aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2021-05-25hw/arm/mps2-tz: Don't duplicate modelling of SRAM in AN524Peter Maydell1-7/+1
The SRAM at 0x2000_0000 is part of the SSE-200 itself, and we model it that way in hw/arm/armsse.c (along with the associated MPCs). We incorrectly also added an entry to the RAMInfo array for the AN524 in hw/arm/mps2-tz.c, which was pointless because the CPU would never see it. Delete it. The bug had no guest-visible effect because devices in the SSE-200 take priority over those in the board model (armsse.c maps s->board_memory at priority -2). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20210510190844.17799-2-peter.maydell@linaro.org
2021-05-25hw/intc/arm_gicv3_cpuif: Fix EOIR write access check logicPeter Maydell1-16/+32
In icc_eoir_write() we assume that we can identify the group of the IRQ being completed based purely on which register is being written to and the current CPU state, and that "CPU state matches group indicated by register" is the only necessary access check. This isn't correct: if the CPU is not in Secure state then EOIR1 will only complete Group 1 NS IRQs, but if the CPU is in EL3 it can complete both Group 1 S and Group 1 NS IRQs. (The pseudocode ICC_EOIR1_EL1 makes this clear.) We were also missing the logic to prevent EOIR0 writes completing G0 IRQs when they should not. Rearrange the logic to first identify the group of the current highest priority interrupt and then look at whether we should complete it or ignore the access based on which register was accessed and the state of the CPU. The resulting behavioural change is: * EL3 can now complete G1NS interrupts * G0 interrupt completion is now ignored if the GIC and the CPU have the security extension enabled and the CPU is not secure Reported-by: Chan Kim <ckim@etri.re.kr> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20210510150016.24910-1-peter.maydell@linaro.org
2021-05-25hw/arm/smmuv3: Another range invalidation fixEric Auger1-24/+26
6d9cd115b9 ("hw/arm/smmuv3: Enforce invalidation on a power of two range") failed to completely fix misalignment issues with range invalidation. For instance invalidations patterns like "invalidate 32 4kB pages starting from 0xff395000 are not correctly handled" due to the fact the previous fix only made sure the number of invalidated pages were a power of 2 but did not properly handle the start address was not aligned with the range. This can be noticed when boothing a fedora 33 with protected virtio-blk-pci. Signed-off-by: Eric Auger <eric.auger@redhat.com> Fixes: 6d9cd115b9 ("hw/arm/smmuv3: Enforce invalidation on a power of two range") Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-24Merge remote-tracking branch ↵Peter Maydell7-70/+79
'remotes/stefanha-gitlab/tags/block-pull-request' into staging Pull request (Resent due to an email preparation mistake.) # gpg: Signature made Mon 24 May 2021 14:01:42 BST # gpg: using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full] # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" [full] # Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8 * remotes/stefanha-gitlab/tags/block-pull-request: coroutine-sleep: introduce qemu_co_sleep coroutine-sleep: replace QemuCoSleepState pointer with struct in the API coroutine-sleep: move timer out of QemuCoSleepState coroutine-sleep: allow qemu_co_sleep_wake that wakes nothing coroutine-sleep: disallow NULL QemuCoSleepState** argument coroutine-sleep: use a stack-allocated timer bitops.h: Improve find_xxx_bit() documentation multi-process: Initialize variables declared with g_auto* Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-24Merge remote-tracking branch 'remotes/xtensa/tags/20210521-xtensa' into stagingPeter Maydell10-89/+288
target/xtensa updates for v6.1: - don't generate extra EXCP_DEBUG on exception - fix l32ex access ring - clean up unaligned access # gpg: Signature made Fri 21 May 2021 14:59:30 BST # gpg: using RSA key 2B67854B98E5327DCDEB17D851F9CC91F83FA044 # gpg: issuer "jcmvbkbc@gmail.com" # gpg: Good signature from "Max Filippov <filippov@cadence.com>" [unknown] # gpg: aka "Max Filippov <max.filippov@cogentembedded.com>" [full] # gpg: aka "Max Filippov <jcmvbkbc@gmail.com>" [full] # Primary key fingerprint: 2B67 854B 98E5 327D CDEB 17D8 51F9 CC91 F83F A044 * remotes/xtensa/tags/20210521-xtensa: target/xtensa: clean up unaligned access target/xtensa: fix access ring in l32ex target/xtensa: don't generate extra EXCP_DEBUG on exception Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-21coroutine-sleep: introduce qemu_co_sleepPaolo Bonzini2-7/+24
Allow using QemuCoSleep to sleep forever until woken by qemu_co_sleep_wake. This makes the logic of qemu_co_sleep_ns_wakeable easy to understand. In the future we will introduce an API that can work even if the sleep and wake happen from different threads. For now, initializing w->to_wake after timer_mod is fine because the timer can only fire in the same AioContext. Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 20210517100548.28806-7-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-05-21coroutine-sleep: replace QemuCoSleepState pointer with struct in the APIPaolo Bonzini4-43/+39
Right now, users of qemu_co_sleep_ns_wakeable are simply passing a pointer to QemuCoSleepState by reference to the function. But QemuCoSleepState really is just a Coroutine*; making the content of the struct public is just as efficient and lets us skip the user_state_pointer indirection. Since the usage is changed, take the occasion to rename the struct to QemuCoSleep. Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 20210517100548.28806-6-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-05-21coroutine-sleep: move timer out of QemuCoSleepStatePaolo Bonzini1-4/+4
This simplification is enabled by the previous patch. Now aio_co_wake will only be called once, therefore we do not care about a spurious firing of the timer after a qemu_co_sleep_wake. Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 20210517100548.28806-5-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-05-21coroutine-sleep: allow qemu_co_sleep_wake that wakes nothingPaolo Bonzini3-18/+15
All callers of qemu_co_sleep_wake are checking whether they are passing a NULL argument inside the pointer-to-pointer: do the check in qemu_co_sleep_wake itself. As a side effect, qemu_co_sleep_wake can be called more than once and it will only wake the coroutine once; after the first time, the argument will be set to NULL via *sleep_state->user_state_pointer. However, this would not be safe unless co_sleep_cb keeps using the QemuCoSleepState* directly, so make it go through the pointer-to-pointer instead. Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 20210517100548.28806-4-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-05-21coroutine-sleep: disallow NULL QemuCoSleepState** argumentPaolo Bonzini2-15/+8
Simplify the code by removing conditionals. qemu_co_sleep_ns can simply point the argument to an on-stack temporary. Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 20210517100548.28806-3-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-05-21coroutine-sleep: use a stack-allocated timerPaolo Bonzini1-5/+4
The lifetime of the timer is well-known (it cannot outlive qemu_co_sleep_ns_wakeable, because it's deleted by the time the coroutine resumes), so it is not necessary to place it on the heap. Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 20210517100548.28806-2-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-05-21bitops.h: Improve find_xxx_bit() documentationPhilippe Mathieu-Daudé1-3/+12
Document the following functions return the bitmap size if no matching bit is found: - find_first_bit - find_next_bit - find_last_bit - find_first_zero_bit - find_next_zero_bit Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 20210510200758.2623154-2-philmd@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-05-21multi-process: Initialize variables declared with g_auto*Zenghui Yu2-5/+3
Quote docs/devel/style.rst (section "Automatic memory deallocation"): * Variables declared with g_auto* MUST always be initialized, otherwise the cleanup function will use uninitialized stack memory Initialize @name properly to get rid of the compilation error (using gcc-7.3.0 on CentOS): ../hw/remote/proxy.c: In function 'pci_proxy_dev_realize': /usr/include/glib-2.0/glib/glib-autocleanups.h:28:3: error: 'name' may be used uninitialized in this function [-Werror=maybe-uninitialized] g_free (*pp); ^~~~~~~~~~~~ ../hw/remote/proxy.c:350:30: note: 'name' was declared here g_autofree char *name; ^~~~ Signed-off-by: Zenghui Yu <yuzenghui@huawei.com> Reviewed-by: Jagannathan Raman <jag.raman@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com> Message-id: 20210312112143.1369-1-yuzenghui@huawei.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-05-21Merge remote-tracking branch 'remotes/kraxel/tags/ui-20210521-pull-request' ↵Peter Maydell18-68/+1800
into staging ui: add cut+paste support. ui: bugfixes for spice and vnc. # gpg: Signature made Fri 21 May 2021 13:50:46 BST # gpg: using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/ui-20210521-pull-request: ui/gtk: add clipboard support ui/gtk: move struct GtkDisplayState to ui/gtk.h ui/vnc: clipboard support ui/vdagent: add clipboard support ui/vdagent: add mouse support ui/vdagent: core infrastructure ui: add clipboard documentation ui: add clipboard infrastructure build: add separate spice-protocol config option ui/spice-display: check NULL pointer in interface_release_resource() vnc: spelling fix (enable->enabled) Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-21Merge remote-tracking branch ↵Peter Maydell4-22/+144
'remotes/vsementsov/tags/pull-simplebench-2021-05-04' into staging scripts/simplebench improvements for 2021-05-04 # gpg: Signature made Tue 04 May 2021 09:45:15 BST # gpg: using RSA key 8B9C26CDB2FD147C880E86A1561F24C1F19F79FB # gpg: Good signature from "Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8B9C 26CD B2FD 147C 880E 86A1 561F 24C1 F19F 79FB * remotes/vsementsov/tags/pull-simplebench-2021-05-04: MAINTAINERS: update Benchmark util: add git tree simplebench/bench-backup: add --drop-caches argument simplebench/bench-backup: add --count and --no-initial-run simplebench/bench-backup: support qcow2 source files simplebench/bench_block_job: handle error in BLOCK_JOB_COMPLETED simplebench/bench-backup: add target-cache argument simplebench/bench-backup: add --compressed option simplebench: bench_one(): support count=1 simplebench: bench_one(): add slow_limit argument Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-21Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2021-05-11' into ↵Peter Maydell1-7/+22
staging nbd patches for 2021-05-11 - fix fd passing to qemu-storage-daemon --nbd-server # gpg: Signature made Tue 11 May 2021 20:26:22 BST # gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full] # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full] # gpg: aka "[jpeg image of size 6874]" [full] # Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A * remotes/ericb/tags/pull-nbd-2021-05-11: sockets: update SOCKET_ADDRESS_TYPE_FD listen(2) backlog Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-21ui/gtk: add clipboard supportGerd Hoffmann4-1/+204
This patch adds clipboard support to the qemu gtk ui. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-10-kraxel@redhat.com>
2021-05-21ui/gtk: move struct GtkDisplayState to ui/gtk.hGerd Hoffmann2-55/+57
Want place gtk clipboard code in a separate C file, which in turn requires GtkDisplayState being in a header file. So move it. No functional change. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-9-kraxel@redhat.com>
2021-05-21ui/vnc: clipboard supportGerd Hoffmann4-6/+363
This patch adds support for cut+paste to the qemu vnc server, which allows the vnc client exchange clipbaord data with qemu and other peers like the qemu vdagent implementation. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-8-kraxel@redhat.com>
2021-05-21ui/vdagent: add clipboard supportGerd Hoffmann4-1/+301
This patch adds support for clipboard messages to the qemu vdagent implementation, which allows the guest exchange clipboard data with qemu. Clipboard support can be enabled/disabled using the new 'clipboard' parameter for the vdagent chardev. Default is off. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-7-kraxel@redhat.com>
2021-05-21ui/vdagent: add mouse supportGerd Hoffmann3-1/+155
This patch adds support for mouse messages to the vdagent implementation. This can be enabled/disabled using the new 'mouse' parameter for the vdagent chardev. Default is on. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Acked-by: Markus Armbruster <armbru@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-6-kraxel@redhat.com>
2021-05-21ui/vdagent: core infrastructureGerd Hoffmann4-1/+386
The vdagent protocol allows the guest agent (spice-vdagent) and the spice client exchange messages to implement features which require guest cooperation, for example clipboard support. This is a qemu implementation of the spice client side. This allows the spice guest agent talk to qemu directly when not using the spice protocol. usage: qemu \ -chardev qemu-vdagent,id=vdagent \ -device virtserialport,chardev=vdagent,name=com.redhat.spice.0 This patch adds just the protocol basics: initial handshake and capability negotiation. The following patches will add actual functionality and also add fields to the initially empty ChardevVDAgent qapi struct. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-5-kraxel@redhat.com>
2021-05-21ui: add clipboard documentationGerd Hoffmann3-1/+141
Document clipboard infrastructure in qemu. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-4-kraxel@redhat.com>
2021-05-21ui: add clipboard infrastructureGerd Hoffmann3-0/+155
Add some infrastructure to manage the clipboard in qemu. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-3-kraxel@redhat.com>
2021-05-21build: add separate spice-protocol config optionGerd Hoffmann2-4/+36
When implementing spice vdagent protocol in qemu we only need the spice-protocol package for that, spice-server is not needed. So go split those two build dependencies. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-2-kraxel@redhat.com>
2021-05-21ui/spice-display: check NULL pointer in interface_release_resource()Mauro Matteo Cascella1-0/+4
Check rext.info to avoid potential NULL pointer dereference. A similar check exists in interface_release_resource() in hw/display/qxl.c. Reported-by: Yu Lu <ini.universe@gmail.com> Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com> Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org> Message-Id: <20210520105833.183160-1-mcascell@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-05-21vnc: spelling fix (enable->enabled)Michael Tokarev1-1/+1
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210508092558.351102-1-mjt@msgid.tls.msk.ru> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-05-20target/xtensa: clean up unaligned accessMax Filippov7-70/+288
Xtensa cores may or may not have hardware support for unaligned memory access. Remove TARGET_ALIGNED_ONLY=y from all xtensa configurations and pass MO_ALIGN in memory access flags for all operations that would raise an exception. Simplify use of gen_load_store_alignment by passing access size and alignment requirements in single parameter. Drop condition from xtensa_cpu_do_unaligned_access and replace it with assertion. Add a test. Suggested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Suggested-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2021-05-20target/xtensa: fix access ring in l32exMax Filippov1-1/+1
l32ex does memory access as all regular load/store operations at CRING level. Fix apparent pasto from l32e that caused it to use RING instead. This is a correctness issue, not a security issue, because in the worst case the privilege level of memory access may be lowered, resulting in an exception when the correct implementation would've succeeded. In no case it would allow memory access that would've raised an exception in the correct implementation. Cc: qemu-stable@nongnu.org Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2021-05-20target/xtensa: don't generate extra EXCP_DEBUG on exceptionMax Filippov4-19/+0
target/xtensa used to generate an extra EXCP_DEBUG exception before the first instruction executed after an interrupt or an exception is taken to allow single-stepping that instruction in the debugger. This is no longer needed after the following commits: a7ba744f4082 ("tcg/cpu-exec: precise single-stepping after an exception") ba3c35d9c402 ("tcg/cpu-exec: precise single-stepping after an interrupt") Drop exception state tracking/extra EXCP_DEBUG generation code. Cc: qemu-stable@nongnu.org # v5.1, v5.2, v6.0 Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2021-05-20Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2021-05-20' into ↵Peter Maydell18-82/+210
staging QAPI patches patches for 2021-05-20 # gpg: Signature made Thu 20 May 2021 16:10:21 BST # gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653 # gpg: issuer "armbru@redhat.com" # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full] # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full] # Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653 * remotes/armbru/tags/pull-qapi-2021-05-20: qapi/parser: add docstrings qapi/parser: allow 'ch' variable name qapi/parser: Remove superfluous list comprehension qapi/parser: add type hint annotations qapi/parser: Rework _check_pragma_list_of_str as a TypeGuard qapi/parser: Fix token membership tests when token can be None qapi: add must_match helper qapi/parser: Use @staticmethod where appropriate qapi/parser: assert object keys are strings qapi/parser: enforce all top-level expressions must be dict in _parse() qapi/parser: Assert lexer value is a string qapi/parser: factor parsing routine into method qapi/source: Remove line number from QAPISourceInfo initializer qapi: Add test for nonexistent schema file qapi/parser: Don't try to handle file errors Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-20Merge remote-tracking branch 'remotes/cohuck-gitlab/tags/s390x-20210520-v2' ↵Peter Maydell13-17/+48
into staging s390x fixes and cleanups; also related fixes in xtensa, arm, and x86 code # gpg: Signature made Thu 20 May 2021 13:23:15 BST # gpg: using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF # gpg: issuer "cohuck@redhat.com" # gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown] # gpg: aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full] # gpg: aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full] # gpg: aka "Cornelia Huck <cohuck@kernel.org>" [unknown] # gpg: aka "Cornelia Huck <cohuck@redhat.com>" [unknown] # Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0 18CE DECF 6B93 C6F0 2FAF * remotes/cohuck-gitlab/tags/s390x-20210520-v2: tests/tcg/x86_64: add vsyscall smoke test target/i386: Make sure that vsyscall's tb->size != 0 vfio-ccw: Attempt to clean up all IRQs on error hw/s390x/ccw: Register qbus type in abstract TYPE_CCW_DEVICE parent vfio-ccw: Permit missing IRQs accel/tcg: Assert that tb->size != 0 after translation target/xtensa: Make sure that tb->size != 0 target/arm: Make sure that commpage's tb->size != 0 target/s390x: Fix translation exception on illegal instruction Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-20qapi/parser: add docstringsJohn Snow1-0/+69
Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <20210519183951.3946870-16-jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> [Doc string spacing tweaked slightly] Signed-off-by: Markus Armbruster <armbru@redhat.com>
2021-05-20qapi/parser: allow 'ch' variable nameJohn Snow1-0/+1
We can have a two-letter variable name, as a treat. Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <20210519183951.3946870-15-jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2021-05-20Merge remote-tracking branch 'remotes/bsdimp/tags/pull-bsd-user-20210511' ↵Peter Maydell15-552/+348
into staging pull-bsd-user-20210511 is the next round of cleanups to bsd-user in merging the bsd-user fork into qemu. It contains a number of style commits, as well as 3 commits that start to change things: Some unused files are deleted, building the sparc and sparc64 targets are removed, and a structure is renamed. The next set of pull requests will start to execute the following plan: 1. Move existing code around to have a structure similar to the bsd-user fork. 2. Incrementally merge groups of system calls, focused on making x86 work. 3. Once the groups of system calls are all merged, additional platforms will be added back. 4. Concurrently, as changes are requested as part of the merge happen, those changes will be merged into the fork. An experimental merge to tip of master is under test and is what will be updated. 5. Eventually, there will be no diference, and the bsd-user fork will only be a staging area for cutting-edge features prior to upstreaming into qemu mainline. The bsd-user code in qemu has a lot of style issues. This cleans up a number in the files touched. However, the checkpatch.pl detects some incremental issues in the commits. The following are expected, but are corrected in later hashes in this branch. MAINTAINERS does not need to be updated, since all the files added or deleted are covered under existing regexp in MAINTAINERS. Checking all commits since f9a576a818044133f8564e0d243ebd97df0b3280... d60c3b932e2fa06aba5d7aa1c451b5d287095dc8:101: ERROR: consider using qemu_strtol in preference to strtol d60c3b932e2fa06aba5d7aa1c451b5d287095dc8:142: ERROR: braces {} are necessary for all arms of this statement d60c3b932e2fa06aba5d7aa1c451b5d287095dc8:145: ERROR: braces {} are necessary for all arms of this statement total: 3 errors, 0 warnings, 119 lines checked b4bebeee1dee8d333bfa105a6c28fec5eb34b147:148: WARNING: line over 80 characters b4bebeee1dee8d333bfa105a6c28fec5eb34b147:330: ERROR: braces {} are necessary for all arms of this statement b4bebeee1dee8d333bfa105a6c28fec5eb34b147:340: ERROR: braces {} are necessary for all arms of this statement b4bebeee1dee8d333bfa105a6c28fec5eb34b147:381: ERROR: space prohibited between function name and open parenthesis '(' b4bebeee1dee8d333bfa105a6c28fec5eb34b147:390: ERROR: spaces required around that '<' (ctx:VxV) b4bebeee1dee8d333bfa105a6c28fec5eb34b147:408: WARNING: Block comments use a leading /* on a separate line b4bebeee1dee8d333bfa105a6c28fec5eb34b147:409: WARNING: Block comments use * on subsequent lines b4bebeee1dee8d333bfa105a6c28fec5eb34b147:409: WARNING: Block comments use a trailing */ on a separate line b4bebeee1dee8d333bfa105a6c28fec5eb34b147:441: WARNING: line over 80 characters b4bebeee1dee8d333bfa105a6c28fec5eb34b147:445: WARNING: line over 80 characters b4bebeee1dee8d333bfa105a6c28fec5eb34b147:502: ERROR: line over 90 characters b4bebeee1dee8d333bfa105a6c28fec5eb34b147:551: ERROR: space required after that ',' (ctx:VxV) b4bebeee1dee8d333bfa105a6c28fec5eb34b147:552: ERROR: space required after that ',' (ctx:VxV) b4bebeee1dee8d333bfa105a6c28fec5eb34b147:587: ERROR: space required after that ';' (ctx:VxV) b4bebeee1dee8d333bfa105a6c28fec5eb34b147:623: ERROR: suspect code indent for conditional statements (12, 14) total: 9 errors, 6 warnings, 664 lines checked 86545e7afe3f822b8561c7ceee7540fc3b19c3f0:31: ERROR: space required after that ';' (ctx:VxV) 86545e7afe3f822b8561c7ceee7540fc3b19c3f0:40: ERROR: space required after that ';' (ctx:VxV) total: 2 errors, 0 warnings, 60 lines checked Use of uninitialized value $acpi_testexpected in string eq at scripts/checkpatch.pl line 1529. 65d58c91ef1a15ad945ece367983437576f8e82b:22: WARNING: added, moved or deleted file(s), does MAINTAINERS need updating? total: 0 errors, 1 warnings, 14 lines checked Use of uninitialized value $acpi_testexpected in string eq at scripts/checkpatch.pl line 1529. f8ce39701b5be032fb3f9c05e8adb4055f70eec2:21: WARNING: added, moved or deleted file(s), does MAINTAINERS need updating? total: 0 errors, 1 warnings, 0 lines checked FAIL one or more commits failed scripts/checkpatch.pl Cleaning up file based variables ERROR: Job failed: exit code 1 # gpg: Signature made Wed 12 May 2021 17:40:34 BST # gpg: using RSA key 2035F894B00AA3CF7CCDE1B76C1CD1287DB01100 # gpg: Good signature from "Warner Losh <wlosh@netflix.com>" [unknown] # gpg: aka "Warner Losh <imp@bsdimp.com>" [unknown] # gpg: aka "Warner Losh <imp@freebsd.org>" [unknown] # gpg: aka "Warner Losh <imp@village.org>" [unknown] # gpg: aka "Warner Losh <wlosh@bsdimp.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 2035 F894 B00A A3CF 7CCD E1B7 6C1C D128 7DB0 1100 * remotes/bsdimp/tags/pull-bsd-user-20210511: bsd-user: rename linux_binprm to bsd_binprm bsd-user: Stop building the sparc targets bsd-user: remove target_signal.h, it's unused bsd-user: style tweak: keyword space ( bsd-user: style tweak: Remove #if 0'd code bsd-user: style tweak: keyword space ( bsd-user: style tweak: keyword space ( bsd-user: whitespace changes bsd-user: use qemu_strtoul in preference to strtol bsd-user: style tweak: use {} consistently in for / if / else statements bsd-user: style tweak: use {} for all if statements, format else correctly bsd-user: style tweak: don't assign in if statements bsd-user: style tweak: Use preferred block comments bsd-user: style tweak: remove spacing after '*' and add after } bsd-user: style tweak: move extern to header file bsd-user: Remove commented out code bsd-user: style tweak: Use preferred block comments bsd-user: style tweak: Remove #if 0'd code bsd-user: style tweak: use C not C++ comments bsd-user: whitespace changes Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-20tests/tcg/x86_64: add vsyscall smoke testIlya Leoshkevich2-1/+17
Having a small test will prevent trivial regressions in the future. Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Message-Id: <20210519045738.1335210-3-iii@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20target/i386: Make sure that vsyscall's tb->size != 0Ilya Leoshkevich1-0/+1
tb_gen_code() assumes that tb->size must never be zero, otherwise it may produce spurious exceptions. For x86_64 this may happen when creating a translation block for the vsyscall page. Fix by pretending that vsyscall translation blocks have at least one instruction. Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210519045738.1335210-2-iii@linux.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20vfio-ccw: Attempt to clean up all IRQs on errorEric Farman1-3/+5
The vfio_ccw_unrealize() routine makes an unconditional attempt to unregister every IRQ notifier, though they may not have been registered in the first place (when running on an older kernel, for example). Let's mirror this behavior in the error cleanups in vfio_ccw_realize() so that if/when new IRQs are added, it is less confusing to recognize the necessary procedures. The worst case scenario would be some extra messages about an undefined IRQ, but since this is an error exit that won't be the only thing to worry about. And regarding those messages, let's change it to a warning instead of an error, to better reflect their severity. The existing code in both paths handles everything anyway. Signed-off-by: Eric Farman <farman@linux.ibm.com> Acked-by: Matthew Rosato <mjrosato@linux.ibm.com> Message-Id: <20210428143652.1571487-1-farman@linux.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20hw/s390x/ccw: Register qbus type in abstract TYPE_CCW_DEVICE parentPhilippe Mathieu-Daudé5-4/+2
Instead of having all TYPE_CCW_DEVICE children set the bus type to TYPE_VIRTUAL_CSS_BUS, do it once in the abstract parent. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Acked-by: Eric Farman <farman@linux.ibm.com> Message-Id: <20210424145313.3287400-1-f4bug@amsat.org> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20vfio-ccw: Permit missing IRQsEric Farman1-5/+7
Commit 690e29b91102 ("vfio-ccw: Refactor ccw irq handler") changed one of the checks for the IRQ notifier registration from saying "the host needs to recognize the only IRQ that exists" to saying "the host needs to recognize ANY IRQ that exists." And this worked fine, because the subsequent change to support the CRW IRQ notifier doesn't get into this code when running on an older kernel, thanks to a guard by a capability region. The later addition of the REQ(uest) IRQ by commit b2f96f9e4f5f ("vfio-ccw: Connect the device request notifier") broke this assumption because there is no matching capability region. Thus, running new QEMU on an older kernel fails with: vfio: unexpected number of irqs 2 Let's adapt the message here so that there's a better clue of what IRQ is missing. Furthermore, let's make the REQ(uest) IRQ not fail when attempting to register it, to permit running vfio-ccw on a newer QEMU with an older kernel. Fixes: b2f96f9e4f5f ("vfio-ccw: Connect the device request notifier") Signed-off-by: Eric Farman <farman@linux.ibm.com> Message-Id: <20210421152053.2379873-1-farman@linux.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20accel/tcg: Assert that tb->size != 0 after translationIlya Leoshkevich1-0/+1
If arch-specific code generates a translation block of size 0, tb_gen_code() may generate a spurious exception. Add an assertion in order to catch such situations early. Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Reviewed-by: David Hildenbrand <david@redhat.com> Message-Id: <20210416154939.32404-5-iii@linux.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20target/xtensa: Make sure that tb->size != 0Ilya Leoshkevich1-0/+3
tb_gen_code() assumes that tb->size must never be zero, otherwise it may produce spurious exceptions. For xtensa this may happen when decoding an unknown instruction, when handling a write into the CCOUNT or CCOMPARE special register and when single-stepping the first instruction of an exception handler. Fix by pretending that the size of the respective translation block is 1 in all these cases. Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Tested-by: Max Filippov <jcmvbkbc@gmail.com> Acked-by: Max Filippov <jcmvbkbc@gmail.com> Message-Id: <20210416154939.32404-4-iii@linux.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20target/arm: Make sure that commpage's tb->size != 0Ilya Leoshkevich1-0/+2
tb_gen_code() assumes that tb->size must never be zero, otherwise it may produce spurious exceptions. For ARM this may happen when creating a translation block for the commpage. Fix by pretending that commpage translation blocks have at least one instruction. Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210416154939.32404-3-iii@linux.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20target/s390x: Fix translation exception on illegal instructionIlya Leoshkevich1-5/+11
Hitting an uretprobe in a s390x TCG guest causes a SIGSEGV. What happens is: * uretprobe maps a userspace page containing an invalid instruction. * uretprobe replaces the target function's return address with the address of that page. * When tb_gen_code() is called on that page, tb->size ends up being 0 (because the page starts with the invalid instruction), which causes virt_page2 to point to the previous page. * The previous page is not mapped, so this causes a spurious translation exception. tb->size must never be 0: even if there is an illegal instruction, the instruction bytes that have been looked at must count towards tb->size. So adjust s390x's translate_one() to act this way for both illegal instructions and instructions that are known to generate exceptions. Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Reviewed-by: David Hildenbrand <david@redhat.com> Message-Id: <20210416154939.32404-2-iii@linux.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-05-20Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-x86-20210519' ↵Peter Maydell14-753/+592
into staging Eliminate user-only helper stubs for privledged insns. # gpg: Signature made Wed 19 May 2021 19:24:27 BST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * remotes/rth-gitlab/tags/pull-x86-20210519: (50 commits) target/i386: Remove user-only i/o stubs target/i386: Move helper_check_io to sysemu target/i386: Create helper_check_io target/i386: Pass in port to gen_check_io target/i386: Tidy gen_check_io target/i386: Exit tb after wrmsr target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr target/i386: Inline user cpu_svm_check_intercept_param target/i386: Unify invlpg, invlpga target/i386: Move invlpg, hlt, monitor, mwait to sysemu target/i386: Pass env to do_pause and do_hlt target/i386: Cleanup read_crN, write_crN, lmsw target/i386: Remove user stub for cpu_vmexit target/i386: Remove pc_start argument to gen_svm_check_intercept target/i386: Tidy svm_check_intercept from tcg target/i386: Simplify gen_debug usage target/i386: Mark some helpers as noreturn target/i386: Eliminate SVM helpers for user-only target/i386: Implement skinit in translate.c target/i386: Assert !GUEST for user-only ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-20qapi/parser: Remove superfluous list comprehensionJohn Snow1-1/+1
A generator suffices (and quiets a pylint warning). Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <20210519183951.3946870-14-jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2021-05-20qapi/parser: add type hint annotationsJohn Snow1-20/+38
Annotations do not change runtime behavior. This commit *only* adds annotations. (Annotations for QAPIDoc are in a forthcoming commit.) Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <20210519183951.3946870-13-jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2021-05-20qapi/parser: Rework _check_pragma_list_of_str as a TypeGuardJohn Snow1-14/+16
TypeGuards wont exist in Python proper until 3.10. Ah well. We can hack up our own by declaring this function to return the type we claim it checks for and using this to safely downcast object -> List[str]. In so doing, I bring this function under _pragma so it can use the 'info' object in its closure. Having done this, _pragma also now no longer needs to take a 'self' parameter, so drop it. To help with line-length, and with the context evident from its new scope, rename the function to the shorter check_list_str(). Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <20210519183951.3946870-12-jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2021-05-20qapi/parser: Fix token membership tests when token can be NoneJohn Snow8-2/+9
When the token can be None (EOF), we can't use 'x in "abc"' style membership tests to group types of tokens together, because 'None in "abc"' is a TypeError. Easy enough to fix. (Use a tuple: It's neither a static typing error nor a runtime error to check for None in Tuple[str, ...]) Add tests to prevent a regression. (Note: they cannot be added prior to this fix, as the unhandled stack trace will not match test output in the CI system.) Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <20210519183951.3946870-11-jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2021-05-20qapi: add must_match helperJohn Snow3-11/+16
Mypy cannot generally understand that these regex functions cannot possibly fail. Add a "must_match" helper that makes this clear for mypy. Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <20210519183951.3946870-10-jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>