virtiofs: drop remapped security.capability xattr as needed
On Linux, the 'security.capability' xattr holds a set of
capabilities that can change when an executable is run, giving
a limited form of privilege escalation to those programs that
the writer of the file deemed worthy.
Any write causes the 'security.capability' xattr to be dropped,
stopping anyone from gaining privilege by modifying a blessed
file.
Fuse relies on the daemon to do this dropping, and in turn the
daemon relies on the host kernel to drop the xattr for it. However,
with the addition of -o xattrmap, the xattr that the guest
stores its capabilities in is now not the same as the one that
the host kernel automatically clears.
Where the mapping changes 'security.capability', explicitly clear
the remapped name to preserve the same behaviour.
This bug is assigned CVE-2021-20263.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Vivek Goyal <vgoyal@redhat.com>
Peter Maydell [Wed, 3 Mar 2021 16:55:15 +0000 (16:55 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc,virtio,pci: bug fixes
Fixes all over the place. Specifically this fixes
a bug which made windows guests lose device config
(such as the configured fixed IP) after upgrading
to the new QEMU.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Tue 02 Mar 2021 14:19:51 GMT
# gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg: issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
vhost: simplify vhost_dev_init() fail_busyloop label
hw/pci: Have safer pcie_bus_realize() by checking error path
virtio-net: handle zero mac for a vdpa peer
i386/acpi: restore device paths for pre-5.1 vms
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/bonzini-gitlab/tags/for-upstream: (29 commits)
tcg/i386: rdpmc: fix the the condtions
chardev: do not use short form boolean options in non-QemuOpts character device descriptions
vl: deprecate -writeconfig
target/i386: Add bus lock debug exception support
qom/object.c: Fix typo
target/i386: update to show preferred boolean syntax for -cpu
docs: update to show preferred boolean syntax for -cpu
docs: update to show preferred boolean syntax for -vnc
docs: update to show preferred boolean syntax for -chardev
qemu-options: update to show preferred boolean syntax for -vnc
qemu-options: update to show preferred boolean syntax for -incoming
qemu-options: update to show preferred boolean syntax for -netdev
qemu-options: update to show preferred boolean syntax for -spice
qemu-options: update to show preferred boolean syntax for -chardev
gdbstub: use preferred boolean option syntax
char: don't fail when client is not connected
scsi: drop 'result' argument from command_complete callback
scsi-disk: pass guest recoverable errors through even for rerror=stop
scsi-disk: pass SCSI status to scsi_handle_rw_error
scsi: introduce scsi_sense_from_errno()
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move the conditional to into the fail_busyloop label so that it's safe
to jump to this label unconditionally.
This change makes the migrate_add_blocker() error case more consistent.
It jumped to fail_busyloop unconditionally whereas the memslots limits
error case was conditional.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20210222114931.272308-1-stefanha@redhat.com> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
hw/pci: Have safer pcie_bus_realize() by checking error path
While pci_bus_realize() currently does not use the Error* argument,
it would be an error to leave pcie_bus_realize() setting bus->flags
if pci_bus_realize() had failed.
Fix by using a local Error* and return early (propagating the error)
if pci_bus_realize() failed.
Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210201153700.618946-1-philmd@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Cindy Lu [Thu, 25 Feb 2021 16:55:06 +0000 (00:55 +0800)]
virtio-net: handle zero mac for a vdpa peer
Some mlx vdpa devices with kernels at least up to 5.11 currently present
0 as their MAC address. This is because they have not been
pre-configured with a MAC: they have a learning bridge and only learn
the MAC once guest is up. Kernel patches and tools to allow programming
the MAC from host are being developed. For now - since these
combinations exist in the field - let's detect zero mac and just try to
proceed with the mac from the qemu command line.
This makes the guest use this MAC to send packets in turn teaching
the MAC to the card, and things work.
TODO:
report the actual MAC from QEMU commad line in the info message.
TODO:
detect that a (non-zero) hardware MAC does not match QEMU command line
and fail init.
Signed-off-by: Cindy Lu <lulu@redhat.com>
Message-Id: <20210225165506.18321-2-lulu@redhat.com>
mst: rewritten code comments, message printed and the commit log.
Cc: Eli Cohen <elic@nvidia.com> Cc: Parav Pandit <parav@nvidia.com> Tested-by: Adrian Moreno <amorenoz@redhat.com> Tested-by: Sean Mooney <smooney@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Vitaly Cheptsov [Mon, 1 Mar 2021 19:59:18 +0000 (22:59 +0300)]
i386/acpi: restore device paths for pre-5.1 vms
After fixing the _UID value for the primary PCI root bridge in af1b80ae it was discovered that this change updates Windows
configuration in an incompatible way causing network configuration
failure unless DHCP is used. More details provided on the list:
This change reverts the _UID update from 1 to 0 for q35 and i440fx
VMs before version 5.2 to maintain the original behaviour when
upgrading.
Cc: qemu-stable@nongnu.org Cc: qemu-devel@nongnu.org Reported-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Suggested-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Vitaly Cheptsov <cheptsov@ispras.ru>
Message-Id: <20210301195919.9333-1-cheptsov@ispras.ru> Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Fixes: af1b80ae56c9 ("i386/acpi: fix inconsistent QEMU/OVMF device paths")
Peter Maydell [Thu, 25 Feb 2021 19:07:58 +0000 (19:07 +0000)]
Merge remote-tracking branch 'remotes/stsquad/tags/pull-testing-updates-240221-1' into staging
Testing tweaks (build, docs, bumps)
- expose cross compiler info in meson pretty print
- bump Fedora to 33
- "graceful" handling of missing virgl config
- updates to the container documentation
- move CODING_STYLE.rst into developer manual
# gpg: Signature made Wed 24 Feb 2021 11:08:03 GMT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-testing-updates-240221-1:
docs: move CODING_STYLE into the developer documentation
docs/devel: add forward reference to check-tcg
docs/devel: update the container based tests
docs/devel: expand on use of containers to build tests
tests/acceptance: allow a "graceful" failing for virtio-gpu test
docker: Bump Fedora images to release 33
meson.build: expose TCG cross compiler information in summary
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Thu, 25 Feb 2021 11:05:22 +0000 (12:05 +0100)]
chardev: do not use short form boolean options in non-QemuOpts character device descriptions
Options such as "-gdb" or "-serial" accept a part-QemuOpts part-parsed-by-hand
character device description. Do not use short form boolean options in the
QemuOpts part.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Thu, 25 Feb 2021 10:55:27 +0000 (11:55 +0100)]
vl: deprecate -writeconfig
The functionality of -writeconfig is limited and the code
does not even try to detect cases where it prints incorrect
syntax (for example if values have a quote in them, since
qemu_config_parse does not support any kind of escaping)
so remove it.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Maydell [Thu, 25 Feb 2021 14:02:16 +0000 (14:02 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc,virtio,pci: fixes, tests
Fixes all over the place, a new test.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Tue 23 Feb 2021 16:00:29 GMT
# gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg: issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
qtest/acpi/bios-tables-test: update acpi tables
acpi: add test case for -no-hpet
i386: acpi: Don't build HPET ACPI entry if HPET is disabled
hw/i386: declare ACPI mother board resource for MMCONFIG region
acpi: add test case for smm unsupported -machine smm=off
acpi: set fadt.smi_cmd to zero when SMM is not supported
acpi/core: always set SCI_EN when SMM isn't supported
ich9, piix4: add property, smm-compat, to keep compatibility of SMM
qtest: update tests/qtest/bios-tables-test-allowed-diff.h
checkpatch: don't emit warning on newly created acpi data files
tests/data/acpi/virt/DSDT.pxb: update with _CCA
acpi/gpex: Fix cca attribute check for pxb device
acpi: Allow pxb DSDT acpi table changes
pcie: don't set link state active if the slot is empty
failover: really display a warning when the primary device is not found
virtio-net: add missing object_unref()
pci: cleanup failover sanity check
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Chenyi Qiang [Tue, 2 Feb 2021 09:02:24 +0000 (17:02 +0800)]
target/i386: Add bus lock debug exception support
Bus lock debug exception is a feature that can notify the kernel by
generate an #DB trap after the instruction acquires a bus lock when
CPL>0. This allows the kernel to enforce user application throttling or
mitigations.
This feature is enumerated via CPUID.(EAX=7,ECX=0).ECX[bit 24].
Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20210202090224.13274-1-chenyi.qiang@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
target/i386: update to show preferred boolean syntax for -cpu
The preferred syntax is to use "foo=on|off", rather than a bare
"+foo" or "-foo"
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-11-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
docs: update to show preferred boolean syntax for -cpu
The preferred syntax is to use "foo=on|off", rather than a bare
"+foo" or "-foo"
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-10-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-9-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
docs: update to show preferred boolean syntax for -chardev
The preferred syntax is to use "foo=on|off", rather than a bare
"foo" or "nofoo".
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-8-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-7-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
qemu-options: update to show preferred boolean syntax for -incoming
The preferred syntax is to use "foo=on|off", rather than a bare
"foo" or "nofoo".
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-6-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
qemu-options: update to show preferred boolean syntax for -netdev
The preferred syntax is to use "foo=on|off", rather than a bare
"foo" or "nofoo".
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-5-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
qemu-options: update to show preferred boolean syntax for -spice
The preferred syntax is to use "foo=on|off", rather than a bare
"foo" or "nofoo".
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-4-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
qemu-options: update to show preferred boolean syntax for -chardev
The preferred syntax is to use "foo=on|off", rather than a bare
"foo" or "nofoo".
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-3-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-2-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Hannes Reinecke [Mon, 16 Nov 2020 18:40:36 +0000 (19:40 +0100)]
scsi: drop 'result' argument from command_complete callback
The command complete callback has a SCSIRequest as the first argument,
and the status field of that structure is identical to the 'status'
argument. So drop the argument from the callback.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Message-Id: <20201116184041.60465-3-hare@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 24 Feb 2021 11:57:44 +0000 (12:57 +0100)]
scsi-disk: pass guest recoverable errors through even for rerror=stop
Right now, recoverable sense values are only passed directly to the
guest only for rerror=report. However, when rerror/werror are 'stop'
we still don't want the host to be involved on every UNIT ATTENTION
(especially considered that the QMP event will not have enough information
to act on the report).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 24 Feb 2021 15:30:09 +0000 (16:30 +0100)]
scsi: introduce scsi_sense_from_errno()
The new function is an extension of the switch statement in scsi-disk.c
which also includes the errno cases only found in sg_io_sense_from_errno.
This allows us to consolidate the errno handling.
Extracted from a patch by Hannes Reinecke <hare@suse.de>.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Maxim Levitsky [Thu, 17 Dec 2020 15:00:38 +0000 (17:00 +0200)]
virtio-scsi: don't process IO on fenced dataplane
If virtio_scsi_dataplane_start fails, there is a small window when it drops the
aio lock (in aio_wait_bh_oneshot) and the dataplane's AIO handler can
still run during that window.
This is done after the dataplane was marked as fenced, thus we use this flag
to avoid it doing any IO.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20201217150040.906961-2-mlevitsk@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Zihao Chang [Tue, 3 Nov 2020 06:12:40 +0000 (14:12 +0800)]
scsi: allow user to set werror as report
'enospc' is the default for -drive, but qemu allows user to set
drive option werror. If werror of scsi-generic is set to 'report'
by user, qemu will not allow vm to start.
This patch allow user to set werror as 'report' for scsi-generic.
Hannes Reinecke [Mon, 16 Nov 2020 18:31:13 +0000 (19:31 +0100)]
scsi: make io_timeout configurable
The current code sets an infinite timeout on SG_IO requests,
causing the guest to stall if the host experiences a frame
loss.
This patch adds an 'io_timeout' parameter for SCSIDevice to
make the SG_IO timeout configurable, and also shortens the
default timeout to 30 seconds to avoid infinite stalls.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Message-Id: <20201116183114.55703-3-hare@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
With --enable-fuzzing, QEMU_CFLAGS include -fsanitize=fuzzer-no-link.
This should allow us to build non-fuzzer binaries using objects
instrumented for fuzzing. However, to do that, we also need to link with
-fsanitize=fuzzer-no-link. We were not doing that.
Reported-by: Li Qiang <liq3ea@163.com>, Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20210221174510.22542-1-alxndr@bu.edu> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Akihiko Odaki [Thu, 25 Feb 2021 00:06:14 +0000 (09:06 +0900)]
hvf: Sign the code after installation
Before this change, the code signed during the build was installed
directly.
However, the signature gets invalidated because meson modifies the code
to fix dynamic library install names during the install process.
It also prevents meson to strip the code because the pre-signed file is
not marked as an executable (although it is somehow able to perform the
modification described above).
With this change, the unsigned code will be installed and modified by
meson first, and a script signs it later.
Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Message-Id: <20210225000614.46919-1-akihiko.odaki@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Alex Bennée [Tue, 23 Feb 2021 09:59:31 +0000 (09:59 +0000)]
docs: move CODING_STYLE into the developer documentation
There is no particular reason to keep this on it's own in the root of
the tree. Move it into the rest of the fine developer manual and fixup
any links to it. The only tweak I've made is to fix the code-block
annotations to mention the language C.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Claudio Fontana <cfontana@suse.de>
Message-Id: <20210223095931.16908-1-alex.bennee@linaro.org>
Alex Bennée [Mon, 22 Feb 2021 10:14:55 +0000 (10:14 +0000)]
docs/devel: add forward reference to check-tcg
For completeness reference the check-tcg tests in the container
preamble text.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Cc: Thomas Huth <thuth@redhat.com>
Message-Id: <20210222101455.12640-7-alex.bennee@linaro.org>
Alex Bennée [Mon, 22 Feb 2021 10:14:54 +0000 (10:14 +0000)]
docs/devel: update the container based tests
This section has grown a little stale so clean-up the language and
examples for current usage:
- refer to containers at the top
- mention podman can also be used
- add podman prerequisites section
- move to using "docker-help" for online help
- mention the registry and it's purpose
- don't refer to out-of-date min-glib image
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210222101455.12640-6-alex.bennee@linaro.org>
Alex Bennée [Mon, 22 Feb 2021 10:14:53 +0000 (10:14 +0000)]
docs/devel: expand on use of containers to build tests
Expand on the usage of containers for building tests and why we have
some that are not used to build QEMU itself.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Cc: Thomas Huth <thuth@redhat.com>
Message-Id: <20210222101455.12640-5-alex.bennee@linaro.org>
Update all the Fedora 32 images to this new release.
Suggested-by: Daniel Berrangé <berrange@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210118181255.314672-1-philmd@redhat.com>
Message-Id: <20210222101455.12640-3-alex.bennee@linaro.org>
Alex Bennée [Mon, 22 Feb 2021 10:14:50 +0000 (10:14 +0000)]
meson.build: expose TCG cross compiler information in summary
Blink and you miss the cross TCG compiler stuff so lets display it
with the rest of the compiler information.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210222101455.12640-2-alex.bennee@linaro.org>
Isaku Yamahata [Thu, 18 Feb 2021 05:51:18 +0000 (21:51 -0800)]
qtest/acpi/bios-tables-test: update acpi tables
update golden master acpi tables and empty
bios-tables-test-allowed-diff.h.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <de5a7f88563d39ed0cec34ff1d4cd6a1bdc927f0.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Isaku Yamahata [Thu, 18 Feb 2021 05:51:17 +0000 (21:51 -0800)]
acpi: add test case for -no-hpet
Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <5ef9a81e49793afb42ffd19bbf1f44e269c65e93.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
i386: acpi: Don't build HPET ACPI entry if HPET is disabled
Omit HPET AML if the HPET is disabled, QEMU is not emulating it and the
guest may get confused by seeing HPET in the ACPI tables without a
"physical" device present.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <66114dead09232d04891b9e5f5a4081e85cc2c4d.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Isaku Yamahata [Thu, 18 Feb 2021 05:51:15 +0000 (21:51 -0800)]
hw/i386: declare ACPI mother board resource for MMCONFIG region
Declare PNP0C01 device to reserve MMCONFIG region to conform to the
spec better and play nice with guest BIOSes/OSes.
According to PCI Firmware Specification[0], MMCONFIG region must be
reserved by declaring a motherboard resource. It's optional to reserve
the region in memory map by Int 15 E820h or EFIGetMemoryMap.
Guest Linux checks if the MMCFG region is reserved by bios memory map
or ACPI resource. If it's not reserved, Linux falls back to legacy PCI
configuration access.
TDVF [1] [2] doesn't reserve MMCONFIG the region in memory map.
On the other hand OVMF reserves it in memory map without declaring a
motherboard resource. With memory map reservation, linux guest uses
MMCONFIG region. However it doesn't comply to PCI Firmware
specification.
[0] PCI Firmware specification Revision 3.2
4.1.2 MCFG Table Description table 4-2 NOTE 2
If the operating system does not natively comprehend reserving the
MMCFG region, The MMCFG region must e reserved by firmware. ...
For most systems, the mortheroard resource would appear at the root
of the ACPI namespace (under \_SB)...
The resource can optionally be returned in Int15 E820h or
EFIGetMemoryMap as reserved memory but must always be reported
through ACPI as a motherboard resource
The change to DSDT is as follows.
@@ -68,32 +68,47 @@
If ((CDW3 != Local0))
{
CDW1 |= 0x10
}
CDW3 = Local0
}
Else
{
CDW1 |= 0x04
}
Return (Arg3)
}
}
+
+ Device (DRAC)
+ {
+ Name (_HID, "PNP0C01" /* System Board */) // _HID: Hardware ID
+ Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
+ {
+ DWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, NonCacheable, ReadWrite,
+ 0x00000000, // Granularity
+ 0xB0000000, // Range Minimum
+ 0xBFFFFFFF, // Range Maximum
+ 0x00000000, // Translation Offset
+ 0x10000000, // Length
+ ,, , AddressRangeMemory, TypeStatic)
+ })
+ }
}
Scope (_SB)
{
Device (HPET)
{
Name (_HID, EisaId ("PNP0103") /* HPET System Timer */) // _HID: Hardware ID
Name (_UID, Zero) // _UID: Unique ID
OperationRegion (HPTM, SystemMemory, 0xFED00000, 0x0400)
Field (HPTM, DWordAcc, Lock, Preserve)
{
VEND, 32,
PRD, 32
}
Method (_STA, 0, NotSerialized) // _STA: Status
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <6f686b45ce7bc43048c56dbb46e72e1fe51927e6.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Isaku Yamahata [Thu, 18 Feb 2021 05:51:14 +0000 (21:51 -0800)]
acpi: add test case for smm unsupported -machine smm=off
Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <22f774a51255af1608b07b00b257af426adcf4ab.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <09ed791ef77fda2b194100669cbc690865c9eb52.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Isaku Yamahata [Thu, 18 Feb 2021 05:51:12 +0000 (21:51 -0800)]
acpi/core: always set SCI_EN when SMM isn't supported
If SMM is not supported, ACPI fixed hardware doesn't support
legacy-mode. ACPI-only platform. Where SCI_EN in PM1_CNT register is
always set.
The bit tells OS legacy mode(SCI_EN cleared) or ACPI mode(SCI_EN set).
With the next patch (setting fadt.smi_cmd = 0 when smm isn't enabled),
guest Linux tries to switch to ACPI mode, finds smi_cmd = 0, and then
fails to initialize acpi subsystem. This patch proactively fixes it.
This patch changes guest ABI. To keep compatibility, use
"smm-compat" introduced by earlier patch. If the property is true,
disable new behavior.
ACPI spec 4.8.10.1 PM1 Event Grouping
PM1 Eanble Registers
> For ACPI-only platforms (where SCI_EN is always set)
Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <500f62081626997e46f96377393d3662211763a8.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Isaku Yamahata [Thu, 18 Feb 2021 05:51:11 +0000 (21:51 -0800)]
ich9, piix4: add property, smm-compat, to keep compatibility of SMM
The following patch will introduce incompatible behavior of SMM.
Introduce a property to keep the old behavior for compatibility.
To enable smm compat, use "-global ICH9-LPC.smm-compat=on" or
"-global PIIX4_PM.smm-compat=on"
Suggested-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <47254ae0b8c6cc6945422978b6b2af2d213ef891.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com>
The following tests will modify acpi tables.
prepare qtests to allow acpi table change.
add new tables for new tests.
- tests/data/acpi/pc/DSDT.nohpet
- tests/data/acpi/pc/FACP.nosmm
- tests/data/acpi/q35/DSDT.nohpet
- tests/data/acpi/q35/FACP.nosmm
Acked-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <c8285f54deab362ed839d31f0fb5bb590ab71fdd.1613615732.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Xingang Wang [Tue, 23 Feb 2021 15:01:31 +0000 (10:01 -0500)]
tests/data/acpi/virt/DSDT.pxb: update with _CCA
Update expected DSDT files accordingly, and re-enable their testing.
diff of disassembly of changed expected files:
diff -ru -IDisassembly old/tests/data/acpi/virt/DSDT.pxb.dsl new/tests/data/acpi/virt/DSDT.pxb.dsl
--- old/tests/data/acpi/virt/DSDT.pxb.dsl 2021-02-23 09:54:18.566781350 -0500
+++ new/tests/data/acpi/virt/DSDT.pxb.dsl 2021-02-23 09:57:51.952816428 -0500
Name (_BBN, 0x80) // _BBN: BIOS Bus Number
Name (_UID, 0x80) // _UID: Unique ID
Name (_STR, Unicode ("pxb Device")) // _STR: Description String
+ Name (_CCA, One) // _CCA: Cache Coherency Attribute
Name (_PRT, Package (0x80) // _PRT: PCI Routing Table
{
Package (0x04)
Signed-off-by: Jiahui Cen <cenjiahui@huawei.com> Signed-off-by: Xingang Wang <wangxingang5@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Xingang Wang [Fri, 5 Feb 2021 01:56:44 +0000 (01:56 +0000)]
acpi/gpex: Fix cca attribute check for pxb device
When check DMA support for device attached to pxb,
the cache coherency attribute need to be set.
This add _CCA attribute for pxb DSDT.
Fixes: 6f9765fbad ("acpi/gpex: Build tables for pxb") Signed-off-by: Jiahui Cen <cenjiahui@huawei.com> Signed-off-by: Xingang Wang <wangxingang5@huawei.com>
Message-Id: <1612490205-48788-3-git-send-email-wangxingang5@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Xingang Wang [Fri, 5 Feb 2021 01:56:43 +0000 (01:56 +0000)]
acpi: Allow pxb DSDT acpi table changes
Signed-off-by: Jiahui Cen <cenjiahui@huawei.com> Signed-off-by: Xingang Wang <wangxingang5@huawei.com>
Message-Id: <1612490205-48788-2-git-send-email-wangxingang5@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Laurent Vivier [Fri, 12 Feb 2021 13:52:50 +0000 (14:52 +0100)]
pcie: don't set link state active if the slot is empty
When the pcie slot is initialized, by default PCI_EXP_LNKSTA_DLLLA
(Data Link Layer Link Active) is set in PCI_EXP_LNKSTA
(Link Status) without checking if the slot is empty or not.
This is confusing for the kernel because as it sees the link is up
it tries to read the vendor ID and fails:
This is really a problem with virtio-net failover that hotplugs a VFIO
card during the boot process. The kernel can shutdown the slot while
QEMU is hotplugging it, and this likely ends by an automatic unplug of
the card. At the end of the boot sequence the card has disappeared.
To fix that, don't set the "Link Active" state in the init function, but
rely on the plug function to do it, as the mechanism has already been
introduced by 2f2b18f60bf1.
Fixes: 2f2b18f60bf1 ("pcie: set link state inactive/active after hot unplug/plug") Cc: zhengxiang9@huawei.com Fixes: 3d67447fe7c2 ("pcie: Fill PCIESlot link fields to support higher speeds and widths") Cc: alex.williamson@redhat.com Fixes: b2101eae63ea ("pcie: Set the "link active" in the link status register") Cc: benh@kernel.crashing.org Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20210212135250.2738750-5-lvivier@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Laurent Vivier [Fri, 12 Feb 2021 13:52:49 +0000 (14:52 +0100)]
failover: really display a warning when the primary device is not found
In failover_add_primary(), we search the id of the failover device by
scanning the list of the devices in the opts list to find a device with
a failover_pair_id equals to the id of the virtio-net device.
If the failover_pair_id is not found, QEMU ignores the primary
device silently (which also means it will not be hidden and
it will be enabled directly at boot).
After that, we search the id in the opts list to do a qdev_device_add()
with it. The device will be always found as otherwise we had exited
before, and thus the warning is never displayed.
Fix that by moving the error report to the first exit condition.
Also add a g_assert() to be sure the compiler will not complain
about a possibly NULL pointer.
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20210212135250.2738750-4-lvivier@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Laurent Vivier [Fri, 12 Feb 2021 13:52:48 +0000 (14:52 +0100)]
virtio-net: add missing object_unref()
failover_add_primary() calls qdev_device_add() and doesn't unref
the device. Because of that, when the device is unplugged a reference
is remaining and prevents the cleanup of the object.
This prevents to be able to plugin back the failover primary device,
with errors like:
Laurent Vivier [Fri, 12 Feb 2021 13:52:47 +0000 (14:52 +0100)]
pci: cleanup failover sanity check
Commit a1190ab628 has added a "allow_unplug_during_migration = true" at
the end of the main "if" block, so it is not needed to set it anymore
in the previous checking.
Remove it, to have only sub-ifs that check for needed conditions and exit
if one fails.
Fixes: 4f5b6a05a4e7 ("pci: add option for net failover") Fixes: a1190ab628c0 ("migration: allow unplug during migration for failover devices") Cc: jfreimann@redhat.com Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20210212135250.2738750-2-lvivier@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Jens Freimann <jfreimann@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com>
Peter Maydell [Mon, 22 Feb 2021 14:20:32 +0000 (14:20 +0000)]
Merge remote-tracking branch 'remotes/edgar/tags/edgar/cris-next-2021-02-22.for-upstream' into staging
CRIS PR 2021-02-22 v1
# gpg: Signature made Mon 22 Feb 2021 08:28:37 GMT
# gpg: using RSA key AC44FEDC14F7F1EBEDBF415129C596780F6BCA83
# gpg: Good signature from "Edgar E. Iglesias (Xilinx key) <edgar.iglesias@xilinx.com>" [unknown]
# gpg: aka "Edgar E. Iglesias <edgar.iglesias@gmail.com>" [full]
# Primary key fingerprint: AC44 FEDC 14F7 F1EB EDBF 4151 29C5 9678 0F6B CA83
* remotes/edgar/tags/edgar/cris-next-2021-02-22.for-upstream:
target/cris: Plug leakage of TCG temporaries
target/cris: Let cris_mmu_translate() use MMUAccessType access_type
target/cris: Use MMUAccessType enum type when possible
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Stefan Sandstrom [Fri, 19 Feb 2021 12:44:16 +0000 (13:44 +0100)]
target/cris: Plug leakage of TCG temporaries
Add and fix deallocation of temporary TCG registers in CRIS code
generation.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Change-Id: I17fce5d95bdc4418337ba885d53ba97afb1bafcc Signed-off-by: Stefan Sandström <stefans@axis.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210219124416.28178-1-stefans@axis.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
target/cris: Let cris_mmu_translate() use MMUAccessType access_type
All callers of cris_mmu_translate() provide a MMUAccessType
type. Let the prototype use it as argument, as it is stricter
than an integer. We can remove the documentation as enum
names are self explicit.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-Id: <20210128003223.3561108-3-f4bug@amsat.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
target/cris: Use MMUAccessType enum type when possible
Replace the 0/1/2 magic values by the corresponding MMUAccessType.
We can remove a comment as enum names are self explicit.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-Id: <20210128003223.3561108-2-f4bug@amsat.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Peter Maydell [Sun, 21 Feb 2021 19:52:58 +0000 (19:52 +0000)]
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/mips-20210221' into staging
MIPS patches queue
- Drop redundant struct MemmapEntry (Bin)
- Fix for Coverity CID 1438965 and 1438967 (Jiaxun)
- Add MIPS bootloader API (Jiaxun)
- Use MIPS bootloader API on fuloong2e and boston machines (Jiaxun)
- Add PMON test for Loongson-3A1000 CPU (Jiaxun)
- Convert to translator API (Philippe)
- MMU cleanups (Philippe)
- Promote 128-bit multimedia registers as global ones (Philippe)
- Various cleanups/fixes on the VT82C686B southbridge (Zoltan)
# gpg: Signature made Sun 21 Feb 2021 18:43:57 GMT
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* remotes/philmd-gitlab/tags/mips-20210221: (43 commits)
vt82c686: Fix superio_cfg_{read,write}() functions
vt82c686: Log superio_cfg unimplemented accesses
vt82c686: Simplify by returning earlier
vt82c686: Reduce indentation by returning early
vt82c686: Remove index field of SuperIOConfig
vt82c686: Move creation of ISA devices to the ISA bridge
vt82c686: Simplify vt82c686b_realize()
vt82c686: Make vt82c686b-pm an abstract base class and add vt8231-pm based on it
vt82c686: Set user_creatable=false for VT82C686B_PM
vt82c686: Fix up power management io base and config
vt82c686: Correctly reset all registers to default values on reset
vt82c686: Correct vt82c686-pm I/O size
vt82c686: Make vt82c686-pm an I/O tracing region
vt82c686: Fix SMBus IO base and configuration registers
vt82c686: Reorganise code
vt82c686: Move superio memory region to SuperIOConfig struct
target/mips: Use GPR move functions in gen_HILO1_tx79()
target/mips: Introduce gen_load_gpr_hi() / gen_store_gpr_hi() helpers
target/mips: Rename 128-bit upper halve GPR registers
target/mips: Promote 128-bit multimedia registers as global ones
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
These functions are memory region callbacks so we have to check
against relative address not the mapped address.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <15b2968fd300a12d06b42368d084f6f80d3c3be5.1610223397.git.balaton@eik.bme.hu>
[PMD: Split original patch in 5, this is part 5/5] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Log superio_cfg unimplemented accesses
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <15b2968fd300a12d06b42368d084f6f80d3c3be5.1610223397.git.balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
[PMD: Split original patch in 5, this is part 4/5] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Simplify by returning earlier
By returning earlier we can remove the 'can_write' boolean variable.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <15b2968fd300a12d06b42368d084f6f80d3c3be5.1610223397.git.balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
[PMD: Split original patch in 5, this is part 3/5] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Reduce indentation by returning early
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <15b2968fd300a12d06b42368d084f6f80d3c3be5.1610223397.git.balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
[PMD: Split patch original in 5, this is part 2/5] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Remove index field of SuperIOConfig
Remove the separate index value from SuperIOConfig and store
the index at reg 0 which is reserved and returns 0 on read.
This simplifies the object state.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <15b2968fd300a12d06b42368d084f6f80d3c3be5.1610223397.git.balaton@eik.bme.hu>
[PMD: Split original patch in 5, this is part 1/5] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Move creation of ISA devices to the ISA bridge
Currently the ISA devices that are part of the VIA south bridge,
superio chip are wired up by board code. Move creation of these ISA
devices to the VIA ISA bridge model so that board code does not need
to access ISA bus. This also allows vt82c686b-superio to be made
internal to vt82c686 which allows implementing its configuration via
registers in subseqent commits.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <bf9400cc8e4ddd3129aa5678de4d3cf38384805f.1610223397.git.balaton@eik.bme.hu> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Simplify vt82c686b_realize()
Remove unneeded variables and setting value to 0 on zero initialised
data and replace check for error with error_fatal. Rationalise loop
that sets PCI config header fields read only.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <e4caf35ca10a68f5c74ae3f93fa0bcfa9457beea.1610223397.git.balaton@eik.bme.hu> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Make vt82c686b-pm an abstract base class and add vt8231-pm based on it
The vt82c686b-pm model can be shared between VT82C686B and VT8231. The
only difference between the two is the device id in what we emulate so
make an abstract via-pm model by renaming appropriately and add types
for vt82c686b-pm and vt8231-pm based on it.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <34969fc7be984fa070479bfb9f748993a0aef31b.1610223397.git.balaton@eik.bme.hu> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Fix up power management io base and config
Similar to the SMBus io registers there is a power management io range
that is set via similar base address reg and enable bit. Some handling
of this was already there but with several problems: using the wrong
registers and bits, wrong size range, not acually updating mapping and
handling reset correctly, nor emulating any of the actual io
registers. Some of these errors are fixed up here.
After this patch we use the correct base address register, enable bit
and region size and allow guests to map/unmap this region, but we
still don't emulate any of the registers in this range.
PMD notes regarding the Configuration Space Power Management Registers:
- 0x40 General Configuration 0
- 0x41 General Configuration 1
. Bit 7: I/O Enable for ACPI I/O Base
- 0x48 Power Mgmt I/O Base
. Bit 0: Always set
. Bits 7-15: Power Management I/O Register Base Address
(this explains the change 0xffc0 -> 0xff80)
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <cff9b2442d3e2e1cfbdcbc2dfbb559031b4b1cc1.1610223397.git.balaton@eik.bme.hu>
[PMD: Split original patch, this is part 4/4, added notes] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Correctly reset all registers to default values on reset
Reset the registers in the DeviceReset() handler which is called
on each device reset, not in DeviceRealize() which is called once.
Bit 0 of 'Power Mgmt I/O Base' register (offset 0x48) is always set.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <cff9b2442d3e2e1cfbdcbc2dfbb559031b4b1cc1.1610223397.git.balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
[PMD: Split original patch, this is part 3/4 (move to reset), document] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Correct vt82c686-pm I/O size
Section "Offset 4B-48 – Power Management I/O Base" describes:
Port Address for the base of the 128-byte Power
Management I/O Register block.
Correct the vt82c686-pm I/O region size.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <cff9b2442d3e2e1cfbdcbc2dfbb559031b4b1cc1.1610223397.git.balaton@eik.bme.hu>
[PMD: Split original patch, this is part 2/4, reduced size to 128B] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Make vt82c686-pm an I/O tracing region
Previously just an empty RAM region was mapped on realize, now we add
an empty io range logging access instead. I think the pm timer should
be hooked up here but not sure guests need it. PMON on fuloong2e sets
a base address but does not seem to enable region; the pegasos2
firmware pokes some regs but continues anyway so don't know if
anything would make use of these facilities. Therefore this is just a
clean up of previous state for now and not intending to fully
implement missing functionality which could be done later if some
guests need it.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <cff9b2442d3e2e1cfbdcbc2dfbb559031b4b1cc1.1610223397.git.balaton@eik.bme.hu>
[PMD: Split original patch, this is part 1/4
(make 'vt82c686-pm' an I/O tracing region)] Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Fix SMBus IO base and configuration registers
The base address of the SMBus io ports and its enabled status is set
by registers in the PCI config space but this was not correctly
emulated. Instead the SMBus registers were mapped on realize to the
base address set by a property to the address expected by fuloong2e
firmware.
Fix the base and config register handling to more closely model
hardware which allows to remove the property and allows the guest to
control this mapping. Do all this in reset instead of realize so it's
correctly updated on reset.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <f2ca2ad5f08ba8cee07afd9d67b4e75cda21db09.1610223397.git.balaton@eik.bme.hu> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Reorganise code
Move lines around so that object definitions become consecutive and
not scattered around. This brings functions belonging to an object
together so it's clearer what is defined and what parts belong to
which object.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <9f942989dba46fc1c23b881f6cb135948f818c2f.1610223397.git.balaton@eik.bme.hu> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
BALATON Zoltan [Sat, 9 Jan 2021 20:16:36 +0000 (21:16 +0100)]
vt82c686: Move superio memory region to SuperIOConfig struct
The superio memory region holds the io space index/data registers used
to access the superio config registers that are implemented in struct
SuperIOConfig. To keep these related things together move the memory
region to SuperIOConfig and rename it accordingly.
Also remove the unused "data" member of SuperIOConfig which is not
needed as we store actual data values in the regs array.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <dc3c4e7632716ca73c10506bd02ee93b39c28705.1610223397.git.balaton@eik.bme.hu> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
target/mips: Use GPR move functions in gen_HILO1_tx79()
We have handy functions to access GPR. Use gen_store_gpr() for
Move From HI/LO Register and gen_load_gpr() for Move To opcodes.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210214175912.732946-8-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210214175912.732946-7-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
TCG displays the upper halve registers with the same name
as their lower halves. Rename the upper halves with the
'[hi]' suffix.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210214175912.732946-6-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
target/mips: Promote 128-bit multimedia registers as global ones
The cpu::mmr[] array contains the upper halves of 128-bit GPR
registers. While they are only used by the R5900 CPU, the
concept is generic and could be used by another MIPS implementation.
Rename 'cpu::mmr' as 'cpu::gpr_hi' and make them global.
When the code is similar to the GPR lower halves, move it
close by.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210214175912.732946-5-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
We will access the cpu_HI/LO registers outside of translate.c.
Make them publicly accessible.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210214175912.732946-4-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Commit 83be6b54123 ("Fix MSA instructions LD.<B|H|W|D> on big endian
host") introduced use of typedef/prototypes declared in "tcg/tcg.h"
without including it. This was not a problem because "tcg/tcg.h" is
pulled in by "exec/cpu_ldst.h". To be able to remove this header
there, we first need to include it here in op_helper.c, else we get:
[222/337] Compiling C object libqemu-mips-softmmu.fa.p/target_mips_msa_helper.c.o
target/mips/msa_helper.c: In function ‘helper_msa_ld_b’:
target/mips/msa_helper.c:8214:9: error: unknown type name ‘TCGMemOpIdx’
8214 | TCGMemOpIdx oi = make_memop_idx(MO_TE | DF | MO_UNALN, \
| ^~~~~~~~~~~
target/mips/msa_helper.c:8224:5: note: in expansion of macro ‘MEMOP_IDX’
8224 | MEMOP_IDX(DF_BYTE)
| ^~~~~~~~~
target/mips/msa_helper.c:8214:26: error: implicit declaration of function ‘make_memop_idx’ [-Werror=implicit-function-declaration]
8214 | TCGMemOpIdx oi = make_memop_idx(MO_TE | DF | MO_UNALN, \
| ^~~~~~~~~~~~~~
target/mips/msa_helper.c:8227:18: error: implicit declaration of function ‘helper_ret_ldub_mmu’ [-Werror=implicit-function-declaration]
8227 | pwd->b[0] = helper_ret_ldub_mmu(env, addr + (0 << DF_BYTE), oi, GETPC());
| ^~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210207232310.2505283-4-f4bug@amsat.org>
target/mips: Remove unused 'rw' argument from page_table_walk_refill()
As the 'rw' argument is unused, remove it.
Reported-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210220202026.2305667-1-f4bug@amsat.org>
target/mips: Let CPUMIPSTLBContext::map_address() take MMUAccessType
get_seg_physical_address() calls CPUMIPSTLBContext::map_address()
handlers passing a MMUAccessType type. Update the prototype
handlers to take a MMUAccessType argument, as it is stricter than
an integer.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-14-f4bug@amsat.org>
target/mips: Let get_seg*_physical_address() take MMUAccessType arg
get_physical_address() calls get_seg_physical_address() and
get_segctl_physical_address() passing a MMUAccessType type.
Let the prototypes use it as argument, as it is stricter than
an integer.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-13-f4bug@amsat.org>
target/mips: Let get_physical_address() take MMUAccessType argument
All these functions:
- mips_cpu_get_phys_page_debug()
- cpu_mips_translate_address()
- mips_cpu_tlb_fill()
- page_table_walk_refill()
- walk_directory()
call get_physical_address() passing a MMUAccessType type. Let the
prototype use it as argument, as it is stricter than an integer.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-12-f4bug@amsat.org>
target/mips: Let raise_mmu_exception() take MMUAccessType argument
Both mips_cpu_tlb_fill() and cpu_mips_translate_address() pass
MMUAccessType to raise_mmu_exception(). Let the prototype use it
as argument, as it is stricter than an integer.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-11-f4bug@amsat.org>
target/mips: Let cpu_mips_translate_address() take MMUAccessType arg
The single caller, do_translate_address(), passes MMUAccessType
to cpu_mips_translate_address(). Let the prototype use it as
argument, as it is stricter than an integer.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-10-f4bug@amsat.org>
target/mips: Let do_translate_address() take MMUAccessType argument
The single caller, HELPER_LD_ATOMIC(), passes MMUAccessType to
do_translate_address(). Let the prototype use it as argument,
as it is stricter than an integer.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-9-f4bug@amsat.org>
target/mips: Replace magic value by MMU_DATA_LOAD definition
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-7-f4bug@amsat.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-6-f4bug@amsat.org>
target/mips: Remove access_type argument from get_physical_address()
get_physical_address() doesn't use the 'access_type' argument,
remove it to simplify.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-5-f4bug@amsat.org>
target/mips: Remove access_type arg from get_segctl_physical_address()
get_segctl_physical_address() doesn't use the 'access_type' argument,
remove it to simplify.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Message-Id: <20210128144125.3696119-4-f4bug@amsat.org>
projects / mirror_qemu.git / log