Cornelia Huck [Wed, 27 Nov 2019 10:43:25 +0000 (11:43 +0100)]
qga: fence guest-set-time if hwclock not available
The Posix implementation of guest-set-time invokes hwclock to
set/retrieve the time to/from the hardware clock. If hwclock
is not available, the user is currently informed that "hwclock
failed to set hardware clock to system time", which is quite
misleading. This may happen e.g. on s390x, which has a different
timekeeping concept anyway.
Let's check for the availability of the hwclock command and
return QERR_UNSUPPORTED for guest-set-time if it is not available.
s390x/cpumodel: Fix query-cpu-definitions error API violations
qmp_query_cpu_definitions() passes @errp to get_max_cpu_model(), then
frees any error it gets back. This effectively ignores errors.
Dereferencing @errp is wrong; see the big comment in error.h. Passing
@errp is also wrong, because it works only as long as @errp is neither
@error_fatal nor @error_abort. Introduced in commit 38cba1f4d8
"s390x: return unavailable features via query-cpu-definitions".
No caller actually passes such @errp values.
Fix anyway: simply pass NULL to get_max_cpu_model().
s390x/cpumodel: Fix query-cpu-model-FOO error API violations
cpu_model_from_info() is a helper for qmp_query_cpu_model_expansion(),
qmp_query_cpu_model_comparison(), qmp_query_cpu_model_baseline(). It
dereferences @errp when the visitor or the QOM setter fails. That's
wrong; see the big comment in error.h. Introduced in commit 137974cea3 's390x/cpumodel: implement QMP interface
"query-cpu-model-expansion"'.
Its three callers have the same issue. Introduced in commit 4e82ef0502 's390x/cpumodel: implement QMP interface
"query-cpu-model-comparison"' and commit f1a47d08ef 's390x/cpumodel:
implement QMP interface "query-cpu-model-baseline"'.
No caller actually passes null.
Fix anyway: splice in a local Error *err, and error_propagate().
s390x/cpumodel: Fix realize() error API violations
get_max_cpu_model() dereferences @errp when
kvm_s390_get_host_cpu_model() fails, apply_cpu_model() dereferences it
when kvm_s390_apply_cpu_model() fails, and s390_realize_cpu_model()
dereferences it when get_max_cpu_model() or check_compatibility()
fail. That's wrong; see the big comment in error.h. All three
introduced in commit 80560137cf "s390x/cpumodel: check and apply the
CPU model".
No caller actually passes null.
Fix anyway: splice in a local Error *err, and error_propagate().
s390x/cpumodel: Fix feature property error API violations
s390x-cpu property setters set_feature() and set_feature_group()
dereference @errp when the visitor fails. That's wrong; see the big
comment in error.h. Introduced in commit 0754f60429 "s390x/cpumodel:
expose features and feature groups as properties".
No caller actually passes null.
Fix anyway: splice in a local Error *err, and error_propagate().
s390x/event-facility: Fix realize() error API violations
sclp_events_bus_realize() dereferences @errp when
object_property_set_bool() fails. That's wrong; see the big comment
in error.h. Introduced in commit f6102c329c "s390/sclp: rework sclp
event facility initialization + device realization".
No caller actually passes null.
Fix anyway: splice in a local Error *err, and error_propagate().
Janosch Frank [Wed, 27 Nov 2019 17:50:45 +0000 (12:50 -0500)]
s390x: Beautify diag308 handling
Let's improve readability by:
* Using constants for the subcodes
* Moving parameter checking into a function
* Removing subcode > 6 check as the default case catches that
Janosch Frank [Wed, 27 Nov 2019 17:50:42 +0000 (12:50 -0500)]
s390x: Move reset normal to shared reset handler
Let's start moving the cpu reset functions into a single function with
a switch/case, so we can later use fallthroughs and share more code
between resets.
This patch introduces the reset function by renaming cpu_reset().
Janosch Frank [Wed, 27 Nov 2019 17:50:41 +0000 (12:50 -0500)]
s390x: Don't do a normal reset on the initial cpu
The initiating cpu needs to be reset with an initial reset. While
doing a normal reset followed by a initial reset is not wrong per se,
the Ultravisor will only allow the correct reset to be performed.
Peter Maydell [Fri, 13 Dec 2019 18:14:07 +0000 (18:14 +0000)]
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Pull request
# gpg: Signature made Fri 13 Dec 2019 14:32:11 GMT
# gpg: using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <[email protected]>" [full]
# gpg: aka "Stefan Hajnoczi <[email protected]>" [full]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/block-pull-request:
iothread: document -object iothread on man page
virtio-blk: advertise F_WCE (F_FLUSH) if F_CONFIG_WCE is advertised
Peter Maydell [Fri, 13 Dec 2019 13:47:45 +0000 (13:47 +0000)]
Merge remote-tracking branch 'remotes/gkurz/tags/9p-next-2019-12-12' into staging
- conversion of virtfs-proxy-helper from libcap to libcap-ng
- removal of libcap-dev from docker, travis and gitlab CI
- removal of deprecate "-virtfs_synth" option
# gpg: Signature made Thu 12 Dec 2019 19:55:53 GMT
# gpg: using RSA key B4828BAF943140CEF2A3491071D4D5E5822F73D6
# gpg: Good signature from "Greg Kurz <[email protected]>" [full]
# gpg: aka "Gregory Kurz <[email protected]>" [full]
# gpg: aka "[jpeg image of size 3330]" [full]
# Primary key fingerprint: B482 8BAF 9431 40CE F2A3 4910 71D4 D5E5 822F 73D6
* remotes/gkurz/tags/9p-next-2019-12-12:
virtfs: Remove the deprecated "-virtfs_synth" option
travis.yml: Drop libcap-dev
ci: Use libcap-ng
docker: remove libcap development packages
virtfs-proxy-helper: switch from libcap to libcap-ng
Stefan Hajnoczi [Fri, 25 Oct 2019 12:22:36 +0000 (14:22 +0200)]
iothread: document -object iothread on man page
Add -object iothread documentation to the man page, including references
to the query-iothread QMP command and qom-set syntax for adjusting
adaptive polling parameters at run-time.
"Devices SHOULD always offer VIRTIO_BLK_F_FLUSH, and MUST offer it if
they offer VIRTIO_BLK_F_CONFIG_WCE"
Currently F_CONFIG_WCE and F_WCE are not connected to each other.
Qemu will advertise F_CONFIG_WCE if config-wce argument is
set for virtio-blk device. And F_WCE is advertised only if
underlying block backend actually has it's caching enabled.
Fix this by advertising F_WCE if F_CONFIG_WCE is also advertised.
To preserve backwards compatibility with newer machine types make this
behaviour governed by "x-enable-wce-if-config-wce" virtio-blk-device
property and introduce hw_compat_4_2 with new property being off by
default for all machine types <= 4.2 (but don't introduce 4.3
machine type itself yet).
Stefan Hajnoczi [Mon, 9 Dec 2019 11:07:59 +0000 (11:07 +0000)]
virtio-fs: fix MSI-X nvectors calculation
The following MSI-X vectors are required:
* VIRTIO Configuration Change
* hiprio virtqueue
* requests virtqueues
Fix the calculation to reserve enough MSI-X vectors. Otherwise guest
drivers fall back to a sub-optional configuration where all virtqueues
share a single vector.
This change does not break live migration compatibility since
vhost-user-fs-pci devices are not migratable yet.
We currently enable libcap-dev in build-clang to pick up the 9p proxy
helper. Paolo's patch changes (commit 7e46261368d1) that to use
libcap-ng, so switch to using it. This also means we'll be testing the
scsi pr manager and the bridge helper.
Peter Maydell [Mon, 9 Dec 2019 16:06:51 +0000 (16:06 +0000)]
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-12-09' into staging
bitmap fix for 4.2-rc5
- Fix a regression that broke bitmap deletion without a transaction,
and causes a crash with transaction (only transaction is new to 4.2),
when a qcow2 file contains persistent bitmaps from prior shutdown
# gpg: Signature made Mon 09 Dec 2019 15:28:19 GMT
# gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <[email protected]>" [full]
# gpg: aka "Eric Blake (Free Software Programmer) <[email protected]>" [full]
# gpg: aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A
* remotes/ericb/tags/pull-nbd-2019-12-09:
block/qcow2-bitmap: fix crash bug in qcow2_co_remove_persistent_dirty_bitmap
block/qcow2-bitmap: fix crash bug in qcow2_co_remove_persistent_dirty_bitmap
Here is double bug:
First, return error but not set errp. This may lead to:
qmp block-dirty-bitmap-remove may report success when actually failed
block-dirty-bitmap-remove used in a transaction will crash, as
qmp_transaction will think that it returned success and will call
block_dirty_bitmap_remove_commit which will crash, as state->bitmap is
NULL
Second (like in anecdote), this case is not an error at all. As it is
documented in the comment above bdrv_co_remove_persistent_dirty_bitmap
definition, absence of bitmap is not an error, and similar case handled
at start of qcow2_co_remove_persistent_dirty_bitmap, it returns 0 when
there is no bitmaps at all.
But when there are some bitmaps, but not the requested one, it return
error with errp unset.
Fix that.
Trigger:
1. create persistent bitmap A
2. shutdown vm (bitmap A is synced)
3. start vm
4. create persistent bitmap B
5. remove bitmap B - it fails (and crashes if in transaction)
Potential workaround (rather invasive to ask clients to implement it):
1. create persistent bitmap A
2. shutdown vm
3. start vm
4. create persistent bitmap B
5. remember, that we want to remove bitmap B after vm shutdown
...
some other operations
...
6. vm shutdown
7. start vm in stopped mode, and remove all bitmaps marked for removing
8. stop vm
Peter Maydell [Mon, 9 Dec 2019 11:07:34 +0000 (11:07 +0000)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-4.2-20191209' into staging
ppc patch queue 2019-12-09
This is a last minute pull request for ppc-for-4.2. I know it's very
late in freeze, but this does fix a regression: a bad interaction
between the new qemu and SLOF device tree construction code means that
SLOF will crash if PCI to PCI bridges are included in the system.
This PR supersedes ppc-for-4.2-20191206. This one has only a more
minimal change to the firmware addressed only at fixing this bug and
not incorporating some other unrelated changes that happened in the
meantime.
Yang Zhong [Fri, 6 Dec 2019 07:11:11 +0000 (15:11 +0800)]
target/i386: disable VMX features if nested=0
If kvm does not support VMX feature by nested=0, the kvm_vmx_basic
can't get the right value from MSR_IA32_VMX_BASIC register, which
make qemu coredump when qemu do KVM_SET_MSRS.
The coredump info:
error: failed to set MSR 0x480 to 0x0
kvm_put_msrs: Assertion `ret == cpu->kvm_msr_buf->nmsrs' failed.
hvf: correctly inject VMCS_INTR_T_HWINTR versus VMCS_INTR_T_SWINTR.
Previous implementation in hvf_inject_interrupts() would always inject
VMCS_INTR_T_SWINTR even when VMCS_INTR_T_HWINTR was required. Now
correctly determine when VMCS_INTR_T_HWINTR is appropriate versus
VMCS_INTR_T_SWINTR.
Make sure to clear ins_len and has_error_code when ins_len isn't
valid and error_code isn't set.
raw_aio_attach_aio_context() passes uninitialized Error *local_err by
reference to laio_init() via aio_setup_linux_aio(). When laio_init()
fails, it passes it on to error_setg_errno(), tripping error_setv()'s
assertion unless @local_err is null by dumb luck.
Functions that take an Error ** parameter to pass an error to the
caller expect the parameter to point to null.
failover_replug_primary() violates this precondition in several
places:
* After qemu_opts_from_qdict() failed, *errp is no longer null.
Passing it to error_setg() is wrong, and will trip the assertion in
error_setv(). Messed up in commit 150ab54aa6 "net/virtio: fix
re-plugging of primary device". Simply drop the error_setg().
* Passing @errp to qemu_opt_set_bool(), hotplug_handler_pre_plug(),
and hotplug_handler_plug() is wrong. If one of the first two fails,
*errp is no longer null. Risks tripping the same assertion.
Moreover, continuing after such errors is unsafe. Messed up in
commit 9711cd0dfc "net/virtio: add failover support". Fix by
handling each error properly.
failover_replug_primary() crashes when passed a null @errp. Also
messed up in commit 9711cd0dfc. This bug can't bite as no caller
actually passes null. Fix it anyway.
net/virtio: Drop useless n->primary_dev not null checks
virtio_net_handle_migration_primary() returns early when it can't
ensure n->primary_dev is non-null. Checking it again right after that
early return is redundant. Drop.
If n->primary_dev is null on entering failover_replug_primary(), @pdev
will become null, and pdev->partially_hotplugged will crash. Checking
n->primary_dev later is useless. It can't actually be null, because
its caller virtio_net_handle_migration_primary() ensures it isn't.
Drop the useless check.
Paolo Bonzini [Fri, 29 Nov 2019 11:16:32 +0000 (12:16 +0100)]
virtfs-proxy-helper: switch from libcap to libcap-ng
virtfs-proxy-helper is the only user of libcap; everyone else is using
the simpler libcap-ng API. Switch and remove the configure code to
detect libcap.
Claudio Imbrenda [Thu, 28 Nov 2019 12:33:57 +0000 (13:33 +0100)]
pc-bios/s390-ccw: fix sclp_get_loadparm_ascii
The existing s390 bios gets the LOADPARM information from the system using
an SCLP call that specifies a buffer length too small to contain all the
output.
The recent fixes in the SCLP code have exposed this bug, since now the
SCLP call will return an error (as per architecture) instead of
writing partially and completing successfully.
The solution is simply to specify the full page length as the SCCB
length instead of a smaller size.
* remotes/bonzini/tags/for-upstream:
hvf: more accurately match SDM when setting CR0 and PDPTE registers
hvf: correctly handle REX prefix in relation to legacy prefixes
hvf: remove TSC synchronization code because it isn't fully complete
hvf: non-RAM, non-ROMD memory ranges are now correctly mapped in
target/i386: add two missing VMX features for Skylake and CascadeLake Server
Peter Maydell [Tue, 26 Nov 2019 18:37:49 +0000 (18:37 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20191126' into staging
target-arm queue:
* handle FTYPE flag correctly in v7M exception return
for v7M CPUs with an FPU (v8M CPUs were already correct)
* versal: Add the CRP as unimplemented
* Fix ISR_EL1 tracking when executing at EL2
* Honor HCR_EL2.TID3 trapping requirements
* remotes/pmaydell/tags/pull-target-arm-20191126:
target/arm: Honor HCR_EL2.TID3 trapping requirements
target/arm: Fix ISR_EL1 tracking when executing at EL2
hw/arm: versal: Add the CRP as unimplemented
target/arm: Fix handling of cortex-m FTYPE flag in EXCRET
Peter Maydell [Tue, 26 Nov 2019 16:48:48 +0000 (16:48 +0000)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-4.2-20191126' into staging
ppc patch queue for 2019-11-26
Here's the first 4.2 hard freeze pull request from me. This has:
* A fix for some testcases that cause errors on older host kernels
(e.g. RHEL7), with our new default configuration of VSMT mode
* Changes to make VFIO devices interact properly with change of irq
chip caused by PAPR feature negotiation. This is more involved
than I would like, but it's a problem in real use cases and I
can't see an easier way to handle it.
* Fix an error with ms6522 counters for the g3beige machine
* Fix a coverity warning
HCR_EL2.TID3 mandates that access from EL1 to a long list of id
registers traps to EL2, and QEMU has so far ignored this requirement.
This breaks (among other things) KVM guests that have PtrAuth enabled,
while the hypervisor doesn't want to expose the feature to its guest.
To achieve this, KVM traps the ID registers (ID_AA64ISAR1_EL1 in this
case), and masks out the unsupported feature.
QEMU not honoring the trap request means that the guest observes
that the feature is present in the HW, starts using it, and dies
a horrible death when KVM injects an UNDEF, because the feature
*really* isn't supported.
Do the right thing by trapping to EL2 if HCR_EL2.TID3 is set.
Note that this change does not include trapping of the MVFR
registers from AArch32 (they are accessed via the VMRS
instruction and need to be handled in a different way).
Marc Zyngier [Tue, 26 Nov 2019 13:55:36 +0000 (13:55 +0000)]
target/arm: Fix ISR_EL1 tracking when executing at EL2
The ARMv8 ARM states when executing at EL2, EL3 or Secure EL1,
ISR_EL1 shows the pending status of the physical IRQ, FIQ, or
SError interrupts.
Unfortunately, QEMU's implementation only considers the HCR_EL2
bits, and ignores the current exception level. This means a hypervisor
trying to look at its own interrupt state actually sees the guest
state, which is unexpected and breaks KVM as of Linux 5.3.
Instead, check for the running EL and return the physical bits
if not running in a virtualized context.
target/arm: Fix handling of cortex-m FTYPE flag in EXCRET
According to the PushStack() pseudocode in the armv7m RM,
bit 4 of the LR should be set to NOT(CONTROL.PFCA) when
an FPU is present. Current implementation is doing it for
armv8, but not for armv7. This patch makes the existing
logic applicable to both code paths.
Add optional pre-shutdown: shutdown/launch vm before migration. This
leads to storing persistent bitmap to the storage, which breaks
migration with dirty-bitmaps capability enabled and shared storage
until fixed by previous commit.
Fix bitmap migration with dirty-bitmaps capability enabled and shared
storage. We should ignore IN_USE bitmaps in the image on target, when
migrating bitmaps through migration channel, see new comment below.
Peter Maydell [Tue, 26 Nov 2019 12:36:40 +0000 (12:36 +0000)]
Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-4.2-rc3' into staging
RISC-V Patches for 4.2-rc3
This tag contains two patches that I'd like to target for 4.2-rc3:
* A fix to the DT entry for the SiFive test finisher.
* A fix to the spike board's HTIF interface.
This passes "make check" and boots OE for me.
# gpg: Signature made Mon 25 Nov 2019 20:51:13 GMT
# gpg: using RSA key 00CE76D1834960DFCE886DF8EF4CA1502CCBAB41
# gpg: issuer "[email protected]"
# gpg: Good signature from "Palmer Dabbelt <[email protected]>" [unknown]
# gpg: aka "Palmer Dabbelt <[email protected]>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41
* remotes/palmer/tags/riscv-for-master-4.2-rc3:
hw/riscv: Add optional symbol callback ptr to riscv_load_kernel()
RISC-V: virt: This is a "sifive,test1" test finisher
Alex Bennée [Thu, 21 Nov 2019 16:58:38 +0000 (16:58 +0000)]
tests/vm/ubuntu: update i386 image to 18.04
The current image is broken while running qtests but the bug go away
when built with a newer Ubuntu i386 image. I was unable to replicate
the crash on Debian Buster for i386 either so I'm concluding it is a
distro problem. Let's paper over that crack by updating our 32 bir
test image.
Cameron Esfahani [Sun, 24 Nov 2019 20:05:25 +0000 (12:05 -0800)]
hvf: correctly handle REX prefix in relation to legacy prefixes
In real x86 processors, the REX prefix must come after legacy prefixes.
REX before legacy is ignored. Update the HVF emulation code to properly
handle this. Fix some spelling errors in constants. Fix some decoder
table initialization issues found by Coverity.
Cameron Esfahani [Sun, 24 Nov 2019 20:05:24 +0000 (12:05 -0800)]
hvf: remove TSC synchronization code because it isn't fully complete
The existing code in QEMU's HVF support to attempt to synchronize TSC
across multiple cores is not sufficient. TSC value on other cores
can go backwards. Until implementation is fixed, remove calls to
hv_vm_sync_tsc(). Pass through TSC to guest OS.
Cameron Esfahani [Sun, 24 Nov 2019 20:05:23 +0000 (12:05 -0800)]
hvf: non-RAM, non-ROMD memory ranges are now correctly mapped in
If an area is non-RAM and non-ROMD, then remove mappings so accesses
will trap and can be emulated. Change hvf_find_overlap_slot() to take
a size instead of an end address: it wouldn't return a slot because
callers would pass the same address for start and end. Don't always
map area as read/write/execute, respect area flags.
PanNengyuan [Mon, 25 Nov 2019 12:34:51 +0000 (20:34 +0800)]
ppc/spapr_events: fix potential NULL pointer dereference in rtas_event_log_dequeue
This fixes coverity issues 68911917:
360
CID 68911917: (NULL_RETURNS)
361. dereference: Dereferencing "source", which is known to be
"NULL".
361 if (source->mask & event_mask) {
362 break;
363 }
Laurent Vivier [Mon, 25 Nov 2019 14:14:14 +0000 (15:14 +0100)]
mos6522: update counters when timer interrupts are off
Even if the interrupts are off, counters must be updated because
they are running anyway and kernel can try to read them
(it's the case with g3beige kernel).
David Gibson [Wed, 2 Oct 2019 01:53:57 +0000 (11:53 +1000)]
spapr: Work around spurious warnings from vfio INTx initialization
Traditional PCI INTx for vfio devices can only perform well if using
an in-kernel irqchip. Therefore, vfio_intx_update() issues a warning
if an in kernel irqchip is not available.
We usually do have an in-kernel irqchip available for pseries machines
on POWER hosts. However, because the platform allows feature
negotiation of what interrupt controller model to use, we don't
currently initialize it until machine reset. vfio_intx_update() is
called (first) from vfio_realize() before that, so it can issue a
spurious warning, even if we will have an in kernel irqchip by the
time we need it.
To workaround this, make a call to spapr_irq_update_active_intc() from
spapr_irq_init() which is called at machine realize time, before the
vfio realize. This call will be pretty much obsoleted by the later
call at reset time, but it serves to suppress the spurious warning
from VFIO.
David Gibson [Mon, 30 Sep 2019 05:54:00 +0000 (15:54 +1000)]
spapr: Handle irq backend changes with VFIO PCI devices
pseries machine type can have one of two different interrupt controllers in
use depending on feature negotiation with the guest. Usually this is
invisible to devices, because they route to a common set of qemu_irqs which
in turn dispatch to the correct back end.
VFIO passthrough devices, however, wire themselves up directly to the KVM
irqchip for performance, which means they are affected by this change in
interrupt controller. To get them to adjust correctly for the change in
irqchip, we need to fire the kvm irqchip change notifier.
David Gibson [Thu, 17 Oct 2019 01:38:30 +0000 (12:38 +1100)]
vfio/pci: Respond to KVM irqchip change notifier
VFIO PCI devices already respond to the pci intx routing notifier, in order
to update kernel irqchip mappings when routing is updated. However this
won't handle the case where the irqchip itself is replaced by a different
model while retaining the same routing. This case can happen on
the pseries machine type due to PAPR feature negotiation.
To handle that case, add a handler for the irqchip change notifier, which
does much the same thing as the routing notifier, but is unconditional,
rather than being a no-op when the routing hasn't changed.
David Gibson [Thu, 17 Oct 2019 00:52:45 +0000 (11:52 +1100)]
vfio/pci: Split vfio_intx_update()
This splits the vfio_intx_update() function into one part doing the actual
reconnection with the KVM irqchip (vfio_intx_update(), now taking an
argument with the new routing) and vfio_intx_routing_notifier() which
handles calls to the pci device intx routing notifier and calling
vfio_intx_update() when necessary. This will make adding support for the
irqchip change notifier easier.
David Gibson [Thu, 17 Oct 2019 01:12:35 +0000 (12:12 +1100)]
kvm: Introduce KVM irqchip change notifier
Awareness of an in kernel irqchip is usually local to the machine and its
top-level interrupt controller. However, in a few cases other things need
to know about it. In particular vfio devices need this in order to
accelerate interrupt delivery.
If interrupt routing is changed, such devices may need to readjust their
connection to the KVM irqchip. pci_bus_fire_intx_routing_notifier() exists
to do just this.
However, for the pseries machine type we have a situation where the routing
remains constant but the top-level irq chip itself is changed. This occurs
because of PAPR feature negotiation which allows the guest to decide
between the older XICS and newer XIVE irq chip models (both of which are
paravirtualized).
To allow devices like vfio to adjust to this change, introduce a new
notifier for the purpose kvm_irqchip_change_notify().
Laurent Vivier [Wed, 20 Nov 2019 14:25:39 +0000 (15:25 +0100)]
pseries: fix migration-test and pxe-test
Commit 29cb4187497d ("spapr: Set VSMT to smp_threads by default")
has introduced a new default value for VSMT that is not supported
by old kernels (before 4.13 kernel) and this breaks "make check"
on these kernels.
To fix that, explicitly set in the involved tests the value that was
used as the default value before the change.
hw/riscv: Add optional symbol callback ptr to riscv_load_kernel()
This patch adds an optional function pointer, "sym_cb", to
riscv_load_kernel() which provides the possibility to access the symbol
table during kernel loading.
The pointer is ignored, if supplied with Image or uImage file.
The Spike board requires the access to locate the HTIF symbols.
Palmer Dabbelt [Thu, 7 Nov 2019 22:25:00 +0000 (14:25 -0800)]
RISC-V: virt: This is a "sifive,test1" test finisher
The test finisher implements the reset command, which means it's a
"sifive,test1" device. This is a backwards compatible change, so it's
also a "sifive,test0" device. I copied the odd idiom for adding a
two-string compatible field from the ARM virt board.
Peter Maydell [Mon, 25 Nov 2019 16:25:47 +0000 (16:25 +0000)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
# gpg: Signature made Mon 25 Nov 2019 15:30:56 GMT
# gpg: using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <[email protected]>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
net/virtio: return error when device_opts arg is NULL
net/virtio: fix re-plugging of primary device
net/virtio: return early when failover primary alread added
net/virtio: fix dev_unplug_pending
Peter Maydell [Mon, 25 Nov 2019 15:47:44 +0000 (15:47 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
virtio, pc: fixes
More small bugfixes.
Signed-off-by: Michael S. Tsirkin <[email protected]>
# gpg: Signature made Mon 25 Nov 2019 08:43:07 GMT
# gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg: issuer "[email protected]"
# gpg: Good signature from "Michael S. Tsirkin <[email protected]>" [full]
# gpg: aka "Michael S. Tsirkin <[email protected]>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
intel_iommu: TM field should not be in reserved bits
intel_iommu: refine SL-PEs reserved fields checking
virtio-input: fix memory leak on unrealize
Jens Freimann [Wed, 20 Nov 2019 15:49:50 +0000 (16:49 +0100)]
net/virtio: fix re-plugging of primary device
failover_replug_primary was returning true on failure which lead to
re-plug not working when a migration failed. Fix this by returning
success when hotplug worked. This is a bug that was missed in last
round of testing but was tested succesfully with this version. Also
make sure we don't pass NULL to qdev_set_parent_bus().
Jens Freimann [Wed, 20 Nov 2019 15:49:48 +0000 (16:49 +0100)]
net/virtio: fix dev_unplug_pending
.dev_unplug_pending is set up by virtio-net code indepent of failover
support was set for the device or not. This gives a wrong result when
we check for existing primary devices in migration code.
Fix this by actually calling dev_unplug_pending() instead of just
checking if the function pointer was set. When the feature was not
negotiated dev_unplug_pending() will always return false. This prevents
us from going into the wait-unplug state when there's no primary device
present.
Fangrui Song [Fri, 22 Nov 2019 08:00:39 +0000 (09:00 +0100)]
util/cutils: Fix incorrect integer->float conversion caught by clang
Clang does not like do_strtosz()'s code to guard against overflow:
qemu/util/cutils.c:245:23: error: implicit conversion from 'unsigned long' to 'double' changes value from 18446744073709550592 to 18446744073709551616 [-Werror,-Wimplicit-int-float-conversion]
The warning will be enabled by default in clang 10. It is not
available for clang <= 9.
val * mul >= 0xfffffffffffffc00 is indeed wrong. 0xfffffffffffffc00
is not representable exactly as double. It's half-way between the
representable values 0xfffffffffffff800 and 0x10000000000000000.
Which one we get is implementation-defined. Bad.
We want val * mul > (the largest uint64_t exactly representable as
double). That's 0xfffffffffffff800. Write it as nextafter(0x1p64, 0)
with a suitable comment.
Dan Schatzberg [Fri, 22 Nov 2019 20:00:34 +0000 (12:00 -0800)]
9pfs: Fix divide by zero bug
Some filesystems may return 0s in statfs (trivially, a FUSE filesystem
can do so). QEMU should handle this gracefully and just behave the
same as if statfs failed.
Peter Maydell [Thu, 21 Nov 2019 17:18:40 +0000 (17:18 +0000)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* x86 updates for Intel errata (myself, Eduardo)
* the big ugly list of x86 VMX features, which was targeted for 5.0 but
caused a Libvirt regression (myself)
* remotes/bonzini/tags/for-upstream:
i386: Add -noTSX aliases for hle=off, rtm=off CPU models
i386: Add new versions of Skylake/Cascadelake/Icelake without TSX
target/i386: add support for MSR_IA32_TSX_CTRL
target/i386: add VMX features to named CPU models
Eduardo Habkost [Wed, 20 Nov 2019 16:49:12 +0000 (13:49 -0300)]
i386: Add -noTSX aliases for hle=off, rtm=off CPU models
We have been trying to avoid adding new aliases for CPU model
versions, but in the case of changes in defaults introduced by
the TAA mitigation patches, the aliases might help avoid user
confusion when applying host software updates.
Eduardo Habkost [Wed, 20 Nov 2019 16:49:11 +0000 (13:49 -0300)]
i386: Add new versions of Skylake/Cascadelake/Icelake without TSX
One of the mitigation methods for TAA[1] is to disable TSX
support on the host system. Linux added a mechanism to disable
TSX globally through the kernel command line, and many Linux
distributions now default to tsx=off. This makes existing CPU
models that have HLE and RTM enabled not usable anymore.
Add new versions of all CPU models that have the HLE and RTM
features enabled, that can be used when TSX is disabled in the
host system.
Paolo Bonzini [Wed, 20 Nov 2019 12:19:22 +0000 (13:19 +0100)]
target/i386: add support for MSR_IA32_TSX_CTRL
The MSR_IA32_TSX_CTRL MSR can be used to hide TSX (also known as the
Trusty Side-channel Extension). By virtualizing the MSR, KVM guests
can disable TSX and avoid paying the price of mitigating TSX-based
attacks on microarchitectural side channels.
projects / qemu.git / log