Merge tag 'pull-block-2022-04-25' of https://gitlab.com/hreitz/qemu into staging
Block patches:
- New @force parameter for blockdev-change-medium
- Improvements to the iotests to help with debugging
- Fix iotest 108 on systems without user_allow_other in fuse.conf
# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEEy2LXoO44KeRfAE00ofpA0JgBnN8FAmJmqyISHGhyZWl0ekBy
# ZWRoYXQuY29tAAoJEKH6QNCYAZzf7uEP/RKNblyIuFjHkPgaMzWqdGUjHpbRzKBi
# NFgO+ISRCSx/KXYBaanJP94qKLfpACJ1JHDUD3hipeO3kmVGmtF93cKypTQS4qhL
# bGmX+h38AK1omSR2iWRhu4ue4VAPeu9gLoHNYJ5vZlylWD3eHdppN7K2KFf7Aeo5
# /BnhwHiU2IQ7WkLlo5Pdb96+LqZfmCGYJGWO6eWx123+j+bpjLfpmV9+Kjzb1pDc
# FN60OFlp8RozXHKpqh4ZoThtJ+t3sYdlo6yvg1K18Y5JcXTx5d4D24HGo1ZIRxqz
# XgJbi+bSr8hnxCjvdUZlr3IpbjAE5DVbCjtDxyjGnim6vjIwhxCSWM7Bvzw2tm60
# TYNl2zxyIe5831v6Xv/YfYJFqtos/orZf87TSqx/uWrfinbxZ1nN/8zi5z9lC8tg
# S6IlNpKPK0wv33BmLVHcsnMABLY2YiJPx/Ngl0CvAEGvkQdaHzgcYGbmeEMrZTv7
# hVpBb1t+AKmnXYYZdCh4ulfJLUg3R9mXf0oI3otbcpNMwExB6hqcVI23VYC00Ct5
# m3Tb6bddIkBih25l9B7i6FPWfXG+0zu6Q4kIQiXmfNkqKseQ96aDY1aAU/GWoTZH
# MOOPqIhmLRgyYpJ3+am9AseczaMybC4DIfx1VXzjwS/X3YwHvHEbZ7iPR6C0630Z
# yslJbuH4ERl7
# =url0
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 25 Apr 2022 07:07:30 AM PDT
# gpg: using RSA key CB62D7A0EE3829E45F004D34A1FA40D098019CDF
# gpg: issuer "[email protected]"
# gpg: Good signature from "Hanna Reitz <[email protected]>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: CB62 D7A0 EE38 29E4 5F00 4D34 A1FA 40D0 9801 9CDF
* tag 'pull-block-2022-04-25' of https://gitlab.com/hreitz/qemu:
iotests/108: Fix when missing user_allow_other
iotests: make qemu_io_log() check return codes by default
iotests: remove qemu_io_silent() and qemu_io_silent_check().
iotests: remove qemu_io_pipe_and_status()
iotests/image-fleecing: switch to qemu_io()
iotests/migration-permissions: use assertRaises() for qemu_io() negative test
iotests: rebase qemu_io() on top of qemu_tool()
iotests: create generic qemu_tool() function
iotests/040: Fix TestCommitWithFilters test
iotests/040: Don't check image pattern on zero-length image
iotests: Don't check qemu_io() output for specific error strings
iotests/163: Fix broken qemu-io invocation
iotests: replace calls to log(qemu_io(...)) with qemu_io_log()
block: add 'force' parameter to 'blockdev-change-medium' command
* tag 'block-pull-request' of https://gitlab.com/stefanha/qemu:
virtiofsd: Add docs/helper for killpriv_v2/no_killpriv_v2 option
contrib/vhost-user-blk: add missing GOptionEntry NULL terminator
Implements Backend Program conventions for vhost-user-scsi
Hanna Reitz [Thu, 21 Apr 2022 14:24:35 +0000 (16:24 +0200)]
iotests/108: Fix when missing user_allow_other
FUSE exports' allow-other option defaults to "auto", which means that it
will try passing allow_other as a mount option, and fall back to not
using it when an error occurs. We make no effort to hide fusermount's
error message (because it would be difficult, and because users might
want to know about the fallback occurring), and so when allow_other does
not work (primarily when /etc/fuse.conf does not contain
user_allow_other), this error message will appear and break the
reference output.
We do not need allow_other here, though, so we can just pass
allow-other=off to fix that.
John Snow [Mon, 18 Apr 2022 21:15:03 +0000 (17:15 -0400)]
iotests: remove qemu_io_silent() and qemu_io_silent_check().
Like qemu-img, qemu-io returning 0 should be the norm and not the
exception. Remove all calls to qemu_io_silent that just assert the
return code is zero (That's every last call, as it turns out), and
replace them with a normal qemu_io() call.
qemu_io_silent_check() appeared to have been unused already.
John Snow [Mon, 18 Apr 2022 21:15:02 +0000 (17:15 -0400)]
iotests: remove qemu_io_pipe_and_status()
I know we just added it, sorry. This is done in favor of qemu_io() which
*also* returns the console output and status, but with more robust error
handling on failure.
John Snow [Mon, 18 Apr 2022 21:15:00 +0000 (17:15 -0400)]
iotests/migration-permissions: use assertRaises() for qemu_io() negative test
Modify this test to use assertRaises for its negative testing of
qemu_io. If the exception raised does not match the one we tell it to
expect, we get *that* exception unhandled. If we get no exception, we
get a unittest assertion failure and the provided emsg printed to
screen.
If we get the CalledProcessError exception but the output is not what we
expect, we re-raise the original CalledProcessError.
Tidy.
(Note: Yes, you can reference "with" objects after that block ends; it
just means that ctx.__exit__(...) will have been called on it. It does
not *actually* go out of scope. unittests expects you to want to inspect
the Exception object, so they leave it defined post-exit.)
John Snow [Mon, 18 Apr 2022 21:14:57 +0000 (17:14 -0400)]
iotests/040: Fix TestCommitWithFilters test
Without this change, asserting that qemu_io always returns 0 causes this
test to fail in a way we happened not to be catching previously:
qemu.utils.VerboseProcessError: Command
'('/home/jsnow/src/qemu/bin/git/tests/qemu-iotests/../../qemu-io',
'--cache', 'writeback', '--aio', 'threads', '-f', 'qcow2', '-c',
'read -P 4 3M 1M',
'/home/jsnow/src/qemu/bin/git/tests/qemu-iotests/scratch/3.img')'
returned non-zero exit status 1.
┏━ output ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
┃ qemu-io: can't open device
┃ /home/jsnow/src/qemu/bin/git/tests/qemu-iotests/scratch/3.img:
┃ Could not open backing file: Could not open backing file: Throttle
┃ group 'tg' does not exist
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
The commit jobs changes the backing file string stored in the image file
header belonging to the node above the commit’s top node to point to the
commit target (the base node). QEMU tries to be as accurate as
possible, and so in these test cases will include the filter that is
part of the block graph in that backing file string (by virtue of making
it a json:{} description of the post-commit subgraph). This makes
little sense outside of QEMU, though: Specifically, the throttle node in
that subgraph will dearly miss its supposedly associated throttle group
object.
When starting the commit job, we can specify a custom backing file
string to write into said image file, so let’s use that feature to write
the plain filename of the backing chain’s next actual image file there.
Explicitly provide the backing file so that opening the file outside of
QEMU (Where we will not have throttle groups) will succeed.
John Snow [Mon, 18 Apr 2022 21:14:55 +0000 (17:14 -0400)]
iotests: Don't check qemu_io() output for specific error strings
A forthcoming commit updates qemu_io() to raise an exception on non-zero
return by default, and changes its return type.
In preparation, simplify some calls to qemu_io() that assert that
specific error message strings do not appear in qemu-io's
output. Asserting that all of these calls return a status code of zero
will be a more robust way to guard against failure.
John Snow [Mon, 18 Apr 2022 21:14:54 +0000 (17:14 -0400)]
iotests/163: Fix broken qemu-io invocation
The 'read' commands to qemu-io were malformed, and this invocation only
worked by coincidence because the error messages were identical. Oops.
There's no point in checking the patterning of the reference image, so
just check the empty image by itself instead.
(Note: as of this commit, nothing actually enforces that this command
completes successfully, but a forthcoming commit in this series will
enforce that qemu_io() must have a zero status code.)
John Snow [Mon, 18 Apr 2022 21:14:53 +0000 (17:14 -0400)]
iotests: replace calls to log(qemu_io(...)) with qemu_io_log()
This makes these callsites a little simpler, but the real motivation is
a forthcoming commit will change the return type of qemu_io(), so removing
users of the return value now is helpful.
block: add 'force' parameter to 'blockdev-change-medium' command
'blockdev-change-medium' is a convinient wrapper for the following
sequence of commands:
* blockdev-open-tray
* blockdev-remove-medium
* blockdev-insert-medium
* blockdev-close-tray
and should be used f.e. to change ISO image inside the CD-ROM tray.
Though the guest could lock the tray and some linux guests like
CentOS 8.5 actually does that. In this case the execution if this
command results in the error like the following:
Device 'scsi0-0-1-0' is locked and force was not specified,
wait for tray to open and try again.
This situation is could be resolved 'blockdev-open-tray' by passing
flag 'force' inside. Thus is seems reasonable to add the same
capability for 'blockdev-change-medium' too.
Merge tag 'pull-target-arm-20220422-1' of https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* Implement GICv4 emulation
* Some cleanup patches in target/arm
* hw/arm/smmuv3: Pass the actual perm to returned IOMMUTLBEntry in smmuv3_translate()
* tag 'pull-target-arm-20220422-1' of https://git.linaro.org/people/pmaydell/qemu-arm: (61 commits)
hw/arm/smmuv3: Pass the actual perm to returned IOMMUTLBEntry in smmuv3_translate()
target/arm: Use tcg_constant_i32 in translate.h
target/arm: Use tcg_constant in translate-vfp.c
target/arm: Use smin/smax for do_sat_addsub_32
target/arm: Use tcg_constant in translate-neon.c
target/arm: Use tcg_constant in translate-m-nocp.c
target/arm: Simplify aa32 DISAS_WFI
target/arm: Simplify gen_sar
target/arm: Simplify GEN_SHIFT in translate.c
target/arm: Split out gen_rebuild_hflags
target/arm: Split out set_btype_raw
target/arm: Remove fpexc32_access
target/arm: Change CPUArchState.thumb to bool
target/arm: Change DisasContext.thumb to bool
target/arm: Extend store_cpu_offset to take field size
target/arm: Change CPUArchState.aarch64 to bool
target/arm: Change DisasContext.aarch64 to bool
target/arm: Update SCTLR bits to ARMv9.2
target/arm: Update SCR_EL3 bits to ARMv8.8
target/arm: Update ISAR fields for ARMv8.8
...
hw/arm/smmuv3: Pass the actual perm to returned IOMMUTLBEntry in smmuv3_translate()
It always calls the IOMMU MR translate() callback with flag=IOMMU_NONE in
memory_region_iommu_replay(). Currently, smmuv3_translate() return an
IOMMUTLBEntry with perm set to IOMMU_NONE even if the translation success,
whereas it is expected to return the actual permission set in the table
entry.
So pass the actual perm to returned IOMMUTLBEntry in the table entry.
This function is incorrect in that it does not properly consider
CPTR_EL2.FPEN. We've already got another mechanism for raising
an FPU access trap: ARM_CP_FPU, so use that instead.
Remove CP_ACCESS_TRAP_FP_EL{2,3}, which becomes unused.
Peter Maydell [Fri, 8 Apr 2022 14:15:50 +0000 (15:15 +0100)]
hw/arm/virt: Support TCG GICv4
Add support for the TCG GICv4 to the virt board. For the board,
the GICv4 is very similar to the GICv3, with the only difference
being the size of the redistributor frame. The changes here are thus:
* calculating virt_redist_capacity correctly for GICv4
* changing various places which were "if GICv3" to be "if not GICv2"
* the commandline option handling
Note that using GICv4 reduces the maximum possible number of CPUs on
the virt board from 512 to 317, because we can now only fit half as
many redistributors into the redistributor regions we have defined.
Peter Maydell [Fri, 8 Apr 2022 14:15:49 +0000 (15:15 +0100)]
hw/arm/virt: Abstract out calculation of redistributor region capacity
In several places in virt.c we calculate the number of redistributors that
fit in a region of our memory map, which is the size of the region
divided by the size of a single redistributor frame. For GICv4, the
redistributor frame is a different size from that for GICv3. Abstract
out the calculation of redistributor region capacity so that we have
one place we need to change to handle GICv4 rather than several.
Peter Maydell [Fri, 8 Apr 2022 14:15:48 +0000 (15:15 +0100)]
hw/arm/virt: Use VIRT_GIC_VERSION_* enum values in create_gic()
Everywhere we need to check which GIC version we're using, we look at
vms->gic_version and use the VIRT_GIC_VERSION_* enum values, except
in create_gic(), which copies vms->gic_version into a local 'int'
variable and makes direct comparisons against values 2 and 3.
For consistency, change this function to check the GIC version
the same way we do elsewhere. This includes not implicitly relying
on the enumeration type values happening to match the integer
'revision' values the GIC device object wants.
Peter Maydell [Fri, 8 Apr 2022 14:15:47 +0000 (15:15 +0100)]
hw/intc/arm_gicv3: Allow 'revision' property to be set to 4
Now that we have implemented all the GICv4 requirements, relax the
error-checking on the GIC object's 'revision' property to allow a TCG
GIC to be a GICv4, whilst still constraining the KVM GIC to GICv3.
Our 'revision' property doesn't consider the possibility of wanting
to specify the minor version of the GIC -- for instance there is a
GICv3.1 which adds support for extended SPI and PPI ranges, among
other things, and also GICv4.1. But since the QOM property is
internal to QEMU, not user-facing, we can cross that bridge when we
come to it. Within the GIC implementation itself code generally
checks against the appropriate ID register feature bits, and the
only use of s->revision is for setting those ID register bits.
Peter Maydell [Fri, 8 Apr 2022 14:15:46 +0000 (15:15 +0100)]
hw/intc/arm_gicv3: Update ID and feature registers for GICv4
Update the various GIC ID and feature registers for GICv4:
* PIDR2 [7:4] is the GIC architecture revision
* GICD_TYPER.DVIS is 1 to indicate direct vLPI injection support
* GICR_TYPER.VLPIS is 1 to indicate redistributor support for vLPIs
* GITS_TYPER.VIRTUAL is 1 to indicate vLPI support
* GITS_TYPER.VMOVP is 1 to indicate that our VMOVP implementation
handles cross-ITS synchronization for the guest
* ICH_VTR_EL2.nV4 is 0 to indicate direct vLPI injection support
Implement the function gicv3_redist_inv_vlpi(), which was previously
left as a stub. This is the function that does the work of the INV
command for a virtual interrupt.
Implement the gicv3_redist_vinvall() function (previously left as a
stub). This function handles the work of a VINVALL command: it must
invalidate any cached information associated with a specific vCPU.
Implement the gicv3_redist_mov_vlpi() function (previously left as a
stub). This function handles the work of a VMOVI command: it marks
the vLPI not-pending on the source and pending on the destination.
Peter Maydell [Fri, 8 Apr 2022 14:15:42 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_redist: Use set_pending_table_bit() in mov handling
We can use our new set_pending_table_bit() utility function
in gicv3_redist_mov_lpi() to clear the bit in the source
pending table, rather than doing the "load, clear bit, store"
ourselves.
Implement the function gicv3_redist_vlpi_pending(), which was
previously left as a stub. This is the function that is called by
the CPU interface when it changes the state of a vLPI. It's similar
to gicv3_redist_process_vlpi(), but we know that the vCPU is
definitely resident on the redistributor and the irq is in range, so
it is a bit simpler.
Implement the function gicv3_redist_process_vlpi(), which was left as
just a stub earlier. This function deals with being handed a VLPI by
the ITS. It must set the bit in the pending table. If the vCPU is
currently resident we must recalculate the highest priority pending
vLPI; otherwise we may need to ring a "doorbell" interrupt to let the
hypervisor know it might want to reschedule the vCPU.
Peter Maydell [Fri, 8 Apr 2022 14:15:39 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_redist: Factor out "update bit in pending table" code
Factor out the code which sets a single bit in an LPI pending table.
We're going to need this for handling vLPI tables, not just the
physical LPI table.
Peter Maydell [Fri, 8 Apr 2022 14:15:38 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_redist: Recalculate hppvlpi on VPENDBASER writes
The guest uses GICR_VPENDBASER to tell the redistributor when it is
scheduling or descheduling a vCPU. When it writes and changes the
VALID bit from 0 to 1, it is scheduling a vCPU, and we must update
our view of the current highest priority pending vLPI from the new
Pending and Configuration tables. When it writes and changes the
VALID bit from 1 to 0, it is descheduling, which means that there is
no longer a highest priority pending vLPI.
The specification allows the implementation to use part of the vLPI
Pending table as an IMPDEF area where it can cache information when a
vCPU is descheduled, so that it can avoid having to do a full rescan
of the tables when the vCPU is scheduled again. For now, we don't
take advantage of this, and simply do a complete rescan.
Peter Maydell [Fri, 8 Apr 2022 14:15:37 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_redist: Factor out "update hpplpi for all LPIs" logic
Factor out the common part of gicv3_redist_update_lpi_only() into
a new function update_for_all_lpis(), which does a full rescan
of an LPI Pending table and sets the specified PendingIrq struct
with the highest priority pending enabled LPI it finds.
Peter Maydell [Fri, 8 Apr 2022 14:15:36 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_redist: Factor out "update hpplpi for one LPI" logic
Currently the functions which update the highest priority pending LPI
information by looking at the LPI Pending and Configuration tables
are hard-coded to use the physical LPI tables addressed by
GICR_PENDBASER and GICR_PROPBASER. To support virtual LPIs we will
need to do essentially the same job, but looking at the current
virtual LPI Pending and Configuration tables and updating cs->hppvlpi
instead of cs->hpplpi.
Factor out the common part of the gicv3_redist_check_lpi_priority()
function into a new update_for_one_lpi() function, which updates
a PendingIrq struct if the specified LPI is higher priority than
what is currently recorded there.
The maintenance interrupt state depends only on:
* ICH_HCR_EL2
* ICH_LR<n>_EL2
* ICH_VMCR_EL2 fields VENG0 and VENG1
Now we have a separate function that updates only the vIRQ and vFIQ
lines, use that in places that only change state that affects vIRQ
and vFIQ but not the maintenance interrupt.
Peter Maydell [Fri, 8 Apr 2022 14:15:34 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_cpuif: Support vLPIs
The CPU interface changes to support vLPIs are fairly minor:
in the parts of the code that currently look at the list registers
to determine the highest priority pending virtual interrupt, we
must also look at the highest priority pending vLPI. To do this
we change hppvi_index() to check the vLPI and return a special-case
value if that is the right virtual interrupt to take. The callsites
(which handle HPPIR and IAR registers and the "raise vIRQ and vFIQ
lines" code) then have to handle this special-case value.
This commit includes two interfaces with the as-yet-unwritten
redistributor code:
* the new GICv3CPUState::hppvlpi will be set by the redistributor
(in the same way as the existing hpplpi does for physical LPIs)
* when the CPU interface acknowledges a vLPI it needs to set it
to non-pending; the new gicv3_redist_vlpi_pending() function
(which matches the existing gicv3_redist_lpi_pending() used
for physical LPIs) is a stub that will be filled in later
Peter Maydell [Fri, 8 Apr 2022 14:15:33 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_cpuif: Split "update vIRQ/vFIQ" from gicv3_cpuif_virt_update()
The function gicv3_cpuif_virt_update() currently sets all of vIRQ,
vFIQ and the maintenance interrupt. This implies that it has to be
used quite carefully -- as the comment notes, setting the maintenance
interrupt will typically cause the GIC code to be re-entered
recursively. For handling vLPIs, we need the redistributor to be
able to tell the cpuif to update the vIRQ and vFIQ lines when the
highest priority pending vLPI changes. Since that change can't cause
the maintenance interrupt state to change, we can pull the "update
vIRQ/vFIQ" parts of gicv3_cpuif_virt_update() out into a separate
function, which the redistributor can then call without having to
worry about the reentrancy issue.
Peter Maydell [Fri, 8 Apr 2022 14:15:32 +0000 (15:15 +0100)]
hw/intc/arm_gicv3: Implement new GICv4 redistributor registers
Implement the new GICv4 redistributor registers: GICR_VPROPBASER
and GICR_VPENDBASER; for the moment we implement these as simple
reads-as-written stubs, together with the necessary migration
and reset handling.
We don't put ID-register checks on the handling of these registers,
because they are all in the only-in-v4 extra register frames, so
they're not accessible in a GICv3.
Peter Maydell [Fri, 8 Apr 2022 14:15:31 +0000 (15:15 +0100)]
hw/intc/arm_gicv3: Implement GICv4's new redistributor frame
The GICv4 extends the redistributor register map -- where GICv3
had two 64KB frames per CPU, GICv4 has four frames. Add support
for the extra frame by using a new gicv3_redist_size() function
in the places in the GIC implementation which currently use
a fixed constant size for the redistributor register block.
(Until we implement the extra registers they will RAZ/WI.)
Any board that wants to use a GICv4 will need to also adjust
to handle the different sized redistributor register block;
that will be done separately.
Peter Maydell [Fri, 8 Apr 2022 14:15:30 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Implement VINVALL
The VINVALL command should cause any cached information in the
ITS or redistributor for the specified vCPU to be dropped or
otherwise made consistent with the in-memory LPI configuration
tables.
Here we implement the command and table parsing, leaving the
redistributor part as a stub for the moment, as usual.
Peter Maydell [Fri, 8 Apr 2022 14:15:29 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Implement VMOVI
Implement the GICv4 VMOVI command, which moves the pending state
of a virtual interrupt from one redistributor to another. As with
MOVI, we handle the "parse and validate command arguments and
table lookups" part in the ITS source file, and pass the final
results to a function in the redistributor which will do the
actual operation. As with the "make a VLPI pending" change,
for the moment we leave that redistributor function as a stub,
to be implemented in a later commit.
Peter Maydell [Fri, 8 Apr 2022 14:15:28 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Implement INV for virtual interrupts
Implement the ITS side of the handling of the INV command for
virtual interrupts; as usual this calls into a redistributor
function which we leave as a stub to fill in later.
We were previously implementing INV (like INVALL) to just blow away
cached highest-priority-pending-LPI information on all connected
redistributors. For GICv4.0, this isn't going to be sufficient,
because the LPI we are invalidating cached information for might be
either physical or virtual, and the required action is different for
those two cases. So we need to do the full process of looking up the
ITE from the devid and eventid. This also means we can do the error
checks that the spec lists for this command.
Split out INV handling into a process_inv() function like our other
command-processing functions. For the moment, stick to handling only
physical LPIs; we will add the vLPI parts later.
Peter Maydell [Fri, 8 Apr 2022 14:15:26 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Implement VSYNC
The VSYNC command forces the ITS to synchronize all outstanding ITS
operations for the specified vPEID, so that subsequent writes to
GITS_TRANSLATER honour them. The QEMU implementation is always in
sync, so for us this is a nop, like the existing SYNC command.
Peter Maydell [Fri, 8 Apr 2022 14:15:25 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Implement VMOVP
Implement the GICv4 VMOVP command, which updates an entry in the vPE
table to change its rdbase field. This command is unique in the ITS
command set because its effects must be propagated to all the other
ITSes connected to the same GIC as the ITS which executes the VMOVP
command.
The GICv4 spec allows two implementation choices for handling the
propagation to other ITSes:
* If GITS_TYPER.VMOVP is 1, the guest only needs to issue the command
on one ITS, and the implementation handles the propagation to
all ITSes
* If GITS_TYPER.VMOVP is 0, the guest must issue the command on
every ITS, and arrange for the ITSes to synchronize the updates
with each other by setting ITSList and Sequence Number fields
in the command packets
We choose the GITS_TYPER.VMOVP = 1 approach, and synchronously
execute the update on every ITS.
For GICv4.1 this command has extra fields in the command packet and
additional behaviour. We define the 4.1-only fields with the FIELD
macro, but only implement the GICv4.0 version of the command.
Note that we don't update the reported GITS_TYPER value here;
we'll do that later in a commit which updates all the reported
feature bit and ID register values for GICv4.
* tag 'dump-pull-request' of gitlab.com:marcandre.lureau/qemu:
dump/win_dump: add 32-bit guest Windows support
include/qemu: add 32-bit Windows dump structures
dump/win_dump: add helper macros for Windows dump header access
include/qemu: rename Windows context definitions to expose bitness
dump: Consolidate elf note function
dump: Cleanup dump_begin write functions
dump: Consolidate phdr note writes
dump: Introduce dump_is_64bit() helper function
dump: Add more offset variables
dump: Remove the section if when calculating the memory offset
dump: Introduce shdr_num to decrease complexity
dump: Remove the sh_info variable
dump: Use ERRP_GUARD()
Before this patch, 'dump-guest-memory -w' was accepting only 64-bit
dump header provided by guest through vmcoreinfo and thus was unable
to produce 32-bit guest Windows dump. So, add 32-bit guest Windows
dumping support.
These structures are required to produce 32-bit guest Windows Complete
Memory Dump. Add 32-bit Windows dump header, CPU context and physical
memory descriptor structures along with corresponding definitions.
Janosch Frank [Wed, 30 Mar 2022 12:35:58 +0000 (12:35 +0000)]
dump: Remove the section if when calculating the memory offset
When s->shdr_num is 0 we'll add 0 bytes of section headers which is
equivalent to not adding section headers but with the multiplication
we can remove a if/else.
Janosch Frank [Thu, 7 Apr 2022 09:48:24 +0000 (09:48 +0000)]
dump: Remove the sh_info variable
There's no need to have phdr_num and sh_info at the same time. We can
make phdr_num 32 bit and set PN_XNUM when we write the header if
phdr_num >= PN_XNUM.
Janosch Frank [Wed, 30 Mar 2022 12:35:55 +0000 (12:35 +0000)]
dump: Use ERRP_GUARD()
Let's move to the new way of handling errors before changing the dump
code. This patch has mostly been generated by the coccinelle script
scripts/coccinelle/errp-guard.cocci.
Peter Maydell [Fri, 8 Apr 2022 14:15:24 +0000 (15:15 +0100)]
hw/intc/arm_gicv3: Keep pointers to every connected ITS
The GICv4 ITS VMOVP command's semantics require it to perform the
operation on every ITS connected to the same GIC that the ITS that
received the command is attached to. This means that the GIC object
needs to keep a pointer to every ITS that is connected to it
(previously it was sufficient for the ITS to have a pointer to its
GIC).
Add a glib ptrarray to the GICv3 object which holds pointers to every
connected ITS, and make the ITS add itself to the array for the GIC
it is connected to when it is realized.
Note that currently all QEMU machine types with an ITS have exactly
one ITS in the system, so typically the length of this ptrarray will
be 1. Multiple ITSes are typically used to improve performance on
real hardware, so we wouldn't need to have more than one unless we
were modelling a real machine type that had multile ITSes.
Peter Maydell [Fri, 8 Apr 2022 14:15:23 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Handle virtual interrupts in process_its_cmd()
For GICv4, interrupt table entries read by process_its_cmd() may
indicate virtual LPIs which are to be directly injected into a VM.
Implement the ITS side of the code for handling this. This is
similar to the existing handling of physical LPIs, but instead of
looking up a collection ID in a collection table, we look up a vPEID
in a vPE table. As with the physical LPIs, we leave the rest of the
work to code in the redistributor device.
The redistributor half will be implemented in a later commit;
for now we just provide a stub function which does nothing.
Peter Maydell [Fri, 8 Apr 2022 14:15:22 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Split out process_its_cmd() physical interrupt code
Split the part of process_its_cmd() which is specific to physical
interrupts into its own function. This is the part which starts by
taking the ICID and looking it up in the collection table. The
handling of virtual interrupts is significantly different (involving
a lookup in the vPE table) so structuring the code with one
sub-function for the physical interrupt case and one for the virtual
interrupt case will be clearer than putting both cases in one large
function.
The code for handling the "remove mapping from ITE" for the DISCARD
command remains in process_its_cmd() because it is common to both
virtual and physical interrupts.
Peter Maydell [Fri, 8 Apr 2022 14:15:20 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Factor out "find ITE given devid, eventid"
The operation of finding an interrupt table entry given a (DeviceID,
EventID) pair is necessary in multiple different ITS commands. The
process requires first using the DeviceID as an index into the device
table to find the DTE, and then useng the EventID as an index into
the interrupt table specified by that DTE to find the ITE. We also
need to handle all the possible error cases: indexes out of range,
table memory not readable, table entries not valid.
Factor this out into a separate lookup_ite() function which we
can then call from the places where we were previously open-coding
this sequence. We'll also need this for some of the new GICv4.0
commands.
Peter Maydell [Fri, 8 Apr 2022 14:15:19 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Distinguish success and error cases of CMD_CONTINUE
In the ItsCmdResult enum, we currently distinguish only CMD_STALL
(failure, stall processing of the command queue) and CMD_CONTINUE
(keep processing the queue), and we use the latter both for "there
was a parameter error, go on to the next command" and "the command
succeeded, go on to the next command". Sometimes we would like to
distinguish those two cases, so add CMD_CONTINUE_OK to the enum to
represent the success situation, and use it in the relevant places.
Peter Maydell [Fri, 8 Apr 2022 14:15:18 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Implement VMAPP
Implement the GICv4 VMAPP command, which writes an entry to the vPE
table.
For GICv4.1 this command has extra fields in the command packet
and additional behaviour. We define the 4.1-only fields with the
FIELD macro, but only implement the GICv4.0 version of the command.
Peter Maydell [Fri, 8 Apr 2022 14:15:17 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Implement VMAPI and VMAPTI
Implement the GICv4 VMAPI and VMAPTI commands. These write
an interrupt translation table entry that maps (DeviceID,EventID)
to (vPEID,vINTID,doorbell). The only difference between VMAPI
and VMAPTI is that VMAPI assumes vINTID == EventID rather than
both being specified in the command packet.
(This code won't be reachable until we allow the GIC version to be
set to 4. Support for reading this new virtual-interrupt DTE and
handling it correctly will be implemented in a later commit.)
Peter Maydell [Fri, 8 Apr 2022 14:15:16 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Implement GITS_BASER2 for GICv4
The GICv4 defines a new in-guest-memory table for the ITS: this is
the vPE table. Implement the new GITS_BASER2 register which the
guest uses to tell the ITS where the vPE table is located, including
the decode of the register fields into the TableDesc structure which
we do for the GITS_BASER<n> when the guest enables the ITS.
We guard provision of the new register with the its_feature_virtual()
function, which does a check of the GITS_TYPER.Virtual bit which
indicates presence of ITS support for virtual LPIs. Since this bit
is currently always zero, GICv4-specific features will not be
accessible to the guest yet.
Peter Maydell [Fri, 8 Apr 2022 14:15:15 +0000 (15:15 +0100)]
hw/intc/arm_gicv3_its: Factor out "is intid a valid LPI ID?"
In process_mapti() we check interrupt IDs to see whether they are
in the valid LPI range. Factor this out into its own utility
function, as we're going to want it elsewhere too for GICv4.
Peter Maydell [Fri, 8 Apr 2022 14:15:14 +0000 (15:15 +0100)]
target/arm/cpu.c: ignore VIRQ and VFIQ if no EL2
In a GICv3, it is impossible for the GIC to deliver a VIRQ or VFIQ to
the CPU unless the CPU has EL2, because VIRQ and VFIQ are only
configurable via EL2-only system registers. Moreover, in our
implementation we were only calculating and updating the state of the
VIRQ and VFIQ lines in gicv3_cpuif_virt_irq_fiq_update() when those
EL2 system registers changed. We were therefore able to assert in
arm_cpu_set_irq() that we didn't see a VIRQ or VFIQ line update if
EL2 wasn't present.
This assumption no longer holds with GICv4:
* even if the CPU does not have EL2 the guest is able to cause the
GIC to deliver a virtual LPI by programming the ITS (which is a
silly thing for it to do, but possible)
* because we now need to recalculate the state of the VIRQ and VFIQ
lines in more cases than just "some EL2 GIC sysreg was written",
we will see calls to arm_cpu_set_irq() for "VIRQ is 0, VFIQ is 0"
even if the guest is not using the virtual LPI parts of the ITS
Remove the assertions, and instead simply ignore the state of the
VIRQ and VFIQ lines if the CPU does not have EL2.
Peter Maydell [Fri, 8 Apr 2022 14:15:13 +0000 (15:15 +0100)]
hw/intc/arm_gicv3: Report correct PIDR0 values for ID registers
We use the common function gicv3_idreg() to supply the CoreSight ID
register values for the GICv3 for the copies of these ID registers in
the distributor, redistributor and ITS register frames. This isn't
quite correct, because while most of the register values are the
same, the PIDR0 value should vary to indicate which of these three
frames it is. (You can see this and also the correct values of these
PIDR0 registers by looking at the GIC-600 or GIC-700 TRMs, for
example.)
Make gicv3_idreg() take an extra argument for the PIDR0 value.
Peter Maydell [Fri, 8 Apr 2022 14:15:12 +0000 (15:15 +0100)]
hw/intc/arm_gicv3: Insist that redist region capacity matches CPU count
Boards using the GICv3 need to configure it with both the total
number of CPUs and also the sizes of all the memory regions which
contain redistributors (one redistributor per CPU). At the moment
the GICv3 checks that the number of CPUs specified is not too many to
fit in the defined redistributor regions, but in fact the code
assumes that the two match exactly. For instance when we set the
GICR_TYPER.Last bit on the final redistributor in each region, we
assume that we don't need to consider the possibility of a region
being only half full of redistributors or even completely empty. We
also assume in gicv3_redist_read() and gicv3_redist_write() that we
can calculate the CPU index from the offset within the MemoryRegion
and that this will always be in range.
Fortunately all the board code sets the redistributor region sizes to
exactly match the CPU count, so this isn't a visible bug. We could
in theory make the GIC code handle non-full redistributor regions, or
have it automatically reduce the provided region sizes to match the
CPU count, but the simplest thing is just to strengthen the error
check and insist that the CPU count and redistributor region size
settings match exactly, since all the board code does that anyway.
Peter Maydell [Fri, 8 Apr 2022 14:15:11 +0000 (15:15 +0100)]
hw/intc/arm_gicv3: Sanity-check num-cpu property
In the GICv3 code we implicitly rely on there being at least one CPU
and thus at least one redistributor and CPU interface. Sanity-check
that the property the board code sets is not zero.
Merge tag 'pull-riscv-to-apply-20220422-1' of github.com:alistair23/qemu into staging
First RISC-V PR for QEMU 7.1
* Add support for Ibex SPI to OpenTitan
* Add support for privileged spec version 1.12.0
* Use privileged spec version 1.12.0 for virt machine by default
* Allow software access to MIP SEIP
* Add initial support for the Sdtrig extension
* Optimisations for vector extensions
* Improvements to the misa ISA string
* Add isa extenstion strings to the device tree
* Don't allow `-bios` options with KVM machines
* Fix NAPOT range computation overflow
* Fix DT property mmu-type when CPU mmu option is disabled
* Make RISC-V ACLINT mtime MMIO register writable
* Add and enable native debug feature
* Support 64bit fdt address.
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAmJh+GQACgkQIeENKd+X
# cFTKZQf/UQ8yb5DozdeNbm2pmfjJnEEsnXB6k95wIX9pjrJ3HkypHzoRpLbIDzET
# KsPjRW6N5SLPINrYfgBuxUv0A/6jOG7cTC/Bimu16wPyS2zQopiTTgiJv6qLkO5G
# QUBWz/6kaXNT+fQiTnXXqjViADO49FigYRWUmRfNabeUwb6YoQwoBY6B5jpwZlbI
# B9qDdcKnYet5zwi1rGFedRC1XtP7ZDF1lylqNS2nnfr1ZvOWYkAJb5TJDi/4qUpz
# i/wGRx/8KaYD5ehGe7Xd50sMM9lLlzNgOnZL0F5cRnA8e/3nRFjTeQ7RoSKGBdaS
# 7J4RqA9YMhuPL2tTq95wof6EpVsSNw==
# =yLIg
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 21 Apr 2022 05:35:48 PM PDT
# gpg: using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <[email protected]>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054
* tag 'pull-riscv-to-apply-20220422-1' of github.com:alistair23/qemu: (31 commits)
hw/riscv: boot: Support 64bit fdt address.
hw/core: tcg-cpu-ops.h: Update comments of debug_check_watchpoint()
target/riscv: cpu: Enable native debug feature
target/riscv: machine: Add debug state description
target/riscv: csr: Hook debug CSR read/write
target/riscv: cpu: Add a config option for native debug
target/riscv: debug: Implement debug related TCGCPUOps
hw/intc: riscv_aclint: Add reset function of ACLINT devices
hw/intc: Make RISC-V ACLINT mtime MMIO register writable
hw/intc: Support 32/64-bit mtimecmp and mtime accesses in RISC-V ACLINT
hw/intc: Add .impl.[min|max]_access_size declaration in RISC-V ACLINT
hw/riscv: virt: fix DT property mmu-type when CPU mmu option is disabled
target/riscv/pmp: fix NAPOT range computation overflow
hw/riscv: virt: Exit if the user provided -bios in combination with KVM
target/riscv: Use cpu_loop_exit_restore directly from mmu faults
target/riscv: fix start byte for vmv<nf>r.v when vstart != 0
target/riscv: Add isa extenstion strings to the device tree
target/riscv: misa to ISA string conversion fix
target/riscv: optimize helper for vmv<nr>r.v
target/riscv: optimize condition assign for scale < 0
...
Merge tag 'pull-migration-20220421a' of https://gitlab.com/dagrh/qemu into staging
V2: Migration pull 2022-04-21
Dan: Test fixes and improvements (TLS mostly)
Peter: Postcopy improvements
Me: Race fix for info migrate, and compilation fix
V2:
Fixed checkpatch nit of unneeded NULL check
Signed-off-by: Dr. David Alan Gilbert <[email protected]>
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEERfXHG0oMt/uXep+pBRYzHrxb/ecFAmJhpLIACgkQBRYzHrxb
# /edCPQ//dITFWStcsvon8gBBRWY/ekz/EdmWd2KFUp1r/yzopXExW5Gy+MzzTEwk
# axf7s991eyjta1gU0IYCzWcuR36LE8YsZRgDlOhttZ/674ZnX5ZIJBggwDKE/bYE
# IEHd8qsHy6oV8UIFvBQ6wvIDJmH+8gOwnPUzOO9Ek2UkSgBGsptZ8d6Hi0hTzYFB
# omhgc2eO3XQUlxM+8MwlrZU84QkxnBn2g7nVgDQyRokAou46Yf8FD/bWv3CKAdO+
# Ph+4XjBiddBFYUtf4XWSTvVfi23kij1k/4bjH3zaocE86gQ6CUteImFtowwr6N95
# sJl1EXBOtz0BP5xONqkywpWi1Qqg+mecF4KrS4XAHszaUkaj3sTFOyItwlTzZErF
# /2dZRsPRs9fTcjjzpOe/CKoGr+CcyZdxY1qbCNfHaJagdxytN2qxOaneTUbKYUE5
# n4Om9zxDS2esZCnkx26e2wylJ1wzKZBbjsoKYQA4IGaQ6Qz8Zciea0tApwhgyVjs
# KHcYtvScPLxmEEKgzDap6B7fJxyaOg3KNX+0XzLLpLS1oaeqwvSIQM/QMMrnwGxs
# uA1LI2uqlQBitaJOhgLMnNH4ze27HC3DM4OWAE+iOhpD+LNAWstjWraNNXbG4sSj
# 55ndJHJxOCjPlFY4dB/ytUbUo7XBkztCR4c1+I+lSUbMTq3KuUg=
# =M5sx
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 21 Apr 2022 11:38:42 AM PDT
# gpg: using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <[email protected]>" [full]
* tag 'pull-migration-20220421a' of https://gitlab.com/dagrh/qemu:
migration: Read state once
migration: Fix operator type
migration: Allow migrate-recover to run multiple times
migration: Move channel setup out of postcopy_try_recover()
migration: Export ram_load_postcopy()
migration: Move migrate_allow_multifd and helpers into migration.c
migration: Add pss.postcopy_requested status
migration: Drop multifd tls_hostname cache
migration: Postpone releasing MigrationState.hostname
tests: expand the migration precopy helper to support failures
tests: switch migration FD passing test to use common precopy helper
tests: introduce ability to provide hooks for migration precopy test
tests: merge code for UNIX and TCP migration pre-copy tests
tests: switch MigrateStart struct to be stack allocated
migration: fix use of TLS PSK credentials with a UNIX socket
tests: print newline after QMP response in qtest logs
tests: support QTEST_TRACE env variable
tests: improve error message when saving TLS PSK file fails
projects / qemu.git / log