilippe Mathieu-Daudé2-1/+1
The coreaudio library includes Objective-C declarations (using the caret '^' symbol to declare block references [*]). When building with a C compiler we get: [175/839] Compiling C object libcommon.fa.p/audio_coreaudio.c.o In file included from /Library/Developer/CommandLineTools/SDKs/MacOSX12.sdk/System/Library/Frameworks/CoreAudio.framework/Headers/CoreAudio.h:18, from ../../audio/coreaudio.c:26: /Library/Developer/CommandLineTools/SDKs/MacOSX12.sdk/System/Library/Frameworks/CoreAudio.framework/Headers/AudioHardware.h:162:2: error: expected identifier or '(' before '^' token 162 | (^AudioObjectPropertyListenerBlock)( UInt32 inNumberAddresses, | ^ FAILED: libcommon.fa.p/audio_coreaudio.c.o Rename the file to use the Objective-C default extension (.m) so meson calls the correct compiler. [*] https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/ProgrammingWithObjectiveC/WorkingwithBlocks/WorkingwithBlocks.html Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15coreaudio: Always return 0 in handle_voice_changeAkihiko Odaki1-4/+2
handle_voice_change() is a CoreAudio callback function as of CoreAudio type AudioObjectPropertyListenerProc, and for the latter MacOSX.sdk/System/ Library/Frameworks/CoreAudio.framework/Headers/AudioHardware.h says "The return value is currently unused and should always be 0.". Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20220306123410.61063-1-akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15audio: Log context for audio bugAkihiko Odaki2-28/+24
Without this change audio_bug aborts when the bug condition is met, which discards following useful logs. Call abort after such logs. Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20220306063202.27331-1-akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15audio/dbus: Fix building with modules on macOSPhilippe Mathieu-Daudé1-1/+1
When configuring QEMU with --enable-modules we get on macOS: --- stderr --- Dependency ui-dbus cannot be satisfied ui-dbus depends on pixman and opengl, so add these dependencies to audio-dbus. Fixes: 739362d420 ("audio: add "dbus" audio backend") Reviewed-by: Li Zhang <lizhang@suse.de> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15audio/coreaudio: Remove a deprecation warning on macOS 12Philippe Mathieu-Daudé1-6/+11
When building on macOS 12 we get: audio/coreaudio.c:50:5: error: 'kAudioObjectPropertyElementMaster' is deprecated: first deprecated in macOS 12.0 [-Werror,-Wdeprecated-declarations] kAudioObjectPropertyElementMaster ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ kAudioObjectPropertyElementMain /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/System/Library/Frameworks/CoreAudio.framework/Headers/AudioHardwareBase.h:208:5: note: 'kAudioObjectPropertyElementMaster' has been explicitly marked deprecated here kAudioObjectPropertyElementMaster API_DEPRECATED_WITH_REPLACEMENT("kAudioObjectPropertyElementMain", macos(10.0, 12.0), ios(2.0, 15.0), watchos(1.0, 8.0), tvos(9.0, 15.0)) = kAudioObjectPropertyElementMain ^ Replace by kAudioObjectPropertyElementMain, redefining it to kAudioObjectPropertyElementMaster if not available. Suggested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Suggested-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Suggested-by: Roman Bolshakov <roman@roolebo.dev> Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15block/file-posix: Remove a deprecation warning on macOS 12Philippe Mathieu-Daudé1-4/+10
When building on macOS 12 we get: block/file-posix.c:3335:18: warning: 'IOMasterPort' is deprecated: first deprecated in macOS 12.0 [-Wdeprecated-declarations] kernResult = IOMasterPort( MACH_PORT_NULL, &masterPort ); ^~~~~~~~~~~~ IOMainPort Replace by IOMainPort, redefining it to IOMasterPort if not available. Suggested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Reviewed by: Cameron Esfahani <dirty@apple.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15hvf: Remove deprecated hv_vcpu_flush() callsPhilippe Mathieu-Daudé3-5/+0
When building on macOS 11 [*], we get: In file included from ../target/i386/hvf/hvf.c:59: ../target/i386/hvf/vmx.h:174:5: error: 'hv_vcpu_flush' is deprecated: first deprecated in macOS 11.0 - This API has no effect and always returns HV_UNSUPPORTED [-Werror,-Wdeprecated-declarations] hv_vcpu_flush(vcpu); ^ /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/System/Library/Frameworks/Hypervisor.framework/Headers/hv.h:364:20: note: 'hv_vcpu_flush' has been explicitly marked deprecated here extern hv_return_t hv_vcpu_flush(hv_vcpuid_t vcpu) ^ Since this call "has no effect", simply remove it ¯\_(ツ)_/¯ Not very useful deprecation doc: https://developer.apple.com/documentation/hypervisor/1441386-hv_vcpu_flush [*] Also 10.15 (Catalina): https://lore.kernel.org/qemu-devel/Yd3DmSqZ1SiJwd7P@roolebo.dev/ Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15hvf: Make hvf_get_segments() / hvf_put_segments() localPhilippe Mathieu-Daudé2-4/+2
Both hvf_get_segments/hvf_put_segments() functions are only used within x86hvf.c: do not declare them as public API. Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15hvf: Use standard CR0 and CR4 register definitionsCameron Esfahani5-47/+15
No need to have our own definitions of these registers. Signed-off-by: Cameron Esfahani <dirty@apple.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15tests/fp/berkeley-testfloat-3: Ignore ignored #pragma directivesPhilippe Mathieu-Daudé1-0/+5
Since we already use -Wno-unknown-pragmas, we can also use -Wno-ignored-pragmas. This silences hundred of warnings using clang 13 on macOS Monterey: [409/771] Compiling C object tests/fp/libtestfloat.a.p/berkeley-testfloat-3_source_test_az_f128_rx.c.o ../tests/fp/berkeley-testfloat-3/source/test_az_f128_rx.c:49:14: warning: '#pragma FENV_ACCESS' is not supported on this target - ignored [-Wignored-pragmas] #pragma STDC FENV_ACCESS ON ^ 1 warning generated. Having: $ cc -v Apple clang version 13.0.0 (clang-1300.0.29.30) Reported-by: Roman Bolshakov <roman@roolebo.dev> Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Acked-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15configure: Allow passing extra Objective C compiler flagsPhilippe Mathieu-Daudé2-0/+13
We can pass C/CPP/LD flags via CFLAGS/CXXFLAGS/LDFLAGS environment variables, or via configure --extra-cflags / --extra-cxxflags / --extra-ldflags options. Provide similar behavior for Objective C: use existing flags from $OBJCFLAGS, or passed via --extra-objcflags. Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-15Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into stagingPeter Maydell10-17/+1584
# gpg: Signature made Tue 15 Mar 2022 05:58:55 GMT # gpg: using RSA key EF04965B398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal] # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * tag 'net-pull-request' of https://github.com/jasowang/qemu: vdpa: Expose VHOST_F_LOG_ALL on SVQ vdpa: Never set log_base addr if SVQ is enabled vdpa: Adapt vhost_vdpa_get_vring_base to SVQ vdpa: Add custom IOTLB translations to SVQ vhost: Add VhostIOVATree util: add iova_tree_find_iova util: Add iova_tree_alloc_map vhost: Shadow virtqueue buffers forwarding vdpa: adapt vhost_ops callbacks to svq virtio: Add vhost_svq_get_vring_addr vhost: Add vhost_svq_valid_features to shadow vq vhost: Add Shadow VirtQueue call forwarding capabilities vhost: Add Shadow VirtQueue kick forwarding capabilities vhost: Add VhostShadowVirtqueue virtio-net: fix map leaking on error during receive Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-15vdpa: Expose VHOST_F_LOG_ALL on SVQEugenio Pérez2-4/+36
SVQ is able to log the dirty bits by itself, so let's use it to not block migration. Also, ignore set and clear of VHOST_F_LOG_ALL on set_features if SVQ is enabled. Even if the device supports it, the reports would be nonsense because SVQ memory is in the qemu region. The log region is still allocated. Future changes might skip that, but this series is already long enough. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vdpa: Never set log_base addr if SVQ is enabledEugenio Pérez1-1/+2
Setting the log address would make the device start reporting invalid dirty memory because the SVQ vrings are located in qemu's memory. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vdpa: Adapt vhost_vdpa_get_vring_base to SVQEugenio Pérez1-0/+17
This is needed to achieve migration, so the destination can restore its index. Setting base as last used idx, so destination will see as available all the entries that the device did not use, including the in-flight processing ones. This is ok for networking, but other kinds of devices might have problems with these retransmissions. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vdpa: Add custom IOTLB translations to SVQEugenio Pérez4-30/+187
Use translations added in VhostIOVATree in SVQ. Only introduce usage here, not allocation and deallocation. As with previous patches, we use the dead code paths of shadow_vqs_enabled to avoid commiting too many changes at once. These are impossible to take at the moment. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vhost: Add VhostIOVATreeEugenio Pérez3-1/+138
This tree is able to look for a translated address from an IOVA address. At first glance it is similar to util/iova-tree. However, SVQ working on devices with limited IOVA space need more capabilities, like allocating IOVA chunks or performing reverse translations (qemu addresses to iova). The allocation capability, as "assign a free IOVA address to this chunk of memory in qemu's address space" allows shadow virtqueue to create a new address space that is not restricted by guest's addressable one, so we can allocate shadow vqs vrings outside of it. It duplicates the tree so it can search efficiently in both directions, and it will signal overlap if iova or the translated address is present in any tree. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15util: add iova_tree_find_iovaEugenio Pérez2-1/+53
This function does the reverse operation of iova_tree_find: To look for a mapping that match a translated address so we can do the reverse. This have linear complexity instead of logarithmic, but it supports overlapping HVA. Future developments could reduce it. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15util: Add iova_tree_alloc_mapEugenio Pérez2-0/+154
This iova tree function allows it to look for a hole in allocated regions and return a totally new translation for a given translated address. It's usage is mainly to allow devices to access qemu address space, remapping guest's one into a new iova space where qemu can add chunks of addresses. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Reviewed-by: Peter Xu <peterx@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vhost: Shadow virtqueue buffers forwardingEugenio Pérez3-11/+522
Initial version of shadow virtqueue that actually forward buffers. There is no iommu support at the moment, and that will be addressed in future patches of this series. Since all vhost-vdpa devices use forced IOMMU, this means that SVQ is not usable at this point of the series on any device. For simplicity it only supports modern devices, that expects vring in little endian, with split ring and no event idx or indirect descriptors. Support for them will not be added in this series. It reuses the VirtQueue code for the device part. The driver part is based on Linux's virtio_ring driver, but with stripped functionality and optimizations so it's easier to review. However, forwarding buffers have some particular pieces: One of the most unexpected ones is that a guest's buffer can expand through more than one descriptor in SVQ. While this is handled gracefully by qemu's emulated virtio devices, it may cause unexpected SVQ queue full. This patch also solves it by checking for this condition at both guest's kicks and device's calls. The code may be more elegant in the future if SVQ code runs in its own iocontext. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vdpa: adapt vhost_ops callbacks to svqEugenio Pérez1-7/+41
First half of the buffers forwarding part, preparing vhost-vdpa callbacks to SVQ to offer it. QEMU cannot enable it at this moment, so this is effectively dead code at the moment, but it helps to reduce patch size. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15virtio: Add vhost_svq_get_vring_addrEugenio Pérez2-0/+38
It reports the shadow virtqueue address from qemu virtual address space. Since this will be different from the guest's vaddr, but the device can access it, SVQ takes special care about its alignment & lack of garbage data. It assumes that IOMMU will work in host_page_size ranges for that. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vhost: Add vhost_svq_valid_features to shadow vqEugenio Pérez3-0/+61
This allows SVQ to negotiate features with the guest and the device. For the device, SVQ is a driver. While this function bypasses all non-transport features, it needs to disable the features that SVQ does not support when forwarding buffers. This includes packed vq layout, indirect descriptors or event idx. Future changes can add support to offer more features to the guest, since the use of VirtQueue gives this for free. This is left out at the moment for simplicity. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vhost: Add Shadow VirtQueue call forwarding capabilitiesEugenio Pérez3-2/+71
This will make qemu aware of the device used buffers, allowing it to write the guest memory with its contents if needed. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vhost: Add Shadow VirtQueue kick forwarding capabilitiesEugenio Pérez4-2/+215
At this mode no buffer forwarding will be performed in SVQ mode: Qemu will just forward the guest's kicks to the device. Host memory notifiers regions are left out for simplicity, and they will not be addressed in this series. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15vhost: Add VhostShadowVirtqueueEugenio Pérez3-1/+91
Vhost shadow virtqueue (SVQ) is an intermediate jump for virtqueue notifications and buffers, allowing qemu to track them. While qemu is forwarding the buffers and virtqueue changes, it is able to commit the memory it's being dirtied, the same way regular qemu's VirtIO devices do. This commit only exposes basic SVQ allocation and free. Next patches of the series add functionality like notifications and buffers forwarding. Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-15virtio-net: fix map leaking on error during receiveJason Wang1-0/+1
Commit bedd7e93d0196 ("virtio-net: fix use after unmap/free for sg") tries to fix the use after free of the sg by caching the virtqueue elements in an array and unmap them at once after receiving the packets, But it forgot to unmap the cached elements on error which will lead to leaking of mapping and other unexpected results. Fixing this by detaching the cached elements on error. This addresses CVE-2022-26353. Reported-by: Victor Tom <vv474172261@gmail.com> Cc: qemu-stable@nongnu.org Fixes: CVE-2022-26353 Fixes: bedd7e93d0196 ("virtio-net: fix use after unmap/free for sg") Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2022-03-14Merge tag 'pull-tcg-20220314' of https://gitlab.com/rth7680/qemu into stagingPeter Maydell2-5/+19
Fixes for s390x host vectors Fix for arm ldrd unpredictable case # gpg: Signature made Mon 14 Mar 2022 17:32:44 GMT # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * tag 'pull-tcg-20220314' of https://gitlab.com/rth7680/qemu: tcg/arm: Don't emit UNPREDICTABLE LDRD with Rm == Rt or Rt+1 tcg/s390x: Fix tcg_out_dup_vec vs general registers tcg/s390x: Fix INDEX_op_bitsel_vec vs VSEL tcg/s390x: Fix tcg_out_dupi_vec vs VGM Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-14tcg/arm: Don't emit UNPREDICTABLE LDRD with Rm == Rt or Rt+1Richard Henderson1-2/+15
The LDRD (register) instruction is UNPREDICTABLE if the Rm register is the same as either Rt or Rt+1 (the two registers being loaded to). We weren't making sure we avoided this, with the result that on some host CPUs like the Cortex-A7 we would get a SIGILL because the CPU chooses to UNDEF for this particular UNPREDICTABLE case. Since we've already checked that datalo is aligned, we can simplify the test vs the Rm operand by aligning it before comparison. Check for the two orderings before falling back to two ldr instructions. We don't bother to do anything similar for tcg_out_ldrd_rwb(), because it is only used in tcg_out_tlb_read() with a fixed set of registers which don't overlap. There is no equivalent UNPREDICTABLE case for STRD. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/896 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-03-14tcg/s390x: Fix tcg_out_dup_vec vs general registersRichard Henderson1-0/+1
We copied the data from the general register input to the vector register output, but have not yet replicated it. We intended to fall through into the vector-vector case, but failed to redirect the input register. This is caught by an assertion failure in tcg_out_insn_VRIc, which diagnosed the incorrect register class. Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-03-14tcg/s390x: Fix INDEX_op_bitsel_vec vs VSELRichard Henderson1-1/+1
The operands are output in the wrong order: the tcg selector argument is first, whereas the s390x selector argument is last. Tested-by: Thomas Huth <thuth@redhat.com> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/898 Fixes: 9bca986df88 ("tcg/s390x: Implement TCG_TARGET_HAS_bitsel_vec") Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-03-14tcg/s390x: Fix tcg_out_dupi_vec vs VGMRichard Henderson1-2/+2
The immediate operands to VGM were in the wrong order, producing an inverse mask. Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-03-14Merge tag 'i2c-20220314' of https://github.com/philmd/qemu into stagingPeter Maydell1-1/+6
I2C patch queue - Fix AT24 EEPROM partial write (Patrick Venture) # gpg: Signature made Mon 14 Mar 2022 13:50:01 GMT # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * tag 'i2c-20220314' of https://github.com/philmd/qemu: hw/nvram: at24 return 0xff if 1 byte address Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-14hw/nvram: at24 return 0xff if 1 byte addressPatrick Venture1-1/+6
The at24 eeproms are 2 byte devices that return 0xff when they are read from with a partial (1-byte) address written. This distinction was found comparing model behavior to real hardware testing. Tested: `i2ctransfer -f -y 45 w1@85 0 r1` returns 0xff instead of next byte Signed-off-by: Patrick Venture <venture@google.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20211220212137.1244511-1-venture@google.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-13Merge remote-tracking branch 'remotes/quic/tags/pull-hex-20220312-1' into ↵Peter Maydell13-83/+1474
staging Hexagon bug fixes and additional tests Also includes a patch from Zongyuan Li <zongyuan.li@smartx.com> to remove an unused variable ******** Changes in v2 ******** Fix problems with build-user-hexagon CI job # gpg: Signature made Sat 12 Mar 2022 20:09:29 GMT # gpg: using RSA key 3635C788CE62B91FD4C59AB47B0244FB12DE4422 # gpg: Good signature from "Taylor Simpson (Rock on) <tsimpson@quicinc.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 3635 C788 CE62 B91F D4C5 9AB4 7B02 44FB 12DE 4422 * remotes/quic/tags/pull-hex-20220312-1: target/hexagon: remove unused variable Hexagon (target/hexagon) assignment to c4 should wait until packet commit Hexagon (target/hexagon) fix bug in conv_df2uw_chop Hexagon (tests/tcg/hexagon) fix inline asm in preg_alias.c Hexagon (tests/tcg/hexagon) update overflow test Hexagon (tests/tcg/hexagon) add floating point instructions to usr.c Hexagon (tests/tcg/hexagon) test instructions that might set bits in USR Hexagon (target/hexagon) properly handle NaN in dfmin/dfmax/sfmin/sfmax Hexagon (target/hexagon) properly handle denorm in arch_sf_recip_common Hexagon (target/hexagon) properly set FPINVF bit in sfcmp.uo and dfcmp.uo Hexagon HVX (target/hexagon) fix bug in HVX saturate instructions Hexagon (target/hexagon) fix bug in circular addressing Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-12target/hexagon: remove unused variableZongyuan Li1-5/+1
When building with clang version 13.0.0 (eg. Fedora 13.0.0-3.fc35), two unused variables introduced by macro GATHER_FUNCTION and SCATTER_FUNCTION will cause building process failure due to [-Werror -Wunused-variable]. Signed-off-by: Zongyuan Li <zongyuan.li@smartx.com> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/831 Message-Id: <20220124064339.56027-1-zongyuan.li@smartx.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Taylor Simpson <tsimpson@quicinc.com> Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
2022-03-12Hexagon (target/hexagon) assignment to c4 should wait until packet commitTaylor Simpson2-5/+47
On Hexagon, c4 is an alias for predicate registers P3:0. If we assign to c4 inside a packet with reads from predicate registers, the predicate reads should get the old values. Test case added to tests/tcg/hexagon/preg_alias.c Co-authored-by: Michael Lambert <mlambert@cuicinc.com> Signed-off-by: Taylor Simpson <tsimpson@quicinc.com> Message-Id: <20220210021556.9217-13-tsimpson@quicinc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2022-03-12Hexagon (target/hexagon) fix bug in conv_df2uw_chopTaylor Simpson2-1/+5
Fix typo that checked for 32 bit nan instead of 64 bit Test case added in tests/tcg/hexagon/usr.c Signed-off-by: Taylor Simpson <tsimpson@quicinc.com> Message-Id: <20220210021556.9217-11-tsimpson@quicinc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2022-03-12Hexagon (tests/tcg/hexagon) fix inline asm in preg_alias.cTaylor Simpson1-24/+22
Replace consecutive inline asm blocks with a single one with proper outputs/inputs/clobbers rather than making assumptions about register values being carried between separate blocks. Signed-off-by: Taylor Simpson <tsimpson@quicinc.com> Message-Id: <20220210021556.9217-10-tsimpson@quicinc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2022-03-12Hexagon (tests/tcg/hexagon) update overflow testTaylor Simpson1-1/+60
Add a test that sets USR multiple times in a packet Signed-off-by: Taylor Simpson <tsimpson@quicinc.com> Message-Id: <20220210021556.9217-9-tsimpson@quicinc.com> Acked-by: Richard Henderson <richard.henderson@linaro.org>
2022-03-12Hexagon (tests/tcg/hexagon) add floating point instructions to usr.cTaylor Simpson1-0/+339
Tests to confirm floating point instructions are properly setting exception bits in USR Signed-off-by: Taylor Simpson <tsimpson@quicinc.com> Message-Id: <20220210021556.9217-8-tsimpson@quicinc.com> Acked-by: Richard Henderson <richard.henderson@linaro.org>