This is a cleanup of the resulting code after detaching
pmutils and Linux sys state file logic:
- remove the SUSPEND_MODE_* macros and use an enumeration
instead. At the same time, drop the switch statements
at the start of each function and use the enumeration
index to get the right binary/argument;
- create a new function called run_process_child(). This
function uses g_spawn_sync() to execute a shell command,
returning the exit code. This is a common operation in the
pmutils functions and will be used in the systemd implementation
as well, so this function will avoid code repetition.
There are more places inside commands-posix.c where this new
run_process_child function can also be used, but one step
at a time.
Signed-off-by: Daniel Henrique Barboza <[email protected]>
*check/propagate local_err before setting errp directly Signed-off-by: Michael Roth <[email protected]>
qga: guest_suspend: decoupling pm-utils and sys logic
Following the same logic of the previous patch, let's also
decouple the suspend logic from guest_suspend into specialized
functions, one for each strategy we support at this moment.
qga: bios_supports_mode: decoupling pm-utils and sys logic
In bios_supports_mode there is a verification to assert if
the chosen suspend mode is supported by the pmutils tools and,
if not, we see if the Linux sys state files supports it.
This verification is done in the same function, one after
the other, and it works for now. But, when adding a new
suspend mechanism that will not necessarily follow the same
return 0 or 1 logic of pmutils, this code will be hard
to deal with.
This patch decouple the two existing logics into their own
functions, pmutils_supports_mode and linux_sys_state_supports_mode,
which in turn are used inside bios_support_mode. The existing
logic is kept but now it's easier to extend it.
To be able to add new suspend mechanisms we need to detach
the existing QMP functions from the current implementation
specifics.
At this moment we have functions such as qmp_guest_suspend_ram
calling bios_suspend_mode and guest_suspend passing the
pmutils command and arguments as parameters. This patch
removes this logic from the QMP functions, moving them to
the respective functions that will have to deal with which
binary to use.
Iterate over the PCI bridges to lookup the PCI device associated with
the block device.
This allows to lookup the driver under the following syspath:
/sys/devices/pci0000:00/0000:00:02.2/0000:03:00.0/virtio2/block/vda/vda3
It also works with an "old-style" Q35 libvirt hierarchy: root complex
-> DMI-PCI bridge -> PCI-PCI bridge -> virtio controller, ex:
/sys/devices/pci0000:00/0000:00:03.0/0000:01:01.0/0000:02:01.0/virtio1/block/vda/vda3
The setup can be reproduced with the following qemu command line
(Thanks Marcel for help):
Issue: When upgrading qemu-ga using the msi from an old version
to a newer one, the upgrade is not allowed by the msi
showing this error message "Another version of this product
is already installed."
Fix: For the upgrade to be allowed by the msi the WiX file must
provide three things:
1. Changing product's Id. (assigning it to "*")
2. Constant product's UpgradeId. (exists)
3. Changing version. (exists)
Chen Hanxiao [Thu, 14 Jun 2018 08:06:06 +0000 (16:06 +0800)]
qga: add mountpoint usage info to GuestFilesystemInfo
This patch adds support for getting the usage of mounted
filesystem.
The usage of fs stored as used_bytes and total_bytes.
It's very useful when we try to monitor guest's filesystem.
While reading file content via 'guest-file-read' command,
'qmp_guest_file_read' routine allocates buffer of count+1
bytes. It could overflow for large values of 'count'.
Add check to avoid it.
Chen Hanxiao [Thu, 14 Jun 2018 08:10:13 +0000 (16:10 +0800)]
qga: unset frozen state if no mount points are frozen
If we set mountpoints to qmp_guest_fsfreeze_freeze_list,
we may got nothing to freeze as all mountpoints are
not valid.
So call ga_unset_frozen in this senario.
Also, if we return 0 frozen fs, there is no need to call
guest-fsfreeze-thaw.
Peter Maydell [Tue, 3 Jul 2018 13:59:27 +0000 (14:59 +0100)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.0-20180703' into staging
ppc patch queue 2018-07-03
Here's a last minue pull request before today's soft freeze. Ideally
I would have sent this earlier, but I was waiting for a couple of
extra fixes I knew were close. And the freeze crept up on me, like
always.
Most of the changes here are bugfixes in any case. There are some
cleanups as well, which have been in my staging tree for a little
while. There are a couple of truly new features (some extensions to
the sam460ex platform), but these are low risk, since they only affect
a new and not really stabilized machine type anyway.
Higlights are:
* Mac platform improvements from Mark Cave-Ayland
* Sam460ex improvements from BALATON Zoltan et al.
* XICS interrupt handler cleanups from Cédric Le Goater
* TCG improvements for atomic loads and stores from Richard
Henderson
* Assorted other bugfixes
* remotes/dgibson/tags/ppc-for-3.0-20180703: (35 commits)
ppc: Include vga cirrus card into the compiling process
target/ppc: Relax reserved bitmask of indexed store instructions
target/ppc: set is_jmp on ppc_tr_breakpoint_check
spapr: compute default value of "hpt-max-page-size" later
target/ppc/kvm: don't pass cpu to kvm_get_smmu_info()
target/ppc/kvm: get rid of kvm_get_fallback_smmu_info()
ppc440_uc: Basic emulation of PPC440 DMA controller
sam460ex: Add RTC device
hw/timer: Add basic M41T80 emulation
ppc4xx_i2c: Rewrite to model hardware more closely
hw/ppc: Give sam46ex its own config option
fpu_helper.c: fix setting FPSCR[FI] bit
target/ppc: Implement the rest of gen_st_atomic
target/ppc: Implement the rest of gen_ld_atomic
target/ppc: Use atomic min/max helpers
target/ppc: Use MO_ALIGN for EXIWX and ECOWX
target/ppc: Split out gen_st_atomic
target/ppc: Split out gen_ld_atomic
target/ppc: Split out gen_load_locked
target/ppc: Tidy gen_conditional_store
...
Signed-off-by: Peter Maydell <[email protected]>
# Conflicts:
# hw/ppc/spapr.c
* remotes/cody/tags/block-pull-request:
backup: Use copy offloading
block: Honour BDRV_REQ_NO_SERIALISING in copy range
block: Fix parameter checking in bdrv_co_copy_range_internal
Peter Maydell [Tue, 3 Jul 2018 09:47:02 +0000 (10:47 +0100)]
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2018-07-02' into staging
nbd patches for 2018-07-02
Bug fixes and iotest exposure of fleecing via NBD (serving a
read-only point-in-time view via blockdev-backup sync:none,
as well as serving dirty bitmaps over NBD), including a new
x-dirty-bitmap parameter when opening NBD clients as the
counterpart to x-nbd-server-add-bitmap. Also a random fix
for iscsi block_status spotted by Coverity that missed other
miscellaneous trees.
- Eric Blake: nbd/server: Fix dirty bitmap logic regression
- Eric Blake: iscsi: Avoid potential for get_status overflow
- John Snow/Vladimir Sementsov-Ogievskiy: 0/2 block: formalize and test fleecing
- Eric Blake: 0/2 test NBD bitmap export
* remotes/ericb/tags/pull-nbd-2018-07-02:
iotests: New test 223 for exporting dirty bitmap over NBD
nbd/client: Add x-dirty-bitmap to query bitmap from server
iotests: add 222 to test basic fleecing
blockdev: enable non-root nodes for backup source
iscsi: Avoid potential for get_status overflow
nbd/server: Fix dirty bitmap logic regression
The implementation is similar to the 'qemu-img convert'. In the
beginning of the job, offloaded copy is attempted. If it fails, further
I/O will go through the existing bounce buffer code path.
Then, as Kevin pointed out, both this and qemu-img convert can benefit
from a local check if one request fails because of, for example, the
offset is beyond EOF, but another may well be accepted by the protocol
layer. This will be implemented separately.
block: Fix parameter checking in bdrv_co_copy_range_internal
src may be NULL if BDRV_REQ_ZERO_WRITE flag is set, in this case only
check dst and dst->bs. This bug was introduced when moving in the
request tracking code from bdrv_co_copy_range, in 37aec7d75eb.
This especially fixes the possible segfault when initializing src_bs
with a NULL src.
Sebastian Bauer [Mon, 2 Jul 2018 19:13:45 +0000 (21:13 +0200)]
ppc: Include vga cirrus card into the compiling process
Drivers for this card exists on PPC-based AmigaOS guests so it is useful to
allow users to emulate the graphics card for PPC machines.
As cirrus vga is currently preferred over std(vga) in absence of any user
choice, this change also sets the default display of spapr machines to
std as otherwise qemu refuses to start these machines. Not specifying an
explicit graphics mode is for instance done by 'make check'.
BALATON Zoltan [Thu, 28 Jun 2018 22:38:33 +0000 (00:38 +0200)]
target/ppc: Relax reserved bitmask of indexed store instructions
The PPC440 User Manual says that if bit 31 is set, the contents of
CR[CR0] are undefined for indexed store instructions but this form is
not invalid. Other PPC variants confirming to recent ISA where this
bit may be reserved should ignore reserved bits and not raise invalid
instruction exception. In particular, MorphOS has an stwx instruction
with bit 31 set and fails to boot currently because of this. With this
patch it gets further.
Eric Blake [Mon, 2 Jul 2018 19:14:58 +0000 (14:14 -0500)]
iotests: New test 223 for exporting dirty bitmap over NBD
Although this test is NOT a full test of image fleecing (as it
intentionally uses just a single block device directly exported
over NBD, rather than trying to set up a blockdev-backup job with
multiple BDS involved), it DOES prove that qemu as a server is
able to properly expose a dirty bitmap over NBD.
When coupled with image fleecing, it is then possible for a
third-party client to do an incremental backup by using
qemu-img map with the x-dirty-bitmap option to learn which parts
of the file are dirty (perhaps confusingly, they are the portions
mapped as "data":false - which is part of the reason this is
still in the x- experimental namespace), along with another
normal client (perhaps 'qemu-nbd -c' to expose the server over
/dev/nbd0 and then just use normal I/O on that block device) to
read the dirty sections.
Greg Kurz [Mon, 2 Jul 2018 08:54:56 +0000 (10:54 +0200)]
spapr: compute default value of "hpt-max-page-size" later
It is currently not possible to run a pseries-2.12 or older machine
with HV KVM. QEMU prints the following and exits right away.
qemu-system-ppc64: KVM doesn't support for base page shift 34
The "hpt-max-page-size" capability was recently added to spapr to hide
host configuration details from HPT mode guests. Its default value for
newer machine types is 64k.
For backwards compatibility, pseries-2.12 and older machine types need
a different value. This is handled as usual in a class init function.
The default value is 16G, ie, all page sizes supported by POWER7 and
newer CPUs, but HV KVM requires guest pages to be hpa contiguous as
well as gpa contiguous. The default value is the page size used to
back the guest RAM in this case.
Unfortunately kvmppc_hpt_needs_host_contiguous_pages()->kvm_enabled() is
called way before KVM init and returns false, even if the user requested
KVM. We thus end up selecting 16G, which isn't supported by HV KVM. The
default value must be set during machine init, because we can safely
assume that KVM is initialized at this point.
We fix this by moving the logic to default_caps_with_cpu(). Since the
user cannot pass cap-hpt-max-page-size=0, we set the default to 0 in
the pseries-2.12 class init function and use that as a flag to do the
real work.
Greg Kurz [Fri, 29 Jun 2018 09:48:32 +0000 (11:48 +0200)]
target/ppc/kvm: don't pass cpu to kvm_get_smmu_info()
In a future patch the machine code will need to retrieve the MMU
information from KVM during machine initialization before the CPUs
are created.
Actually, KVM_PPC_GET_SMMU_INFO is a VM class ioctl, and thus, we
don't need to have a CPU object around. We just need for KVM to
be initialized and use the kvm_state global. This patch just does
that.
Greg Kurz [Fri, 29 Jun 2018 09:48:16 +0000 (11:48 +0200)]
target/ppc/kvm: get rid of kvm_get_fallback_smmu_info()
Now that we're checking our MMU configuration is supported by KVM,
rather than adjusting it to KVM, it doesn't really make sense to
have a fallback for kvm_get_smmu_info(). If KVM is too old or buggy
to provide the details, we should rather treat this as an error.
This patch thus adds error reporting to kvm_get_smmu_info() and get
rid of the fallback code. QEMU will now terminate if KVM fails to
provide MMU details. This may break some very old setups, but the
simplification is worth the sacrifice.
BALATON Zoltan [Fri, 29 Jun 2018 12:04:33 +0000 (14:04 +0200)]
ppc440_uc: Basic emulation of PPC440 DMA controller
PPC440 SoCs such as the AMCC 460EX have a DMA controller which is used
by AmigaOS on the sam460ex. Implement the parts used by AmigaOS so it
can get further booting on the sam460ex machine.
BALATON Zoltan [Thu, 28 Jun 2018 22:38:33 +0000 (00:38 +0200)]
ppc4xx_i2c: Rewrite to model hardware more closely
Rewrite to make it closer to how real device works so that guest OS
drivers can access I2C devices. Previously this was only a hack to
allow U-Boot to get past accessing SPD EEPROMs but to support other
I2C devices and allow guests to access them we need to model real
device more properly.
David Gibson [Mon, 2 Jul 2018 01:59:35 +0000 (11:59 +1000)]
hw/ppc: Give sam46ex its own config option
At present the Sam460ex board is activated by the general CONFIG_PPC4XX
option. However that includes the board for both ppc-softmmu and
(deprecated) ppcemb-softmmu builds. As Sam460ex is developed, that would
require adding more things into ppcemb-softmmu, which we don't want to do.
John Arbuckle [Sun, 24 Jun 2018 23:12:48 +0000 (19:12 -0400)]
fpu_helper.c: fix setting FPSCR[FI] bit
The FPSCR[FI] bit indicates if the last floating point instruction had a result that was rounded. Each consecutive floating point instruction is suppose to set this bit to the correct value. What currently happens is this bit is not set as often as it should be. I have verified that this is the behavior of a real PowerPC 950. This patch fixes that problem by deciding to set this bit after each floating point instruction.
https://www.pdfdrive.net/powerpc-microprocessor-family-the-programming-environments-for-32-e3087633.html
Page 63 in table 2-4 is where the description of this bit can be found.
The store twin case was stubbed out. For now, implement it only within
a serial context, forcing parallel execution to synchronize. It would
be possible to implement with a cmpxchg loop, if we care, but the loose
alignment requirements (simply no crossing 32-byte boundary) might send
us back to the serial context anyway.
These cases were stubbed out. For now, implement them only within
a serial context, forcing parallel execution to synchronize. It
would be possible to implement these with cmpxchg loops, if we care.
Move the guts of ST_ATOMIC to a function. Use foo_tl for the operations
instead of foo_i32 or foo_i64 specifically. Use MO_ALIGN instead of an
explicit call to gen_check_align.
Move the guts of LD_ATOMIC to a function. Use foo_tl for the operations
instead of foo_i32 or foo_i64 specifically. Use MO_ALIGN instead of an
explicit call to gen_check_align.
Leave only the minimal amount of code within the LDAR macro,
moving the rest of the code into gen_load_locked. Use MO_ALIGN
and remove the explicit call to gen_check_align.
Leave only the minimal amount of code within the STCX macro,
moving the rest of the code into gen_conditional_store.
Remove the explicit call to gen_check_align; the matching LDAX will
have already checked alignment, and we verify the same address.
Always use the gen_conditional_store implementation that uses
atomic_cmpxchg. Make sure and clear reserve_addr across most
interrupts crossing the cpu_loop.
When running in a parallel context, we must use a helper in order
to perform the 128-bit atomic operation. When running in a serial
context, do the compare before the store.
Section 1.4 of the Power ISA v3.0B states that this insn is
single-copy atomic. As we cannot (yet) issue 128-bit stores
within TCG, use the generic helpers provided.
Section 1.4 of the Power ISA v3.0B states that both of these
instructions are single-copy atomic. As we cannot (yet) issue
128-bit loads within TCG, use the generic helpers provided.
Since TCG cannot (yet) return a 128-bit value, add a slot within
CPUPPCState for returning the high half of a 128-bit return value.
This solution is preferred to the helper assigning to architectural
registers directly, as it avoids clobbering all TCG live values.
Cédric Le Goater [Tue, 26 Jun 2018 14:22:14 +0000 (16:22 +0200)]
ppc/pnv: fix pnv_core_realize() error handling
commit d35aefa9ae15 ("ppc/pnv: introduce a new intc_create() operation
to the chip model") changed the object link in the pnv_core_realize()
routine but a return was forgotten in case of error, which can lead to
more problems afterwards (segv)
Cédric Le Goater [Mon, 25 Jun 2018 09:17:18 +0000 (11:17 +0200)]
ppc/xics: rework the ICS classes inheritance tree
With the previous changes, we can now let the ICS_KVM class inherit
directly from ICS_BASE class and not from the intermediate ICS_SIMPLE.
It makes the class hierarchy much cleaner.
What is left in the top classes is the low level interface to access
the KVM XICS device in ICS_KVM and the XICS emulating handlers in
ICS_SIMPLE.
Cédric Le Goater [Wed, 20 Jun 2018 10:24:13 +0000 (12:24 +0200)]
ppc/xics: introduce ICP DeviceRealize and DeviceReset handlers
This changes the ICP realize and reset handlers in DeviceRealize and
DeviceReset handlers. parent handlers are now called from the
inheriting classes which is a cleaner object pattern.
Guenter Roeck [Sat, 23 Jun 2018 21:18:05 +0000 (14:18 -0700)]
sam460ex: Fix sam460ex device tree when booting the Linux kernel
sam460ex (or at least this emulation) does not support the "ibm,cpm" power
management. As a result, Linux crashes when trying to access it. Remove
its device tree node. Also, if/when we boot the Linux kernel directly,
serial port clock frequencies in the device tree file will be unset, and
serial port initialization will fail. Add valid frequency values to
the serial ports to be able to use it. Also set valid values for the other
clock nodes otherwise set by u-boot.
Mark Cave-Ayland [Fri, 22 Jun 2018 08:00:09 +0000 (09:00 +0100)]
mac_newworld: always enable disable_direct_reg3_writes for ADB machines
Commit 84051eb400 "adb: add property to disable direct reg 3 writes" added a
workaround for MacOS 9 incorrectly setting the mouse address during boot of
PMU machines.
Further testing has shown that since fb6649f172 "adb: fix read reg 3 byte
ordering" this can still sometimes happen with the CUDA mac99 machine,
so let's enable this workaround for all New World machines using ADB for now.
Eric Blake [Mon, 2 Jul 2018 19:14:57 +0000 (14:14 -0500)]
nbd/client: Add x-dirty-bitmap to query bitmap from server
In order to test that the NBD server is properly advertising
dirty bitmaps, we need a bare minimum client that can request
and read the context. Since feature freeze for 3.0 is imminent,
this is the smallest workable patch, which replaces the qemu
block status report with the results of the NBD server's dirty
bitmap (making it very easy to use 'qemu-img map --output=json'
to learn where the dirty portions are). Note that the NBD
protocol defines a dirty section with the same bit but opposite
sense that normal "base:allocation" uses to report an allocated
section; so in qemu-img map output, "data":true corresponds to
clean, "data":false corresponds to dirty.
A more complete solution that allows dirty bitmaps to be queried
at the same time as normal block status will be required before
this addition can lose the x- prefix. Until then, the fact that
this replaces normal status with dirty status means actions
like 'qemu-img convert' will likely misbehave due to treating
dirty regions of the file as if they are unallocated.
The next patch adds an iotest to exercise this new code.
This is needed to implement the image-fleecing workflow where we
create a temporary node backed by an active node, then start
backupdev-backup sync=none from the active node to the temp node.
In this case, the active node is now a root node AND a backing node,
so it no longer qualifies as a root node, so we loosen the restriction
on which nodes can be considered as the source for a backup.
Eric Blake [Tue, 8 May 2018 21:27:18 +0000 (16:27 -0500)]
iscsi: Avoid potential for get_status overflow
Detected by Coverity: Multiplying two 32-bit int and assigning
the result to a 64-bit number is a risk of overflow. Prior to
the conversion to byte-based interfaces, the block layer took
care of ensuring that a status request never exceeded 2G in
the driver; but after that conversion, the block layer expects
drivers to deal with any size request (the driver can always
truncate the request size back down, as long as it makes
progress). So, in the off-chance that someone makes a large
request, we are at the mercy of whether iscsi_get_lba_status_task()
will cap things to at most INT_MAX / iscsilun->block_size when
it populates lbasd->num_blocks; since I could not easily audit
that, it's better to be safe than sorry by just forcing a 64-bit
multiply.
Eric Blake [Fri, 22 Jun 2018 15:35:09 +0000 (10:35 -0500)]
nbd/server: Fix dirty bitmap logic regression
In my hurry to fix a build failure, I introduced a logic bug.
The assertion conditional is backwards, meaning that qemu will
now abort instead of reporting dirty bitmap status.
The bug can only be tickled by an NBD client using an exported
dirty bitmap (which is still an experimental QMP command), so
it's not the end of the world for supported usage (and neither
'make check' nor qemu-iotests fails); but it also shows that we
really want qemu-io support for reading dirty bitmaps if only
so that I can add iotests coverage to prevent future
brown-bag-of-shame events like this one.
* remotes/bonzini/tags/for-upstream: (50 commits)
tcg: simplify !CONFIG_TCG handling of tb_invalidate_*
i386/monitor.c: make addresses canonical for "info mem" and "info tlb"
target-i386: Add NPT support
serial: Open non-block
bsd-user: Use the IEC binary prefix definitions
linux-user: Use the IEC binary prefix definitions
tests/crypto: Use the IEC binary prefix definitions
vl: Use the IEC binary prefix definitions
monitor: Use the IEC binary prefix definitions
cutils: Do not include "qemu/units.h" directly
hw/rdma: Use the IEC binary prefix definitions
hw/virtio: Use the IEC binary prefix definitions
hw/vfio: Use the IEC binary prefix definitions
hw/sd: Use the IEC binary prefix definitions
hw/usb: Use the IEC binary prefix definitions
hw/net: Use the IEC binary prefix definitions
hw/i386: Use the IEC binary prefix definitions
hw/ppc: Use the IEC binary prefix definitions
hw/mips: Use the IEC binary prefix definitions
hw/mips/r4k: Constify params_size
...
Peter Maydell [Mon, 2 Jul 2018 16:57:46 +0000 (17:57 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20180702' into staging
Assorted tlb and tb caching fixes
# gpg: Signature made Mon 02 Jul 2018 17:03:07 BST
# gpg: using RSA key 64DF38E8AF7E215F
# gpg: Good signature from "Richard Henderson <[email protected]>"
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* remotes/rth/tags/pull-tcg-20180702:
cpu: Assert asidx_from_attrs return value in range
accel/tcg: Avoid caching overwritten tlb entries
accel/tcg: Don't treat invalid TLB entries as needing recheck
accel/tcg: Correct "is this a TLB miss" check in get_page_addr_code()
tcg: Define and use new tlb_hit() and tlb_hit_page() functions
translate-all: fix locking of TBs whose two pages share the same physical page
Gerd Hoffmann [Wed, 20 Jun 2018 10:11:42 +0000 (12:11 +0200)]
vgabios: remove submodule and build rules.
It's the old, lgpl vgabios implementation.
Was left in as fallback when we switched to seavgabios, so we could
easily switch back in case we see regressions. It's unused since years
now, reportedly doesn't even build, and lacks support for recently (and
not so recently) added display devices.
Gerd Hoffmann [Wed, 20 Jun 2018 10:07:40 +0000 (12:07 +0200)]
seabios: enable ide dma
QNX reportedly requires this to boot.
Should also speed up booting other guests.
Note: Upstream seabios defaults this to 'n' to due to known problems
on physical hardware (qemu not affected), and wouldn't flip the default
to 'y'. So we adjust our local build config accordingly.
Gerd Hoffmann [Wed, 20 Jun 2018 10:05:55 +0000 (12:05 +0200)]
seabios: add vga configs for bochs-display and ramfb
Both bochs-display and ramfb are devices with a simple framebuffer and
no vga emulation or text mode. seavgabios has support for text mode
emulation (at vgabios call level), we are using that to provide some
vga compatibility support for these devices.
Gerd Hoffmann (11):
optionrom: enable non-vga display devices
cbvga: factor out cbvga_setup_modes()
qemu: add bochs-display support
cbvga_setup_modes: use real mode number instead of 0x140
cbvga_list_modes: don't list current mode twice
cbvga_set_mode: disable clearmem in windows x86 emulator.
bochs_display_setup: return error on failure
pmm: use tmp zone on oom
vgasrc: add allocate_pmm()
qemu: add qemu ramfb support
cbvga_set_mode: refine clear display logic
When installing a TLB entry, remove any cached version of the
same page in the VTLB. If the existing TLB entry matches, do
not copy into the VTLB, but overwrite it.
Peter Maydell [Fri, 29 Jun 2018 16:17:31 +0000 (17:17 +0100)]
accel/tcg: Don't treat invalid TLB entries as needing recheck
In get_page_addr_code() when we check whether the TLB entry
is marked as TLB_RECHECK, we should not go down that code
path if the TLB entry is not valid at all (ie the TLB_INVALID
bit is set).
Peter Maydell [Fri, 29 Jun 2018 16:21:22 +0000 (17:21 +0100)]
accel/tcg: Correct "is this a TLB miss" check in get_page_addr_code()
In commit 71b9a45330fe220d1 we changed the condition we use
to determine whether we need to refill the TLB in
get_page_addr_code() to
if (unlikely(env->tlb_table[mmu_idx][index].addr_code !=
(addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK)))) {
This isn't the right check (it will falsely fail if the
input addr happens to have the low bit corresponding to
TLB_INVALID_MASK set, for instance). Replace it with a
use of the new tlb_hit() function, which is the correct test.
Peter Maydell [Fri, 29 Jun 2018 16:21:21 +0000 (17:21 +0100)]
tcg: Define and use new tlb_hit() and tlb_hit_page() functions
The condition to check whether an address has hit against a particular
TLB entry is not completely trivial. We do this in various places, and
in fact in one place (get_page_addr_code()) we have got the condition
wrong. Abstract it out into new tlb_hit() and tlb_hit_page() inline
functions (one for a known-page-aligned address and one for an
arbitrary address), and use them in all the places where we had the
condition correct.
This is a no-behaviour-change patch; we leave fixing the buggy
code in get_page_addr_code() to a subsequent patch.
Emilio G. Cota [Mon, 25 Jun 2018 16:31:42 +0000 (12:31 -0400)]
translate-all: fix locking of TBs whose two pages share the same physical page
Commit 0b5c91f ("translate-all: use per-page locking in !user-mode",
2018-06-15) introduced per-page locking. It assumed that the physical
pages corresponding to a TB (at most two pages) are always distinct,
which is wrong. For instance, an xtensa test provided by Max Filippov
is broken by the commit, since the test maps two virtual pages
to the same physical page:
Fix it by removing the assumption from page_lock_pair.
If the two physical page addresses are equal, we only lock
the PageDesc once. Note that the two callers of page_lock_pair,
namely page_unlock_tb and tb_link_page, are also updated so that
we do not try to unlock the same PageDesc twice.
* remotes/cohuck/tags/s390x-20180702:
s390x/tcg: fix locking problem with tcg_s390_tod_updated
s390x/kvm: indicate alignment in legacy_s390_alloc()
s390x/kvm: legacy_s390_alloc() only supports one allocation
s390x/tcg: fix CPU hotplug with single-threaded TCG
s390x/tcg: rearm the CKC timer during migration
s390x/tcg: implement SET CLOCK
s390x/tcg: SET CLOCK COMPARATOR can clear CKC interrupts
s390x/tcg: properly implement the TOD
s390x/tcg: drop tod_basetime
s390x/tod: factor out TOD into separate device
s390x/kvm: pass values instead of pointers to kvm_s390_set_clock_*()
s390x/tcg: avoid overflows in time2tod/tod2time
s390x/cpumodel: default enable bpb and ppa15 for z196 and later
loader: Check access size when calling rom_ptr() to avoid crashes
s390/ipl: fix ipl with -no-reboot
Paolo Bonzini [Mon, 2 Jul 2018 12:45:25 +0000 (14:45 +0200)]
tcg: simplify !CONFIG_TCG handling of tb_invalidate_*
There is no need for a stub, since tb_invalidate_phys_addr can be excised
altogether when TCG is disabled. This is a bit cleaner since it avoids
using code that is clearly specific to user-mode emulation (it calls
mmap_lock/unlock) for the !CONFIG_TCG case.
Doug Gale [Sun, 17 Jun 2018 08:40:25 +0000 (04:40 -0400)]
i386/monitor.c: make addresses canonical for "info mem" and "info tlb"
Correct the output of the "info mem" and "info tlb" monitor commands to
correctly show canonical addresses.
In 48-bit addressing mode, the upper 16 bits of linear addresses are
equal to bit 47. In 57-bit addressing mode (LA57), the upper 7 bits of
linear addresses are equal to bit 56.
Jan Kiszka [Sat, 30 Jun 2018 06:08:23 +0000 (08:08 +0200)]
target-i386: Add NPT support
This implements NPT suport for SVM by hooking into
x86_cpu_handle_mmu_fault where it reads the stage-1 page table. Whether
we need to perform this 2nd stage translation, and how, is decided
during vmrun and stored in hflags2, along with nested_cr3 and
nested_pg_mode.
As get_hphys performs a direct cpu_vmexit in case of NPT faults, we need
retaddr in that function. To avoid changing the signature of
cpu_handle_mmu_fault, this passes the value from tlb_fill to get_hphys
via the CPU state.
This was tested successfully via the Jailhouse hypervisor.
On a real serial device, the open can block if the handshake
lines are in a particular state. If a QEMU is passing the serial
device to the guest, the QEMU startup is blocked opening the device
(with a symptom seen as a timeout from libvirt).
projects / qemu.git / log