Hanna Czenczek [Tue, 15 Oct 2024 17:04:37 +0000 (19:04 +0200)]
migration: Ensure vmstate_save() sets errp
migration/savevm.c contains some calls to vmstate_save() that are
followed by migrate_set_error() if the integer return value indicates an
error. migrate_set_error() requires that the `Error *` object passed to
it is set. Therefore, vmstate_save() is assumed to always set *errp on
error.
Right now, that assumption is not met: vmstate_save_state_v() (called
internally by vmstate_save()) will not set *errp if
vmstate_subsection_save() or vmsd->post_save() fail. Fix that by adding
an *errp parameter to vmstate_subsection_save(), and by generating a
generic error in case post_save() fails (as is already done for
pre_save()).
Without this patch, qemu will crash after vmstate_subsection_save() or
post_save() have failed inside of a vmstate_save() call (unless
migrate_set_error() then happen to discard the new error because
s->error is already set). This happens e.g. when receiving the state
from a virtio-fs back-end (virtiofsd) fails.
Peter Xu [Fri, 11 Oct 2024 15:36:52 +0000 (11:36 -0400)]
migration: Put thread names together with macros
Keep migration thread names together, so it's easier to see a list of all
possible migration threads.
Still two functional changes below besides the macro defintions:
- There's one dirty rate thread that we overlooked before, now we add
that too and name it as "mig/dirtyrate" following the old rules.
- The old name "mig/src/rp-thr" has "-thr" but it may not be useful if
it's a thread name anyway, while "rp" can be slightly hard to read.
Taking this chance to rename it to "mig/src/return", hopefully a better
name.
Peter Xu [Thu, 19 Sep 2024 16:30:42 +0000 (12:30 -0400)]
migration: Cleanup migrate_fd_cleanup() on accessing to_dst_file
The cleanup function can in many cases needs cleanup on its own.
The major thing we want to do here is not referencing to_dst_file when
without the file mutex. When at it, touch things elsewhere too to make it
look slightly better in general.
One thing to mention is, migration_thread has its own "running" boolean, so
it doesn't need to rely on to_dst_file being non-NULL. Multifd has a
dependency so it needs to be skipped if to_dst_file is not yet set; add a
richer comment for such reason.
* tag 'pull-target-arm-20241029' of https://git.linaro.org/people/pmaydell/qemu-arm:
target/arm: kvm: require KVM_CAP_DEVICE_CTRL
docs/devel/reset: Fix minor grammatical error
target/arm: Fix arithmetic underflow in SETM instruction
docs/system/target-arm.rst: Remove "many boards are undocumented" note
docs/system/arm: Add placeholder docs for mcimx6ul-evk and mcimx7d-sabre
docs/system/arm: Add placeholder doc for xlnx-zcu102 board
docs/system/arm: Add placeholder doc for exynos4 boards
docs/system/arm: Split fby35 out from aspeed.rst
docs/system/arm: Don't use wildcard '*-bmc' in doc titles
docs/system/arm/stm32: List olimex-stm32-h405 in document title
scripts/symlink-install-tree.py: Fix MESONINTROSPECT parsing
tests/functional: Add a functional test for the sx1 board
tests/functional: Add a functional test for the collie board
hw/sd/omap_mmc: Don't use sd_cmd_type_t
target/arm: Don't assert in regime_is_user() for E10 mmuidx values
target/arm: Store FPSR cumulative exception bits in env->vfp.fpsr
docs/system/cpu-hotplug: Update example's socket-id/core-id
arm/kvm: add support for MTE
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 29 Oct 2024 17:05:54 +0000 (17:05 +0000)]
Merge tag 'pull-virtio-gpu-vulkan-291024-1' of https://gitlab.com/stsquad/qemu into staging
virtio-gpu: add venus/vulkan capability
We are currently lacking a declared maintainer for the sub-system so
while we look for one I'm merging after testing locally.
- convert some fprintfs to proper trace events
- move timers used by GL devices into GL structures
- handle virtio_gpu_virgl_init() failure better
- implement unrealize for GL devices
- use virgl version numbering to gate features
- support context-init feature
- don't require udmabuf for virgl only
- add virgl resource tracker
- allow command submission to be suspended
- handle resource blob commands
- dynamically handle capabilit sets
- add venus context support for passing vulkan
* tag 'pull-virtio-gpu-vulkan-291024-1' of https://gitlab.com/stsquad/qemu:
virtio-gpu: Support Venus context
virtio-gpu: Register capsets dynamically
virtio-gpu: Handle resource blob commands
virtio-gpu: Support suspension of commands processing
virtio-gpu: Add virgl resource management
virtio-gpu: Don't require udmabuf when blobs and virgl are enabled
virtio-gpu: Support context-init feature with virglrenderer
virtio-gpu: Use pkgconfig version to decide which virgl features are available
virtio-gpu: Unrealize GL device
virtio-gpu: Handle virtio_gpu_virgl_init() failure
virtio-gpu: Move print_stats timer to VirtIOGPUGL
virtio-gpu: Move fence_poll timer to VirtIOGPUGL
virtio-gpu: Use trace events for tracking number of in-flight fences
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Tue, 29 Oct 2024 12:54:46 +0000 (12:54 +0000)]
target/arm: kvm: require KVM_CAP_DEVICE_CTRL
The device control API was added in 2013, assume that it is present.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20241024113126.44343-1-pbonzini@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 29 Oct 2024 12:54:45 +0000 (12:54 +0000)]
docs/devel/reset: Fix minor grammatical error
Fix a minor grammatical error in the reset documentation:
a couple of missing words and a singular/plural swap.
Signed-off-by: Axel Heider <axel.heider@codasip.com>
Message-id: 173006362760.28451.11319467059840843945-1@git.sr.ht
[PMM: squashed two patches into one, tweaked commit message] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Ido Plat [Tue, 29 Oct 2024 12:54:45 +0000 (12:54 +0000)]
target/arm: Fix arithmetic underflow in SETM instruction
Pass the stage size to step function callback, otherwise do_setm
would hang when size is larger then page size because stage size
would underflow. This fix changes do_setm to be more inline with
do_setp.
Cc: qemu-stable@nongnu.org Fixes: 0e92818887dee ("target/arm: Implement the SET* instructions") Signed-off-by: Ido Plat <ido.plat1@ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20241025024909.799989-1-ido.plat1@ibm.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 29 Oct 2024 12:54:45 +0000 (12:54 +0000)]
docs/system/target-arm.rst: Remove "many boards are undocumented" note
We now have at least placeholder documentation for every Arm board,
so we can remove the apologetic note that says that there are
undocumented ones which you can only find out about via the
``--machine help`` option.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20241018141332.942844-8-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:44 +0000 (12:54 +0000)]
docs/system/arm: Add placeholder docs for mcimx6ul-evk and mcimx7d-sabre
Add placeholder docs for the mcimx6ul-evk and mcimx7d-sabre boards.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20241018141332.942844-7-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:44 +0000 (12:54 +0000)]
docs/system/arm: Add placeholder doc for xlnx-zcu102 board
Add a placeholder doc for the xlnx-zcu102 board.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20241018141332.942844-6-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:44 +0000 (12:54 +0000)]
docs/system/arm: Add placeholder doc for exynos4 boards
Add a placeholder doc for the exynos4 boards nuri and smdkc210.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Message-id: 20241018141332.942844-5-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:44 +0000 (12:54 +0000)]
docs/system/arm: Split fby35 out from aspeed.rst
The fby35 machine is not implemented in hw/arm/aspeed.c,
but its documentation is currently stuck at the end of aspeed.rst,
formatted in a way that it gets its own heading in the top-level
list of boards in target-arm.html.
We don't have any other boards that we document like this; split it
out into its own rst file. This improves consistency with other
board docs and means we can have the entry in the target-arm
list be in the correct alphabetical order.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Message-id: 20241018141332.942844-4-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:43 +0000 (12:54 +0000)]
docs/system/arm: Don't use wildcard '*-bmc' in doc titles
We have two Arm board doc files which both use '*-bmc' in their
documentation title. The result is that when you read the
table of contents in system/target-arm.html you don't know
which boards are covered by which file.
Expand out the board names entirely in the document titles.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Message-id: 20241018141332.942844-3-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:43 +0000 (12:54 +0000)]
docs/system/arm/stm32: List olimex-stm32-h405 in document title
List the olimex-stm32-h405 board in the document title, so that the
board name appears in the table of contents in system/target-arm.rst.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Message-id: 20241018141332.942844-2-peter.maydell@linaro.org
The arguments in MESONINTROSPECT are quoted with shlex.quote() so it
must be parsed with shlex.split(). Otherwise the script will fail if
the build directory has a character like "~" in it.
Note: this fix cannot be backported directly to any stable branch
that doesn't require Meson version 1.4.0 or better; otherwise it will
work OK on Linux but will break on Windows hosts.
(Unfortunately, Meson prior to version 1.4.0 was inconsistent between
host OSes about how it quoted arguments, and used a different quoting
process on Windows hosts. Our current git trunk already requires
1.5.0 as of commit 07f0d32641e ("Require meson version 1.5.0"), but
the stable branches are still on older Meson.)
Fixes: cf60ccc330 ("cutils: Introduce bundle mechanism") Reported-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Tested-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-id: 20241018130852.931509-1-peter.maydell@linaro.org
[PMM: Updated commit message to give all the detail about the
Meson version compability requirements.] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 29 Oct 2024 12:54:42 +0000 (12:54 +0000)]
tests/functional: Add a functional test for the sx1 board
Add a functional test for the sx1 board that uses the kernel and
rootfs provided by Guenter Roeck in the linux-test-downloads repo:
https://github.com/groeck/linux-test-downloads/
We have three variants of the test for this board:
* just boot initrd
* boot with filesystem on SD card
* boot from flash
In all cases these images have a userspace that is configured to
immediately reboot the system on successful boot, and the board
itself supports telling QEMU to do the reboot, so we only need to
wait for QEMU to exit (via -no-reboot).
Since there are three subtests, the test as a whole takes about
80s on my local machine. That's about the same as the aarch64_virt
test, so give it the same overall test timeout as that one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20241017163247.711244-3-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:42 +0000 (12:54 +0000)]
tests/functional: Add a functional test for the collie board
Add a functional test for the collie board that uses the kernel and
rootfs provided by Guenter Roeck in the linux-test-downloads repo:
https://github.com/groeck/linux-test-downloads/
This just boots Linux with a userspace that immediately reboots
the board, so we wait for the reboot log line.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20241017163247.711244-2-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:42 +0000 (12:54 +0000)]
hw/sd/omap_mmc: Don't use sd_cmd_type_t
In commit 1ab08790bb75e4 we did some refactoring of the SD card
implementation, which included a rearrangement of the sd_cmd_type_t
enum values. Unfortunately we didn't notice that this enum is not
used solely inside the SD card model itself, but is also used by the
OMAP MMC controller device. In the OMAP MMC controller, it is used
to implement the handling of the Type field of the MMC_CMD register,
so changing the enum values so that they no longer lined up with the
bit definitions for that register field broke the controller model.
The effect is that Linux fails to boot from an SD card on the "sx1"
machine.
Give omap-mmc its own enum which we can document as needing to match
the encoding used in this device's register, so it isn't sharing
sd_cmd_type_t with the SD card model any more. We can then move
sd_cmd_type_t's definition out of sd.h and into sd.c, which is the
only place that uses it.
Cc: qemu-stable@nongnu.org Fixes: 1ab08790bb75 ("hw/sd/sdcard: Store command type in SDProto") Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Guenter Roeck <linux@roeck-us.net> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20241017162755.710698-1-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:42 +0000 (12:54 +0000)]
target/arm: Don't assert in regime_is_user() for E10 mmuidx values
In regime_is_user() we assert if we're passed an ARMMMUIdx_E10_*
mmuidx value. This used to make sense because we only used this
function in ptw.c and would never use it on this kind of stage 1+2
mmuidx, only for an individual stage 1 or stage 2 mmuidx.
However, when we implemented FEAT_E0PD we added a callsite in
aa64_va_parameters(), which means this can now be called for
stage 1+2 mmuidx values if the guest sets the TCG_ELX.{E0PD0,E0PD1}
bits to enable use of the feature. This will then result in
an assertion failure later, for instance on a TLBI operation:
#6 0x00007ffff6d0e70f in g_assertion_message_expr
(domain=0x0, file=0x55555676eeba "../../target/arm/internals.h", line=978, func=0x555556771d48 <__func__.5> "regime_is_user", expr=<optimised out>)
at ../../../glib/gtestutils.c:3279
#7 0x0000555555f286d2 in regime_is_user (env=0x555557f2fe00, mmu_idx=ARMMMUIdx_E10_0) at ../../target/arm/internals.h:978
#8 0x0000555555f3e31c in aa64_va_parameters (env=0x555557f2fe00, va=18446744073709551615, mmu_idx=ARMMMUIdx_E10_0, data=true, el1_is_aa32=false)
at ../../target/arm/helper.c:12048
#9 0x0000555555f3163b in tlbi_aa64_get_range (env=0x555557f2fe00, mmuidx=ARMMMUIdx_E10_0, value=106721347371041) at ../../target/arm/helper.c:5214
#10 0x0000555555f317e8 in do_rvae_write (env=0x555557f2fe00, value=106721347371041, idxmap=21, synced=true) at ../../target/arm/helper.c:5260
#11 0x0000555555f31925 in tlbi_aa64_rvae1is_write (env=0x555557f2fe00, ri=0x555557fbeae0, value=106721347371041) at ../../target/arm/helper.c:5302
#12 0x0000555556036f8f in helper_set_cp_reg64 (env=0x555557f2fe00, rip=0x555557fbeae0, value=106721347371041) at ../../target/arm/tcg/op_helper.c:965
Since we do know whether these mmuidx values are for usermode
or not, we can easily make regime_is_user() handle them:
ARMMMUIdx_E10_0 is user, and the other two are not.
Cc: qemu-stable@nongnu.org Fixes: e4c93e44ab103f ("target/arm: Implement FEAT_E0PD") Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20241017172331.822587-1-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 12:54:41 +0000 (12:54 +0000)]
target/arm: Store FPSR cumulative exception bits in env->vfp.fpsr
Currently we store the FPSR cumulative exception bits in the
float_status fields, and use env->vfp.fpsr only for the NZCV bits.
(The QC bit is stored in env->vfp.qc[].)
This works for TCG, but if QEMU was built without CONFIG_TCG (i.e.
with KVM support only) then we use the stub versions of
vfp_get_fpsr_from_host() and vfp_set_fpsr_to_host() which do nothing,
throwing away the cumulative exception bit state. The effect is that
if the FPSR state is round-tripped from KVM to QEMU then we lose the
cumulative exception bits. In particular, this will happen if the VM
is migrated. There is no user-visible bug when using KVM with a QEMU
binary that was built with CONFIG_TCG.
Fix this by always storing the cumulative exception bits in
env->vfp.fpsr. If we are using TCG then we may also keep pending
cumulative exception information in the float_status fields, so we
continue to fold that in on reads.
This change will also be helpful for implementing FEAT_AFP later,
because that includes a feature where in some situations we want to
cause input denormals to be flushed to zero without affecting the
existing state of the FPSR.IDC bit, so we need a place to store IDC
which is distinct from the various float_status fields.
(Note for stable backports: the bug goes back to 4a15527c9fee but
this code was refactored in commits ea8618382aba..a8ab8706d4cc461, so
fixing it in branches without those refactorings will mean either
backporting the refactor or else implementing a conceptually similar
fix for the old code.)
Cc: qemu-stable@nongnu.org Fixes: 4a15527c9fee ("target/arm/vfp_helper: Restrict the SoftFloat use to TCG") Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20241011162401.3672735-1-peter.maydell@linaro.org
The example of how to do vCPU hotplug and hot-unlpug in the
cpu-hotplug documentation no longer works, because the way we
allocate socket-id and core-id to CPUs by default has changed at some
point. The output also no longer matches what current QEMU produces
in some more cosmetic ways.
Update the example to match current QEMU. The differences are:
* the second CPU is now socket-id=0 core-id=1,
not socket-id=1 core-id=0
* the order of fields in QMP responses is now in alphabetical order
* the "arch" member is no longer present in the query-cpus-fast
output (it was removed in QEMU 6.0)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20241010131800.3210161-1-peter.maydell@linaro.org
Message-id: 20240819144303.37852-1-peter.maydell@linaro.org
Peter Maydell [Tue, 29 Oct 2024 14:00:43 +0000 (14:00 +0000)]
Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into staging
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEIV1G9IJGaJ7HfzVi7wSWWzmNYhEFAmcglKYACgkQ7wSWWzmN
# YhEm/wf/cYA7i3asKMUoYqlff5mBiY3aFCWzTR5qHLBcWfnB33f9FYpAW6RgDwMa
# 3aFAJm1VZAynmUWgz+f537+e+7900M+P54zbD7kHCthAy7l/E7t9SkKNpe6jZHEA
# P4hB09CSKm/TY1XtsFMvO5tkF9IgY51VEO+mZJesO1H2X2+3ulJYusx9fh/P6yST
# bG8sbXr55v23R3z4UOovqfkuskPETwRh3qoiOLPPBy8CWkBVze8J+siC7HC+eFIo
# KrQ+jhUYpIK8CAgHV09ZnlurLo6UZ0+vlo9IcJN+GQp/gsmg8OErjvzPdKKbynC/
# 1zjvkgyW27aHsei+baTMXGCE0P8dIw==
# =6+yo
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 29 Oct 2024 07:54:14 GMT
# gpg: using RSA key 215D46F48246689EC77F3562EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* tag 'net-pull-request' of https://github.com/jasowang/qemu:
virtio-net: Avoid indirection_table_mask overflow
Fix calculation of minimum in colo_compare_tcp
net: Check if nc is NULL in qemu_get_vnet_hdr_len()
net/tap-win32: Fix gcc 14 format truncation errors
chardev: finalize 'reconnect' deprecation
net/stream: deprecate 'reconnect' in favor of 'reconnect-ms'
hw/net: improve tracing of eBPF RSS setup
ebpf: improve trace event coverage to all key operations
hw/net: report errors from failing to use eBPF RSS FDs
ebpf: add formal error reporting to all APIs
ebpf: improve error trace events
ebpf: drop redundant parameter checks in static methods
hw/net: fix typo s/epbf/ebpf/ in virtio-net
net: fix build when libbpf is disabled, but libxdp is enabled
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Cornelia Huck [Tue, 29 Oct 2024 12:54:40 +0000 (12:54 +0000)]
arm/kvm: add support for MTE
Extend the 'mte' property for the virt machine to cover KVM as
well. For KVM, we don't allocate tag memory, but instead enable
the capability.
If MTE has been enabled, we need to disable migration, as we do not
yet have a way to migrate the tags as well. Therefore, MTE will stay
off with KVM unless requested explicitly.
[gankulkarni: This patch is rework of commit b320e21c48
which broke TCG since it made the TCG -cpu max
report the presence of MTE to the guest even if the board hadn't
enabled MTE by wiring up the tag RAM. This meant that if the guest
then tried to use MTE QEMU would segfault accessing the
non-existent tag RAM.]
Akihiko Odaki [Tue, 8 Oct 2024 06:51:03 +0000 (15:51 +0900)]
virtio-net: Avoid indirection_table_mask overflow
We computes indirections_len by adding 1 to indirection_table_mask, but
it may overflow indirection_table_mask is UINT16_MAX. Check if
indirection_table_mask is small enough before adding 1.
Fixes: 590790297c0d ("virtio-net: implement RSS configuration command") Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Stefan Weil [Mon, 9 Sep 2024 20:42:54 +0000 (22:42 +0200)]
Fix calculation of minimum in colo_compare_tcp
GitHub's CodeQL reports a critical error which is fixed by using the MIN macro:
Unsigned difference expression compared to zero
Signed-off-by: Stefan Weil <sw@weilnetz.de> Cc: qemu-stable@nongnu.org Reviewed-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Pierre-Eric Pelloux-Prayer [Thu, 24 Oct 2024 21:03:10 +0000 (00:03 +0300)]
virtio-gpu: Register capsets dynamically
virtio_gpu_virgl_get_num_capsets will return "num_capsets", but we can't
assume that capset_index 1 is always VIRGL2 once we'll support more capsets,
like Venus and DRM capsets. Register capsets dynamically to avoid that problem.
Robert Beckett [Thu, 24 Oct 2024 21:03:09 +0000 (00:03 +0300)]
virtio-gpu: Handle resource blob commands
Support BLOB resources creation, mapping, unmapping and set-scanout by
calling the new stable virglrenderer 0.10 interface. Only enabled when
available and via the blob config. E.g. -device virtio-vga-gl,blob=true
Signed-off-by: Antonio Caggiano <antonio.caggiano@collabora.com> Signed-off-by: Robert Beckett <bob.beckett@collabora.com> # added set_scanout_blob Signed-off-by: Xenia Ragiadakou <xenia.ragiadakou@amd.com> Signed-off-by: Huang Rui <ray.huang@amd.com> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
Message-Id: <20241024210311.118220-12-dmitry.osipenko@collabora.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Dmitry Osipenko [Thu, 24 Oct 2024 21:03:08 +0000 (00:03 +0300)]
virtio-gpu: Support suspension of commands processing
Check whether command processing has been finished; otherwise, stop
processing commands and retry the command again next time. This allows
us to support asynchronous execution of non-fenced commands needed for
unmapping host blobs safely.
Huang Rui [Thu, 24 Oct 2024 21:03:07 +0000 (00:03 +0300)]
virtio-gpu: Add virgl resource management
In a preparation to adding host blobs support to virtio-gpu, add virgl
resource management that allows to retrieve resource based on its ID
and virgl resource wrapper on top of simple resource that will be contain
fields specific to virgl.
Signed-off-by: Huang Rui <ray.huang@amd.com> Reviewed-by: Antonio Caggiano <quic_acaggian@quicinc.com> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
Message-Id: <20241024210311.118220-10-dmitry.osipenko@collabora.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Dmitry Osipenko [Thu, 24 Oct 2024 21:03:06 +0000 (00:03 +0300)]
virtio-gpu: Don't require udmabuf when blobs and virgl are enabled
The udmabuf usage is mandatory when virgl is disabled and blobs feature
enabled in the Qemu machine configuration. If virgl and blobs are enabled,
then udmabuf requirement is optional. Since udmabuf isn't widely supported
by a popular Linux distros today, let's relax the udmabuf requirement for
blobs=on,virgl=on. Now, a full-featured virtio-gpu acceleration is
available to Qemu users without a need to have udmabuf available in the
system.
Reviewed-by: Antonio Caggiano <antonio.caggiano@collabora.com> Signed-off-by: Huang Rui <ray.huang@amd.com> Reviewed-by: Antonio Caggiano <quic_acaggian@quicinc.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
Message-Id: <20241024210311.118220-9-dmitry.osipenko@collabora.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Huang Rui [Thu, 24 Oct 2024 21:03:05 +0000 (00:03 +0300)]
virtio-gpu: Support context-init feature with virglrenderer
Patch "virtio-gpu: CONTEXT_INIT feature" has added the context_init
feature flags. Expose this feature and support creating virglrenderer
context with flags using context_id if libvirglrenderer is new enough.
Originally-by: Antonio Caggiano <antonio.caggiano@collabora.com> Signed-off-by: Huang Rui <ray.huang@amd.com> Reviewed-by: Antonio Caggiano <quic_acaggian@quicinc.com> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
Message-Id: <20241024210311.118220-8-dmitry.osipenko@collabora.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Dmitry Osipenko [Thu, 24 Oct 2024 21:03:04 +0000 (00:03 +0300)]
virtio-gpu: Use pkgconfig version to decide which virgl features are available
New virglrerenderer features were stabilized with release of v1.0.0.
Presence of symbols in virglrenderer.h doesn't guarantee ABI compatibility
with pre-release development versions of libvirglerender. Use virglrenderer
version to decide reliably which virgl features are available.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
Message-Id: <20241024210311.118220-7-dmitry.osipenko@collabora.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
virtio_gpu_virgl_init() may fail, leading to a further Qemu crash
because Qemu assumes it never fails. Check virtio_gpu_virgl_init()
return code and don't execute virtio commands on error. Failed
virtio_gpu_virgl_init() will result in a timed out virtio commands
for a guest OS.
Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
Message-Id: <20241024210311.118220-5-dmitry.osipenko@collabora.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Akihiko Odaki [Sat, 17 Aug 2024 07:00:43 +0000 (16:00 +0900)]
net: Check if nc is NULL in qemu_get_vnet_hdr_len()
A netdev may not have a peer specified, resulting in NULL. We should
make it behave like /dev/null in such a case instead of letting it
cause segmentatin fault.
Fixes: 4b52d63249a5 ("tap: Remove qemu_using_vnet_hdr()") Cc: qemu-stable@nongnu.org Reported-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Tested-by; Jonathan Cameron <Jonathan.Cameron@huawei.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Bernhard Beschow [Tue, 8 Oct 2024 20:28:42 +0000 (22:28 +0200)]
net/tap-win32: Fix gcc 14 format truncation errors
The patch fixes the following errors generated by GCC 14.2:
../src/net/tap-win32.c:343:19: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size 176 [-Werror=format-truncation=]
343 | "%s\\%s\\Connection",
| ^~
344 | NETWORK_CONNECTIONS_KEY, enum_name);
| ~~~~~~~~~
../src/net/tap-win32.c:341:9: note: 'snprintf' output between 92 and 347 bytes into a destination of size 256
341 | snprintf(connection_string,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
342 | sizeof(connection_string),
| ~~~~~~~~~~~~~~~~~~~~~~~~~~
343 | "%s\\%s\\Connection",
| ~~~~~~~~~~~~~~~~~~~~~
344 | NETWORK_CONNECTIONS_KEY, enum_name);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../src/net/tap-win32.c:242:58: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size 178 [-Werror=format-truncation=]
242 | snprintf (unit_string, sizeof(unit_string), "%s\\%s",
| ^~
243 | ADAPTER_KEY, enum_name);
| ~~~~~~~~~
../src/net/tap-win32.c:242:9: note: 'snprintf' output between 79 and 334 bytes into a destination of size 256
242 | snprintf (unit_string, sizeof(unit_string), "%s\\%s",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
243 | ADAPTER_KEY, enum_name);
| ~~~~~~~~~~~~~~~~~~~~~~~
../src/net/tap-win32.c:620:52: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size 245 [-Werror=format-truncation=]
620 | snprintf (device_path, sizeof(device_path), "%s%s%s",
| ^~
621 | USERMODEDEVICEDIR,
622 | device_guid,
| ~~~~~~~~~~~
../src/net/tap-win32.c:620:5: note: 'snprintf' output between 16 and 271 bytes into a destination of size 256
620 | snprintf (device_path, sizeof(device_path), "%s%s%s",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
621 | USERMODEDEVICEDIR,
| ~~~~~~~~~~~~~~~~~~
622 | device_guid,
| ~~~~~~~~~~~~
623 | TAPSUFFIX);
| ~~~~~~~~~~
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2607 Cc: qemu-stable@nongnu.org Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Jason Wang <jasowang@redhat.com>
Daniil Tatianin [Fri, 25 Oct 2024 07:35:24 +0000 (10:35 +0300)]
net/stream: deprecate 'reconnect' in favor of 'reconnect-ms'
Do the same thing we already did for chardev in c8e2b6b4d7e, and
introduce a new 'reconnect-ms' option to make it possible to specify
sub-second timeouts. This also changes the related documentaion and
tests to use reconnect-ms as well.
Signed-off-by: Daniil Tatianin <d-tatianin@yandex-team.ru> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Daniel P. Berrangé [Wed, 23 Oct 2024 08:51:02 +0000 (09:51 +0100)]
ebpf: improve trace event coverage to all key operations
The existing error trace event is renamed to have a name prefix
matching its source file & to remove the redundant first arg that
adds no useful information.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Daniel P. Berrangé [Wed, 23 Oct 2024 08:51:01 +0000 (09:51 +0100)]
hw/net: report errors from failing to use eBPF RSS FDs
If the user/mgmt app passed in a set of pre-opened FDs for eBPF RSS,
then it is expecting QEMU to use them. Any failure to do so must be
considered a fatal error and propagated back up the stack, otherwise
deployment mistakes will not be detectable in a prompt manner. When
not using pre-opened FDs, then eBPF RSS is tried on a "best effort"
basis only and thus fallback to software RSS is valid.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Daniel P. Berrangé [Wed, 23 Oct 2024 08:51:00 +0000 (09:51 +0100)]
ebpf: add formal error reporting to all APIs
The eBPF code is currently reporting error messages through trace
events. Trace events are fine for debugging, but they are not to be
considered the primary error reporting mechanism, as their output
is inaccessible to callers.
This adds an "Error **errp" parameter to all methods which have
important error scenarios to report to the caller.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Daniel P. Berrangé [Wed, 23 Oct 2024 08:50:59 +0000 (09:50 +0100)]
ebpf: improve error trace events
A design pattern of
trace_foo_error("descriptive string")
is undesirable because it does not allow for filtering trace events
based on the error scenario. Split eBPF error trace event into three
separate events to address this filtering need.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Daniel P. Berrangé [Wed, 23 Oct 2024 08:50:58 +0000 (09:50 +0100)]
ebpf: drop redundant parameter checks in static methods
Various static methods have checks on their parameters which were
already checked immediately before the method was invoked. Drop
these redundat checks to simplify the following commit which adds
formal error reporting.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Daniel P. Berrangé [Wed, 23 Oct 2024 08:50:57 +0000 (09:50 +0100)]
hw/net: fix typo s/epbf/ebpf/ in virtio-net
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Daniel P. Berrangé [Wed, 23 Oct 2024 08:50:56 +0000 (09:50 +0100)]
net: fix build when libbpf is disabled, but libxdp is enabled
The net/af-xdp.c code is enabled when the libxdp library is present,
however, it also has direct API calls to bpf_xdp_query_id &
bpf_xdp_detach which are provided by the libbpf library.
As a result if building with --disable-libbpf, but libxdp gets
auto-detected, we'll fail to link QEMU
/usr/bin/ld: libcommon.a.p/net_af-xdp.c.o: undefined reference to symbol 'bpf_xdp_query_id@@LIBBPF_0.7.0'
There are two bugs here
* Since we have direct libbpf API calls, when building
net/af-xdp.c, we must tell meson that libbpf is a
dependancy, so that we directly link to it, rather
than relying on indirect linkage.
* When must skip probing for libxdp at all, when libbpf
is not found, raising an error if --enable-libxdp was
given explicitly.
Fixes: cb039ef3d9e3112da01e1ecd9b136ac9809ef733 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Peter Maydell [Fri, 25 Oct 2024 18:12:06 +0000 (19:12 +0100)]
Merge tag 'pull-maintainer-oct-misc-241024-1' of https://gitlab.com/stsquad/qemu into staging
testing, gdbstub and plugin updates
- update MAINTAINERS with pointers to foo/next
- add NOFETCH to help test custom docker builds
- update microblaze toolchain with atomic fixes
- update tsan build and documentation
- don't restrict build-environment by arch unless needed
- add cross-modifying code test
- add tracepoints for cpu_step_atomic fallbacks
- fix defaults for loongarch cross build
- make check-[dco|patch] a little more verbose
- fix gdbstub bug preventing aarch64_be-linux-user starting
- add basic test for aarch64_be
- clean up some gdbstub test scripts
- fix qemu_plugin_reset
* tag 'pull-maintainer-oct-misc-241024-1' of https://gitlab.com/stsquad/qemu:
plugins: fix qemu_plugin_reset
MAINTAINERS: mention my plugins/next tree
testing: Enhance gdb probe script
tests/tcg/aarch64: Use raw strings for regexes in test-mte.py
tests/tcg: enable basic testing for aarch64_be-linux-user
config/targets: update aarch64_be-linux-user gdb XML list
MAINTAINERS: mention my gdbstub/next tree
gitlab: make check-[dco|patch] a little more verbose
dockerfiles: fix default targets for debian-loongarch-cross
accel/tcg: add tracepoints for cpu_loop_exit_atomic
tests/tcg/x86_64: Add cross-modifying code test
scripts/ci: remove architecture checks for build-environment updates
docs/devel: update tsan build documentation
meson: hide tsan related warnings
MAINTAINERS: mention my testing/next tree
tests/docker: add NOFETCH env variable for testing
tests/docker: Fix microblaze atomics
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 25 Oct 2024 12:35:22 +0000 (13:35 +0100)]
Merge tag 'pull-aspeed-20241024' of https://github.com/legoater/qemu into staging
aspeed queue:
* Fixed GPIO interrupt status when in index mode
* Added GPIO support for the AST2700 SoC and specific test cases
* Fixed crypto controller (HACE) Accumulative hash function
* Converted Aspeed machine avocado tests to the new functional
framework. SDK tests still to be addressed.
* Fixed issue in the SSI controller when doing writes in user mode
* Added support for the WRSR2 register of Winbond flash devices
* Added SFDP table for the Windbond w25q80bl flash device
* Changed flash device models for the ast1030-a1 EVB
* tag 'pull-aspeed-20241024' of https://github.com/legoater/qemu:
test/qtest/aspeed_smc-test: Fix coding style
hw/arm/aspeed: Correct fmc_model w25q80bl for ast1030-a1 EVB
hw/arm/aspeed: Correct spi_model w25q256 for ast1030-a1 EVB.
hw/block/m25p80: Add SFDP table for w25q80bl flash
hw/block:m25p80: Support write status register 2 command (0x31) for w25q01jvq
hw/block:m25p80: Fix coding style
aspeed/smc: Fix write incorrect data into flash in user mode
tests/functional: Convert most Aspeed machine tests
hw/misc/aspeed_hace: Fix SG Accumulative hashing
tests/qtest:ast2700-gpio-test: Add GPIO test case for AST2700
aspeed/soc: Support GPIO for AST2700
aspeed/soc: Correct GPIO irq 130 for AST2700
hw/gpio/aspeed: Add AST2700 support
hw/gpio/aspeed: Fix clear incorrect interrupt status for GPIO index mode
hw/gpio/aspeed: Support different memory region ops
hw/gpio/aspeed: Support to set the different memory size
hw/gpio/aspeed: Fix coding style
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* tag 'pull-vfio-20241024' of https://github.com/legoater/qemu:
vfio/helpers: Align mmaps
vfio/helpers: Refactor vfio_region_mmap() error handling
vfio/migration: Change trace formats from hex to decimal
vfio/migration: Report only stop-copy size in vfio_state_pending_exact()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* tag 'pull-request-2024-10-23' of https://gitlab.com/thuth/qemu: (23 commits)
pc-bios/s390-ccw: Update s390-ccw.img with the full boot order support feature
pc-bios/s390-ccw: Introduce `EXTRA_LDFLAGS`
pc-bios/s390-ccw: Don't generate TEXTRELs
pc-bios/s390-ccw: Clarify alignment is in bytes
tests/qtest: Add s390x boot order tests to cdrom-test.c
docs/system: Update documentation for s390x IPL
pc-bios/s390x: Enable multi-device boot loop
s390x: Rebuild IPLB for SCSI device directly from DIAG308
hw/s390x: Build an IPLB for each boot device
s390x: Add individual loadparm assignment to CCW device
include/hw/s390x: Add include files for common IPL structs
pc-bios/s390-ccw: Enable failed IPL to return after error
pc-bios/s390-ccw: Remove panics from Netboot IPL path
pc-bios/s390-ccw: Remove panics from DASD IPL path
pc-bios/s390-ccw: Remove panics from SCSI IPL path
pc-bios/s390-ccw: Remove panics from ECKD IPL path
pc-bios/s390-ccw: Remove panics from ISO IPL path
docs/system/s390x/bootdevices: Update the documentation about network booting
pc-bios/s390-ccw: Merge netboot.mak into the main Makefile
hw/s390x: Remove the possibility to load the s390-netboot.img binary
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 24 Oct 2024 14:21:42 +0000 (15:21 +0100)]
Merge tag 'pull-tcg-20241022' of https://gitlab.com/rth7680/qemu into staging
tcg: Reset data_gen_ptr correctly
tcg/riscv: Implement host vector support
tcg/ppc: Fix tcg_out_rlw_rc
target/i386: Walk NPT in guest real mode
target/i386: Use probe_access_full_mmu in ptw_translate
linux-user: Fix build failure caused by missing __u64 on musl
linux-user: Emulate /proc/self/maps under mmap_lock
linux-user/riscv: Fix definition of RISCV_HWPROBE_EXT_ZVFHMIN
linux-user/ppc: Fix sigmask endianness issue in sigreturn
* tag 'for-upstream' of https://repo.or.cz/qemu/kevin:
raw-format: Fix error message for invalid offset/size
block-backend: per-device throttling of BLOCK_IO_ERROR reports
qapi: add qom-path to BLOCK_IO_ERROR event
iotests/backup-discard-source: don't use actual-size
iotests/backup-discard-source: convert size variable to be int
block/vdi.c: Make SECTOR_SIZE constant 64-bits
tests/qemu-iotests/211.out: Update to expect MapEntry 'compressed' field
block/ssh.c: Don't double-check that characters are hex digits
block/gluster: Use g_autofree for string in qemu_gluster_parse_json()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 24 Oct 2024 10:23:38 +0000 (11:23 +0100)]
Merge tag 'misc-fixes-pull-request' of https://gitlab.com/berrange/qemu into staging
Misc sockets, crypto and VNC fixes
* Fix rare EADDRINUSE failures on OpenBSD platforms seen
with migration
* Fix & test overwriting of hash output buffer
* Close connection instead of returning empty SASL mechlist to
VNC clients
* Fix handling of SASL SSF on VNC server UNIX sockets
* Fix handling of NULL SASL server data in VNC server
* Validate trailing NUL padding byte from SASL client
* Fix & test AF_ALG crypto backend build
* Remove unused code in sockets and crypto subsystems
* tag 'misc-fixes-pull-request' of https://gitlab.com/berrange/qemu:
gitlab: enable afalg tests in fedora system test
ui: validate NUL byte padding in SASL client data more strictly
ui: fix handling of NULL SASL server data
ui/vnc: don't check for SSF after SASL authentication on UNIX sockets
ui/vnc: fix skipping SASL SSF on UNIX sockets
ui/vnc: don't raise error formatting socket address for non-inet
ui/vnc: don't return an empty SASL mechlist to the client
crypto/hash-afalg: Fix broken build
include/crypto: clarify @result/@result_len for hash/hmac APIs
tests: correctly validate result buffer in hash/hmac tests
crypto/hash: avoid overwriting user supplied result pointer
util: don't set SO_REUSEADDR on client sockets
sockets: Remove deadcode
crypto: Remove unused DER string functions
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Pierrick Bouvier [Wed, 23 Oct 2024 11:34:06 +0000 (12:34 +0100)]
plugins: fix qemu_plugin_reset
34e5e1 refactored the plugin context initialization. After this change,
tcg_ctx->plugin_insn is not reset inconditionnally anymore, but only if
one plugin at least is active.
When uninstalling the last plugin active, we stopped reinitializing
tcg_ctx->plugin_insn, which leads to memory callbacks being emitted.
This results in an error as they don't appear in a plugin op sequence as
expected.
The correct fix is to make sure we reset plugin translation variables
after current block translation ends. This way, we can catch any
potential misuse of those after a given block, in more than fixing the
current bug.
Fixes: https://gitlab.com/qemu-project/qemu/-/issues/2570 Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Tested-by: Robbin Ehn <rehn@rivosinc.com>
Message-Id: <20241015003819.984601-1-pierrick.bouvier@linaro.org>
[AJB: trim patch version details from commit msg] Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20241023113406.1284676-19-alex.bennee@linaro.org>
Gustavo Romero [Wed, 23 Oct 2024 11:34:02 +0000 (12:34 +0100)]
tests/tcg/aarch64: Use raw strings for regexes in test-mte.py
Use Python's raw string notation instead of string literals for regex so
it's not necessary to double backslashes when regex special forms are
used. Raw notation is preferred for regex and easier to read.
Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20241015140806.385449-1-gustavo.romero@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20241023113406.1284676-15-alex.bennee@linaro.org>
Alex Bennée [Wed, 23 Oct 2024 11:34:01 +0000 (12:34 +0100)]
tests/tcg: enable basic testing for aarch64_be-linux-user
We didn't notice breakage of aarch64_be because we don't have any TCG
tests for it. However while the existing aarch64 compiler can target
big-endian builds no one packages a BE libc. Instead we bang some
rocks together to do the most basic of hello world with a nostdlib
syscall test.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20241023113406.1284676-14-alex.bennee@linaro.org>
Alex Bennée [Wed, 23 Oct 2024 11:33:59 +0000 (12:33 +0100)]
MAINTAINERS: mention my gdbstub/next tree
Make it easy for people to see what is already queued.
Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20241023113406.1284676-12-alex.bennee@linaro.org>
Alex Bennée [Wed, 23 Oct 2024 11:33:58 +0000 (12:33 +0100)]
gitlab: make check-[dco|patch] a little more verbose
When git fails the rather terse backtrace only indicates it failed
without some useful context. Add some to make the log a little more
useful.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20241023113406.1284676-11-alex.bennee@linaro.org>
Alex Bennée [Wed, 23 Oct 2024 11:33:56 +0000 (12:33 +0100)]
accel/tcg: add tracepoints for cpu_loop_exit_atomic
We try to avoid using cpu_loop_exit_atomic as it brings in an all-core
sync point. However on some cpu/kernel/benchmark combinations it is
starting to show up in the performance profile. To make it easier to
see whats going on add tracepoints for the slow path so we can see
what is triggering the wait.
It seems for a modern CPU it can be quite a bit, for example:
Ilya Leoshkevich [Wed, 23 Oct 2024 11:33:55 +0000 (12:33 +0100)]
tests/tcg/x86_64: Add cross-modifying code test
commit f025692c992c ("accel/tcg: Clear PAGE_WRITE before translation")
fixed cross-modifying code handling, but did not add a test. The
changed code was further improved recently [1], and I was not sure
whether these modifications were safe (spoiler: they were fine).
Alex Bennée [Wed, 23 Oct 2024 11:33:54 +0000 (12:33 +0100)]
scripts/ci: remove architecture checks for build-environment updates
We were missing s390x here. There isn't much point testing for the
architecture here as we will fail anyway if the appropriate package
list is missing.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20241023113406.1284676-7-alex.bennee@linaro.org>
Alex Bennée [Wed, 23 Oct 2024 11:33:51 +0000 (12:33 +0100)]
MAINTAINERS: mention my testing/next tree
I put it under my name as there may be other maintainer testing trees
as well.
Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20241023113406.1284676-4-alex.bennee@linaro.org>
Alex Bennée [Wed, 23 Oct 2024 11:33:50 +0000 (12:33 +0100)]
tests/docker: add NOFETCH env variable for testing
Testing non-auto built docker containers (i.e. custom built compilers)
is a bit fiddly as you couldn't continue a build with a previously
locally built container. While you can play games with REGISTRY its
simpler to allow a NOFETCH that will go through the cached build
process when you run the tests.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20241023113406.1284676-3-alex.bennee@linaro.org>
Jamin Lin [Tue, 22 Oct 2024 09:40:58 +0000 (17:40 +0800)]
hw/arm/aspeed: Correct fmc_model w25q80bl for ast1030-a1 EVB
Currently, the default fmc_model was "sst25vf032b" whose size was 4MB for
ast1030-a1 EVB. However, according to the schematic of ast1030-a1 EVB,
ASPEED shipped default flash of fmc_cs0 and fmc_cs1 were "w25q80bl" and
"w25q256", respectively. The size of w25q80bl is 1MB and the size of w25q256
is 32MB.
The fmc_cs0 was connected to AST1030 A1 internal flash and the fmc_cs1 was
connected to external flash. The internal flash could not be changed because
it was placed into AST1030 A1 chip. Users only can change fmc_cs1 external
flash.
So far, only supports to set the default fmc_model for all chip select pins.
In other words, users cannot set the different default flash model for
fmc_cs0 and fmc_cs1, respectively.
Correct fmc_model default flash to w25q80bl the same as AST1030 A1
internal flash for ast1030-a1 EVB.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Jamin Lin [Tue, 22 Oct 2024 09:40:57 +0000 (17:40 +0800)]
hw/arm/aspeed: Correct spi_model w25q256 for ast1030-a1 EVB.
Currently, the default spi_model was "sst25vf032b" whose size was 4MB for
ast1030-a1 EVB. However, according to the schematic of ast1030-a1 EVB,
ASPEED shipped default flash of spi1 and spi2 were w25q256 whose size
was 32MB.
Correct spi_model default flash to w25q256 for ast1030-a1 EVB.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Jamin Lin [Tue, 22 Oct 2024 09:40:55 +0000 (17:40 +0800)]
hw/block:m25p80: Support write status register 2 command (0x31) for w25q01jvq
According to the w25q01jv datasheet at page 16, it is required to set QE bit
in "Status Register 2" to enable quad mode.
Currently, m25p80 support users utilize "Write Status Register 1(0x01)" command
to set QE bit in "Status Register 2" and utilize "Read Status Register 2(0x35)"
command to get the QE bit status.
However, some firmware directly utilize "Status Register 2(0x31)" command to
set QE bit. To fully support quad mode for w25q01jvq, adds WRSR2 command.
Update collecting data needed 1 byte for WRSR2 command in decode_new_cmd
function and verify QE bit at the first byte of collecting data bit 2 in
complete_collecting_data.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Jamin Lin [Tue, 22 Oct 2024 09:40:53 +0000 (17:40 +0800)]
aspeed/smc: Fix write incorrect data into flash in user mode
According to the design of ASPEED SPI controllers user mode, users write the
data to flash, the SPI drivers set the Control Register(0x10) bit 0 and 1
enter user mode. Then, SPI drivers send flash commands for writing data.
Finally, SPI drivers set the Control Register (0x10) bit 2 to stop
active control and restore bit 0 and 1.
According to the design of ASPEED SMC model, firmware writes the
Control Register and the "aspeed_smc_flash_update_ctrl" function is called.
Then, this function verify Control Register(0x10) bit 0 and 1. If it set user
mode, the value of s->snoop_index is SNOOP_START else SNOOP_OFF.
If s->snoop_index is SNOOP_START, the "aspeed_smc_do_snoop" function verify
the first incomming data is a new flash command and writes the corresponding
dummy bytes if need.
However, it did not check the current unselect status. If current unselect
status is "false" and firmware set the IO MODE by Control Register bit 31:28,
the value of s->snoop_index will be changed to SNOOP_START again and
"aspeed_smc_do_snoop" misunderstand that the incomming data is the new flash
command and it causes writing unexpected data into flash.
Example:
1. Firmware set user mode by Control Register bit 0 and 1(0x03)
2. SMC model set s->snoop SNOOP_START
3. Firmware set Quad Page Program with 4-Byte Address command (0x34)
4. SMC model verify this flash command and it needs 4 dummy bytes.
5. Firmware send 4 bytes address.
6. SMC model receives 4 bytes address
7. Firmware set QPI IO MODE by Control Register bit 31. (0x80000003)
8. SMC model verify new user mode by Control Register bit 0 and 1.
Then, set s->snoop SNOOP_START again. (It is the wrong behavior.)
9. Firmware send 0xebd8c134 data and it should be written into flash.
However, SMC model misunderstand that the first incoming data, 0x34,
is the new command because the value of s->snoop is changed to SNOOP_START.
Finally, SMC sned the incorrect data to flash model.
Introduce a new unselect attribute in AspeedSMCState to save the current
unselect status for user mode and set it "true" by default.
Update "aspeed_smc_flash_update_ctrl" function to check the previous unselect
status. If both new unselect status and previous unselect status is different,
update s->snoop_index value and call "aspeed_smc_flash_do_select".
Increase VMStateDescription version.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
[ clg: - Replaced VMSTATE_BOOL -> VMSTATE_BOOL_V ] Signed-off-by: Cédric Le Goater <clg@redhat.com>
Cédric Le Goater [Wed, 16 Oct 2024 08:47:34 +0000 (10:47 +0200)]
tests/functional: Convert most Aspeed machine tests
This is a simple conversion of the tests with some cleanups and
adjustments to match the new test framework. Replace the zephyr image
MD5 hashes with SHA256 hashes while at it.
The SDK tests depend on a ssh class from avocado.utils which is
difficult to replace. To be addressed separately.
Signed-off-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Tested-by: Thomas Huth <thuth@redhat.com>
Alejandro Zeise [Wed, 7 Aug 2024 19:51:22 +0000 (19:51 +0000)]
hw/misc/aspeed_hace: Fix SG Accumulative hashing
Make the Aspeed HACE module use the new qcrypto accumulative hashing functions
when in scatter-gather accumulative mode. A hash context will maintain a
"running-hash" as each scatter-gather chunk is received.
Previously each scatter-gather "chunk" was cached
so the hash could be computed once the final chunk was received.
However, the cache was a shallow copy, so once the guest overwrote the
memory provided to HACE the final hash would not be correct.
Possibly related to: https://gitlab.com/qemu-project/qemu/-/issues/1121 Buglink: https://github.com/openbmc/qemu/issues/36 Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
[ clg: - Checkpatch fixes
- Reworked qcrypto_hash*() error reports in do_hash_operation() ] Signed-off-by: Cédric Le Goater <clg@redhat.com> Acked-by: Andrew Jeffery <andrew@codeconstruct.com.au> Reviewed-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Joel Stanley <joel@jms.id.au>
Jamin Lin [Tue, 1 Oct 2024 02:43:32 +0000 (10:43 +0800)]
aspeed/soc: Correct GPIO irq 130 for AST2700
The register set of GPIO have a significant change since AST2700.
Each GPIO pin has their own individual control register and users are able to
set one GPIO pin’s direction, interrupt enable, input mask and so on in the
same one control register.
AST2700 does not have GPIO18_XXX registers for GPIO 1.8v, removes
ASPEED_DEV_GPIO_1_8V. It is enough to only have ASPEED_DEV_GPIO
device in AST2700.
The AST2700 GPIO controller interrupt is connected to GICINT130_INTC at
bit 18. Therefore, correct GPIO irq 130.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Jamin Lin [Tue, 1 Oct 2024 02:43:31 +0000 (10:43 +0800)]
hw/gpio/aspeed: Add AST2700 support
AST2700 integrates two set of Parallel GPIO Controller with maximum 212
control pins, which are 27 groups. (H, exclude pin: H7 H6 H5 H4)
In the previous design of ASPEED SOCs, one register is used for setting
one function for one set which are 32 pins and 4 groups.
ex: GPIO000 is used for setting data value for GPIO A, B, C and D in AST2600.
ex: GPIO004 is used for setting direction for GPIO A, B, C and D in AST2600.
However, the register set have a significant change since AST2700.
Each GPIO pin has their own individual control register.
In other words, users are able to set one GPIO pin’s direction,
interrupt enable, input mask and so on in the same one register.
Currently, aspeed_gpio_read and aspeed_gpio_write callback functions
are not compatible AST2700.
Introduce new aspeed_gpio_2700_read and aspeed_gpio_2700_write callback
functions and aspeed_gpio_2700_ops memory region operation for AST2700.
Introduce a new ast2700 class to support AST2700.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Jamin Lin [Tue, 1 Oct 2024 02:43:30 +0000 (10:43 +0800)]
hw/gpio/aspeed: Fix clear incorrect interrupt status for GPIO index mode
The interrupt status field is W1C, where a set bit on read indicates an
interrupt is pending. If the bit extracted from data is set it should
clear the corresponding bit in reg_value. However, if the extracted
bit is clear then the value of the corresponding bit in reg_value
should be unchanged.
SHARED_FIELD_EX32() extracts the interrupt status bit from the write
(data). reg_value is set to the set's interrupt status, which means
that for any pin with an interrupt pending, the corresponding bit is
set. The deposit32() call updates the bit at pin_idx in the
reg_value, using the value extracted from the write (data).
The result is that if multiple interrupt status bits
were pending and the write was acknowledging specific one bit,
then the all interrupt status bits will be cleared.
However, it is index mode and should only clear the corresponding bit.
For example, say we have an interrupt pending for GPIOA0, where the
following statements are true:
set->int_status == 0b01
s->pending == 1
Before it is acknowledged, an interrupt becomes pending for GPIOA1:
set->int_status == 0b11
s->pending == 2
A write is issued to acknowledge the interrupt for GPIOA0. This causes
the following sequence:
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Suggested-by: Andrew Jeffery <andrew@codeconstruct.com.au> Reviewed-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Jamin Lin [Tue, 1 Oct 2024 02:43:29 +0000 (10:43 +0800)]
hw/gpio/aspeed: Support different memory region ops
It set "aspeed_gpio_ops" struct which containing read and write callbacks
to be used when I/O is performed on the GPIO region.
Besides, in the previous design of ASPEED SOCs, one register is used for
setting one function for 32 GPIO pins.
ex: GPIO000 is used for setting data value for GPIO A, B, C and D in AST2600.
ex: GPIO004 is used for setting direction for GPIO A, B, C and D in AST2600.
However, the register set have a significant change in AST2700.
Each GPIO pin has their own control register. In other words, users are able to
set one GPIO pin’s direction, interrupt enable, input mask and so on
in one register. The aspeed_gpio_read/aspeed_gpio_write callback functions
are not compatible AST2700.
Introduce a new "const MemoryRegionOps *" attribute in AspeedGPIOClass and
use it in aspeed_gpio_realize function.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Jamin Lin [Tue, 1 Oct 2024 02:43:28 +0000 (10:43 +0800)]
hw/gpio/aspeed: Support to set the different memory size
According to the datasheet of ASPEED SOCs, a GPIO controller owns 4KB of
register space for AST2700, AST2500, AST2400 and AST1030; owns 2KB of
register space for AST2600 1.8v and owns 2KB of register space for
AST2600 3.3v.
It set the memory region size 2KB by default and it does not compatible
register space for AST2700.
Introduce a new class attribute to set the GPIO controller memory size
for different ASPEED SOCs.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Alex Williamson [Tue, 22 Oct 2024 20:08:29 +0000 (14:08 -0600)]
vfio/helpers: Align mmaps
Thanks to work by Peter Xu, support is introduced in Linux v6.12 to
allow pfnmap insertions at PMD and PUD levels of the page table. This
means that provided a properly aligned mmap, the vfio driver is able
to map MMIO at significantly larger intervals than PAGE_SIZE. For
example on x86_64 (the only architecture currently supporting huge
pfnmaps for PUD), rather than 4KiB mappings, we can map device MMIO
using 2MiB and even 1GiB page table entries.
Typically mmap will already provide PMD aligned mappings, so devices
with moderately sized MMIO ranges, even GPUs with standard 256MiB BARs,
will already take advantage of this support. However in order to better
support devices exposing multi-GiB MMIO, such as 3D accelerators or GPUs
with resizable BARs enabled, we need to manually align the mmap.
There doesn't seem to be a way for userspace to easily learn about PMD
and PUD mapping level sizes, therefore this takes the simple approach
to align the mapping to the power-of-two size of the region, up to 1GiB,
which is currently the maximum alignment we care about.
Cc: Peter Xu <peterx@redhat.com> Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Reviewed-by: Peter Xu <peterx@redhat.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Move error handling code to the end of the function so that it can more
easily be shared by new mmap failure conditions. No functional change
intended.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Reviewed-by: Peter Xu <peterx@redhat.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Avihai Horon [Sun, 20 Oct 2024 13:01:08 +0000 (16:01 +0300)]
vfio/migration: Change trace formats from hex to decimal
Data sizes in VFIO migration trace events are printed in hex format
while in migration core trace events they are printed in decimal format.
This inconsistency makes it less readable when using both trace event
types. Hence, change the data sizes print format to decimal in VFIO
migration trace events.
Signed-off-by: Avihai Horon <avihaih@nvidia.com> Reviewed-by: Cédric Le Goater <clg@redhat.com>
Avihai Horon [Sun, 20 Oct 2024 13:01:06 +0000 (16:01 +0300)]
vfio/migration: Report only stop-copy size in vfio_state_pending_exact()
vfio_state_pending_exact() is used to update migration core how much
device data is left for the device migration. Currently, the sum of
pre-copy and stop-copy sizes of the VFIO device are reported.
The pre-copy size is obtained via the VFIO_MIG_GET_PRECOPY_INFO ioctl,
which returns the amount of device data available to be transferred
while the device is in the PRE_COPY states.
The stop-copy size is obtained via the VFIO_DEVICE_FEATURE_MIG_DATA_SIZE
ioctl, which returns the total amount of device data left to be
transferred in order to complete the device migration.
According to the above, current implementation is wrong -- it reports
extra overlapping data because pre-copy size is already contained in
stop-copy size. Fix it by reporting only stop-copy size.
Marc Hartmayer [Tue, 1 Oct 2024 15:36:18 +0000 (17:36 +0200)]
pc-bios/s390-ccw: Introduce `EXTRA_LDFLAGS`
Some packaging tools want to override `LDFLAGS` when building QEMU, this will
result in a build error as most likely no `-nostdlib` flag is passed. Introduce
`EXTRA_LDFLAGS` so that the packager can override `LDFLAGS` without breaking the
build.
Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Message-ID: <20241001153618.17791-4-mhartmay@linux.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
[thuth: Drop the hunk to netbook.mak which is not necessary anymore] Signed-off-by: Thomas Huth <thuth@redhat.com>
Jens Remus [Tue, 1 Oct 2024 15:36:17 +0000 (17:36 +0200)]
pc-bios/s390-ccw: Don't generate TEXTRELs
Commit 7cd50cbe4ca3 ("pc-bios/s390-ccw: Don't use __bss_start with the
"larl" instruction") introduced the address constant bss_start_literal
for __bss_start in the .text section, which introduced a relocation in
code (i.e. TEXTREL). The dedicated constant is required, as __bss_start
may not necessarily be aligned on a 2-byte boundary (see subject commit
for details).
Move the constant to the .data section to get rid of the relocation in
the .text section. Add the linker option -z text to prevent TEXTRELs to
get introduced in the future.
Note that the R_390_RELATIVE relocations are taken care of by function
glue() in include/hw/elf_ops.h.inc introduced by commit 5dce07e1cb67
("elf-loader: Provide the possibility to relocate s390 ELF files").
Reported-by: Marc Hartmayer <mhartmay@linux.ibm.com> Signed-off-by: Jens Remus <jremus@linux.ibm.com> Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Message-ID: <20241001153618.17791-3-mhartmay@linux.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
projects / users / dwmw2 / qemu.git / log