Eduardo Habkost [Tue, 25 Aug 2020 19:20:45 +0000 (15:20 -0400)]
swim: Rename struct SWIM to Swim
Currently we have a SWIM typedef and a SWIM type checking macro,
but OBJECT_DECLARE* would transform the SWIM macro into a
function, and the function name would conflict with the SWIM
typedef name.
Rename the struct and typedef to "Swim". This will make future
conversion to OBJECT_DECLARE* easier.
Eduardo Habkost [Tue, 25 Aug 2020 19:20:39 +0000 (15:20 -0400)]
nubus: Rename class type checking macros
Rename the existing class type checking macros to be consistent
with the type name and instance type checking macro. Use a
NUBUS_MACFB prefix instead of MACFB_NUBUS.
This will make future conversion to OBJECT_DECLARE* easier.
Eduardo Habkost [Tue, 25 Aug 2020 19:20:20 +0000 (15:20 -0400)]
platform-bus: Delete macros for non-existing typedef
PlatformBusDeviceClass doesn't exist. This will break when we
automatically convert the code to use OBJECT_DEFINE_TYPE().
Delete the macros that reference the non-existing typedef.
Eduardo Habkost [Tue, 25 Aug 2020 19:20:18 +0000 (15:20 -0400)]
can_emu: Delete macros for non-existing typedef
CanBusClass doesn't exist. This will break when we automatically
convert the code to use OBJECT_DEFINE_TYPE(). Delete the macros
that reference the non-existing typedef.
Eduardo Habkost [Tue, 25 Aug 2020 19:20:03 +0000 (15:20 -0400)]
opentitan: Rename memmap enum constants
Some of the enum constant names conflict with the QOM type check
macros (IBEX_PLIC, IBEX_UART). This needs to be addressed to
allow us to transform the QOM type check macros into functions
generated by OBJECT_DECLARE_TYPE().
Rename all the constants to IBEX_DEV_*, to avoid conflicts.
Eduardo Habkost [Tue, 25 Aug 2020 19:20:01 +0000 (15:20 -0400)]
allwinner-h3: Rename memmap enum constants
Some of the enum constant names conflict with the QOM type check
macros (AW_H3_CCU, AW_H3_SYSCTRL). This needs to be addressed to
allow us to transform the QOM type check macros into functions
generated by OBJECT_DECLARE_TYPE().
Rename all the constants to AW_H3_DEV_*, to avoid conflicts.
Eduardo Habkost [Tue, 25 Aug 2020 19:20:00 +0000 (15:20 -0400)]
pl110: Rename pl110_version enum values
The PL110 enum value name will conflict with the PL110 type cast
checker, when we replace the existing macro with an inline
function. Add a VERSION_ prefix to all pl110_version enum
values, to avoid conflicts.
it errors out with:
-numa hmat-cache,node-id=0,size=16K,level=2,associativity=direct,policy=write-back,line=5:
Invalid size=16384, the size of level=2 should be less than the size(8192) of level=1
which doesn't look right as one would expect that L1 < L2 < L3 ...
Fix it by sawpping relevant size checks.
Peter Maydell [Wed, 26 Aug 2020 21:23:53 +0000 (22:23 +0100)]
Merge remote-tracking branch 'remotes/hdeller/tags/target-hppa-v3-pull-request' into staging
artist out of bounds fixes
# gpg: Signature made Wed 26 Aug 2020 22:09:55 BST
# gpg: using EDDSA key BCE9123E1AD29F07C049BBDEF712B510A23A0F5F
# gpg: Good signature from "Helge Deller <[email protected]>" [unknown]
# gpg: aka "Helge Deller <[email protected]>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 4544 8228 2CD9 10DB EF3D 25F8 3E5F 3D04 A7A2 4603
# Subkey fingerprint: BCE9 123E 1AD2 9F07 C049 BBDE F712 B510 A23A 0F5F
* remotes/hdeller/tags/target-hppa-v3-pull-request:
hw/display/artist: Fix invalidation of lines near screen border
hw/display/artist: Fix invalidation of lines in artist_draw_line()
hw/display/artist: Unbreak size mismatch memory accesses
hw/display/artist: Prevent out of VRAM buffer accesses
Revert "hw/display/artist: Avoid drawing line when nothing to display"
hw/display/artist: Refactor artist_rop8() to avoid buffer over-run
hw/display/artist: Check offset in draw_line to avoid buffer over-run
hw/hppa/lasi: Don't abort on invalid IMR value
hw/display/artist.c: fix out of bounds check
hw/hppa: Implement proper SeaBIOS version check
seabios-hppa: Update to SeaBIOS hppa version 1
hw/hppa: Sync hppa_hardware.h file with SeaBIOS sources
Sven Schnelle [Sat, 8 Aug 2020 18:51:57 +0000 (20:51 +0200)]
hw/display/artist: Fix invalidation of lines near screen border
If parts of the invalidated screen lines are outside of the VRAM buffer,
the code skips the whole invalidate. This is incorrect when only parts
of the buffer are invisble - which is the case when the mouse cursor is
located near the screen border.
Commit 5d971f9e6725 ("memory: Revert "memory: accept mismatching sizes
in memory_region_access_valid") broke the artist driver in a way that
the dtwm window manager on HP-UX rendered wrong.
Fixes: 5d971f9e6725 ("memory: Revert "memory: accept mismatching sizes in memory_region_access_valid") Signed-off-by: Sven Schnelle <[email protected]> Signed-off-by: Helge Deller <[email protected]>
Helge Deller [Sun, 9 Aug 2020 13:35:38 +0000 (15:35 +0200)]
hw/display/artist: Prevent out of VRAM buffer accesses
Simplify various bounds checks by changing parameters like row and column
numbers to become unsigned instead of signed.
With that we can check if the calculated offset is bigger than the size of the
VRAM region and bail out if not.
hw/display/artist: Refactor artist_rop8() to avoid buffer over-run
Invalid I/O writes can craft an offset out of the vram_buffer range.
Instead of passing an unsafe pointer to artist_rop8(), pass the vram_buffer and
the offset. We can now check if the offset is in range before accessing it.
We avoid:
Program terminated with signal SIGSEGV, Segmentation fault.
284 *dst &= ~plane_mask;
(gdb) bt
#0 0x000056367b2085c0 in artist_rop8 (s=0x56367d38b510, dst=0x7f9f972fffff <error: Cannot access memory at address 0x7f9f972fffff>, val=0 '\000') at hw/display/artist.c:284
#1 0x000056367b209325 in draw_line (s=0x56367d38b510, x1=-20480, y1=-1, x2=0, y2=17920, update_start=true, skip_pix=-1, max_pix=-1) at hw/display/artist.c:646
Helge Deller [Mon, 3 Aug 2020 05:41:46 +0000 (07:41 +0200)]
hw/hppa/lasi: Don't abort on invalid IMR value
NetBSD initializes the LASI IMR value with 0xffffffff to disable all LASI
interrupts. This triggered an assert() and stopped the emulation. By replacing
the check with a warning in the guest log we now allow NetBSD to boot again.
* remotes/maxreitz/tags/pull-block-2020-08-26: (34 commits)
iotests: Add tests for qcow2 images with extended L2 entries
qcow2: Assert that expand_zero_clusters_in_l1() does not support subclusters
qcow2: Allow preallocation and backing files if extended_l2 is set
qcow2: Add the 'extended_l2' option and the QCOW2_INCOMPAT_EXTL2 bit
qcow2: Add prealloc field to QCowL2Meta
qcow2: Add subcluster support to qcow2_measure()
qcow2: Add subcluster support to qcow2_co_pwrite_zeroes()
qcow2: Add subcluster support to handle_alloc_space()
qcow2: Clear the L2 bitmap when allocating a compressed cluster
qcow2: Update L2 bitmap in qcow2_alloc_cluster_link_l2()
qcow2: Add subcluster support to check_refcounts_l2()
qcow2: Add subcluster support to discard_in_l2_slice()
qcow2: Add subcluster support to zero_in_l2_slice()
qcow2: Add subcluster support to qcow2_get_host_offset()
qcow2: Add subcluster support to calculate_l2_meta()
qcow2: Handle QCOW2_SUBCLUSTER_UNALLOCATED_ALLOC
qcow2: Replace QCOW2_CLUSTER_* with QCOW2_SUBCLUSTER_*
qcow2: Add cluster type parameter to qcow2_get_host_offset()
qcow2: Add qcow2_cluster_is_allocated()
qcow2: Add qcow2_get_subcluster_range_type()
...
Peter Maydell [Tue, 25 Aug 2020 21:50:42 +0000 (22:50 +0100)]
Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-20200825' into staging
This pull request first adds support for multi-socket NUMA RISC-V
machines. The Spike and Virt machines both support NUMA sockets.
This PR also updates the current experimental Hypervisor support to the
v0.6.1 spec.
# gpg: Signature made Tue 25 Aug 2020 19:47:41 BST
# gpg: using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <[email protected]>" [full]
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054
* remotes/alistair/tags/pull-riscv-to-apply-20200825:
target/riscv: Support the Virtual Instruction fault
target/riscv: Return the exception from invalid CSR accesses
target/riscv: Support the v0.6 Hypervisor extension CRSs
target/riscv: Only support little endian guests
target/riscv: Only support a single VSXL length
target/riscv: Update the CSRs to the v0.6 Hyp extension
target/riscv: Update the Hypervisor trap return/entry
target/riscv: Fix the interrupt cause code
target/riscv: Convert MSTATUS MTL to GVA
target/riscv: Don't allow guest to write to htinst
target/riscv: Do two-stage lookups on hlv/hlvx/hsv instructions
target/riscv: Allow generating hlv/hlvx/hsv instructions
target/riscv: Allow setting a two-stage lookup in the virt status
hw/riscv: virt: Allow creating multiple NUMA sockets
hw/riscv: spike: Allow creating multiple NUMA sockets
hw/riscv: Add helpers for RISC-V multi-socket NUMA machines
hw/riscv: Allow creating multiple instances of PLIC
hw/riscv: Allow creating multiple instances of CLINT
Alistair Francis [Wed, 12 Aug 2020 19:13:46 +0000 (12:13 -0700)]
target/riscv: Return the exception from invalid CSR accesses
When performing a CSR access let's return a negative exception value on
an error instead of -1. This will allow us to specify the exception in
future patches.
Anup Patel [Fri, 15 May 2020 09:28:50 +0000 (14:58 +0530)]
hw/riscv: virt: Allow creating multiple NUMA sockets
We extend RISC-V virt machine to allow creating a multi-socket
machine. Each RISC-V virt machine socket is a NUMA node having
a set of HARTs, a memory instance, a CLINT instance, and a PLIC
instance. Other devices are shared between all sockets. We also
update the generated device tree accordingly.
By default, NUMA multi-socket support is disabled for RISC-V virt
machine. To enable it, users can use "-numa" command-line options
of QEMU.
Example1: For two NUMA nodes with 2 CPUs each, append following
to command-line options: "-smp 4 -numa node -numa node"
Example2: For two NUMA nodes with 1 and 3 CPUs, append following
to command-line options:
"-smp 4 -numa node -numa node -numa cpu,node-id=0,core-id=0 \
-numa cpu,node-id=1,core-id=1 -numa cpu,node-id=1,core-id=2 \
-numa cpu,node-id=1,core-id=3"
The maximum number of sockets in a RISC-V virt machine is 8
but this limit can be changed in future.
Anup Patel [Thu, 14 May 2020 11:09:43 +0000 (16:39 +0530)]
hw/riscv: spike: Allow creating multiple NUMA sockets
We extend RISC-V spike machine to allow creating a multi-socket
machine. Each RISC-V spike machine socket is a NUMA node having
a set of HARTs, a memory instance, and a CLINT instance. Other
devices are shared between all sockets. We also update the
generated device tree accordingly.
By default, NUMA multi-socket support is disabled for RISC-V spike
machine. To enable it, users can use "-numa" command-line options
of QEMU.
Example1: For two NUMA nodes with 2 CPUs each, append following
to command-line options: "-smp 4 -numa node -numa node"
Example2: For two NUMA nodes with 1 and 3 CPUs, append following
to command-line options:
"-smp 4 -numa node -numa node -numa cpu,node-id=0,core-id=0 \
-numa cpu,node-id=1,core-id=1 -numa cpu,node-id=1,core-id=2 \
-numa cpu,node-id=1,core-id=3"
The maximum number of sockets in a RISC-V spike machine is 8
but this limit can be changed in future.
Anup Patel [Fri, 29 May 2020 07:56:22 +0000 (13:26 +0530)]
hw/riscv: Add helpers for RISC-V multi-socket NUMA machines
We add common helper routines which can be shared by RISC-V
multi-socket NUMA machines.
We have two types of helpers:
1. riscv_socket_xyz() - These helper assist managing multiple
sockets irrespective whether QEMU NUMA is enabled/disabled
2. riscv_numa_xyz() - These helpers assist in providing
necessary QEMU machine callbacks for QEMU NUMA emulation
Anup Patel [Fri, 15 May 2020 04:55:33 +0000 (10:25 +0530)]
hw/riscv: Allow creating multiple instances of PLIC
We extend PLIC emulation to allow multiple instances of PLIC in
a QEMU RISC-V machine. To achieve this, we remove first HART id
zero assumption from PLIC emulation.
Anup Patel [Thu, 14 May 2020 10:21:31 +0000 (15:51 +0530)]
hw/riscv: Allow creating multiple instances of CLINT
We extend CLINT emulation to allow multiple instances of CLINT in
a QEMU RISC-V machine. To achieve this, we remove first HART id
zero assumption from CLINT emulation.
Direct leak of 2500 byte(s) in 1 object(s) allocated from:
#0 0x7f1b5a8b8d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
#1 0x7f1b5a514b10 in g_malloc0 (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51b10)
#2 0xd79ea4e4c0ad31c3 (<unknown module>)
SUMMARY: AddressSanitizer: 2500 byte(s) leaked in 1 allocation(s).
Call 'g_rand_free' in the end of function to avoid this.
Fixes: 4d3a329af59("tests/util-sockets: add abstract unix socket cases") Signed-off-by: Li Qiang <[email protected]> Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Reviewed-by: xiaoqiang zhao <[email protected]> Signed-off-by: Daniel P. Berrangé <[email protected]>
Alberto Garcia [Fri, 10 Jul 2020 16:13:15 +0000 (18:13 +0200)]
qcow2: Assert that expand_zero_clusters_in_l1() does not support subclusters
This function is only used by qcow2_expand_zero_clusters() to
downgrade a qcow2 image to a previous version. This would require
transforming all extended L2 entries into normal L2 entries but this
is not a simple task and there are no plans to implement this at the
moment.
Alberto Garcia [Fri, 10 Jul 2020 16:13:14 +0000 (18:13 +0200)]
qcow2: Allow preallocation and backing files if extended_l2 is set
Traditional qcow2 images don't allow preallocation if a backing file
is set. This is because once a cluster is allocated there is no way to
tell that its data should be read from the backing file.
Extended L2 entries have individual allocation bits for each
subcluster, and therefore it is perfectly possible to have an
allocated cluster with all its subclusters unallocated.
Alberto Garcia [Fri, 10 Jul 2020 16:13:13 +0000 (18:13 +0200)]
qcow2: Add the 'extended_l2' option and the QCOW2_INCOMPAT_EXTL2 bit
Now that the implementation of subclusters is complete we can finally
add the necessary options to create and read images with this feature,
which we call "extended L2 entries".
Alberto Garcia [Fri, 10 Jul 2020 16:13:12 +0000 (18:13 +0200)]
qcow2: Add prealloc field to QCowL2Meta
This field allows us to indicate that the L2 metadata update does not
come from a write request with actual data but from a preallocation
request.
For traditional images this does not make any difference, but for
images with extended L2 entries this means that the clusters are
allocated normally in the L2 table but individual subclusters are
marked as unallocated.
This will allow preallocating images that have a backing file.
There is one special case: when we resize an existing image we can
also request that the new clusters are preallocated. If the image
already had a backing file then we have to hide any possible stale
data and zero out the new clusters (see commit 955c7d6687 for more
details).
In this case the subclusters cannot be left as unallocated so the L2
bitmap must be updated.
Alberto Garcia [Fri, 10 Jul 2020 16:13:10 +0000 (18:13 +0200)]
qcow2: Add subcluster support to qcow2_co_pwrite_zeroes()
This works now at the subcluster level and pwrite_zeroes_alignment is
updated accordingly.
qcow2_cluster_zeroize() is turned into qcow2_subcluster_zeroize() with
the following changes:
- The request can now be subcluster-aligned.
- The cluster-aligned body of the request is still zeroized using
zero_in_l2_slice() as before.
- The subcluster-aligned head and tail of the request are zeroized
with the new zero_l2_subclusters() function.
There is just one thing to take into account for a possible future
improvement: compressed clusters cannot be partially zeroized so
zero_l2_subclusters() on the head or the tail can return -ENOTSUP.
This makes the caller repeat the *complete* request and write actual
zeroes to disk. This is sub-optimal because
1) if the head area was compressed we would still be able to use
the fast path for the body and possibly the tail.
2) if the tail area was compressed we are writing zeroes to the
head and the body areas, which are already zeroized.
Alberto Garcia [Fri, 10 Jul 2020 16:13:09 +0000 (18:13 +0200)]
qcow2: Add subcluster support to handle_alloc_space()
The bdrv_co_pwrite_zeroes() call here fills complete clusters with
zeroes, but it can happen that some subclusters are not part of the
write request or the copy-on-write. This patch makes sure that only
the affected subclusters are overwritten.
A potential improvement would be to also fill with zeroes the other
subclusters if we can guarantee that we are not overwriting existing
data. However this would waste more disk space, so we should first
evaluate if it's really worth doing.
Alberto Garcia [Fri, 10 Jul 2020 16:13:07 +0000 (18:13 +0200)]
qcow2: Update L2 bitmap in qcow2_alloc_cluster_link_l2()
The L2 bitmap needs to be updated after each write to indicate what
new subclusters are now allocated. This needs to happen even if the
cluster was already allocated and the L2 entry was otherwise valid.
In some cases however a write operation doesn't need change the L2
bitmap (because all affected subclusters were already allocated). This
is detected in calculate_l2_meta(), and qcow2_alloc_cluster_link_l2()
is never called in those cases.
Alberto Garcia [Fri, 10 Jul 2020 16:13:06 +0000 (18:13 +0200)]
qcow2: Add subcluster support to check_refcounts_l2()
The offset field of an uncompressed cluster's L2 entry must be aligned
to the cluster size, otherwise it is invalid. If the cluster has no
data then it means that the offset points to a preallocation, so we
can clear the offset field without affecting the guest-visible data.
This is what 'qemu-img check' does when run in repair mode.
On traditional qcow2 images this can only happen when QCOW_OFLAG_ZERO
is set, and repairing such entries turns the clusters from ZERO_ALLOC
into ZERO_PLAIN.
Extended L2 entries have no ZERO_ALLOC clusters and no QCOW_OFLAG_ZERO
but the idea is the same: if none of the subclusters are allocated
then we can clear the offset field and leave the bitmap untouched.
Alberto Garcia [Fri, 10 Jul 2020 16:13:05 +0000 (18:13 +0200)]
qcow2: Add subcluster support to discard_in_l2_slice()
Two things need to be taken into account here:
1) With full_discard == true the L2 entry must be cleared completely.
This also includes the L2 bitmap if the image has extended L2
entries.
2) With full_discard == false we have to make the discarded cluster
read back as zeroes. With normal L2 entries this is done with the
QCOW_OFLAG_ZERO bit, whereas with extended L2 entries this is done
with the individual 'all zeroes' bits for each subcluster.
Note however that QCOW_OFLAG_ZERO is not supported in v2 qcow2
images so, if there is a backing file, discard cannot guarantee
that the image will read back as zeroes. If this is important for
the caller it should forbid it as qcow2_co_pdiscard() does (see 80f5c01183 for more details).
Alberto Garcia [Fri, 10 Jul 2020 16:13:04 +0000 (18:13 +0200)]
qcow2: Add subcluster support to zero_in_l2_slice()
The QCOW_OFLAG_ZERO bit that indicates that a cluster reads as
zeroes is only used in standard L2 entries. Extended L2 entries use
individual 'all zeroes' bits for each subcluster.
This must be taken into account when updating the L2 entry and also
when deciding that an existing entry does not need to be updated.
Alberto Garcia [Fri, 10 Jul 2020 16:13:03 +0000 (18:13 +0200)]
qcow2: Add subcluster support to qcow2_get_host_offset()
The logic of this function remains pretty much the same, except that
it uses count_contiguous_subclusters(), which combines the logic of
count_contiguous_clusters() / count_contiguous_clusters_unallocated()
and checks individual subclusters.
qcow2_cluster_to_subcluster_type() is not necessary as a separate
function anymore so it's inlined into its caller.
Alberto Garcia [Fri, 10 Jul 2020 16:13:02 +0000 (18:13 +0200)]
qcow2: Add subcluster support to calculate_l2_meta()
If an image has subclusters then there are more copy-on-write
scenarios that we need to consider. Let's say we have a write request
from the middle of subcluster #3 until the end of the cluster:
1) If we are writing to a newly allocated cluster then we need
copy-on-write. The previous contents of subclusters #0 to #3 must
be copied to the new cluster. We can optimize this process by
skipping all leading unallocated or zero subclusters (the status of
those skipped subclusters will be reflected in the new L2 bitmap).
2) If we are overwriting an existing cluster:
2.1) If subcluster #3 is unallocated or has the all-zeroes bit set
then we need copy-on-write (on subcluster #3 only).
2.2) If subcluster #3 was already allocated then there is no need
for any copy-on-write. However we still need to update the L2
bitmap to reflect possible changes in the allocation status of
subclusters #4 to #31. Because of this, this function checks
if all the overwritten subclusters are already allocated and
in this case it returns without creating a new QCowL2Meta
structure.
After all these changes l2meta_cow_start() and l2meta_cow_end()
are not necessarily cluster-aligned anymore. We need to update the
calculation of old_start and old_end in handle_dependencies() to
guarantee that no two requests try to write on the same cluster.
Alberto Garcia [Fri, 10 Jul 2020 16:13:00 +0000 (18:13 +0200)]
qcow2: Replace QCOW2_CLUSTER_* with QCOW2_SUBCLUSTER_*
In order to support extended L2 entries some functions of the qcow2
driver need to start dealing with subclusters instead of clusters.
qcow2_get_host_offset() is modified to return the subcluster type
instead of the cluster type, and all callers are updated to replace
all values of QCow2ClusterType with their QCow2SubclusterType
equivalents.
This patch only changes the data types, there are no semantic changes.
Alberto Garcia [Fri, 10 Jul 2020 16:12:59 +0000 (18:12 +0200)]
qcow2: Add cluster type parameter to qcow2_get_host_offset()
This function returns an integer that can be either an error code or a
cluster type (a value from the QCow2ClusterType enum).
We are going to start using subcluster types instead of cluster types
in some functions so it's better to use the exact data types instead
of integers for clarity and in order to detect errors more easily.
This patch makes qcow2_get_host_offset() return 0 on success and
puts the returned cluster type in a separate parameter. There are no
semantic changes.
projects / qemu.git / log