Each spapr cpu core type defines an instance_init routine which just
populates the CPU class name. This can be done in the class_init
commonly for all core types which simplifies the registration.
This is inspired by how PowerNV core types are registered.
Certain types of spapr cpu cores ('host' and generic type based on host
CPU) are initialized in target-ppc/kvm.c. To convert these type
registrations to use class_init, we need to expose
spapr_cpu_core_class_init() outside of spapr_cpu_core.c.
Commit d11b268e1765 added a generic sPAPR CPU core family
type to support cases like POWER8 CPU type on POWER8E host CPU.
Switching to class_init would fix such scenarios to use the right
CPU thread type instead of defaulting to host-powerpc64-cpu.
In an unrelated cleanup, fix a typo in .get_hotplug_handler routine.
Ravi Bangoria [Fri, 16 Sep 2016 10:51:47 +0000 (16:21 +0530)]
target-ppc: implement darn instruction
darn: Deliver A Random Number
Currently return invalid random number for all the case. This needs
proper algorithm to provide cryptographically suitable random data.
Reading from /dev/random can block and that is not an expected behaviour
while the cpu instruction is getting executed. Moreover, /dev/random
would only work for linux-user
Being a 16byte operation, qemu_ld/st still does not support this. Move
this out so other store operation can use qemu_ld/st in the following
patch. Also, convert it to two MO_Q operations for stqcx.
Power ISA 2.x has deleted the rfi instruction and rfid shoud be used
instead on cpus following this instruction set or later.
This will raise an invalid exception when rfi is used on such
processors: Book3S 64-bit processors.
Signed-off-by: Benjamin Herrenschmidt <[email protected]> Reviewed-by: David Gibson <[email protected]>
[clg: the required fix in openbios, commit b747b6acc272 ('ppc: use
rfid when running under a CPU from the 970 family.'), is now
merged in qemu under commit 5cebd885d0d2 ('Update OpenBIOS
images to b747b6a built from submodule.') ] Signed-off-by: Cédric Le Goater <[email protected]> Reviewed-by: Thomas Huth <[email protected]> Signed-off-by: David Gibson <[email protected]>
Thomas Huth [Mon, 5 Sep 2016 20:03:36 +0000 (22:03 +0200)]
MAINTAINERS: Add some missing ppc-related files
There are some powerpc related files in the QEMU source tree
which are currently not covered by the MAINTAINERS file and
thus not properly classified by the get_maintainer.pl script.
So let's add them to the proper sections.
* remotes/riku/tags/pull-linux-user-20160915: (26 commits)
linux-user: fix TARGET_NR_select
linux-user: Fix incorrect offset of tuc_stack in ARM do_sigframe_return_v2
linux-user: Sanity check clone flags
linux-user: Remove unnecessary nptl_flags variable from do_fork()
linux-user: Implement force_sigsegv() via force_sig()
linux-user: SIGSEGV from sigreturn need not be fatal
linux-user: ARM: Give SIGSEGV if signal frame setup fails
linux-user: SIGSEGV on signal entry need not be fatal
linux-user: Pass si_type information to queue_signal() explicitly
linux-user: Recheck for pending synchronous signals too
linux-user: ppc64: set MSR_CM bit for BookE 2.06 MMU
linux-user: Use correct target SHMLBA in shmat()
linux-user: Use glib malloc functions in load_symbols()
linux-user: Check dump_write() return in elf_core_dump()
linux-user: Fix error handling in flatload.c target_pread()
linux-user: Fix incorrect use of host errno in do_ioctl_dm()
linux-user: Check lock_user() return value for NULL
linux-user: Pass missing MAP_ANONYMOUS to target_mmap() call
linux-user: report signals being taken in strace output
linux-user: Range check the nfds argument to ppoll syscall
...
Peter Maydell [Thu, 22 Sep 2016 12:18:29 +0000 (13:18 +0100)]
Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20160921' into staging
seccomp branch queue
# gpg: Signature made Wed 21 Sep 2016 10:30:09 BST
# gpg: using RSA key 0xFD0CFF5B12F8BD2F
# gpg: Good signature from "Eduardo Otubo (Software Engineer @ ProfitBricks) <[email protected]>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 1C96 46B6 E1D1 C38A F2EC 3FDE FD0C FF5B 12F8 BD2F
* remotes/otubo/tags/pull-seccomp-20160921:
seccomp: adding getrusage to the whitelist
Peter Maydell [Tue, 2 Aug 2016 17:41:27 +0000 (18:41 +0100)]
linux-user: Sanity check clone flags
We currently make no checks on the flags passed to the clone syscall,
which means we will not fail clone attempts which ask for features
that we can't implement. Add sanity checking of the flags to clone
(which we were already doing in the "this is a fork" path, but not
for the "this is a new thread" path), tidy up the checking in
the fork path to match it, and check that the fork case isn't trying
to specify a custom termination signal.
This is helpful in causing some LTP test cases to fail cleanly
rather than behaving bizarrely when we let the clone succeed
but didn't provide the semantics requested by the flags.
Peter Maydell [Tue, 2 Aug 2016 17:41:26 +0000 (18:41 +0100)]
linux-user: Remove unnecessary nptl_flags variable from do_fork()
The 'nptl_flags' variable in do_fork() is set to a copy of
'flags', and then the CLONE_NPTL_FLAGS are cleared out of 'flags'.
However the only effect of this is that the later check on
"if (flags & CLONE_PARENT_SETTID)" is never true. Since we
will already have done the setting of parent_tidptr in clone_func()
in the child thread, we don't need to do it again.
Delete the dead if() and the clearing of CLONE_NPTL_FLAGS from
'flags', and then use 'flags' where we were previously using
'nptl_flags', so we can delete the unnecessary variable.
Peter Maydell [Thu, 28 Jul 2016 15:44:50 +0000 (16:44 +0100)]
linux-user: Implement force_sigsegv() via force_sig()
Now that we have a force_sig() with the semantics we need,
we can implement force_sigsegv() to call it rather than
open-coding the call to queue_signal().
Peter Maydell [Thu, 28 Jul 2016 15:44:49 +0000 (16:44 +0100)]
linux-user: SIGSEGV from sigreturn need not be fatal
If the sigreturn syscall fails to read memory then this causes a
SIGSEGV, but this is not necessarily a fatal signal -- the guest
process can catch it.
We don't implement this correctly because the behaviour of QEMU's
force_sig() function has drifted away from the kernel function of the
same name -- ours now does "always do a guest core dump and abort
execution", whereas the kernel version simply forces the guest to
take a signal, which may or may not eventually cause a core dump.
Rename our force_sig() to dump_core_and_abort(), and provide a
force_sig() which acts more like the kernel version as the sigreturn
implementations expect it to. Since force_sig() now returns, we must
update all the callsites to return -TARGET_QEMU_ESIGRETURN so that
the main loop doesn't change the guest registers before the signal
handler is invoked.
Peter Maydell [Thu, 28 Jul 2016 15:44:48 +0000 (16:44 +0100)]
linux-user: ARM: Give SIGSEGV if signal frame setup fails
The 32-bit ARM signal frame setup code was just bailing out
on error returns from lock_user_struct calls, without
generating the SIGSEGV that should happen here. Wire up
error return codes to call force_sigsegv().
Peter Maydell [Thu, 28 Jul 2016 15:44:47 +0000 (16:44 +0100)]
linux-user: SIGSEGV on signal entry need not be fatal
A failed write to memory trying to set up the signal frame
should trigger a SIGSEGV, but this need not be fatal: the
guest has a chance to catch it. Implement this via a force_sigsegv()
function with the same behaviour as the kernel function of that
name: make sure that we don't try to re-take a failed SIGSEGV,
and force a synchronous signal.
Peter Maydell [Thu, 28 Jul 2016 15:44:46 +0000 (16:44 +0100)]
linux-user: Pass si_type information to queue_signal() explicitly
Instead of assuming in queue_signal() that all callers are passing
a siginfo structure which uses the _sifields._sigfault part of the
union (and thus a si_type of QEMU_SI_FAULT), make callers pass
the si_type they require in as an argument.
Peter Maydell [Thu, 28 Jul 2016 15:44:45 +0000 (16:44 +0100)]
linux-user: Recheck for pending synchronous signals too
In process_pending_signals() we restart the scan of possible
pending signals after calling handle_pending_signal() in
case some other signal has been generated. This rescan
should also include a check for a new synchronous signal
since those are in fact the only kind of new signal that
the signal frame setup process might produce.
Michael Walle [Fri, 22 Jul 2016 15:18:05 +0000 (17:18 +0200)]
linux-user: ppc64: set MSR_CM bit for BookE 2.06 MMU
64 bit user mode doesn't work for the e5500 core because the MSR_CM bit is
not set which enables the 64 bit mode for this MMU model. Memory addresses
are truncated to 32 bit, which results in "Invalid data memory access"
error messages. Fix it by setting the MSR_CM bit for this MMU model.
Peter Maydell [Mon, 11 Jul 2016 15:48:11 +0000 (16:48 +0100)]
linux-user: Use correct target SHMLBA in shmat()
The shmat() handling needs to do target-specific handling
of the attach address for shmat():
* if the SHM_RND flag is passed, the address is rounded
down to a SHMLBA boundary
* if SHM_RND is not passed, then the call is failed EINVAL
if the address is not a multiple of SHMLBA
Since SHMLBA is target-specific, we need to do this
checking and rounding in QEMU and can't leave it up to the
host syscall.
Allow targets to define TARGET_FORCE_SHMLBA and provide
a target_shmlba() function if appropriate, and update
do_shmat() to honour them.
Peter Maydell [Tue, 12 Jul 2016 12:02:18 +0000 (13:02 +0100)]
linux-user: Use glib malloc functions in load_symbols()
Switch to using the glib malloc functions in load_symbols();
this deals with a Coverity complaint about possible
integer overflow calculating the allocation size with
'nsyms * sizeof(*syms)'.
Peter Maydell [Tue, 12 Jul 2016 12:02:17 +0000 (13:02 +0100)]
linux-user: Check dump_write() return in elf_core_dump()
One of the calls to dump_write() in elf_core_dump() was missing
a check for failure (spotted by Coverity). Add the check to
bring it into line with the other calls from this function.
Peter Maydell [Tue, 12 Jul 2016 12:02:15 +0000 (13:02 +0100)]
linux-user: Fix error handling in flatload.c target_pread()
The flatload.c target_pread() function is supposed to return
0 on success or negative host errnos; however it wasn't
checking lock_user() for failure or returning the errno from
the pread() call. Fix these problems (the first of which is
noted by Coverity).
Peter Maydell [Tue, 12 Jul 2016 12:02:13 +0000 (13:02 +0100)]
linux-user: Check lock_user() return value for NULL
lock_user() can return NULL, which typically means the syscall
should fail with EFAULT. Add checks in various places where
Coverity spotted that we were missing them.
Peter Maydell [Tue, 12 Jul 2016 12:02:12 +0000 (13:02 +0100)]
linux-user: Pass missing MAP_ANONYMOUS to target_mmap() call
A target_mmap() call in load_elf_binary() was missing the MAP_ANONYMOUS
flag. (Spotted by Coverity, because target_mmap() will try to use
-1 as the filedescriptor in this case.)
This has never been noticed because the code in question is for
handling ancient SVr4 iBCS2 binaries.
Peter Maydell [Mon, 18 Jul 2016 15:30:36 +0000 (16:30 +0100)]
linux-user: Range check the nfds argument to ppoll syscall
Do an initial range check on the ppoll syscall's nfds argument,
to avoid possible overflow in the calculation of the lock_user()
size argument. The host kernel will later apply the rather lower
limit based on RLIMIT_NOFILE as appropriate.
Peter Maydell [Mon, 18 Jul 2016 14:35:59 +0000 (15:35 +0100)]
linux-user: Check for bad event numbers in epoll_wait
The kernel checks that the maxevents parameter to epoll_wait
is non-negative and not larger than EP_MAX_EVENTS. Add this
check to our implementation, so that:
* we fail these cases EINVAL rather than EFAULT
* we don't pass negative or overflowing values to the
lock_user() size calculation
Peter Maydell [Mon, 18 Jul 2016 10:47:55 +0000 (11:47 +0100)]
linux-user: Use direct syscall for utimensat
The linux utimensat syscall differs in semantics from the
libc function because the syscall combines the features
of utimensat() and futimens(). Rather than trying to
split these apart in order to call the two libc functions
which then call the same underlying syscall, just always
directly make the host syscall. This fixes bugs in some
of the corner cases which should return errors from the
syscall but which we were incorrectly directing to futimens().
This doesn't reduce the set of hosts that our syscall
implementation will work on, because if the direct syscall
fails ENOSYS then the libc functions would also fail ENOSYS.
(The system call has been in the kernel since 2.6.22 anyway.)
Peter Maydell [Fri, 15 Jul 2016 17:44:45 +0000 (18:44 +0100)]
linux-user: Implement FS_IOC_GETFLAGS and FS_IOC_SETFLAGS ioctls
Implement the FS_IOC_GETFLAGS and FS_IOC_SETFLAGS ioctls, as used
by chattr.
Note that the type information encoded in these ioctl numbers
is at odds with the actual type the kernel accesses, as discussed
in http://thread.gmane.org/gmane.linux.file-systems/80164.
Peter Maydell [Fri, 15 Jul 2016 13:57:28 +0000 (14:57 +0100)]
linux-user: Allow bad msg_name for recvfrom on connected socket
The POSIX standard mandates that for a connected socket recvfrom()
must ignore the msg_name and msg_namelen fields. This is awkward
for QEMU because we will attempt to copy them from guest address
space. Handle this by not immediately returning a TARGET_EFAULT
if the copy failed, but instead passing a known-bad address
to the host kernel, which can then return EFAULT or ignore the
value appropriately.
Peter Maydell [Fri, 15 Jul 2016 13:57:27 +0000 (14:57 +0100)]
linux-user: Fix errno for sendrecvmsg with large iovec length
The sendmsg and recvmsg syscalls use a different errno to indicate
an overlarge iovec length from readv and writev. Handle this
special case in do_sendrcvmsg_locked() to avoid getting the
default errno returned by lock_iovec().
getrusage is used in a number of places throughout the qemu codebase
(notably, in crypto/pbkdf.c). Without this syscall being whitelisted,
qemu ends up getting killed by the kernel whenever you try to connect to
a VNC console.
Alberto Garcia [Mon, 22 Aug 2016 03:36:03 +0000 (23:36 -0400)]
commit: get the overlay node before manipulating the backing chain
The 'block-commit' command has a 'top' parameter to specify the
topmost node from which the data is going to be copied.
[E] <- [D] <- [C] <- [B] <- [A]
In this case if [C] is the top node then this is the result:
[E] <- [B] <- [A]
[B] must be modified so its backing image string points to [E] instead
of [C]. commit_start() takes care of reopening [B] in read-write
mode, and commit_complete() puts it back in read-only mode once the
operation has finished.
In order to find [B] (the overlay node) we look for the node that has
[C] (the top node) as its backing image. However in commit_complete()
we're doing it after [C] has been removed from the chain, so [B] is
never found and remains in read-write mode.
This patch gets the overlay node before the backing chain is
manipulated.
Marc Mari [Fri, 12 Aug 2016 13:27:03 +0000 (09:27 -0400)]
blockdev: Add dynamic module loading for block drivers
Extend the current module interface to allow for block drivers to be
loaded dynamically on request. The only block drivers that can be
converted into modules are the drivers that don't perform any init
operation except for registering themselves.
In addition, only the protocol drivers are being modularized, as they
are the only ones which see significant performance benefits. The format
drivers do not generally link to external libraries, so modularizing
them is of no benefit from a performance perspective.
All the necessary module information is located in a new structure found
in module_block.h
This spoils the purpose of 5505e8b76f (block/dmg: make it modular).
Before this patch, if module build is enabled, block-dmg.so is linked to
libbz2, whereas the main binary is not. In downstream, theoretically, it
means only the qemu-block-extra package depends on libbz2, while the
main QEMU package needn't to. With this patch, we (temporarily) change
the case so that the main QEMU depends on libbz2 again.
Colin Lord [Fri, 12 Aug 2016 13:27:01 +0000 (09:27 -0400)]
blockdev: prepare iSCSI block driver for dynamic loading
This commit moves the initialization of the QemuOptsList qemu_iscsi_opts
struct out of block/iscsi.c in order to allow the iscsi module to be
dynamically loaded.
Reda Sallahi [Wed, 10 Aug 2016 02:43:12 +0000 (04:43 +0200)]
qemu-img: add the 'dd' subcommand
This patch adds a basic dd subcommand analogous to dd(1) to qemu-img.
For the start, this implements the bs, if, of and count options and requires
both if and of to be specified (no stdin/stdout if not specified) and doesn't
support tty, pipes, etc.
The image format must be specified with -O for the output if the raw format
is not the intended one.
Peter Maydell [Tue, 20 Sep 2016 09:34:45 +0000 (10:34 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging
x86 queue, 2016-09-19
# gpg: Signature made Mon 19 Sep 2016 19:38:05 BST
# gpg: using RSA key 0x2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/x86-pull-request:
linux-user-i386: Fix crash on cpuid
kvm/apic: drop debugging
target-i386: Use struct X86XSaveArea in fpu_helper.c
Running cpuid instructions with a simple run like:
i386-linux-user/qemu-i386 tests/tcg/sha1-i386
Results in the following assert:
#0 0x00007ffff64246f5 in raise () from /lib64/libc.so.6
#1 0x00007ffff64262fa in abort () from /lib64/libc.so.6
#2 0x00007ffff7937ec5 in g_assertion_message () from /lib64/libglib-2.0.so.0
#3 0x00007ffff7937f5a in g_assertion_message_expr () from /lib64/libglib-2.0.so.0
#4 0x000055555561b54c in apicid_bitwidth_for_count (count=0) at /home/elmarco/src/qemu/include/hw/i386/topology.h:58
#5 0x000055555561b58a in apicid_smt_width (nr_cores=0, nr_threads=0) at /home/elmarco/src/qemu/include/hw/i386/topology.h:67
#6 0x000055555561b5c3 in apicid_core_offset (nr_cores=0, nr_threads=0) at /home/elmarco/src/qemu/include/hw/i386/topology.h:82
#7 0x000055555561b5e3 in apicid_pkg_offset (nr_cores=0, nr_threads=0) at /home/elmarco/src/qemu/include/hw/i386/topology.h:89
#8 0x000055555561dd86 in cpu_x86_cpuid (env=0x555557999550, index=4, count=3, eax=0x7fffffffcae8, ebx=0x7fffffffcaec, ecx=0x7fffffffcaf0, edx=0x7fffffffcaf4) at /home/elmarco/src/qemu/target-i386/cpu.c:2405
#9 0x0000555555638e8e in helper_cpuid (env=0x555557999550) at /home/elmarco/src/qemu/target-i386/misc_helper.c:106
#10 0x000055555599dc5e in static_code_gen_buffer ()
#11 0x00005555555952f8 in cpu_tb_exec (cpu=0x5555579912d0, itb=0x7ffff4371ab0) at /home/elmarco/src/qemu/cpu-exec.c:166
#12 0x0000555555595c8e in cpu_loop_exec_tb (cpu=0x5555579912d0, tb=0x7ffff4371ab0, last_tb=0x7fffffffd088, tb_exit=0x7fffffffd084, sc=0x7fffffffd0a0) at /home/elmarco/src/qemu/cpu-exec.c:517
#13 0x0000555555595e50 in cpu_exec (cpu=0x5555579912d0) at /home/elmarco/src/qemu/cpu-exec.c:612
#14 0x00005555555c065b in cpu_loop (env=0x555557999550) at /home/elmarco/src/qemu/linux-user/main.c:297
#15 0x00005555555c25b2 in main (argc=2, argv=0x7fffffffd848, envp=0x7fffffffd860) at /home/elmarco/src/qemu/linux-user/main.c:4803
The fields are set in qemu_init_vcpu() with softmmu, but it's a stub
with linux-user.
Peter Maydell [Mon, 19 Sep 2016 16:10:06 +0000 (17:10 +0100)]
Merge remote-tracking branch 'remotes/berrange/tags/pull-qcrypto-2016-09-19-2' into staging
Merge qcrypto 2016/09/19 v2
# gpg: Signature made Mon 19 Sep 2016 16:30:52 BST
# gpg: using RSA key 0xBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <[email protected]>"
# gpg: aka "Daniel P. Berrange <[email protected]>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange/tags/pull-qcrypto-2016-09-19-2:
crypto: add trace points for TLS cert verification
crypto: support more hash algorithms for pbkdf
crypto: increase default pbkdf2 time for luks to 2 seconds
crypto: remove bogus /= 2 for pbkdf iterations
crypto: use correct derived key size when timing pbkdf
crypto: clear out buffer after timing pbkdf algorithm
crypto: make PBKDF iterations configurable for LUKS format
crypto: use uint64_t for pbkdf iteration count parameters
Replace the old manual dispatch and validation code by the generic one
provided by qapi common code.
Note that it is now possible to call the following commands that used to
be disabled by compile-time conditionals:
- dump-skeys
- query-spice
- rtc-reset-reinjection
- query-gic-capabilities
Their fallback functions return an appropriate "feature disabled" error.
The generated marshal functions do not visit arguments from commands
that take no arguments. Thus they fail to catch invalid
members. Visit the arguments, if provided, to throw an error in case of
invalid members.
Currently, qmp_check_client_args() checks for invalid arguments and
correctly catches this case. When switching to qmp_dispatch() we want to
keep that behaviour. The commands using 'O' may have arbitrary
arguments, and must have 'gen': false in the qapi schema to skip the
generated checks.
The new code closely resembles code for a command with arguments.
Differences:
- the visit of the argument and its cleanup struct don't visit any
members (because there are none).
- the visit of the argument struct and its cleanup are conditional.
Make it possible to call marshallers manually, without going through
qmp_dispatch(). (this is currently only possible in middle-mode, but
it's also useful in general)
We currently define QMP commands in two places: the QAPI schema and
qmp-commands.hx. The latter is preprocessed, the former is not. We
use the preprocessor to suppress configuration-specific commands. For
instance, query-spice is only available #ifdef CONFIG_SPICE.
QMP command dispatch and query-commands use the qmp-commands.hx
definition, and thus obey the #ifdeffery there. Good, because it lets
QMP clients probe for available features more easily.
query-qmp-schema uses the QAPI schema, and thus lists the
configuration-specific commands even when they're unavailable. Not so
good.
We're about to flip command dispatch and query-commands to the
non-middle-mode command registry, which uses the QAPI schema, so we
can ditch qmp-commands.hx. To avoid regressing query-commands,
arrange for commands that are suppressed with the preprocessor now to
be unregistered with that registry. This will keep them unavailable
and out of query-commands when we flip command dispatch and
query-commands to that registry, exactly as before.
This is a hack. The proper solution is to support
configuration-specific commands in the QAPI schema. Mark it FIXME.
Since a few commands are using 'gen': false, they are not registered
automatically by the generator. Register manually instead.
This is in preparation for removal of qapi 'middle' mode generation.
Note that qmp_init_marshal() function isn't run yet, so the commands
aren't actually registered, until module_call_init(MODULE_INIT_QAPI) is
added in a later patch.
handle_qmp_command() will switch to use qmp_dispatch(). It won't have a
pointer to the marshaller function anymore, but only the name of the
command to invoke. Simplify invalid_qmp_mode() so it can just be called
with the command name.
projects / qemu.git / log