Max Reitz [Tue, 18 Feb 2020 10:34:41 +0000 (11:34 +0100)]
block: Add bdrv_recurse_can_replace()
After a couple of follow-up patches, this function will replace
bdrv_recurse_is_first_non_filter() in check_to_replace_node().
bdrv_recurse_is_first_non_filter() is both not sufficiently specific for
check_to_replace_node() (it allows cases that should not be allowed,
like replacing child nodes of quorum with dissenting data that have more
parents than just quorum), and it is too restrictive (it is perfectly
fine to replace filters).
Max Reitz [Tue, 18 Feb 2020 10:34:40 +0000 (11:34 +0100)]
quorum: Fix child permissions
Quorum cannot share WRITE or RESIZE on its children. Presumably, it
only does so because as a filter, it seemed intuitively correct to point
its .bdrv_child_perm to bdrv_filter_default_perm().
However, it is not really a filter, and bdrv_filter_default_perm() does
not work for it, so we have to provide a custom .bdrv_child_perm
implementation.
Max Reitz [Tue, 18 Feb 2020 10:34:39 +0000 (11:34 +0100)]
iotests: Let 041 use -blockdev for quorum children
Using -drive with default options means that a virtio-blk drive will be
created that has write access to the to-be quorum children. Quorum
should have exclusive write access to them, so we should use -blockdev
instead.
Max Reitz [Tue, 18 Feb 2020 10:34:37 +0000 (11:34 +0100)]
blockdev: Allow resizing everywhere
Block nodes that do not allow resizing should not share BLK_PERM_RESIZE.
It does not matter whether they are the first non-filter in their chain
or not.
Max Reitz [Tue, 18 Feb 2020 10:34:36 +0000 (11:34 +0100)]
blockdev: Allow external snapshots everywhere
There is no good reason why we would allow external snapshots only on
the first non-filter node in a chain. Parent BDSs should not care
whether their child is replaced by a snapshot. (If they do care, they
should announce that via freezing the chain, which is checked in
bdrv_append() through bdrv_set_backing_hd().)
Before we had bdrv_is_first_non_filter() here (since 212a5a8f095), there
was a special function bdrv_check_ext_snapshot() that allowed snapshots
by default, but block drivers could override this. Only blkverify did
so, however.
It is not clear to me why blkverify would do so; maybe just so that the
testee block driver would not be replaced. The introducing commit f6186f49e2c does not explain why. Maybe because 08b24cfe376 would have
been the correct solution? (Which adds a .supports_backing check.)
Kevin Wolf [Fri, 14 Feb 2020 20:08:12 +0000 (21:08 +0100)]
iotests: Test error handling policies with block-commit
This tests both read failure (from the top node) and write failure (to
the base node) for on-error=report/stop/ignore.
As block-commit actually starts two different types of block jobs
(mirror.c for committing the active later, commit.c for intermediate
layers), all tests are run for both cases.
Kevin Wolf [Fri, 14 Feb 2020 20:08:11 +0000 (21:08 +0100)]
commit: Expose on-error option in QMP
Now that the error handling in the common block job is fixed, we can
expose the on-error option in QMP instead of hard-coding it as 'report'
in qmp_block_commit().
This fulfills the promise that the old comment in that function made,
even if a bit later than expected: "This will be part of the QMP
command, if/when the BlockdevOnError change for blkmirror makes it in".
Kevin Wolf [Fri, 14 Feb 2020 20:08:10 +0000 (21:08 +0100)]
commit: Fix is_read for block_job_error_action()
block_job_error_action() needs to know if reading from the top node or
writing to the base node failed so that it can set the right 'operation'
in the BLOCK_JOB_ERROR QMP event.
Kevin Wolf [Fri, 14 Feb 2020 20:08:09 +0000 (21:08 +0100)]
commit: Inline commit_populate()
commit_populate() is a very short function and only called in a single
place. Its return value doesn't tell us whether an error happened while
reading or writing, which would be necessary for sending the right data
in the BLOCK_JOB_ERROR QMP event.
Kevin Wolf [Fri, 14 Feb 2020 20:08:07 +0000 (21:08 +0100)]
commit: Remove unused bytes_written
The bytes_written variable is only ever written to, it serves no
purpose. This has actually been the case since the commit job was first
introduced in commit 747ff602636.
Kevin Wolf [Fri, 14 Feb 2020 20:08:06 +0000 (21:08 +0100)]
qapi: Document meaning of 'ignore' BlockdevOnError for jobs
It is not obvious what 'ignore' actually means for block jobs: It could
be continuing the job and returning success in the end despite the error
(no block job does this). It could also mean continuing and returning
failure in the end (this is what stream does). And it can mean retrying
the failed request later (this is what backup, commit and mirror do).
This (somewhat inconsistent) behaviour was introduced and described for
stream and mirror in commit 32c81a4a6ec. backup and commit were
introduced later and use the same model as mirror.
Kevin Wolf [Tue, 11 Feb 2020 09:49:00 +0000 (10:49 +0100)]
iotests: Test copy offloading with external data file
This adds a test for 'qemu-img convert' with copy offloading where the
target image has an external data file. If the test hosts supports it,
it tests both the case where copy offloading is supported and the case
where it isn't (otherwise we just test unsupported twice).
More specifically, the case with unsupported copy offloading tests
qcow2_alloc_cluster_abort() with external data files.
Kevin Wolf [Tue, 11 Feb 2020 09:48:59 +0000 (10:48 +0100)]
qcow2: Fix qcow2_alloc_cluster_abort() for external data file
For external data file, cluster allocations return an offset in the data
file and are not refcounted. In this case, there is nothing to do for
qcow2_alloc_cluster_abort(). Freeing the same offset in the qcow2 file
is wrong and causes crashes in the better case or image corruption in
the worse case.
Kevin Wolf [Tue, 11 Feb 2020 09:48:58 +0000 (10:48 +0100)]
qcow2: update_refcount(): Reset old_table_index after qcow2_cache_put()
In the case that update_refcount() frees a refcount block, it evicts it
from the metadata cache. Before doing so, however, it returns the
currently used refcount block to the cache because it might be the same.
Returning the refcount block early means that we need to reset
old_table_index so that we reload the refcount block in the next
iteration if it is actually still in use.
Hikaru Nishida [Sun, 9 Feb 2020 17:51:56 +0000 (02:51 +0900)]
block/vvfat: Do not unref qcow on closing backing bdrv
Before this commit, BDRVVVFATState.qcow is unrefed in write_target_close
on closing backing bdrv of vvfat. However, qcow bdrv is opend as a child
of vvfat in enable_write_target() so it will be also unrefed on closing
vvfat itself. This causes use-after-free of qcow on freeing vvfat which
has backing bdrv and qcow bdrv as children in this order because
bdrv_close(vvfat) tries to free qcow bdrv after freeing backing bdrv
as QLIST_FOREACH_SAFE() loop keeps next pointer, but BdrvChild of qcow
is already freed in bdrv_close(backing bdrv).
Alberto Garcia [Thu, 13 Feb 2020 17:16:46 +0000 (18:16 +0100)]
qcow2: Fix alignment checks in encrypted images
I/O requests to encrypted media should be aligned to the sector size
used by the underlying encryption method, not to BDRV_SECTOR_SIZE.
Fortunately this doesn't break anything at the moment because
both existing QCRYPTO_BLOCK_*_SECTOR_SIZE have the same value as
BDRV_SECTOR_SIZE.
The checks in qcow2_co_preadv_encrypted() are also unnecessary because
they are repeated immediately afterwards in qcow2_co_encdec().
Kevin Wolf [Tue, 28 Jan 2020 15:09:28 +0000 (16:09 +0100)]
mirror: Don't let an operation wait for itself
mirror_wait_for_free_in_flight_slot() just picks a random operation to
wait for. However, when mirror_co_read() waits for free slots, its
MirrorOp is already in s->ops_in_flight, so if not enough slots are
immediately available, an operation can end up waiting for itself to
complete, which results in a hang.
Fix this by passing the current MirrorOp and skipping this operation
when picking an operation to wait for.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1794692 Signed-off-by: Kevin Wolf <[email protected]> Reviewed-by: Eric Blake <[email protected]>
Kevin Wolf [Tue, 28 Jan 2020 15:06:41 +0000 (16:06 +0100)]
mirror: Store MirrorOp.co for debuggability
If a coroutine is launched, but the coroutine pointer isn't stored
anywhere, debugging any problems inside the coroutine is quite hard.
Let's store the coroutine pointer of a mirror operation in MirrorOp to
have it available in the debugger.
Kevin Wolf [Wed, 29 Jan 2020 10:22:39 +0000 (11:22 +0100)]
monitor: Move qmp_query_qmp_schema to qmp-cmds-control.c
monitor/misc.c contains code that works only in the system emulator, so
it can't be linked to tools like a storage daemon. In order to make
schema introspection available for tools, move the function to
monitor/qmp-cmds-control.c, which can be linked into the storage daemon.
Kevin Wolf [Wed, 29 Jan 2020 10:22:38 +0000 (11:22 +0100)]
monitor: Collect "control" command handlers in qmp-cmds.control.c
Move all of the QMP commands handlers to implement the 'control' module
(qapi/control.json) that can be shared between the system emulator and
tools such as a storage daemon to a new file monitor/qmp-cmds-control.c.
Kevin Wolf [Wed, 29 Jan 2020 10:22:37 +0000 (11:22 +0100)]
qapi: Split control.json off misc.json
misc.json contains definitions that are related to the system emulator,
so it can't be used for other tools like the storage daemon. This patch
moves basic functionality that is shared between all tools (and mostly
related to the monitor itself) into a new control.json, which could be
used in tools as well.
Kevin Wolf [Wed, 29 Jan 2020 10:22:36 +0000 (11:22 +0100)]
monitor: Move monitor option parsing to monitor/monitor.c
Both the system emulators and tools with QMP support (specifically, the
planned storage daemon) will need to parse monitor options, so move that
code to monitor/monitor.c, which can be linked into binaries that aren't
a system emulator.
Currently, there is no usage of TARGET_NR_syscall_count for target
xtensa, and there is no obvious indication if there is some planned
usage in future.
* remotes/armbru/tags/pull-qapi-2020-02-15:
qapi: Delete all the "foo: dropped in n.n" notes
qapi/migration.json: Replace _this_ with *this*
qapi: Add blank lines before bulleted lists
qapi: Use explicit bulleted lists
qapi/ui.json: Avoid `...' Texinfo style quoting
qapi/ui.json: Put input-send-event body text in the right place
qapi: Remove hardcoded tabs
qapi: Fix indent level on doc comments in json files
qapi: Fix incorrect "Not documented" claims in QMP documentation
qapi/block-core.json: Use literal block for ascii art
qga/qapi-schema.json: minor format fixups for rST
qga/qapi-schema.json: Fix indent level on doc comments
qga/qapi-schema.json: Fix missing '-' in GuestDiskBusType doc comment
Makefile: Fix typo in dependency list for interop manpages
configure: Check that sphinx-build is using Python 3
configure: Pick sphinx-build-3 when available
configure: Allow user to specify sphinx-build binary
qapi: Expand documentation for LostTickPolicy
Peter Maydell [Thu, 13 Feb 2020 17:56:35 +0000 (17:56 +0000)]
qapi: Delete all the "foo: dropped in n.n" notes
A handful of QAPI doc comments include lines like
"ppcemb: dropped in 3.1". The doc comment parser will just
put these into whatever the preceding section was; sometimes
that's "Notes", and sometimes it's some random other section,
as with "NetClientDriver" where the "'dump': dropped in 2.12"
line ends up in the "Since:" section.
This tends to render wrongly, more so in the upcoming rST
generator, but sometimes even in the Texinfo, as in the case
of QKeyCode:
ac_bookmarks
since 2.10 altgr, altgr_r: dropped in 2.10
Since commit 3264ffced3 (v4.2.0), we have a better place to tell
users about deprecated and deleted functionality --
qemu-deprecated.texi. These "dropped in" remarks all predate it, and
other feature drops of that vintage are not documented anywhere, so
moving these to qemu-deprecated.texi makes little sense. Drop them
instead.
Peter Maydell [Thu, 13 Feb 2020 17:56:34 +0000 (17:56 +0000)]
qapi/migration.json: Replace _this_ with *this*
The MigrationInfo::setup-time documentation is the only place where we
use _this_ inline markup for emphasis, commonly rendered in italics.
We would like to switch the doc comments to rST format, but rST
doesn't recognize that markup and emits literal underscores.
Switch to *this* instead. Changes markup to strong emphasis with
Texinfo, commonly rendered as bold. With rST, it will go right back
to emphasis / italics.
rST also uses **this** for strong (commonly rendered bold) where
Texinfo uses *this*. We have one place in the doc comments
which uses strong/bold markup, in qapi/introspect.json:
Note: the QAPI schema is also used to help define *internal*
When we switch to rST that will be rendered as emphasis / italics.
Markus (who wrote that) thinks that using emphasis / italics
there is an improvement, so we leave that markup alone.
Peter Maydell [Thu, 13 Feb 2020 17:56:33 +0000 (17:56 +0000)]
qapi: Add blank lines before bulleted lists
We would like to switch the doc comments to rST format. rST
insists on a blank line before and after a bulleted list, but our
Texinfo doc generator did not. Add some extra blank lines in the doc
comments so they're acceptable rST input.
Peter Maydell [Thu, 13 Feb 2020 17:56:30 +0000 (17:56 +0000)]
qapi: Use explicit bulleted lists
A JSON block comment like this:
Returns: nothing on success
If @node is not a valid block device, DeviceNotFound
If @name is not found, GenericError with an explanation
renders like this:
Returns: nothing on success If node is not a valid block device,
DeviceNotFound If name is not found, GenericError with an explanation
because whitespace is not significant.
Use an actual bulleted list, so that the formatting is correct.
Peter Maydell [Thu, 13 Feb 2020 17:56:29 +0000 (17:56 +0000)]
qapi/ui.json: Avoid `...' Texinfo style quoting
Avoid Texinfo style quoting with `...', because we would like to
switch the doc comments to rST format, and rST treats it as a syntax
error. Use '...' instead, as we do in other doc comments. This looks
OK in Texinfo, and rST formats it as paired-quotation-marks.
Peter Maydell [Thu, 13 Feb 2020 17:56:28 +0000 (17:56 +0000)]
qapi/ui.json: Put input-send-event body text in the right place
In the doc comment for input-send-event, there is a multi-line
chunk of text ("The @device...take precedence") which is intended
to be the main body text describing the event. However it has
been placed after the arguments and Returns: section, which
means that the parser actually thinks that this text is
part of the "Returns" section text.
Move the body text up to the top so that the parser correctly
classifies it as body.
Peter Maydell [Thu, 13 Feb 2020 17:56:26 +0000 (17:56 +0000)]
qapi: Fix indent level on doc comments in json files
The current doc generation doesn't care much about indentation levels,
but we would like to switch to an rST format, and rST does care about
indentation.
Make the doc comments more strongly consistent about indentation
for multiline constructs like:
@arg: description line 1
description line 2
Returns: line one
line 2
so that there is always exactly one space after the colon, and
subsequent lines align with the first.
This commit is a purely whitespace change, and it does not alter the
generated .texi files (because the texi generation code strips away
all the extra whitespace). This does mean that we end up with some
over-length lines.
Note that when the documentation for an argument fits on a single
line like this:
@arg: one line only
then stray extra spaces after the ':' don't affect the rST output, so
I have not attempted to methodically fix them, though the preference
is a single space here too.
Peter Maydell [Thu, 13 Feb 2020 17:56:25 +0000 (17:56 +0000)]
qapi: Fix incorrect "Not documented" claims in QMP documentation
Some qapi doc comments have forgotten the ':' after the
@argument, like this:
# @filename Filename for the new image file
# @size Size of the virtual disk in bytes
The result is that these are parsed as part of the body
text and appear as a run-on line:
filename Filename for the new image file size Size of the virtual disk in bytes"
followed by
filename: string
Not documented
size: int
Not documented
Peter Maydell [Thu, 13 Feb 2020 17:56:24 +0000 (17:56 +0000)]
qapi/block-core.json: Use literal block for ascii art
The ascii-art graph in the BlockLatencyHistogramInfo documentation
doesn't render correctly, because the whitespace is collapsed.
Use the '|' format that emits a literal 'example' block so the graph
is displayed correctly.
Strictly the Texinfo generated is still wrong because each line
goes into its own @example environment, but it renders better
than what we had before.
Fixing this rendering is a necessary prerequisite for the upcoming rST
generator, which otherwise complains about the inconsistent
indentation in the ascii-art graph.
Peter Maydell [Thu, 13 Feb 2020 17:56:23 +0000 (17:56 +0000)]
qga/qapi-schema.json: minor format fixups for rST
We would like to switch the doc comments to rST format, and rST
requires a blank line before the start of a bulleted or enumerated
list. Two places in qapi-schema.json were missing this blank line.
Some places were using an indented line as a sort of single-item
bulleted list, which in the Texinfo output comes out all run
onto a single line; use a real bulleted list instead.
Some places unnecessarily indented lists, which confuses rST.
guest-fstrim:minimum's documentation was indented the
right amount to share a line with @minimum, but wasn't
actually doing so.
The indent on the bulleted list in the guest-set-vcpus
Returns section meant rST misindented it.
Changes to the generated Texinfo are very minor (the new
bulleted lists, and a few extra blank lines).
Peter Maydell [Thu, 13 Feb 2020 17:56:22 +0000 (17:56 +0000)]
qga/qapi-schema.json: Fix indent level on doc comments
The current doc generation doesn't care much about indentation levels,
but we would like to switch to an rST format, and rST does care about
indentation.
Make the doc comments more strongly consistent about indentation
for multiline constructs like:
@arg: description line 1
description line 2
Returns: line one
line 2
so that there is always exactly one space after the colon, and
subsequent lines align with the first.
This commit is a purely whitespace change, and it does not alter the
generated .texi files (because the texi generation code strips away
all the extra whitespace). This does mean that we end up with some
over-length lines.
Note that when the documentation for an argument fits on a single
line like this:
@arg: one line only
then stray extra spaces after the ':' don't affect the rST output, so
I have not attempted to methodically fix them, though the preference
is a single space here too.
Peter Maydell [Thu, 13 Feb 2020 17:56:21 +0000 (17:56 +0000)]
qga/qapi-schema.json: Fix missing '-' in GuestDiskBusType doc comment
The doc comment for GuestDiskBusType doesn't match up with the
enumeration because of a missing hyphen in 'file-backed-virtual'.
This means the docs are rendered wrongly:
"virtual"
Win virtual bus type "file-backed" virtual: Win file-backed bus type
Peter Maydell [Thu, 13 Feb 2020 17:56:20 +0000 (17:56 +0000)]
Makefile: Fix typo in dependency list for interop manpages
Fix a typo in the dependency list for the manpages built from the
'interop' manual, which meant we were accidentally not including
the .hx file in the dependency list.
Peter Maydell [Thu, 13 Feb 2020 17:56:19 +0000 (17:56 +0000)]
configure: Check that sphinx-build is using Python 3
Currently configure's has_sphinx_build() check simply runs a dummy
sphinx-build and either passes or fails. This means that "no
sphinx-build at all" and "sphinx-build exists but is too old" are
both reported the same way.
Further, we want to assume that all the Python we write is running
with at least Python 3.5; configure checks that for our scripts, but
Sphinx extensions run with whatever Python version sphinx-build
itself is using.
Add a check to our conf.py which makes sphinx-build fail if it would
be running our extensions with an old Python, and handle this
in configure so we can report failure helpfully to the user.
This will mean that configure --enable-docs will fail like this
if the sphinx-build provided is not suitable:
Warning: sphinx-build exists but it is either too old or uses too old a Python version
ERROR: User requested feature docs
configure was not able to find it.
Install texinfo, Perl/perl-podlators and a Python 3 version of python-sphinx
(As usual, the default is to simply not build the docs, as we would
if sphinx-build wasn't present at all.)
The next commit will require a sphinx-build that uses Python 3. On
some systems, sphinx-build is fine, on others you need to use
sphinx-build-3. To keep things working out of the box on both kinds
of systems, try sphinx-build-3, then sphinx-build.
Peter Maydell [Fri, 14 Feb 2020 18:37:11 +0000 (18:37 +0000)]
Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-5.0-sf2' into staging
RISC-V Patches for the 5.0 Soft Freeze, Part 2
This is a fairly light-weight pull request, but I wanted to send it out to
avoid the Goldfish stuff getting buried as the next PR should contain the H
extension implementation.
As far as this PR goes, it contains:
* The addition of syscon device tree nodes for reboot and poweroff, which
allows Linux to control QEMU without an additional driver. The existing
device was already compatible with the syscon interface.
* A fix to our GDB stub to avoid confusing XLEN and FLEN, specifically useful
for rv32id-based systems.
* A device emulation for the Goldfish RTC device, a simple memory-mapped RTC.
* The addition of the Goldfish RTC device to the RISC-V virt board.
This passes "make check" and boots buildroot for me.
# gpg: Signature made Mon 10 Feb 2020 21:28:04 GMT
# gpg: using RSA key 2B3C3747446843B24A943A7A2E1319F35FBB1889
# gpg: issuer "[email protected]"
# gpg: Good signature from "Palmer Dabbelt <[email protected]>" [unknown]
# gpg: aka "Palmer Dabbelt <[email protected]>" [unknown]
# gpg: aka "Palmer Dabbelt <[email protected]>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41
# Subkey fingerprint: 2B3C 3747 4468 43B2 4A94 3A7A 2E13 19F3 5FBB 1889
* remotes/palmer/tags/riscv-for-master-5.0-sf2:
MAINTAINERS: Add maintainer entry for Goldfish RTC
riscv: virt: Use Goldfish RTC device
hw: rtc: Add Goldfish RTC device
riscv: Separate FPU register size from core register size in gdbstub [v2]
riscv/virt: Add syscon reboot and poweroff DT nodes
Peter Maydell [Fri, 14 Feb 2020 17:57:15 +0000 (17:57 +0000)]
Merge remote-tracking branch 'remotes/juanquintela/tags/pull-migration-pull-request' into staging
Migration pull request
# gpg: Signature made Thu 13 Feb 2020 13:04:43 GMT
# gpg: using RSA key 1899FF8EDEBF58CCEE034B82F487EF185872D723
# gpg: Good signature from "Juan Quintela <[email protected]>" [full]
# gpg: aka "Juan Quintela <[email protected]>" [full]
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03 4B82 F487 EF18 5872 D723
* remotes/juanquintela/tags/pull-migration-pull-request:
git: Make submodule check only needed modules
migration-test: fix some memleaks in migration-test
tests/migration: Add some slack to auto converge
migration/rdma: rdma_accept_incoming_migration fix error handling
migration: Optimization about wait-unplug migration state
migration: Maybe VM is paused when migration is cancelled
Peter Maydell [Thu, 13 Feb 2020 17:56:18 +0000 (17:56 +0000)]
configure: Allow user to specify sphinx-build binary
Currently we insist on using 'sphinx-build' from the $PATH;
allow the user to specify the binary to use. This will be
more useful as we become pickier about the capabilities
we require (eg needing a Python 3 sphinx-build).
Andrea Bolognani [Tue, 11 Feb 2020 18:37:44 +0000 (19:37 +0100)]
qapi: Expand documentation for LostTickPolicy
The current documentation is fairly terse and not easy to decode
for someone who's not intimately familiar with the inner workings
of timer devices. Expand on it by providing a somewhat verbose
description of what behavior each policy will result in, as seen
from both the guest OS and host point of view.
* remotes/pmaydell/tags/pull-target-arm-20200213: (46 commits)
target/arm: Implement ARMv8.1-VMID16 extension
hw/arm/raspi: Extract the cores count from the board revision
hw/arm/raspi: Use a unique raspi_machine_class_init() method
hw/arm/raspi: Extract the board model from the board revision
hw/arm/raspi: Set default RAM size to size encoded in board revision
hw/arm/raspi: Let class_init() directly call raspi_machine_init()
hw/arm/raspi: Make board_rev a field of RaspiMachineClass
hw/arm/raspi: Make machines children of abstract RaspiMachineClass
hw/arm/raspi: Trivial code movement
hw/arm/raspi: Extract the processor type from the board revision
hw/arm/raspi: Extract the RAM size from the board revision
hw/arm/raspi: Extract the version from the board revision
hw/arm/raspi: Correct the board descriptions
hw/arm/raspi: Use BCM2708 machine type with pre Device Tree kernels
hw/char/exynos4210_uart: Fix memleaks in exynos4210_uart_init
hw/arm: ast2600: Wire up EHCI controllers
hw/arm: ast2400/ast2500: Wire up EHCI controllers
target/arm: Enable ARMv8.2-UAO in -cpu max
target/arm: Implement UAO semantics
target/arm: Update MSR access to UAO
...
Peter Maydell [Thu, 13 Feb 2020 18:00:37 +0000 (18:00 +0000)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20200212' into staging
Fix breakpoint invalidation.
Add support for tcg helpers with 7 arguments.
Add support for gvec helpers with 5 arguments.
# gpg: Signature made Thu 13 Feb 2020 00:21:34 GMT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "[email protected]"
# gpg: Good signature from "Richard Henderson <[email protected]>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* remotes/rth/tags/pull-tcg-20200212:
tcg: Add tcg_gen_gvec_5_ptr
tcg: Add support for a helper with 7 arguments
exec: flush CPU TB cache in breakpoint_invalidate
Peter Maydell [Mon, 10 Feb 2020 12:01:46 +0000 (12:01 +0000)]
target/arm: Implement ARMv8.1-VMID16 extension
The ARMv8.1-VMID16 extension extends the VMID from 8 bits to 16 bits:
* the ID_AA64MMFR1_EL1.VMIDBits field specifies whether the VMID is
8 or 16 bits
* the VMID field in VTTBR_EL2 is extended to 16 bits
* VTCR_EL2.VS lets the guest specify whether to use the full 16 bits,
or use the backwards-compatible 8 bits
For QEMU implementing this is trivial:
* we do not track VMIDs in TLB entries, so we never use the VMID field
* we treat any write to VTTBR_EL2, not just a change to the VMID field
bits, as a "possible VMID change" that causes us to throw away TLB
entries, so that code doesn't need changing
* we allow the guest to read/write the VTCR_EL2.VS bit already
So all that's missing is the ID register part: report that we support
VMID16 in our 'max' CPU.
hw/arm/raspi: Extract the cores count from the board revision
The count of ARM cores is encoded in the board revision. Add a
helper to extract the number of cores, and use it. This will be
helpful when we add the Raspi0/1 that have a single core.
hw/arm/raspi: Use a unique raspi_machine_class_init() method
With the exception of the ignore_memory_transaction_failures
flag set for the raspi2, both machine_class_init() methods
are now identical. Merge them to keep a unique method.
hw/arm/raspi: Set default RAM size to size encoded in board revision
We added a helper to extract the RAM size from the board
revision, and made board_rev a field of RaspiMachineClass.
The class_init() can now use the helper to extract from the
board revision the board-specific amount of RAM.
hw/arm/raspi: Make board_rev a field of RaspiMachineClass
We want to have a common class_init(). The only value that
matters (and changes) is the board revision.
Pass the board_rev as class_data to class_init().
hw/arm/raspi: Extract the RAM size from the board revision
The board revision encode the amount of RAM. Add a helper
to extract the RAM size, and use it.
Since the amount of RAM is fixed (it is impossible to physically
modify to have more or less RAM), do not allow sizes different
than the one anounced by the manufacturer.
QEMU always used the non-mainlined type MACH_TYPE_BCM2708.
The value 0xc43 is registered to 'MX51_GGC' (processor i.MX51), and
0xc44 to 'Western Digital Sharespace NAS' (processor Marvell 88F5182).
The Raspberry Pi foundation bootloader only sets the BCM2708 machine
type, see [2] or [3]:
25 /*
26 * 2835 is a SKU in a series for which the 2708 is the first or primary SoC,
27 * so 2708 has historically been used rather than a dedicated 2835 ID.
28 *
29 * We don't define a machine type for bcm2709/bcm2836 since the RPi Foundation
30 * chose to use someone else's previously registered machine ID (3139, MX51_GGC)
31 * rather than obtaining a valid ID:-/
32 *
33 * For the bcm2837, hopefully a machine type is not needed, since everything
34 * is DT.
35 */
While the definition MACH_BCM2709 with value 0xc43 was introduced in
a commit described "Add 2709 platform for Raspberry Pi 2" out of the
mainline Linux kernel, it does not seem used, and the platform is
introduced with Device Tree support anyway (see [5] and [6]).
Remove the unused values (0xc43 introduced in commit 1df7d1f9303aef
"raspi: add raspberry pi 2 machine" and 0xc44 in commit bade58166f4
"raspi: Raspberry Pi 3 support"), keeping only MACH_TYPE_BCM2708.
Chen Qun [Thu, 13 Feb 2020 02:56:03 +0000 (10:56 +0800)]
hw/char/exynos4210_uart: Fix memleaks in exynos4210_uart_init
It's easy to reproduce as follow:
virsh qemu-monitor-command vm1 --pretty '{"execute": "device-list-properties",
"arguments":{"typename":"exynos4210.uart"}}'
ASAN shows memory leak stack:
#1 0xfffd896d71cb in g_malloc0 (/lib64/libglib-2.0.so.0+0x571cb)
#2 0xaaad270beee3 in timer_new_full /qemu/include/qemu/timer.h:530
#3 0xaaad270beee3 in timer_new /qemu/include/qemu/timer.h:551
#4 0xaaad270beee3 in timer_new_ns /qemu/include/qemu/timer.h:569
#5 0xaaad270beee3 in exynos4210_uart_init /qemu/hw/char/exynos4210_uart.c:677
#6 0xaaad275c8f4f in object_initialize_with_type /qemu/qom/object.c:516
#7 0xaaad275c91bb in object_new_with_type /qemu/qom/object.c:684
#8 0xaaad2755df2f in qmp_device_list_properties /qemu/qom/qom-qmp-cmds.c:152
Guenter Roeck [Fri, 7 Feb 2020 17:45:48 +0000 (09:45 -0800)]
hw/arm: ast2600: Wire up EHCI controllers
Initialize EHCI controllers on AST2600 using the existing
TYPE_PLATFORM_EHCI. After this change, booting ast2600-evb
into Linux successfully instantiates a USB interface after
the necessary changes are made to its devicetree files.
ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
ehci-platform: EHCI generic platform driver
ehci-platform 1e6a3000.usb: EHCI Host Controller
ehci-platform 1e6a3000.usb: new USB bus registered, assigned bus number 1
ehci-platform 1e6a3000.usb: irq 25, io mem 0x1e6a3000
ehci-platform 1e6a3000.usb: USB 2.0 started, EHCI 1.00
usb usb1: Manufacturer: Linux 5.5.0-09825-ga0802f2d0ef5-dirty ehci_hcd
usb 1-1: new high-speed USB device number 2 using ehci-platform
Guenter Roeck [Thu, 6 Feb 2020 18:34:37 +0000 (10:34 -0800)]
hw/arm: ast2400/ast2500: Wire up EHCI controllers
Initialize EHCI controllers on AST2400 and AST2500 using the existing
TYPE_PLATFORM_EHCI. After this change, booting ast2500-evb into Linux
successfully instantiates a USB interface.
ehci-platform 1e6a3000.usb: EHCI Host Controller
ehci-platform 1e6a3000.usb: new USB bus registered, assigned bus number 1
ehci-platform 1e6a3000.usb: irq 21, io mem 0x1e6a3000
ehci-platform 1e6a3000.usb: USB 2.0 started, EHCI 1.00
usb usb1: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 5.05
usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
usb usb1: Product: EHCI Host Controller
Add definitions for all of the fields, up to ARMv8.5.
Convert the existing RESERVED register to a full register.
Query KVM for the value of the register for the host.
For aarch64, there's a dedicated msr (imm, reg) insn.
For aarch32, this is done via msr to cpsr. Writes from el0
are ignored, which is already handled by the CPSR_USER mask.
target/arm: Use aarch32_cpsr_valid_mask in helper_exception_return
Using ~0 as the mask on the aarch64->aarch32 exception return
was not even as correct as the CPSR_ERET_MASK that we had used
on the aarch32->aarch32 exception return.
Split this helper out of msr_mask in translate.c. At the same time,
transform the negative reductive logic to positive accumulative logic.
It will be usable along the exception paths.
projects / qemu.git / log