Bandan Das [Fri, 20 Jul 2018 21:40:18 +0000 (17:40 -0400)]
dev-mtp: retry write for incomplete transfers
For large buffers, write may not copy the full buffer. For example,
on Linux, write imposes a limit of 0x7ffff000. Note that this does
not fix >4G transfers but ~>2G files will transfer successfully.
Sebastian Bauer [Sun, 29 Jul 2018 19:19:28 +0000 (21:19 +0200)]
ohci: Clear the interrupt counter for erroneous transfers
This is mandated by the ohci specification. It tells at 6.4.4 on page 104
that for transfer descriptors that are retired with an error the done
queue interrupt counter is cleared as if the interrupt delay field of the
descriptions were zero.
Before this change, error conditions were handled similarly to the
successful condition which is especially troublesome for control transfers.
Some drivers (e.g., the AmigaOS-one) as well as the example code in the
spec, set the setup stage with an interrupt delay of seven (which means no
interrupt). This is fine under normal conditions, because one usually
doesn't want to be notified about the completion of this stage. However, if
an error occurs in this stage, these drivers will not get notified with the
current implementation. The fix addresses this by following the spec more
closely. Also, otherwise, the ability to set interrupt delay to seven would
be useless.
Note that Linux drivers that I looked at don't seem to be affected as they
set six as the interrupt delay presumably for the reason that they won't
get notified otherwise.
Peter Maydell [Tue, 21 Aug 2018 08:24:19 +0000 (09:24 +0100)]
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-sparc.for-upstream-20180820' into staging
qemu-sparc.for-upstream queue
# gpg: Signature made Mon 20 Aug 2018 19:38:04 BST
# gpg: using RSA key 5BC2C56FAE0F321F
# gpg: Good signature from "Mark Cave-Ayland <[email protected]>"
# Primary key fingerprint: CC62 1AB9 8E82 200D 915C C9C4 5BC2 C56F AE0F 321F
* remotes/mcayland/tags/qemu-sparc.for-upstream-20180820:
sun4m: don't use legacy fw_cfg_init_mem() function
sun4u: ensure kernel_top is always initialised
Thomas Huth [Mon, 20 Aug 2018 17:28:03 +0000 (19:28 +0200)]
hw/display/ramfb: Compile the ramfb code only when CONFIG_FW_CFG_DMA is set
According to the ramfb_setup() function, the ramfb device needs fw_cfg
with DMA, so we should also only compile and link it into those targets
which support it, to avoid that the device shows up on systems where it
can not be used at all (e.g. s390x).
Roman Kapl [Tue, 14 Aug 2018 16:09:51 +0000 (18:09 +0200)]
ppc: add DBCR based debugging
Add support for DBCR (debug control register) based debugging as used on
BookE ppc. So far supports only branch and single-step events, but these are
the important ones. GDB in Linux guest can now do single-stepping.
hw/ppc: deprecate the machine type 'prep', replaced by '40p'
- prep machine is a fictional machine, so has no specifications. Which
devices can be changed/added/removed without impact? Are interrupts
correctly mapped?
- prep firmware (OHW) has support only for IDE drives (no SCSI).
Booting from IDE has been broken approximatively 3 years ago, and nobody complained.
- OHW is limited on IDE boot to a specific set of OS loaders.
These operating systems are of the 2004 time frame.
- OHW can use -kernel. Linux kernel freezes a long time after PS/2 mouse
detection, and then screen becomes garbage. This was already broken in
QEMU v2.7, 2 years ago, and nobody complained.
On the other side:
- 40p is a real machine, so emulation can be checked against
hardware specifications
- OpenBIOS has support for SCSI block devices, including 40p LSI adapter
- OpenBIOS can start mostly all Linux kernels (including recent ones)
and recent operating system (like NetBSD 7.1.2)
Signed-off-by: Hervé Poussineau <[email protected]>
[dwg: Drop prep from boot-serial test to avoid deprecation warnings] Signed-off-by: David Gibson <[email protected]>
spapr: introduce a IRQ controller backend to the machine
This proposal moves all the related IRQ routines of the sPAPR machine
behind a sPAPR IRQ backend interface 'spapr_irq' to prepare for future
changes. First of which will be to increase the size of the IRQ number
space, then, will follow a new backend for the POWER9 XIVE IRQ controller.
Peter Maydell [Thu, 2 Aug 2018 14:44:30 +0000 (15:44 +0100)]
hw/ppc/ppc405_uc: Convert away from old_mmio
Convert the devices in ppc405_uc away from using the old_mmio
MemoryRegion accessors:
* opba's 32-bit and 16-bit accessors were just calling the
8-bit accessors and assembling a big-endian order number,
which we can do by setting the .impl.max_access_size to 1
and the endianness to DEVICE_BIG_ENDIAN, and letting the
core memory code do the assembly
* ppc405_gpio's accessors were all just stubs
* ppc4xx_gpt's 8-bit and 16-bit accessors were treating the
access as invalid, which we can do by setting the
.valid.min_access_size and .valid.max_access_size fields
Peter Maydell [Thu, 2 Aug 2018 14:44:28 +0000 (15:44 +0100)]
hw/ppc/prep: Remove ifdeffed-out stub of XCSR code
The prep machine has some code which is stubs of accessors
for XCSR registers. This has been disabled via #if 0
since commit b6b8bd1819ff in 2004, and doesn't have any
actual interesting content. It also uses the deprecated
old_mmio accessor functions. Remove it entirely.
This proposal introduces a new IRQ number space layout using static
numbers for all devices, depending on a device index, and a bitmap
allocator for the MSI IRQ numbers which are negotiated by the guest at
runtime.
As the VIO device model does not have a device index but a "reg"
property, we introduce a formula to compute an IRQ number from a "reg"
value. It should minimize most of the collisions.
The previous layout is kept in pre-3.1 machines raising the
'legacy_irq_allocation' machine class flag.
After solving a corner case in bcdsub, this patch simplifies the logic
of both bcdadd/sub instructions by removing some unnecessary local flags.
This commit also rearranges some if-else conditions in bcdadd to make it
easier to read.
Greg Kurz [Tue, 31 Jul 2018 10:56:49 +0000 (12:56 +0200)]
xics: don't include "target/ppc/cpu-qom.h" in "hw/ppc/xics.h"
The last user of the PowerPCCPU typedef in "hw/ppc/xics.h" vanished with
commit b1fd36c363d73969841468146ebfb9fd84a5ee52. It isn't necessary to
include "target/ppc/cpu-qom.h" there anymore.
At the moment the PPC64/pseries guest only supports 4K/64K/16M IOMMU
pages and POWER8 CPU supports the exact same set of page size so
so far things worked fine.
However POWER9 supports different set of sizes - 4K/64K/2M/1G and
the last two - 2M and 1G - are not even allowed in the paravirt interface
(RTAS DDW) so we always end up using 64K IOMMU pages, although we could
back guest's 16MB IOMMU pages with 2MB pages on the host.
This stores the supported host IOMMU page sizes in VFIOContainer and uses
this later when creating a new DMA window. This uses the system page size
(64k normally, 2M/16M/1G if hugepages used) as the upper limit of
the IOMMU pagesize.
This changes the type of @pagesize to uint64_t as this is what
memory_region_iommu_get_min_page_size() returns and clz64() takes.
There should be no behavioral changes on platforms other than pseries.
The guest will keep using the IOMMU page size selected by the PHB pagesize
property as this only changes the underlying hardware TCE table
granularity.
When the result of bcdsub is equal to zero, the result sign may be
set to negative in some cases, and this does not follow the Power ISA
specifications as to decimal integer arithmetic instructions.
target/ppc: Use non-arithmetic conversions for fp load/store
Memory operations have no side effects on fp state.
The use of a "real" conversions between float64 and float32
would raise exceptions for SNaN and out-of-range inputs.
target/ppc: Honor fpscr_ze semantics and tidy fre, fresqrt
Divide by zero, exception taken, leaves the destination register
unmodified. Therefore we must raise the exception before returning
from the respective helpers.
>From helper_fre, divide by zero exception not taken, return the
documented +/- 0.5.
At the same time, tidy the invalid exception checking so that we
rely on softfloat for initial argument validation, and select the
kind of invalid operand exception only when we know we must.
At the same time, pass and return float64 values directly rather
than bounce through the CPU_DoubleU union.
Tidy the invalid exception checking so that we rely on softfloat for
initial argument validation, and select the kind of invalid operand
exception only when we know we must. Pass and return float64 values
directly rather than bounce through the CPU_DoubleU union.
Tidy the invalid exception checking so that we rely on softfloat for
initial argument validation, and select the kind of invalid operand
exception only when we know we must. Pass and return float64 values
directly rather than bounce through the CPU_DoubleU union.
Note that because we know float_flag_invalid was set, we do not have
to re-check the signs of the infinities.
Tidy the invalid exception checking so that we rely on softfloat for
initial argument validation, and select the kind of invalid operand
exception only when we know we must. Pass and return float64 values
directly rather than bounce through the CPU_DoubleU union.
target/ppc: Honor fpscr_ze semantics and tidy fdiv
Divide by zero, exception taken, leaves the destination register
unmodified. Therefore we must raise the exception before returning
from helper_fdiv. Move the check from do_float_check_status into
helper_fdiv.
At the same time, tidy the invalid exception checking so that we
rely on softfloat for initial argument validation, and select the
kind of invalid operand exception only when we know we must.
At the same time, pass and return float64 values directly rather
than bounce through the CPU_DoubleU union.
While just setting the MSR bits is sufficient, we can tidy
the helper code by extracting the MSR test to a helper and
then forcing it true for user-only.
This includes gcc8.1 fixes and the image is compiled using gcc 8.1 as well.
The full list of changes is:
> Fix bad assembler statements for compiling with gcc 8.1 / as 2.30
> libelf: Add REL32 to the list of ignored relocations
Bharata B Rao [Wed, 8 Aug 2018 15:59:19 +0000 (21:29 +0530)]
spapr_cpu_core: vmstate_[un]register per-CPU data from (un)realizefn
VMStateDescription vmstate_spapr_cpu_state was added by commit b94020268e0b6 (spapr_cpu_core: migrate per-CPU data) to migrate per-CPU
data with the required vmstate registration and unregistration calls.
However the unregistration is being done only from vcpu creation error path
and not from CPU delete path.
This causes migration to fail with the following error if migration is
attempted after a CPU unplug like this:
Unknown savevm section or instance 'spapr_cpu' 16
Additionally this leaves the source VM unresponsive after migration failure.
Fix this by ensuring the vmstate_unregister happens during CPU removal.
Fixing this becomes easier when vmstate (un)registration calls are moved to
vcpu (un)realize functions which is what this patch does.
Laurent Vivier [Mon, 20 Aug 2018 17:15:55 +0000 (19:15 +0200)]
linux-user: introduce QEMU_RTA_* to use with rtattr_type_t
Following commit will introduce RTA_PREF that appears only with
kernel v4.1. To avoid to manage a specific case for it, this patch
introduces the full list of rtattr_type_t prefixed with QEMU_ (as we
did for IFLA values)
Laurent Vivier [Mon, 20 Aug 2018 17:15:54 +0000 (19:15 +0200)]
linux-user: fix recvmsg()/recvfrom() with netlink and MSG_TRUNC
If recvmsg()/recvfrom() are used with the MSG_TRUNC flag, they return the
real length even if it was longer than the passed buffer.
So when we translate the buffer we must check we don't go beyond the
end of the buffer.
Mark Cave-Ayland [Fri, 10 Aug 2018 10:40:37 +0000 (11:40 +0100)]
sun4u: ensure kernel_top is always initialised
Valgrind reports that when loading a non-ELF kernel, kernel_top may be used
uninitialised when checking for an initrd.
Since there are no known non-ELF kernels for SPARC64 then we can simply
initialise kernel_top to 0 and then skip the initrd load process if it hasn't
been set by load_elf().
Peter Maydell [Mon, 20 Aug 2018 16:41:18 +0000 (17:41 +0100)]
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20180820' into staging
First round of s390x patches for 3.1:
- add compat machine for 3.1
- remove deprecated 's390-squash-mcss' option
- cpu models: add "max" cpu model, enhance feature group code
- kvm: add support for etoken facility and huge page backing
Peter Maydell [Mon, 20 Aug 2018 12:48:11 +0000 (13:48 +0100)]
tests/vm: Clean out old working directories on build
When we do a build inside one of the BSD VMs, first
delete any stale old build directories from the VM's
/var/tmp. This prevents the VM from running out of
disk space after it has been used for a dozen or
so builds.
Peter Maydell [Mon, 20 Aug 2018 14:44:40 +0000 (15:44 +0100)]
Merge remote-tracking branch 'remotes/marcel/tags/rdma-pull-request' into staging
RDMA queue
# gpg: Signature made Sat 18 Aug 2018 16:01:46 BST
# gpg: using RSA key 36D4C0F0CF2FE46D
# gpg: Good signature from "Marcel Apfelbaum <[email protected]>"
# gpg: aka "Marcel Apfelbaum <[email protected]>"
# gpg: aka "Marcel Apfelbaum <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: B1C6 3A57 F92E 08F2 640F 31F5 36D4 C0F0 CF2F E46D
* remotes/marcel/tags/rdma-pull-request:
config: split PVRDMA from RDMA
hw/pvrdma: remove not needed include
hw/rdma: Add reference to pci_dev in backend_dev
hw/rdma: Bugfix - Support non-aligned buffers
hw/rdma: Print backend QP number in hex format
hw/rdma: Cosmetic change - move to generic function
hw/pvrdma: Cosmetic change - indent right
hw/rdma: Reorder resource cleanup
hw/rdma: Do not allocate memory for non-dma MR
hw/rdma: Delete useless structure RdmaRmUserMR
hw/pvrdma: Make default pkey 0xFFFF
hw/pvrdma: Clean CQE before use
hw/rdma: Modify debug macros
hw/pvrdma: Bugfix - provide the correct attr_mask to query_qp
hw/rdma: Make distinction between device init and start modes
Peter Maydell [Mon, 20 Aug 2018 12:22:21 +0000 (13:22 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180820' into staging
target-arm queue:
* Fix crash on conditional instruction in an IT block
* docs/generic-loader: mention U-Boot and Intel HEX executable formats
* hw/intc/arm_gicv3_its: downgrade error_report to warn_report in kvm_arm_its_reset
* imx_serial: Generate interrupt on receive data ready if enabled
* Fix various minor bugs in AArch32 Hyp related coprocessor registers
* Permit accesses to ELR_Hyp from Hyp mode via MSR/MRS (banked)
* Implement AArch32 ERET instruction
* hw/arm/virt: Add virt-3.1 machine type
* sdhci: add i.MX SD Stable Clock bit
* Remove now-obsolete MMIO request_ptr APIs
* hw/timer/m48t59: Move away from old_mmio accessors
* hw/watchdog/cmsdk_apb_watchdog: Implement CMSDK APB watchdog module
* nvic: Expose NMI line
* hw/dma/pl080: cleanups and new features required for use in MPS boards
Janosch Frank [Thu, 2 Aug 2018 07:02:01 +0000 (08:02 +0100)]
s390x: Enable KVM huge page backing support
QEMU has had huge page support for a longer time already, but KVM
memory management under s390x needed some changes to work with huge
backings.
Now that we have support, let's enable it if requested and
available. Otherwise we now properly tell the user if there is no
support and back out instead of failing to run the VM later on.
The "max" CPU model behaves like "-cpu host" when KVM is enabled, and like
a CPU with the maximum possible feature set when TCG is enabled.
While the "host" model can not be used under TCG ("kvm_required"), the
"max" model can and "Enables all features supported by the accelerator in
the current host".
So we can treat "host" just as a special case of "max" (like x86 does).
It differs to the "qemu" CPU model under TCG such that compatibility
handling will not be performed and that some experimental CPU features
not yet part of the "qemu" model might be indicated.
These are right now under TCG (see "qemu_MAX"):
- stfle53
- msa5-base
- zpci
This will result right now in the following warning when starting QEMU TCG
with the "max" model:
"qemu-system-s390x: warning: 'msa5-base' requires 'kimd-sha-512'."
The "qemu" model (used as default in QEMU under TCG) will continue to
work without such warnings. The "max" model in the current form
might be interesting for kvm-unit-tests (where we would e.g. now also
test "msa5-base").
The "max" model is neither static nor migration safe (like the "host"
model). It is independent of the machine but dependends on the accelerator.
It can be used to detect the maximum CPU model also under TCG from upper
layers without having to care about CPU model names for CPU model
expansion.
Michael Mueller [Wed, 25 Jul 2018 14:36:17 +0000 (16:36 +0200)]
s390x/cpumodel: enum type S390FeatGroup now gets generated
The enumeration type S390FeatGroup is now generated as well.
This shall simplify the definition of new feature groups
without the requirement to modify existing code.
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/dma/pl080: Remove hw_error() if DMA is enabled
The PL08x model currently will unconditionally call hw_error()
if the DMA engine is enabled by the guest. This has been
present since the PL080 model was edded in 2006, and is
presumably either unintentional debug code left enabled,
or a guard against untested DMA engine code being used.
Remove the hw_error(), since we now have a guest which
will actually try to use the DMA engine (the self-test
binary for the AN505 MPS2 FPGA image).
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/dma/pl080: Correct bug in register address decode logic
A bug in the handling of the register address decode logic
for the PL08x meant that we were incorrectly treating
accesses to the DMA channel registers (DMACCxSrcAddr,
DMACCxDestaddr, DMACCxLLI, DMACCxControl, DMACCxConfiguration)
as bad offsets. Fix this long-standing bug.
Fixes: https://bugs.launchpad.net/qemu/+bug/1637974 Signed-off-by: Peter Maydell <[email protected]> Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/dma/pl080: Don't use CPU address space for DMA accesses
Currently our PL080/PL081 model uses a combination of the CPU's
address space (via cpu_physical_memory_{read,write}()) and the
system address space for performing DMA accesses.
For the PL081s in the MPS FPGA images, their DMA accesses
must go via Master Security Controllers. Switch the
PL080/PL081 model to take a MemoryRegion property which
defines its downstream for making DMA accesses.
Since the PL08x are only used in two board models, we
make provision of the 'downstream' link mandatory and convert
both users at once, rather than having it be optional with
a default to the system address space.
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/dma/pl080: Support all three interrupt lines
The PL080 and PL081 have three outgoing interrupt lines:
* DMACINTERR signals DMA errors
* DMACINTTC is the DMA count interrupt
* DMACINTR is a combined interrupt, the logical OR of the other two
We currently only implement DMACINTR, because that's all the
realview and versatile boards needed, but the instances of the
PL081 in the MPS2 firmware images use all three interrupt lines.
Implement the missing DMACINTERR and DMACINTTC.
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
nvic: Expose NMI line
On real v7M hardware, the NMI line is an externally visible signal
that an SoC or board can toggle to assert an NMI. Expose it in
our QEMU NVIC and armv7m container objects so that a board model
can wire it up if it needs to.
Peter Maydell [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
hw/misc: Remove mmio_interface device
The mmio_interface device was a purely internal artifact
of the implementation of the memory subsystem's request_ptr
APIs. Now that we have removed those APIs, we can remove
the mmio_interface device too.
We now support direct execution from MMIO regions in the
core memory subsystem. This means that we don't need to
have device-specific support for it, and we can remove
the request_ptr handling from the Xilinx SPIPS device.
(It was broken anyway due to race conditions, and disabled
by default.)
Peter Maydell [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
target/arm: Implement AArch32 ERET instruction
ARMv7VE introduced the ERET instruction, which is necessary to
return from an exception taken to Hyp mode. Implement this.
In A32 encoding it is a completely new encoding; in T32 it
is an adjustment of the behaviour of the existing
"SUBS PC, LR, #<imm8>" instruction.
Peter Maydell [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
target/arm: Permit accesses to ELR_Hyp from Hyp mode via MSR/MRS (banked)
The MSR (banked) and MRS (banked) instructions allow accesses to ELR_Hyp
from either Monitor or Hyp mode. Our translate time check
was overly strict and only permitted access from Monitor mode.
The runtime check we do in msr_mrs_banked_exc_checks() had the
correct code in it, but never got there because of the earlier
"currmode == tgtmode" check. Special case ELR_Hyp.
Peter Maydell [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
target/arm: Implement ESR_EL2/HSR for AArch32 and no-EL2
The AArch32 HSR is the equivalent of AArch64 ESR_EL2;
we can implement it by marking our existing ESR_EL2 regdef
as STATE_BOTH. It also needs to be "RES0 from EL3 if
EL2 not implemented", so add the missing stanza to
el3_no_el2_cp_reginfo.
Peter Maydell [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
target/arm: Implement AArch32 Hyp FARs
The AArch32 virtualization extensions support these fault address
registers:
* HDFAR: aliased with AArch64 FAR_EL2[31:0] and AArch32 DFAR(S)
* HIFAR: aliased with AArch64 FAR_EL2[63:32] and AArch32 IFAR(S)
Implement the accessors for these. This fixes in passing a bug
where we weren't implementing the "RES0 from EL3 if EL2 not
implemented" behaviour for AArch64 FAR_EL2.
Peter Maydell [Mon, 20 Aug 2018 10:24:31 +0000 (11:24 +0100)]
target/arm: Add missing .cp = 15 to HMAIR1 and HAMAIR1 regdefs
ARMCPRegInfo structs will default to .cp = 15 if they
are ARM_CP_STATE_BOTH, but not if they are ARM_CP_STATE_AA32
(because a coprocessor number of 0 is valid for AArch32).
We forgot to explicitly set .cp = 15 for the HMAIR1 and
HAMAIR1 regdefs, which meant they would UNDEF when the guest
tried to access them under cp15.
Peter Maydell [Mon, 20 Aug 2018 10:24:31 +0000 (11:24 +0100)]
target/arm: Correct typo in HAMAIR1 regdef name
We implement the HAMAIR1 register as RAZ/WI; we had a typo in the
regdef, though, and were incorrectly naming it HMAIR1 (which is
a different register which we also implement as RAZ/WI).
Stefan Hajnoczi [Mon, 20 Aug 2018 10:24:31 +0000 (11:24 +0100)]
docs/generic-loader: mention U-Boot and Intel HEX executable formats
The generic loader device supports the U-Boot and Intel HEX executable
formats in addition to the document raw and ELF formats. Reword the
documentation to include these formats and explain how various options
depend on the executable format.
Roman Kapl [Mon, 20 Aug 2018 10:24:31 +0000 (11:24 +0100)]
target/arm: Fix crash on conditional instruction in an IT block
If an instruction is conditional (like CBZ) and it is executed
conditionally (using the ITx instruction), a jump to an undefined
label is generated, and QEMU crashes.
CBZ in IT block is an UNPREDICTABLE behavior, but we should not
crash. Honouring the condition code is allowed by the spec in this
case (constrained unpredictable, ARMv8, section K1.1.7), and matches
what we do for other "UNPREDICTABLE inside an IT block" instructions.
Fix the 'skip on condition' code to create a new label only if it
does not already exist. Previously multiple labels were created, but
only the last one of them was set.
Peter Maydell [Fri, 17 Aug 2018 16:14:04 +0000 (17:14 +0100)]
tests/boot-serial-test: Bump timeout to 6 minutes
On a SPARC host that I'm using as a build test machine, the
boot-serial-test for the SPARC guest machines takes about 65
seconds to execute. This means that it hits the current
60 second timer on these tests. Push the timeout up so
that it doesn't trigger spuriously on slow hosts like this one.
Peter Maydell [Mon, 20 Aug 2018 08:48:03 +0000 (09:48 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/machine-next-pull-request' into staging
Machine queue, 2018-08-17
* Allow machine classes to specify if boot device suffixes should
be ignored by get_boot_devices_list()
* Tiny coding style fixup
# gpg: Signature made Fri 17 Aug 2018 19:29:22 BST
# gpg: using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/machine-next-pull-request:
fw_cfg: ignore suffixes in the bootdevice list dependent on machine class
sysbus: always allow explicit_ofw_unit_address() to override address generation
machine: Fix coding style at machine_run_board_init()
Laurent Vivier [Sat, 11 Aug 2018 08:23:28 +0000 (10:23 +0200)]
sh4: fix use_icount with linux-user
This fixes java in a linux-user chroot:
$ java --version
qemu-sh4: .../accel/tcg/cpu-exec.c:634: cpu_loop_exec_tb: Assertion `use_icount' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
In gen_conditional_jump() in the GUSA_EXCLUSIVE part, we must reset
base.is_jmp to DISAS_NEXT after the gen_goto_tb() as it is done in
gen_delayed_conditional_jump() after the gen_jump().
Yuval Shaia [Sun, 5 Aug 2018 15:35:17 +0000 (18:35 +0300)]
hw/rdma: Bugfix - Support non-aligned buffers
RDMA application can provide non-aligned buffers to be registered. In
such case the DMA address passed by driver is pointing to the beginning
of the physical address of the mapped page so we can't distinguish
between two addresses from the same page.
Fix it by keeping the offset of the virtual address in mr->virt.
Yuval Shaia [Sun, 5 Aug 2018 15:35:07 +0000 (18:35 +0300)]
hw/pvrdma: Bugfix - provide the correct attr_mask to query_qp
Calling rdma_rm_query_qp with attr_mask equals to -1 leads to error
where backend query_qp fails to retrieve the needed QP attributes.
Fix it by providing the attr_mask we got from driver.
Yuval Shaia [Sun, 5 Aug 2018 15:35:06 +0000 (18:35 +0300)]
hw/rdma: Make distinction between device init and start modes
There are certain operations that are well considered as part of device
configuration while others are needed only when "start" command is
triggered by the guest driver. An example of device initialization step
is msix_init and example of "device start" stage is the creation of a CQ
completion handler thread.
* remotes/awilliam/tags/vfio-update-20180817.0:
vfio/ccw/pci: Allow devices to opt-in for ballooning
vfio: Inhibit ballooning based on group attachment to a container
kvm: Use inhibit to prevent ballooning without synchronous mmu
balloon: Allow multiple inhibit users
Alex Williamson [Fri, 17 Aug 2018 15:27:16 +0000 (09:27 -0600)]
vfio/ccw/pci: Allow devices to opt-in for ballooning
If a vfio assigned device makes use of a physical IOMMU, then memory
ballooning is necessarily inhibited due to the page pinning, lack of
page level granularity at the IOMMU, and sufficient notifiers to both
remove the page on balloon inflation and add it back on deflation.
However, not all devices are backed by a physical IOMMU. In the case
of mediated devices, if a vendor driver is well synchronized with the
guest driver, such that only pages actively used by the guest driver
are pinned by the host mdev vendor driver, then there should be no
overlap between pages available for the balloon driver and pages
actively in use by the device. Under these conditions, ballooning
should be safe.
vfio-ccw devices are always mediated devices and always operate under
the constraints above. Therefore we can consider all vfio-ccw devices
as balloon compatible.
The situation is far from straightforward with vfio-pci. These
devices can be physical devices with physical IOMMU backing or
mediated devices where it is unknown whether a physical IOMMU is in
use or whether the vendor driver is well synchronized to the working
set of the guest driver. The safest approach is therefore to assume
all vfio-pci devices are incompatible with ballooning, but allow user
opt-in should they have further insight into mediated devices.
projects / qemu.git / log