Misono Tomohiro [Thu, 27 Feb 2020 05:59:27 +0000 (14:59 +0900)]
virtiofsd: Fix xattr operations
Current virtiofsd has problems about xattr operations and
they does not work properly for directory/symlink/special file.
The fundamental cause is that virtiofsd uses openat() + f...xattr()
systemcalls for xattr operation but we should not open symlink/special
file in the daemon. Therefore the function is restricted.
Fix this problem by:
1. during setup of each thread, call unshare(CLONE_FS)
2. in xattr operations (i.e. lo_getxattr), if inode is not a regular
file or directory, use fchdir(proc_loot_fd) + ...xattr() +
fchdir(root.fd) instead of openat() + f...xattr()
(Note: for a regular file/directory openat() + f...xattr()
is still used for performance reason)
With this patch, xfstests generic/062 passes on virtiofs.
This fix is suggested by Miklos Szeredi and Stefan Hajnoczi.
The original discussion can be found here:
https://www.redhat.com/archives/virtio-fs/2019-October/msg00046.html
This is a cleanup patch to simplify the following xattr fix and
there is no functional changes.
- Move memory allocation to head of the function
- Unify fgetxattr/flistxattr call for both size == 0 and
size != 0 case
- Remove redundant lo_inode_put call in error path
(Note: second call is ignored now since @inode is already NULL)
Peter Maydell [Tue, 3 Mar 2020 12:03:59 +0000 (12:03 +0000)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
# gpg: Signature made Tue 03 Mar 2020 10:06:06 GMT
# gpg: using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <[email protected]>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request: (23 commits)
l2tpv3: fix RFC number typo in qemu-options.hx
colo: Update Documentation for continuous replication
net/filter.c: Add Options to insert filters anywhere in the filter list
tests/test-replication.c: Add test for for secondary node continuing replication
block/replication.c: Ignore requests after failover
hw: net: cadence_gem: Fix build errors in DB_PRINT()
NetRxPkt: fix hash calculation of IPV6 TCP
NetRxPkt: Introduce support for additional hash types
e1000e: Avoid hw_error if legacy mode used
dp8393x: Don't stop reception upon RBE interrupt assertion
dp8393x: Don't reset Silicon Revision register
dp8393x: Always update RRA pointers and sequence numbers
dp8393x: Clear descriptor in_use field to release packet
dp8393x: Pad frames to word or long word boundary
dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
dp8393x: Don't clobber packet checksum
dp8393x: Implement packet size limit and RBAE interrupt
dp8393x: Clear RRRA command register bit only when appropriate
dp8393x: Update LLFA and CRDA registers from rx descriptor
dp8393x: Have dp8393x_receive() return the packet size
...
Peter Maydell [Tue, 3 Mar 2020 11:06:39 +0000 (11:06 +0000)]
Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-5.0-sf3' into staging
RISC-V Patches for the 5.0 Soft Freeze, Part 3
This pull request is almost entirely an implementation of the draft hypervisor
extension. This extension is still in draft and is expected to have
incompatible changes before being frozen, but we've had good luck managing
other RISC-V draft extensions in QEMU so far.
Additionally, there's a fix to PCI addressing and some improvements to the
M-mode timer.
This boots linux and passes make check for me.
# gpg: Signature made Tue 03 Mar 2020 00:23:20 GMT
# gpg: using RSA key 2B3C3747446843B24A943A7A2E1319F35FBB1889
# gpg: issuer "[email protected]"
# gpg: Good signature from "Palmer Dabbelt <[email protected]>" [unknown]
# gpg: aka "Palmer Dabbelt <[email protected]>" [unknown]
# gpg: aka "Palmer Dabbelt <[email protected]>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41
# Subkey fingerprint: 2B3C 3747 4468 43B2 4A94 3A7A 2E13 19F3 5FBB 1889
* remotes/palmer/tags/riscv-for-master-5.0-sf3: (38 commits)
hw/riscv: Provide rdtime callback for TCG in CLINT emulation
target/riscv: Emulate TIME CSRs for privileged mode
riscv: virt: Allow PCI address 0
target/riscv: Allow enabling the Hypervisor extension
target/riscv: Add the MSTATUS_MPV_ISSET helper macro
target/riscv: Add support for the 32-bit MSTATUSH CSR
target/riscv: Set htval and mtval2 on execptions
target/riscv: Raise the new execptions when 2nd stage translation fails
target/riscv: Implement second stage MMU
target/riscv: Allow specifying MMU stage
target/riscv: Respect MPRV and SPRV for floating point ops
target/riscv: Mark both sstatus and msstatus_hs as dirty
target/riscv: Disable guest FP support based on virtual status
target/riscv: Only set TB flags with FP status if enabled
target/riscv: Remove the hret instruction
target/riscv: Add hfence instructions
target/riscv: Add Hypervisor trap return support
target/riscv: Add hypvervisor trap support
target/riscv: Generate illegal instruction on WFI when V=1
target/ricsv: Flush the TLB on virtulisation mode changes
...
Lukas Straub [Thu, 24 Oct 2019 14:25:48 +0000 (16:25 +0200)]
net/filter.c: Add Options to insert filters anywhere in the filter list
To switch the Secondary to Primary, we need to insert new filters
before the filter-rewriter.
Add the options insert= and position= to be able to insert filters
anywhere in the filter list.
position should be "head" or "tail" to insert at the head or
tail of the filter list or it should be "id=<id>" to specify
the id of another filter.
insert should be either "before" or "behind" to specify where to
insert the new filter relative to the one specified with position.
Lukas Straub [Thu, 24 Oct 2019 14:25:35 +0000 (16:25 +0200)]
block/replication.c: Ignore requests after failover
After failover the Secondary side of replication shouldn't change state, because
it now functions as our primary disk.
In replication_start, replication_do_checkpoint, replication_stop, ignore
the request if current state is BLOCK_REPLICATION_DONE (sucessful failover) or
BLOCK_REPLICATION_FAILOVER (failover in progres i.e. currently merging active
and hidden images into the base image).
Yuri Benditovich [Mon, 27 Jan 2020 11:54:05 +0000 (13:54 +0200)]
NetRxPkt: fix hash calculation of IPV6 TCP
When requested to calculate the hash for TCPV6 packet,
ignore overrides of source and destination addresses
in in extension headers.
Use these overrides when new hash type NetPktRssIpV6TcpEx
requested.
Use this type in e1000e hash calculation for IPv6 TCP, which
should take in account overrides of the addresses.
Yuri Benditovich [Mon, 27 Jan 2020 16:03:12 +0000 (18:03 +0200)]
e1000e: Avoid hw_error if legacy mode used
https://bugzilla.redhat.com/show_bug.cgi?id=1787142
The emulation issues hw_error if PSRCTL register
is written, for example, with zero value.
Such configuration does not present any problem when
DTYP bits of RCTL register define legacy format of
transfer descriptors. Current commit discards check
for BSIZE0 and BSIZE1 when legacy mode used.
Finn Thain [Wed, 29 Jan 2020 09:27:49 +0000 (20:27 +1100)]
dp8393x: Don't stop reception upon RBE interrupt assertion
Section 3.4.7 of the datasheet explains that,
The RBE bit in the Interrupt Status register is set when the
SONIC finishes using the second to last receive buffer and reads
the last RRA descriptor. Actually, the SONIC is not truly out of
resources, but gives the system an early warning of an impending
out of resources condition.
RBE does not mean actual receive buffer exhaustion, and reception should
not be stopped. This is important because Linux will not check and clear
the RBE interrupt until it receives another packet. But that won't
happen if can_receive returns false. This bug causes the SONIC to become
deaf (until reset).
Fix this with a new flag to indicate actual receive buffer exhaustion.
Finn Thain [Wed, 29 Jan 2020 09:27:49 +0000 (20:27 +1100)]
dp8393x: Don't reset Silicon Revision register
The jazzsonic driver in Linux uses the Silicon Revision register value
to probe the chip. The driver fails unless the SR register contains 4.
Unfortunately, reading this register in QEMU usually returns 0 because
the s->regs[] array gets wiped after a software reset.
Finn Thain [Wed, 29 Jan 2020 09:27:49 +0000 (20:27 +1100)]
dp8393x: Pad frames to word or long word boundary
The existing code has a bug where the Remaining Buffer Word Count (RBWC)
is calculated with a truncating division, which gives the wrong result
for odd-sized packets.
Section 1.4.1 of the datasheet says,
Once the end of the packet has been reached, the serializer will
fill out the last word (16-bit mode) or long word (32-bit mode)
if the last byte did not end on a word or long word boundary
respectively. The fill byte will be 0FFh.
Implement buffer padding so that buffer limits are correctly enforced.
Finn Thain [Wed, 29 Jan 2020 09:27:49 +0000 (20:27 +1100)]
dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
Section 3.4.1 of the datasheet says,
The alignment of the RRA is confined to either word or long word
boundaries, depending upon the data width mode. In 16-bit mode,
the RRA must be aligned to a word boundary (A0 is always zero)
and in 32-bit mode, the RRA is aligned to a long word boundary
(A0 and A1 are always zero).
This constraint has been implemented for 16-bit mode; implement it
for 32-bit mode too.
Finn Thain [Wed, 29 Jan 2020 09:27:49 +0000 (20:27 +1100)]
dp8393x: Don't clobber packet checksum
A received packet consumes pkt_size bytes in the buffer and the frame
checksum that's appended to it consumes another 4 bytes. The Receive
Buffer Address register takes the former quantity into account but
not the latter. So the next packet written to the buffer overwrites
the frame checksum. Fix this.
Finn Thain [Wed, 29 Jan 2020 09:27:49 +0000 (20:27 +1100)]
dp8393x: Implement packet size limit and RBAE interrupt
Add a bounds check to prevent a large packet from causing a buffer
overflow. This is defensive programming -- I haven't actually tried
sending an oversized packet or a jumbo ethernet frame.
The SONIC handles packets that are too big for the buffer by raising
the RBAE interrupt and dropping them. Linux uses that interrupt to
count dropped packets.
Finn Thain [Wed, 29 Jan 2020 09:27:49 +0000 (20:27 +1100)]
dp8393x: Have dp8393x_receive() return the packet size
This function re-uses its 'size' argument as a scratch variable.
Instead, declare a local 'size' variable for that purpose so that the
function result doesn't get messed up.
Finn Thain [Wed, 29 Jan 2020 09:27:49 +0000 (20:27 +1100)]
dp8393x: Always use 32-bit accesses
The DP83932 and DP83934 have 32 data lines. The datasheet says,
Data Bus: These bidirectional lines are used to transfer data on the
system bus. When the SONIC is a bus master, 16-bit data is transferred
on D15-D0 and 32-bit data is transferred on D31-D0. When the SONIC is
accessed as a slave, register data is driven onto lines D15-D0.
D31-D16 are held TRI-STATE if SONIC is in 16-bit mode. If SONIC is in
32-bit mode, they are driven, but invalid.
Always use 32-bit accesses both as bus master and bus slave.
Force the MSW to zero in bus master mode.
This gets the Linux 'jazzsonic' driver working, and avoids the need for
prior hacks to make the NetBSD 'sn' driver work.
Peter Maydell [Mon, 2 Mar 2020 10:45:46 +0000 (10:45 +0000)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20200228' into staging
Fix race in cpu_exec_step_atomic.
Work around compile failure with -fno-inine.
Expand tcg/arm epilogue inline.
Adjustments to the default code gen buffer size.
# gpg: Signature made Sat 29 Feb 2020 02:13:43 GMT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "[email protected]"
# gpg: Good signature from "Richard Henderson <[email protected]>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* remotes/rth/tags/pull-tcg-20200228:
accel/tcg: increase default code gen buffer size for 64 bit
accel/tcg: only USE_STATIC_CODE_GEN_BUFFER on 32 bit hosts
accel/tcg: remove link between guest ram and TCG cache size
accel/tcg: use units.h for defining code gen buffer sizes
tcg/arm: Expand epilogue inline
tcg/arm: Split out tcg_out_epilogue
compiler.h: Don't use compile-time assert when __NO_INLINE__ is defined
accel/tcg: fix race in cpu_exec_step_atomic (bug 1863025)
* remotes/ehabkost/tags/machine-next-pull-request:
vl: Abort if multiple machines are registered as default
hw: Make MachineClass::is_default a boolean type
hw: Do not initialize MachineClass::is_default to 0
hw/nmi: Fix the NMI() macro, based on INTERFACE_CHECK()
Finn Thain [Sun, 19 Jan 2020 22:59:21 +0000 (09:59 +1100)]
dp8393x: Mask EOL bit from descriptor addresses
The Least Significant bit of a descriptor address register is used as
an EOL flag. It has to be masked when the register value is to be used
as an actual address for copying memory around. But when the registers
are to be updated the EOL bit should not be masked.
Gerd Hoffmann [Tue, 25 Feb 2020 05:59:19 +0000 (06:59 +0100)]
qxl: map rom r/o
Map qxl rom read-only into the guest, so the guest can't tamper with the
content. qxl has a shadow copy of the rom to deal with that, but the
shadow doesn't cover the mode list. A privilidged user in the guest can
manipulate the mode list and that to trick qemu into oob reads, leading
to a DoS via segfault if that read access happens to hit unmapped memory.
Alex Bennée [Fri, 28 Feb 2020 19:24:15 +0000 (19:24 +0000)]
accel/tcg: increase default code gen buffer size for 64 bit
While 32mb is certainly usable a full system boot ends up flushing the
codegen buffer nearly 100 times. Increase the default on 64 bit hosts
to take advantage of all that spare memory. After this change I can
boot my tests system without any TB flushes.
As we usually run more CONFIG_USER binaries at a time in typical usage
we aren't quite as profligate for user-mode code generation usage. We
also bring the static code gen defies to the same place to keep all
the reasoning in the comments together.
Alex Bennée [Fri, 28 Feb 2020 19:24:14 +0000 (19:24 +0000)]
accel/tcg: only USE_STATIC_CODE_GEN_BUFFER on 32 bit hosts
There is no particular reason to use a static codegen buffer on 64 bit
hosts as we have address space to burn. Allow the common CONFIG_USER
case to use the mmap'ed buffers like SoftMMU.
Alex Bennée [Fri, 28 Feb 2020 19:24:13 +0000 (19:24 +0000)]
accel/tcg: remove link between guest ram and TCG cache size
Basing the TB cache size on the ram_size was always a little heuristic
and was broken by a1b18df9a4 which caused ram_size not to be fully
realised at the time we initialise the TCG translation cache.
The current DEFAULT_CODE_GEN_BUFFER_SIZE may still be a little small
but follow-up patches will address that.
hw: Do not initialize MachineClass::is_default to 0
The MachineClass is already zeroed on creation.
Note: The code setting is_default=0 in hw/i386/pc_piix.c is
different (related to compat options). When adding a
new versioned machine, we want it to be the new default,
so we have to mark the previous one as not default.
hw/nmi: Fix the NMI() macro, based on INTERFACE_CHECK()
There is no declaration of the 'NMI' type. INTERFACE_CHECK()
returns an abstract type (see commit aa1b35b975d8). The abstract
type corresponding to the TYPE_NMI interface is 'NMIState'.
Zenghui Yu [Wed, 5 Feb 2020 14:15:45 +0000 (22:15 +0800)]
compiler.h: Don't use compile-time assert when __NO_INLINE__ is defined
Our robot reported the following compile-time warning while compiling
Qemu with -fno-inline cflags:
In function 'load_memop',
inlined from 'load_helper' at /qemu/accel/tcg/cputlb.c:1578:20,
inlined from 'full_ldub_mmu' at /qemu/accel/tcg/cputlb.c:1624:12:
/qemu/accel/tcg/cputlb.c:1502:9: error: call to 'qemu_build_not_reached' declared with attribute error: code path is reachable
qemu_build_not_reached();
^~~~~~~~~~~~~~~~~~~~~~~~
[...]
It looks like a false-positive because only (MO_UB ^ MO_BSWAP) will
hit the default case in load_memop() while need_swap (size > 1) has
already ensured that MO_UB is not involved.
So the thing is that compilers get confused by the -fno-inline and
just can't accurately evaluate memop_size(op) at compile time, and
then the qemu_build_not_reached() is wrongly triggered by (MO_UB ^
MO_BSWAP). Let's carefully don't use the compile-time assert when
no functions will be inlined into their callers.
Alex Bennée [Fri, 14 Feb 2020 14:49:52 +0000 (14:49 +0000)]
accel/tcg: fix race in cpu_exec_step_atomic (bug 1863025)
The bug describes a race whereby cpu_exec_step_atomic can acquire a TB
which is invalidated by a tb_flush before we execute it. This doesn't
affect the other cpu_exec modes as a tb_flush by it's nature can only
occur on a quiescent system. The race was described as:
B2. tcg_cpu_exec => cpu_exec => tb_find => tb_gen_code
B3. tcg_tb_alloc obtains a new TB
C3. TB obtained with tb_lookup__cpu_state or tb_gen_code
(same TB as B2)
C4. start_exclusive critical section entered
C5. cpu_tb_exec executes the TB code that was free in A4
The simplest fix is to widen the exclusive period to include the TB
lookup. As a result we can drop the complication of checking we are in
the exclusive region before we end it.
Peter Maydell [Fri, 28 Feb 2020 16:39:27 +0000 (16:39 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20200228' into staging
target-arm queue:
* hw/arm: Use TYPE_PL011 to create serial port
* target/arm: Set ID_MMFR4.HPDS for aarch64_max_initfn
* hw/arm/integratorcp: Map the audio codec controller
* GICv2: Correctly implement the limited number of priority bits
* target/arm: refactoring of VFP related feature checks and decode
* xilinx_zynq: Fix USB port instantiation
* acceptance tests for n800, n810, integratorcp
* Implement v8.3-RCPC, v8.4-RCPC, v8.3-CCIDX
* arm_gic_kvm: Don't assume kernel can provide a GICv2
(provide better error message for user error)
* remotes/pmaydell/tags/pull-target-arm-20200228: (33 commits)
hw/intc/arm_gic_kvm: Don't assume kernel can provide a GICv2
target/arm: Implement ARMv8.3-CCIDX
target/arm: Implement v8.4-RCPC
target/arm: Implement v8.3-RCPC
target/arm: Fix wrong use of FIELD_EX32 on ID_AA64DFR0
tests/acceptance/integratorcp: Verify Tux is displayed on framebuffer
tests/acceptance: Extract boot_integratorcp() from test_integratorcp()
tests/acceptance: Add a test for the integratorcp arm machine
tests/acceptance: Add a test for the N800 and N810 arm machines
hw/usb/hcd-ehci-sysbus: Remove obsolete xlnx, ps7-usb class
hw/arm/xilinx_zynq: Fix USB port instantiation
target/arm: Split VMINMAXNM decode
target/arm: Split VFM decode
target/arm: Add formats for some vfp 2 and 3-register insns
target/arm: Remove ARM_FEATURE_VFP*
linux-user/arm: Replace ARM_FEATURE_VFP* tests for HWCAP
target/arm: Move the vfp decodetree calls next to the base isa
target/arm: Move VLLDM and VLSTM to vfp.decode
target/arm: Remove ARM_FEATURE_VFP check from disas_vfp_insn
target/arm: Replace ARM_FEATURE_VFP4 with isar_feature_aa32_simdfmac
...
Peter Maydell [Tue, 25 Feb 2020 18:24:35 +0000 (18:24 +0000)]
hw/intc/arm_gic_kvm: Don't assume kernel can provide a GICv2
In our KVM GICv2 realize function, we try to cope with old kernels
that don't provide the device control API (KVM_CAP_DEVICE_CTRL): we
try to use the device control, and if that fails we fall back to
assuming that the kernel has the old style KVM_CREATE_IRQCHIP and
that it will provide a GICv2.
This doesn't cater for the possibility of a kernel and hardware which
only provide a GICv3, which is very common now. On that setup we
will abort() later on in kvm_arm_pmu_set_irq() when we try to wire up
an interrupt to the GIC we failed to create:
qemu-system-aarch64: PMU: KVM_SET_DEVICE_ATTR: Invalid argument
qemu-system-aarch64: failed to set irq for PMU
Aborted
If the kernel advertises KVM_CAP_DEVICE_CTRL we should trust it if it
says it can't create a GICv2, rather than assuming it has one. We
can then produce a more helpful error message including a hint about
the most probable reason for the failure.
If the kernel doesn't advertise KVM_CAP_DEVICE_CTRL then it is truly
ancient by this point but we might as well still fall back to a
KVM_CREATE_IRQCHIP GICv2.
With this patch then the user misconfiguration which previously
caused an abort now prints:
qemu-system-aarch64: Initialization of device kvm-arm-gic failed: error creating in-kernel VGIC: No such device
Perhaps the host CPU does not support GICv2?
Peter Maydell [Mon, 24 Feb 2020 18:26:26 +0000 (18:26 +0000)]
target/arm: Implement ARMv8.3-CCIDX
The ARMv8.3-CCIDX extension makes the CCSIDR_EL1 system ID registers
have a format that uses the full 64 bit width of the register, and
adds a new CCSIDR2 register so AArch32 can get at the high 32 bits.
QEMU doesn't implement caches, so we just treat these ID registers as
opaque values that are set to the correct constant values for each
CPU. The only thing we need to do is allow 64-bit values in our
cssidr[] array and provide the CCSIDR2 accessors.
We don't set the CCIDX field in our 'max' CPU because the CCSIDR
constant values we use are the same as the ones used by the
Cortex-A57 and they are in the old 32-bit format. This means
that the extra regdef added here is unused currently, but it
means that whenever in the future we add a CPU that does need
the new 64-bit format it will just work when we set the cssidr
values and the ID registers for it.
Peter Maydell [Mon, 24 Feb 2020 17:28:46 +0000 (17:28 +0000)]
target/arm: Implement v8.4-RCPC
The v8.4-RCPC extension implements some new instructions:
* LDAPUR, LDAPURB, LDAPURH, LDAPRSB, LDAPRSH, LDAPRSW
* STLUR, STLURB, STLURH
These are all in a new subgroup of encodings that sits below the
top-level "Loads and Stores" group in the Arm ARM.
The STLUR* instructions have standard store-release semantics; the
LDAPUR* have Load-AcquirePC semantics, but (as with LDAPR*) we choose
to implement them as the slightly stronger Load-Acquire.
Peter Maydell [Mon, 24 Feb 2020 17:28:45 +0000 (17:28 +0000)]
target/arm: Implement v8.3-RCPC
The v8.3-RCPC extension implements three new load instructions
which provide slightly weaker consistency guarantees than the
existing load-acquire operations. For QEMU we choose to simply
implement them with a full LDAQ barrier.
tests/acceptance/integratorcp: Verify Tux is displayed on framebuffer
Add a test that verifies the Tux logo is displayed on the framebuffer.
We simply follow the OpenCV "Template Matching with Multiple Objects"
tutorial, replacing Lionel Messi by Tux:
https://docs.opencv.org/4.2.0/d4/dc6/tutorial_py_template_matching.html
When OpenCV and NumPy are installed, this test can be run using:
$ AVOCADO_ALLOW_UNTRUSTED_CODE=hmmm \
avocado --show=app,framebuffer run -t device:framebuffer \
tests/acceptance/machine_arm_integratorcp.py
JOB ID : 8c46b0f8269242e87d738247883ea2a470df949e
JOB LOG : avocado/job-results/job-2020-01-31T21.38-8c46b0f/job.log
(1/1) tests/acceptance/machine_arm_integratorcp.py:IntegratorMachine.test_framebuffer_tux_logo:
framebuffer: found Tux at position [x, y] = (0, 0)
PASS (3.96 s)
RESULTS : PASS 1 | ERROR 0 | FAIL 0 | SKIP 0 | WARN 0 | INTERRUPT 0 | CANCEL 0
JOB TIME : 4.23 s
tests/acceptance: Extract boot_integratorcp() from test_integratorcp()
As we want to re-use this code, extract it as a new function.
Since we are using the PL011 serial console, add a Avocado tag
to ease filtering of tests.
Guenter Roeck [Sat, 15 Feb 2020 12:23:53 +0000 (04:23 -0800)]
hw/arm/xilinx_zynq: Fix USB port instantiation
USB ports on Xilinx Zync must be instantiated as TYPE_CHIPIDEA to work.
Linux expects and checks various chipidea registers, which do not exist
with the basic ehci emulation. This patch series fixes the problem.
Without this patch, USB ports fail to instantiate under Linux.
ci_hdrc ci_hdrc.0: doesn't support host
ci_hdrc ci_hdrc.0: no supported roles
With this patch, USB ports are instantiated, and it is possible
to boot from USB drive.
ci_hdrc ci_hdrc.0: EHCI Host Controller
ci_hdrc ci_hdrc.0: new USB bus registered, assigned bus number 1
ci_hdrc ci_hdrc.0: USB 2.0 started, EHCI 1.00
usb 1-1: new full-speed USB device number 2 using ci_hdrc
usb 1-1: not running at top speed; connect to a high speed hub
usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
usb-storage 1-1:1.0: USB Mass Storage device detected
scsi host0: usb-storage 1-1:1.0
Passing the raw op field from the manual is less instructive
than it might be. Do the full decode and use the existing
helpers to perform the expansion.
Since these are v8 insns, VECLEN+VECSTRIDE are already RES0.
Passing the raw o1 and o2 fields from the manual is less
instructive than it might be. Do the full decode and let
the trans_* functions pass in booleans to a helper.
linux-user/arm: Replace ARM_FEATURE_VFP* tests for HWCAP
Use isar feature tests instead of feature bit tests.
Although none of QEMUs current cpus have VFPv3 without D32,
replace the large comment explaining why with one line that
sets ARM_HWCAP_ARM_VFPv3D16 under the correct conditions.
Mirror the test sequence used in the linux kernel.
target/arm: Replace ARM_FEATURE_VFP4 with isar_feature_aa32_simdfmac
All remaining tests for VFP4 are for fused multiply-add insns.
Since the MVFR1 field is used for both VFP and NEON, move its adjustment
from the !has_neon block to the (!has_vfp && !has_neon) block.
Test for vfp of the appropraite width alongside the test for simdfmac
within translate-vfp.inc.c. Within disas_neon_data_insn, we have
already tested for ARM_FEATURE_NEON.
We cannot easily create "any" functions for these, because the
ID_AA64PFR0 fields for FP and SIMD signal "enabled" with zero.
Which means that an aarch32-only cpu will return incorrect results
when testing the aarch64 registers.
To use these, we must either have context or additionally test
vs ARM_FEATURE_AARCH64.
Use this in the places that were checking ARM_FEATURE_VFP, and
are obviously testing for the existance of the register set
as opposed to testing for some particular instruction extension.
Sai Pavan Boddu [Mon, 24 Feb 2020 09:39:22 +0000 (15:09 +0530)]
arm_gic: Mask the un-supported priority bits
The GICv2 allows the implementation to implement a variable number
of priority bits; unimplemented bits in the priority registers
are read as zeros, writes ignored. We were previously always
implementing a full 8 bits of priority, which is allowed but not
what the real hardware typically does (which is usually to have
4 or 5 bits of priority).
Add a new device property to allow the number of implemented
property bits to be specified.
Peter Maydell [Fri, 28 Feb 2020 14:02:31 +0000 (14:02 +0000)]
Merge remote-tracking branch 'remotes/juanquintela/tags/pull-migration-pull-request' into staging
Migration pull request
# gpg: Signature made Fri 28 Feb 2020 09:21:31 GMT
# gpg: using RSA key 1899FF8EDEBF58CCEE034B82F487EF185872D723
# gpg: Good signature from "Juan Quintela <[email protected]>" [full]
# gpg: aka "Juan Quintela <[email protected]>" [full]
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03 4B82 F487 EF18 5872 D723
* remotes/juanquintela/tags/pull-migration-pull-request:
savevm: Don't call colo_init_ram_cache twice
migration/colo: wrap incoming checkpoint process into new helper
migration: fix COLO broken caused by a previous commit
migration/block: rename BLOCK_SIZE macro
migration/savevm: release gslist after dump_vmstate_json
test-vmstate: Fix memleaks in test_load_qlist
migration/vmstate: Remove redundant statement in vmstate_save_state_v()
multifd: Add zstd compression multifd support
multifd: Add multifd-zstd-level parameter
configure: Enable test and libs for zstd
multifd: Add zlib compression multifd support
multifd: Add multifd-zlib-level parameter
multifd: Make no compression operations into its own structure
migration: Add support for modules
multifd: Add multifd-compression parameter
Peter Maydell [Fri, 28 Feb 2020 10:27:34 +0000 (10:27 +0000)]
Merge remote-tracking branch 'remotes/aperard/tags/pull-xen-20200227' into staging
Xen queue 2020-02-27
* fix for xen-block
* fix in exec.c for migration of xen guest
* one cleanup patch
# gpg: Signature made Thu 27 Feb 2020 11:57:12 GMT
# gpg: using RSA key F80C006308E22CFD8A92E7980CF5572FD7FB55AF
# gpg: issuer "[email protected]"
# gpg: Good signature from "Anthony PERARD <[email protected]>" [marginal]
# gpg: aka "Anthony PERARD <[email protected]>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 5379 2F71 024C 600F 778A 7161 D8D5 7199 DF83 42C8
# Subkey fingerprint: F80C 0063 08E2 2CFD 8A92 E798 0CF5 572F D7FB 55AF
* remotes/aperard/tags/pull-xen-20200227:
Memory: Only call ramblock_ptr when needed in qemu_ram_writeback
xen-bus/block: explicitly assign event channels to an AioContext
hw/xen/xen_pt_load_rom: Remove unused includes
Stefan Hajnoczi [Tue, 18 Feb 2020 11:02:09 +0000 (11:02 +0000)]
migration/block: rename BLOCK_SIZE macro
Both <linux/fs.h> and <sys/mount.h> define BLOCK_SIZE macros. Avoiding
using that name in block/migration.c.
I noticed this when including <liburing.h> (Linux io_uring) from
"block/aio.h" and compilation failed. Although patches adding that
include haven't been sent yet, it makes sense to rename the macro now in
case someone else stumbles on it in the meantime.
Pan Nengyuan [Wed, 19 Feb 2020 09:47:05 +0000 (17:47 +0800)]
migration/savevm: release gslist after dump_vmstate_json
'list' forgot to free at the end of dump_vmstate_json_to_file(), although it's called only once, but seems like a clean code.
Fix the leak as follow:
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x7fb946abd768 in __interceptor_malloc (/lib64/libasan.so.5+0xef768)
#1 0x7fb945eca445 in g_malloc (/lib64/libglib-2.0.so.0+0x52445)
#2 0x7fb945ee2066 in g_slice_alloc (/lib64/libglib-2.0.so.0+0x6a066)
#3 0x7fb945ee3139 in g_slist_prepend (/lib64/libglib-2.0.so.0+0x6b139)
#4 0x5585db591581 in object_class_get_list_tramp /mnt/sdb/qemu-new/qemu/qom/object.c:1084
#5 0x5585db590f66 in object_class_foreach_tramp /mnt/sdb/qemu-new/qemu/qom/object.c:1028
#6 0x7fb945eb35f7 in g_hash_table_foreach (/lib64/libglib-2.0.so.0+0x3b5f7)
#7 0x5585db59110c in object_class_foreach /mnt/sdb/qemu-new/qemu/qom/object.c:1038
#8 0x5585db5916b6 in object_class_get_list /mnt/sdb/qemu-new/qemu/qom/object.c:1092
#9 0x5585db335ca0 in dump_vmstate_json_to_file /mnt/sdb/qemu-new/qemu/migration/savevm.c:638
#10 0x5585daa5bcbf in main /mnt/sdb/qemu-new/qemu/vl.c:4420
#11 0x7fb941204812 in __libc_start_main ../csu/libc-start.c:308
#12 0x5585da29420d in _start (/mnt/sdb/qemu-new/qemu/build/x86_64-softmmu/qemu-system-x86_64+0x27f020d)
Indirect leak of 7472 byte(s) in 467 object(s) allocated from:
#0 0x7fb946abd768 in __interceptor_malloc (/lib64/libasan.so.5+0xef768)
#1 0x7fb945eca445 in g_malloc (/lib64/libglib-2.0.so.0+0x52445)
#2 0x7fb945ee2066 in g_slice_alloc (/lib64/libglib-2.0.so.0+0x6a066)
#3 0x7fb945ee3139 in g_slist_prepend (/lib64/libglib-2.0.so.0+0x6b139)
#4 0x5585db591581 in object_class_get_list_tramp /mnt/sdb/qemu-new/qemu/qom/object.c:1084
#5 0x5585db590f66 in object_class_foreach_tramp /mnt/sdb/qemu-new/qemu/qom/object.c:1028
#6 0x7fb945eb35f7 in g_hash_table_foreach (/lib64/libglib-2.0.so.0+0x3b5f7)
#7 0x5585db59110c in object_class_foreach /mnt/sdb/qemu-new/qemu/qom/object.c:1038
#8 0x5585db5916b6 in object_class_get_list /mnt/sdb/qemu-new/qemu/qom/object.c:1092
#9 0x5585db335ca0 in dump_vmstate_json_to_file /mnt/sdb/qemu-new/qemu/migration/savevm.c:638
#10 0x5585daa5bcbf in main /mnt/sdb/qemu-new/qemu/vl.c:4420
#11 0x7fb941204812 in __libc_start_main ../csu/libc-start.c:308
#12 0x5585da29420d in _start (/mnt/sdb/qemu-new/qemu/build/x86_64-softmmu/qemu-system-x86_64+0x27f020d)
Anup Patel [Sun, 2 Feb 2020 13:42:17 +0000 (19:12 +0530)]
hw/riscv: Provide rdtime callback for TCG in CLINT emulation
This patch extends CLINT emulation to provide rdtime callback for
TCG. This rdtime callback will be called wheneven TIME CSRs are
read in privileged modes.
Anup Patel [Sun, 2 Feb 2020 13:42:16 +0000 (19:12 +0530)]
target/riscv: Emulate TIME CSRs for privileged mode
Currently, TIME CSRs are emulated only for user-only mode. This
patch add TIME CSRs emulation for privileged mode.
For privileged mode, the TIME CSRs will return value provided
by rdtime callback which is registered by QEMU machine/platform
emulation (i.e. CLINT emulation). If rdtime callback is not
available then the monitor (i.e. OpenSBI) will trap-n-emulate
TIME CSRs in software.
We see 25+% performance improvement in hackbench numbers when
TIME CSRs are not trap-n-emulated.
projects / qemu.git / log