Commit Graph

67655 Commits

Author SHA1 Message Date
Peter Maydell
602f6e42cf target/arm: Use MVFR1 feature bits to gate A32/T32 FP16 instructions
Instead of gating the A32/T32 FP16 conversion instructions on
the ARM_FEATURE_VFP_FP16 flag, switch to our new approach of
looking at ID register bits. In this case MVFR1 fields FPHP
and SIMDHP indicate the presence of these insns.

This change doesn't alter behaviour for any of our CPUs.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190222170936.13268-2-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
aab7a3786f hw/arm/armsse: Unify init-svtor and cpuwait handling
At the moment the handling of init-svtor and cpuwait initial
values is split between armsse.c and iotkit-sysctl.c:
the code in armsse.c sets the initial state of the CPU
object by setting the init-svtor and start-powered-off
properties, but the iotkit-sysctl.c code has its own
code setting the reset values of its registers (which are
then used when updating the CPU when the guest makes
runtime changes).

Clean this up by making the armsse.c code set properties on the
iotkit-sysctl object to define the initial values of the
registers, so they always match the initial CPU state,
and update the comments in armsse.c accordingly.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190219125808.25174-9-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
0f862986e0 hw/arm/iotkit-sysctl: Implement CPUWAIT and INITSVTOR*
The CPUWAIT register acts as a sort of power-control: if a bit
in it is 1 then the CPU will have been forced into waiting
when the system was reset (which in QEMU we model as the
CPU starting powered off). Writing a 0 to the register will
allow the CPU to boot (for QEMU, we model this as powering
it on). Note that writing 0 to the register does not power
off a CPU.

For this to work correctly we need to also honour the
INITSVTOR* registers, which let the guest control where the
CPU will load its SP and PC from when it comes out of reset.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190219125808.25174-8-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
0483641418 hw/arm/iotkit-sysctl: Add SSE-200 registers
The SYSCTL block in the SSE-200 has some extra registers that
are not present in the IoTKit version. Add these registers
(as reads-as-written stubs), enabled by a new QOM property.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190219125808.25174-7-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
394e10d2bb hw/misc/iotkit-sysctl: Correct typo in INITSVTOR0 register name
The iotkit-sysctl device has a register it names INITSVRTOR0.
This is actually a typo present in the IoTKit documentation
and also in part of the SSE-200 documentation:  it should be
INITSVTOR0 because it is specifying the initial value of the
Secure VTOR register in the CPU. Correct the typo.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190219125808.25174-6-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
ea824b9742 target/arm/arm-powerctl: Add new arm_set_cpu_on_and_reset()
Currently the Arm arm-powerctl.h APIs allow:
 * arm_set_cpu_on(), which powers on a CPU and sets its
   initial PC and other startup state
 * arm_reset_cpu(), which resets a CPU which is already on
   (and fails if the CPU is powered off)

but there is no way to say "power on a CPU as if it had
just come out of reset and don't do anything else to it".

Add a new function arm_set_cpu_on_and_reset(), which does this.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190219125808.25174-5-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
f9f62e4c37 target/arm/cpu: Allow init-svtor property to be set after realize
Make the M-profile "init-svtor" property be settable after realize.
This matches the hardware, where this is a config signal which
is sampled on CPU reset and can thus be changed between one
reset and another. To do this we have to change the API we
use to add the property.

(We will need this capability for the SSE-200.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190219125808.25174-4-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
68d6b36f7f hw/arm/armsse: Wire up the MHUs
Create and connect the MHUs in the SSE-200.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190219125808.25174-3-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
cdf63440ea hw/misc/armsse-mhu.c: Model the SSE-200 Message Handling Unit
Implement a model of the Message Handling Unit (MHU) found in
the Arm SSE-200. This is a simple device which just contains
some registers which allow the two cores of the SSE-200
to raise interrupts on each other.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190219125808.25174-2-peter.maydell@linaro.org
2019-02-28 11:03:04 +00:00
Peter Maydell
1387294169 ppc patch queue 2019-02-26
Next set of patches for ppc and spapr.  There's a lot in this one:
  * Support "STOP light" states on POWER9
  * Add support for HVI interrupts on POWER9 (powernv machine)
  * CVE-2019-8934: Don't leak host model and serial information to the guest
  * Tests and cleanups for various hot unplug options
  * Hash and radix MMU implementation on POWER9 for powernv machine
  * PCI Host Bridge hotplug support for pseries machine
  * Allow larger kernels and initrds for powernv machine
 
 Plus a handful of miscellaneous fixes and cleanups.
 
 The cpu hotplug tests and cleanups from David Hildenbrand aren't
 solely power related.  However the consensus amongst Michael Tsirkin,
 David Hildenbrand, Cornelia Huck and myself was that it made most
 sense to come in via my tree.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlx0tIoACgkQbDjKyiDZ
 s5I+ZhAA1LHyTGh2xXYcE1BFUFeYWqpDmFEghKSGvnCjhqkPoACBUyR3GKcNF+vf
 sgX/OgoPPgXE8QpB/4hzcMxiNxFTPNOX+1p5oGv3zzokjyF7qtlVvVub3BI0cvjg
 37eGLW9iLmc/PhiS7kDVSDwQpyhombsU4jb73cp6RqYTKT0wHHl/As3WmzIWW4bk
 BguUE6zPROEuVyQSxiL2pTWv4UBSsMrqqwCBkbAohXkDCjntaSdHCxmaHyf+VXqe
 ac50BSIAkAEIiJiPOGEJkuIOm1goE823RGwuPQWvkfM3flozmTYWh/Y+Y2t9NMBR
 sC8Ly9Wo3Lz/sDr3cfL5HZ3NXCayDZwJEllbHqzDyjSJzU3gY3XMyWnIM0NTckTr
 n5wX1OLghTYkgYkDLRyi9Nj1Gd0B11OfMsw17/Bj9hyz3k1KdgyJ98UZkwUBqvbC
 kwrwkSutMrs8qqAZM6xtn++ABYgxhLOlY83U8rfAXEebUixAj/6WOmxgyYiV+m/n
 9qQfPD8301lxpmmowBVuGyBKcdFUJ+QYNXD3a1S/vphvA2+G1y1SccMrlz2WEYol
 gXVVe1tpA0ohmwflFX87zDOeyvO1gezhtXdaDlVjyeXOaGYUV3Srjei9w1p3PTs0
 FsKwC/bL+cbTmi43qj5et0HG5Fx48fjIOjEqCcVBaz0ZQqjkdus=
 =Z4Z6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-4.0-20190226' into staging

ppc patch queue 2019-02-26

Next set of patches for ppc and spapr.  There's a lot in this one:
 * Support "STOP light" states on POWER9
 * Add support for HVI interrupts on POWER9 (powernv machine)
 * CVE-2019-8934: Don't leak host model and serial information to the guest
 * Tests and cleanups for various hot unplug options
 * Hash and radix MMU implementation on POWER9 for powernv machine
 * PCI Host Bridge hotplug support for pseries machine
 * Allow larger kernels and initrds for powernv machine

Plus a handful of miscellaneous fixes and cleanups.

The cpu hotplug tests and cleanups from David Hildenbrand aren't
solely power related.  However the consensus amongst Michael Tsirkin,
David Hildenbrand, Cornelia Huck and myself was that it made most
sense to come in via my tree.

# gpg: Signature made Tue 26 Feb 2019 03:37:46 GMT
# gpg:                using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full]
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full]
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full]
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown]
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-4.0-20190226: (50 commits)
  ppc/pnv: use IEC binary prefixes to represent sizes
  ppc/pnv: add INITRD_MAX_SIZE constant
  ppc/pnv: increase kernel size limit to 256MiB
  hw/ppc: Use object_initialize_child for correct reference counting
  ppc/xive: xive does not have a POWER7 interrupt model
  tests/device-plug: Add PHB unplug request test for spapr
  spapr: enable PHB hotplug for default pseries machine type
  spapr: add hotplug hooks for PHB hotplug
  spapr_pci: add ibm, my-drc-index property for PHB hotplug
  spapr_pci: provide node start offset via spapr_populate_pci_dt()
  spapr_events: add support for phb hotplug events
  spapr: populate PHB DRC entries for root DT node
  spapr: create DR connectors for PHBs
  spapr_pci: add PHB unrealize
  spapr_irq: Expose the phandle of the interrupt controller
  spapr: Expose the name of the interrupt controller node
  xics: Write source state to KVM at claim time
  spapr/drc: Drop spapr_drc_attach() fdt argument
  spapr/pci: Generate FDT fragment at configure connector time
  spapr: Generate FDT fragment for CPUs at configure connector time
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-28 10:28:00 +00:00
Thomas Huth
9399ef1683 audio/sdlaudio: Simplify the sdl_callback function
At the end of the while-loop, either "samples" or "sdl->live" is zero, so
now that we've removed the semaphore code, the content of the while-loop
is always only executed once. Thus we can remove the while-loop now to
get rid of one indentation level here.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1549336101-17623-3-git-send-email-thuth@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-28 10:30:08 +01:00
Thomas Huth
8a7816c4ac audio/sdlaudio: Remove the semaphore code
The semaphore code was only working with SDL1.2 - with SDL2, it causes
a deadlock. Since we've removed support for SDL1.2 recently, we can
now completely remove the semaphore code from sdlaudio.c.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 1549336101-17623-2-git-send-email-thuth@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-28 10:30:08 +01:00
Gerd Hoffmann
7183834a29 audio: don't build alsa and sdl by default on linux
In case no sound hardware is present both alsa and sdl drivers
initialize successfully and throw errors later on, i.e. effectively
the automatic probing doesn't work.  Drop them from the list of
default audio drivers for linux because of that.

Fixes: 6a48541873 audio: probe audio drivers by default
Buglink: https://bugs.launchpad.net/qemu/+bug/1816052
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Tested-by: David Hildenbrand <david@redhat.com>
Message-id: 20190219124257.3001-1-kraxel@redhat.com
2019-02-28 10:28:59 +01:00
Frediano Ziglio
e8d8544402 audio: Do not check for audio_calloc failure
audio_calloc uses g_malloc0 which never returns in case of
memory failure.

Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Message-id: 20190225154335.11397-2-fziglio@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-28 10:26:53 +01:00
Frediano Ziglio
71f2874fc1 audio: Use g_strdup_printf instead of manual building a string
Instead of using lot of low level function and manually allocate
the temporary string in audio_process_options use more high
level GLib function. The function is not used in hot path but to
read some initial setting.

Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Message-id: 20190225154335.11397-1-fziglio@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-28 10:26:53 +01:00
Corey Minyard
c203d4514b i2c: Verify that the count passed in to smbus_eeprom_init() is valid
Keep someone from passing in a bogus number

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
1042b22dcb i2c:smbus_eeprom: Add a reset function to smbus_eeprom
Reset the contents to init data and reset the offset on a machine
reset.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
fd9df33f08 i2c:smbus_eeprom: Add vmstate handling to the smbus eeprom
Transfer the state of the EEPROM on a migration.  This way the
data remains consistent on migration.

This required moving the actual data to a separate array and
using the data provided in the init function as a separate
initialization array, since a pointer property has to be a
void * and the array needs to be uint8_t[].

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
0cf487e5bd i2c:smbus_eeprom: Add a size constant for the smbus_eeprom size
It was hard-coded to 256 in a number of places, create a constant
for that.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
b398a92440 i2c:smbus_eeprom: Add normal type name and cast to smbus_eeprom.c
Create a type name and a cast macro and use those through the
code.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
547db24a17 i2c:smbus_slave: Add an SMBus vmstate structure
There is no vmstate handling for SMBus, so no device sitting on SMBus
can have a state transfer that works reliably.  So add it.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
4ab2f2a8aa i2c:pm_smbus: Fix state transfer
Transfer the state information for the SMBus registers and
internal data so it will work on a VM transfer.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
8e995f3403 migration: Add a VMSTATE_BOOL_TEST() macro
This will be needed by coming I2C changes.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
52cc6a492b i2c:pm_smbus: Fix pm_smbus handling of I2C block read
The I2C block read function of pm_smbus was completely broken.  It
required doing some direct I2C handling because it didn't have a
defined size, the OS code just reads bytes until it marks the
transaction finished.

This also required adjusting how the AMIBIOS workaround code worked,
the I2C block mode was setting STS_HOST_BUSY during a transaction,
so that bit could no longer be used to inform the host status read
code to start the transaction.  Create a explicit bool for that
operation.

Also, don't read the next byte from the device in byte-by-byte
mode unless the OS is actually clearing the byte done bit.  Just
assuming that's what the OS is doing is a bad idea.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
7fccf2a068 boards.h: Ignore migration for SMBus devices on older machines
Migration capability is being added for pm_smbus and SMBus devices.
This change will allow backwards compatibility to be kept when
migrating back to an old qemu version.  Add a bool to the machine
class tho keep smbus migration from happening.  Future changes
will use this.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
8b38e532b5 i2c:smbus: Make white space in switch statements consistent
It had spaces between cases in some places and not others.  Add a space
for every one.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
08a8a4d450 i2c:smbus_eeprom: Get rid of the quick command
It's not necessary, it won't be called if it's NULL.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
031ac49886 i2c:smbus: Simplify read handling
There were two different read functions, and with the removal of
the command passed in there is no functional difference.  So remove
one of them.  With that you don't need one of the states, so that
can be removed, too.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
9cf27d74a8 i2c:smbus: Simplify write operation
There were two different write functions and the SMBus code kept
track of the command.

Keeping track of the command wasn't useful, in fact it wasn't quite
correct for the eeprom_smbus code.  And there is no need for two write
functions.  Just have one write function and the first byte in the
buffer is the command.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
905cec6d11 i2c:smbus: Correct the working of quick commands
The logic of handling quick SMBus commands was wrong.  If you get a
finish event with no data, that's a quick command.

Document the quick command while we are at it.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
bc15cde0c4 i2c: Don't check return value from i2c_recv()
i2c_recv() cannot fail, so there is no need to check the return
value.  It also returns unt8_t, so comparing with < 0 is not
meaningful.

Fix up various I2C controllers to remove the unneeded code.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-27 21:06:08 -06:00
Corey Minyard
05f9f17e2c arm:i2c: Don't mask return from i2c_recv()
It can't fail, and now that it returns a uint8_t a 0xff mask
is unnecessary.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-27 21:06:08 -06:00
Corey Minyard
2ac4c5f4d2 i2c: have I2C receive operation return uint8_t
It is never supposed to fail and cannot return an error, so just
have it return the proper type.  Have it return 0xff on nothing
available, since that's what would happen on a real bus.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-02-27 21:06:08 -06:00
Corey Minyard
93198b6cad i2c: Split smbus into parts
smbus.c and smbus.h had device side code, master side code, and
smbus.h has some smbus_eeprom.c definitions.  Split them into
separate files.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-02-27 21:06:08 -06:00
Mateja Marjanovic
37b9aae2e6 target/mips: Preparing for adding MMI instructions
Set up MMI code to be compiled only for TARGET_MIPS64. This is
needed so that GPRs are 64 bit, and combined with MMI registers,
they will form full 128 bit registers.

Signed-off-by: Mateja Marjanovic <mateja.marjanovic@rt-rk.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551183797-13570-2-git-send-email-mateja.marjanovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
1e6bea794c tests/tcg: target/mips: Add tests for MSA integer max/min instructions
Add tests for MSA integer max/min instructions. This includes
following instructions:

  * MAX_A.B - maximum of absolute of two signed values (bytes)
  * MAX_A.H - maximum of absolute of two signed values (halfwords)
  * MAX_A.W - maximum of absolute of two signed values (words)
  * MAX_A.D - maximum of absolute of two signed values (doublewords)
  * MIN_A.B - minimum of absolute of two signed values (bytes)
  * MIN_A.H - minimum of absolute of two signed values (halfwords)
  * MIN_A.W - minimum of absolute of two signed values (words)
  * MIN_A.D - minimum of absolute of two signed values (doublewords)
  * MAX_S.B - maximum of two signed values (bytes)
  * MAX_S.H - maximum of two signed values (halfwords)
  * MAX_S.W - maximum of two signed values (words)
  * MAX_S.D - maximum of two signed values (doublewords)
  * MIN_S.B - minimum of two signed values (bytes)
  * MIN_S.H - minimum of two signed values (halfwords)
  * MIN_S.W - minimum of two signed values (words)
  * MIN_S.D - minimum of two signed values (doublewords)
  * MAX_U.B - maximum of two unsigned values (bytes)
  * MAX_U.H - maximum of two unsigned values (halfwords)
  * MAX_U.W - maximum of two unsigned values (words)
  * MAX_U.D - maximum of two unsigned values (doublewords)
  * MIN_U.B - minimum of two unsigned values (bytes)
  * MIN_U.H - minimum of two unsigned values (halfwords)
  * MIN_U.W - minimum of two unsigned values (words)
  * MIN_U.D - minimum of two unsigned values (doublewords)

Each test consists of 80 test cases, so altogether there are 1920
test cases.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-8-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
1f3a111ecc tests/tcg: target/mips: Add wrappers for MSA integer max/min instructions
Add wrappers for MSA integer max/min instructions.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-7-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
ba182a18c9 qemu-doc: Add section on MIPS' Boston board
Add section on MIPS' Boston board in QEMU user documentation.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-6-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
3a1b94d91d qemu-doc: Add section on MIPS' Fulong 2E board
Add section on MIPS' Fulong 2E board in QEMU user documentation.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-5-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
53d21e7bc0 qemu-doc: Move section on MIPS' mipssim pseudo board
Move section on MIPS' mipssim pseudo board to the more
appropriate place.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-4-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
0f74e61d5b disas: nanoMIPS: Fix a function misnomer
Rename function extract_ac_13_12() to extract_ac_15_14().

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-3-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
520e210c0a tests/tcg: target/mips: Add tests for MSA integer compare instructions
Add tests for MSA integer compare instructions. This includes
following instructions:

  * CEQ.B - integer compare equal (bytes)
  * CEQ.H - integer compare equal (halfwords)
  * CEQ.W - integer compare equal (words)
  * CEQ.D - integer compare equal (doublewords)
  * CLE_S.B - signed integer compare less or equal (bytes)
  * CLE_S.H - signed integer compare less or equal (halfwords)
  * CLE_S.W - signed integer compare less or equal (words)
  * CLE_S.D - signed integer compare less or equal (doublewords)
  * CLE_U.B - unsigned integer compare less or equal (bytes)
  * CLE_U.H - unsigned integer compare less or equal (halfwords)
  * CLE_U.W - unsigned integer compare less or equal (words)
  * CLE_U.D - unsigned integer compare less or equal (doublewords)
  * CLT_S.B - signed integer compare less or equal (bytes)
  * CLT_S.H - signed integer compare less or equal (halfwords)
  * CLT_S.W - signed integer compare less or equal (words)
  * CLT_S.D - signed integer compare less or equal (doublewords)
  * CLT_U.B - unsigned integer compare less or equal (bytes)
  * CLT_U.H - unsigned integer compare less or equal (halfwords)
  * CLT_U.W - unsigned integer compare less or equal (words)
  * CLT_U.D - unsigned integer compare less or equal (doublewords)

Each test consists of 80 test cases, so altogether there are 1600 test
cases.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-2-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Peter Maydell
adf2e451f3 Block layer patches:
- Block graph change fixes (avoid loops, cope with non-tree graphs)
 - bdrv_set_aio_context() related fixes
 - HMP snapshot commands: Use only tag, not the ID to identify snapshots
 - qmeu-img, commit: Error path fixes
 - block/nvme: Build fix for gcc 9
 - MAINTAINERS updates
 - Fix various issues with bdrv_refresh_filename()
 - Fix various iotests
 - Include LUKS overhead in qemu-img measure for qcow2
 - A fix for vmdk's image creation interface
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcc/knAAoJEH8JsnLIjy/WptQP/3F8Lh52H4egXaP7NUUuDjQM
 AhqhuDAp/EZBS+xim9kLTogNJADe/rMWdSX/YB5aLpSPYbjasC66NgaLhd6QewgQ
 VIcsLUdlYAyZ5ZjJytimfMTLwm1X02RmVIe55y52DTY8LlfViZzOlf3qwqPm00ao
 EJB2cl8UJLM+PVEu59cCw3R0/06LY+WIJRB32d3tnCBRTkaJwfR9h4lrp/juVcFZ
 U+2eWU68KMbUHSYiWANowN+KRV3uPY4HVA98v3F0vDmcBxlVHOeBg6S+PcT7tK8p
 huzCMwcdwUyPMJgVs/+WBtUnbG0jN6SHUYmFLz859UMVgBnCw5tzBMf8qw1wOA4A
 Iw+zor27Pxj4IlxcLPp5f97YZ8k9acdMR2VKPH6xLJZ1JF+sKa54RfzESd5EJeIj
 Mfcp773H0lIaWcFJ6RY1F0L1E1ta7QigwNBiWMdYfh0a0EWHnDvGyYeaSPYEQ+rl
 e8bZOcfrYwVI7DTDiZOIkGA9D8DXEPDNp+sl6s1DxeY69D0NNaXTtCPqFNNAbFbd
 20uD7yDRZlWq32cQB/K9D5cSkZRSOzdUpLfLU3nQU2+dz11x6OpM6m7DVboSrztD
 1HtPPDzDEvH5dOP7ibd60s+ntjkSiNfNkUgnuVrBE/d/PocC1eHHpZt5V7f43Ofb
 RxVwH5+smzQ9nsNBfQR0
 =gaah
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Block graph change fixes (avoid loops, cope with non-tree graphs)
- bdrv_set_aio_context() related fixes
- HMP snapshot commands: Use only tag, not the ID to identify snapshots
- qmeu-img, commit: Error path fixes
- block/nvme: Build fix for gcc 9
- MAINTAINERS updates
- Fix various issues with bdrv_refresh_filename()
- Fix various iotests
- Include LUKS overhead in qemu-img measure for qcow2
- A fix for vmdk's image creation interface

# gpg: Signature made Mon 25 Feb 2019 14:18:15 GMT
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (71 commits)
  iotests: Skip 211 on insufficient memory
  vmdk: false positive of compat6 with hwversion not set
  iotests: add LUKS payload overhead to 178 qemu-img measure test
  qcow2: include LUKS payload overhead in qemu-img measure
  iotests.py: s/_/-/g on keys in qmp_log()
  iotests: Let 045 be run concurrently
  iotests: Filter SSH paths
  iotests.py: Filter filename in any string value
  iotests.py: Add is_str()
  iotests: Fix 207 to use QMP filters for qmp_log
  iotests: Fix 232 for LUKS
  iotests: Remove superfluous rm from 232
  iotests: Fix 237 for Python 2.x
  iotests: Re-add filename filters
  iotests: Test json:{} filenames of internal BDSs
  block: BDS options may lack the "driver" option
  block/null: Generate filename even with latency-ns
  block/curl: Implement bdrv_refresh_filename()
  block/curl: Harmonize option defaults
  block/nvme: Fix bdrv_refresh_filename()
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-26 19:04:47 +00:00
Peter Maydell
86c7e2f4a9 Add a standard authorization framework
The current network services now support encryption via TLS and in some
 cases support authentication via SASL. In cases where SASL is not
 available, x509 client certificates can be used as a crude authorization
 scheme, but using a sub-CA and controlling who you give certs to. In
 general this is not very flexible though, so this series introduces a
 new standard authorization framework.
 
 It comes with four initial authorization mechanisms
 
  - Simple - an exact username match. This is useful when there is
    exactly one user that is known to connect. For example when live
    migrating from one QEMU to another with TLS, libvirt would use
    the simple scheme to whitelist the TLS cert of the source QEMU.
 
  - List - an full access control list, with optional regex matching.
    This is more flexible and is used to provide 100% backcompat with
    the existing HMP ACL commands. The caveat is that we can't create
    these via the CLI -object arg yet.
 
  - ListFile - the same as List, but with the rules stored in JSON
    format in an external file. This avoids the -object limitation
    while also allowing the admin to change list entries on the file.
    QEMU uses inotify to notice these changes and auto-reload the
    file contents. This is likely a good default choice for most
    network services, if the "simple" mechanism isn't sufficient.
 
  - PAM - delegate the username lookup to a PAM module, which opens
    the door to many options including things like SQL/LDAP lookups.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJcdVxaAAoJEL6G67QVEE/fgK4P/jxF1aTzuc0N0jD7myNi2LE4
 aUqXueawNLrZKk8ZZQtEy/71/fTNJm9fVwxN9zIWITb4jTj4c3hqUnK1iVtEXXOR
 e0qZdKAsVAD2cpj9PBaihn84f+hrSF1ZnuMqtt4/kfOE9QPfLRpbqCNe+7JX5Z7z
 Cw8k+ATvm6Xc5QVEkc+8JTMft9lQaOdRJvldR2CVSqeFgIZWIrQ2NIG44m2GqO6b
 wqqUgmaMHd4cGJ4fgTn8G74GNzp4hpXzgTC9P881zC8qc+dKKJasTq1jSR3eWYKJ
 aE4Y+4EDjH/a0sP/zf97OfDzb/mGEpw8ng00g3o0qphFmSWMHVcoghB6wUZZcZGu
 VcGyoH+ztDdIcoD9HwVbkzMvYt9qrtMNrMUf3p1DRRNrrwcopSYnG6gZ9ArckgD4
 2VzxLrBbfS9tsWGAvOw/+c4SIxEzGQ0mcqHQeZONxLAi+zwkzuKVu973JBkvCBus
 aXpct8B2aMMxZeJ1ipWksj5PvAAEjhOquDqZrUtRiP7vg4156UiAhxW9x6hK//O1
 pof4jVBPZSYgrt3+PjADwK1fmPv01KkNa1dVi/Ew7fBJjGQNfJ12JlAYdSeoGG4i
 ds4OBbQH+Ko40++ZGu+n7xlk/0GQEw771c2GNDoA7ehHPg++S2yvrRoVVneyicur
 RYzwaPQ1nYrGAo3fAJEd
 =67pz
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/authz-core-pull-request' into staging

Add a standard authorization framework

The current network services now support encryption via TLS and in some
cases support authentication via SASL. In cases where SASL is not
available, x509 client certificates can be used as a crude authorization
scheme, but using a sub-CA and controlling who you give certs to. In
general this is not very flexible though, so this series introduces a
new standard authorization framework.

It comes with four initial authorization mechanisms

 - Simple - an exact username match. This is useful when there is
   exactly one user that is known to connect. For example when live
   migrating from one QEMU to another with TLS, libvirt would use
   the simple scheme to whitelist the TLS cert of the source QEMU.

 - List - an full access control list, with optional regex matching.
   This is more flexible and is used to provide 100% backcompat with
   the existing HMP ACL commands. The caveat is that we can't create
   these via the CLI -object arg yet.

 - ListFile - the same as List, but with the rules stored in JSON
   format in an external file. This avoids the -object limitation
   while also allowing the admin to change list entries on the file.
   QEMU uses inotify to notice these changes and auto-reload the
   file contents. This is likely a good default choice for most
   network services, if the "simple" mechanism isn't sufficient.

 - PAM - delegate the username lookup to a PAM module, which opens
   the door to many options including things like SQL/LDAP lookups.

# gpg: Signature made Tue 26 Feb 2019 15:33:46 GMT
# gpg:                using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/authz-core-pull-request:
  authz: delete existing ACL implementation
  authz: add QAuthZPAM object type for authorizing using PAM
  authz: add QAuthZListFile object type for a file access control list
  authz: add QAuthZList object type for an access control list
  authz: add QAuthZSimple object type for easy whitelist auth checks
  authz: add QAuthZ object as an authorization base class
  hw/usb: switch MTP to use new inotify APIs
  hw/usb: fix const-ness for string params in MTP driver
  hw/usb: don't set IN_ISDIR for inotify watch in MTP driver
  qom: don't require user creatable objects to be registered
  util: add helper APIs for dealing with inotify in portable manner

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-26 17:59:41 +00:00
Daniel P. Berrangé
3e6f45446b iotests: avoid broken pipe with certtool
When we run "certtool 2>&1 | head -1" the latter command is likely to
complete and exit before certtool has written everything it wants to
stderr. In at least the RHEL-7 gnutls 3.3.29 this causes certtool to
quit with broken pipe before it has finished writing the desired
output file to disk. This causes non-deterministic failures of the
iotest 233 because the certs are sometimes zero length files.
If certtool fails the "head -1" means we also lose any useful error
message it would have printed.

Thus this patch gets rid of the pipe and post-processes the output in a
more flexible & reliable manner.

Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190220145819.30969-3-berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2019-02-26 10:45:37 -06:00
Daniel P. Berrangé
84f8b840a2 iotests: ensure we print nbd server log on error
If we abort the iotest early the server.log file might contain useful
information for diagnosing the problem. Ensure its contents are
displayed in this case.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190220145819.30969-2-berrange@redhat.com>
[eblake: fix shell quoting]
Signed-off-by: Eric Blake <eblake@redhat.com>
2019-02-26 10:45:37 -06:00
Andrey Shinkevich
42eb4591fe iotests: handle TypeError for Python 3 in test 242
The data type for bytes in Python 3 differs from the one in Python 2.
The type cast that is compatible with both versions was applied.

Signed-off-by: Nir Soffer <nsoffer@redhat.com>
Signed-off-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Reported-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <1551197495-24425-1-git-send-email-andrey.shinkevich@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2019-02-26 10:37:06 -06:00
Daniel P. Berrange
b76806d4ec authz: delete existing ACL implementation
The 'qemu_acl' type was a previous non-QOM based attempt to provide an
authorization facility in QEMU. Because it is non-QOM based it cannot be
created via the command line and requires special monitor commands to
manipulate it.

The new QAuthZ subclasses provide a superset of the functionality in
qemu_acl, so the latter can now be deleted. The HMP 'acl_*' monitor
commands are converted to use the new QAuthZSimple data type instead
in order to provide temporary backwards compatibility.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2019-02-26 15:32:19 +00:00
Daniel P. Berrange
8953caf3cd authz: add QAuthZPAM object type for authorizing using PAM
Add an authorization backend that talks to PAM to check whether the user
identity is allowed. This only uses the PAM account validation facility,
which is essentially just a check to see if the provided username is permitted
access. It doesn't use the authentication or session parts of PAM, since
that's dealt with by the relevant part of QEMU (eg VNC server).

Consider starting QEMU with a VNC server and telling it to use TLS with
x509 client certificates and configuring it to use an PAM to validate
the x509 distinguished name. In this example we're telling it to use PAM
for the QAuthZ impl with a service name of "qemu-vnc"

 $ qemu-system-x86_64 \
     -object tls-creds-x509,id=tls0,dir=/home/berrange/security/qemutls,\
             endpoint=server,verify-peer=yes \
     -object authz-pam,id=authz0,service=qemu-vnc \
     -vnc :1,tls-creds=tls0,tls-authz=authz0

This requires an /etc/pam/qemu-vnc file to be created with the auth
rules. A very simple file based whitelist can be setup using

  $ cat > /etc/pam/qemu-vnc <<EOF
  account         requisite       pam_listfile.so item=user sense=allow file=/etc/qemu/vnc.allow
  EOF

The /etc/qemu/vnc.allow file simply contains one username per line. Any
username not in the file is denied. The usernames in this example are
the x509 distinguished name from the client's x509 cert.

  $ cat > /etc/qemu/vnc.allow <<EOF
  CN=laptop.berrange.com,O=Berrange Home,L=London,ST=London,C=GB
  EOF

More interesting would be to configure PAM to use an LDAP backend, so
that the QEMU authorization check data can be centralized instead of
requiring each compute host to have file maintained.

The main limitation with this PAM module is that the rules apply to all
QEMU instances on the host. Setting up different rules per VM, would
require creating a separate PAM service name & config file for every
guest. An alternative approach for the future might be to not pass in
the plain username to PAM, but instead combine the VM name or UUID with
the username. This requires further consideration though.

Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2019-02-26 15:32:19 +00:00
Daniel P. Berrangé
55d869846d authz: add QAuthZListFile object type for a file access control list
Add a QAuthZListFile object type that implements the QAuthZ interface. This
built-in implementation is a proxy around the QAuthZList object type,
initializing it from an external file, and optionally, automatically
reloading it whenever it changes.

To create an instance of this object via the QMP monitor, the syntax
used would be:

      {
        "execute": "object-add",
        "arguments": {
          "qom-type": "authz-list-file",
          "id": "authz0",
          "props": {
            "filename": "/etc/qemu/vnc.acl",
	    "refresh": true
          }
        }
      }

If "refresh" is "yes", inotify is used to monitor the file,
automatically reloading changes. If an error occurs during reloading,
all authorizations will fail until the file is next successfully
loaded.

The /etc/qemu/vnc.acl file would contain a JSON representation of a
QAuthZList object

    {
      "rules": [
         { "match": "fred", "policy": "allow", "format": "exact" },
         { "match": "bob", "policy": "allow", "format": "exact" },
         { "match": "danb", "policy": "deny", "format": "glob" },
         { "match": "dan*", "policy": "allow", "format": "exact" },
      ],
      "policy": "deny"
    }

This sets up an authorization rule that allows 'fred', 'bob' and anyone
whose name starts with 'dan', except for 'danb'. Everyone unmatched is
denied.

The object can be loaded on the comand line using

   -object authz-list-file,id=authz0,filename=/etc/qemu/vnc.acl,refresh=yes

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-02-26 15:32:18 +00:00