72186 Commits

Author SHA1 Message Date
Dmitry Poletaev
56f997500a Fix wrong behavior of cpu_memory_rw_debug() function in SMM
There is a problem, that you don't have access to the data using cpu_memory_rw_debug() function when in SMM. You can't remotely debug SMM mode program because of that for example.
Likely attrs version of get_phys_page_debug should be used to get correct asidx at the end to handle access properly.
Here the patch to fix it.

Signed-off-by: Dmitry Poletaev <poletaev@ispras.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-04 18:49:18 +02:00
Eric Auger
549d400587 memory: allow memory_region_register_iommu_notifier() to fail
Currently, when a notifier is attempted to be registered and its
flags are not supported (especially the MAP one) by the IOMMU MR,
we generally abruptly exit in the IOMMU code. The failure could be
handled more nicely in the caller and especially in the VFIO code.

So let's allow memory_region_register_iommu_notifier() to fail as
well as notify_flag_changed() callback.

All sites implementing the callback are updated. This patch does
not yet remove the exit(1) in the amd_iommu code.

in SMMUv3 we turn the warning message into an error message saying
that the assigned device would not work properly.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-04 18:49:18 +02:00
Eric Auger
d7d8783647 vfio: Turn the container error into an Error handle
The container error integer field is currently used to store
the first error potentially encountered during any
vfio_listener_region_add() call. However this fails to propagate
detailed error messages up to the vfio_connect_container caller.
Instead of using an integer, let's use an Error handle.

Messages are slightly reworded to accomodate the propagation.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-04 18:49:18 +02:00
Sebastian Andrzej Siewior
e900135dcf i386: Add CPUID bit for CLZERO and XSAVEERPTR
The CPUID bits CLZERO and XSAVEERPTR are availble on AMD's ZEN platform
and could be passed to the guest.

Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-04 18:49:17 +02:00
Paolo Bonzini
6f89ec7442 docker: test-debug: disable LeakSanitizer
There are just too many leaks in device-introspect-test (especially for
the plethora of arm and aarch64 boards) to make LeakSanitizer useful;
disable it for now.

Whoever is interested in debugging leaks can also use valgrind like this:

   QTEST_QEMU_BINARY=aarch64-softmmu/qemu-system-aarch64 \
   QTEST_QEMU_IMG=qemu-img \
   valgrind --trace-children=yes --leak-check=full \
   tests/device-introspect-test -p /aarch64/device/introspect/concrete/defaults/none

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-04 18:49:17 +02:00
Paolo Bonzini
e97dd6b2b3 lm32: do not leak memory on object_new/object_unref
Bottom halves and ptimers are malloced, but nothing in these
files is freeing memory allocated by instance_init.  Since
these are sysctl devices that are never unrealized, just moving
the allocations to realize is enough to avoid the leak in
practice (and also to avoid upsetting asan when running
device-introspect-test).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-10-04 18:49:17 +02:00
Paolo Bonzini
9739b11adc cris: do not leak struct cris_disasm_data
Use a stack-allocated struct to avoid a memory leak.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-04 18:49:17 +02:00
Paolo Bonzini
0287d89f3e mips: fix memory leaks in board initialization
They are not a big deal, but they upset asan.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2019-10-04 18:49:17 +02:00
Paolo Bonzini
266a880e31 hppa: fix leak from g_strdup_printf
memory_region_init_* takes care of copying the name into memory it owns.
Free it in the caller.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-10-04 18:49:17 +02:00
Paolo Bonzini
67c1ea9940 mcf5208: fix leak from qemu_allocate_irqs
The array returned by qemu_allocate_irqs is malloced, free it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2019-10-04 18:49:16 +02:00
Paolo Bonzini
100781a8cd microblaze: fix leak of fdevice tree blob
The device tree blob returned by load_device_tree is malloced.
Free it before returning.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-10-04 18:49:16 +02:00
Paolo Bonzini
f5f72e8f31 ide: fix leak from qemu_allocate_irqs
The array returned by qemu_allocate_irqs is malloced, free it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2019-10-04 18:49:16 +02:00
Thomas Huth
c0ff379514 hw/isa: Introduce a CONFIG_ISA_SUPERIO switch for isa-superio.c
Currently, isa-superio.c is always compiled as soon as CONFIG_ISA_BUS
is enabled. But there are also machines that have an ISA BUS without
any of the superio chips attached to it, so we should not compile
isa-superio.c in case we only compile a QEMU for such a machine.
Thus add a proper CONFIG_ISA_SUPERIO switch so that this file only gets
compiled when we really, really need it.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-04 18:49:16 +02:00
Pavel Dovgalyuk
86cf9e1546 replay: don't synchronize memory operations in replay mode
Commit 9458a9a1df1a4c719e24512394d548c1fc7abd22 added synchronization
of vCPU and migration operations through calling run_on_cpu operation.
However, in replay mode this synchronization is unneeded, because
I/O and vCPU threads are already synchronized.
This patch disables such synchronization for record/replay mode.

Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@gmail.com>
2019-10-03 12:58:02 +02:00
Maxim Levitsky
b2aca78cb2 qemu-pr-helper: fix crash in mpath_reconstruct_sense
The 'r' variable was accidently shadowed, and because of this
we were always passing 0 to mpath_generic_sense, instead of original
return value, which triggers an abort()

This is an attempt to fix the
https://bugzilla.redhat.com/show_bug.cgi?id=1720047
although there might be other places in the code
that trigger qemu-pr-helper crash, and this fix might
not be the root cause.

The crash was reproduced by creating an iscsi target on a test machine,
and passing it twice to the guest like that:

-blockdev node-name=idisk0,driver=iscsi,transport=...,target=...
-device scsi-block,drive=idisk0,bus=scsi0.0,bootindex=-1,scsi-id=1,lun=0,share-rw=on
-device scsi-block,drive=idisk0,bus=scsi0.0,bootindex=-1,scsi-id=1,lun=1,share-rw=on

Then in the guest, both /dev/sda and /dev/sdb were aggregated by multipath to /dev/mpatha,
which was passed to a nested guest like that

-object pr-manager-helper,id=qemu_pr_helper,path=/root/work/vm/testvm/.run/pr_helper.socket
-blockdev node-name=test,driver=host_device,filename=/dev/mapper/mpatha,pr-manager=qemu_pr_helper
-device scsi-block,drive=test,bus=scsi0.0,bootindex=-1,scsi-id=0,lun=0

The nested guest run:

sg_persist --no-inquiry  -v --out --register --param-sark 0x1234 /dev/sda

Strictly speaking this is wrong configuration since qemu is where
the multipath was split, and thus the iscsi target was not aware of
multipath, and thus when libmpathpersist code rightfully tried to register
the PR key on all paths, it failed to do so.

However qemu-pr-helper should not crash in this case.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-03 12:58:02 +02:00
Yury Kotov
8c51642b42 tests/migration: Add a test for auto converge
Signed-off-by: Yury Kotov <yury-kotov@yandex-team.ru>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190909131335.16848-4-yury-kotov@yandex-team.ru>
[Reorganize check_migration_status for rebase. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-03 12:48:42 +02:00
Alex Bennée
87287ac02c accel/kvm: ensure ret always set
Some of the cross compilers rightly complain there are cases where ret
may not be set. 0 seems to be the reasonable default unless particular
slot explicitly returns -1.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-10-03 12:48:42 +02:00
Peter Maydell
7f21573c82 - Fix and re-enable the usb-hcd-ehci-test
- Silence a Coverity warning in hw/m68k/next-cube.c
 - Fix crash that can occur when using bad binaries with "-kernel"
 - Disallow colons in the "-accel" parameter
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAl2TJGERHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbWuvg//cxdPsYPv5R8Lph4ZUE4Yo50QM+x/4udh
 EgjrpGspvRaA0o8yUHTWQHcQYDMRhCqKn1kKOVuRik8zXQC2oHGLGerm2zKUTkIq
 er5LWmeHomfjnOzChJk1OlHTOiySx/I2q1y76Aa7YHBp+HTbkvgrY5USPig3h+CL
 OxD3UYHMoUaEB9WeBUnPYIf6DDPp7W+qrgfmhDP+X+8+c7v6+U2uXP1ina1JKOYQ
 28w4t4se3pPlCuzpPG6FkQJ3xPpEPABVcLfhkDY+bcVsVpHGxK9+Bji89Qux1gYK
 0umdDCQ6EFto6X3BCV8x51+q0sjZ0NJQopsB1LEfF6zYWw+VJuZ2R/xsQ7bw/0BH
 VlX+CRsBkUONHzaZoUdEbtXRE2CWrUVxCjaAUZiMf6Cy/bwptkcdibMdUbpkX94i
 E7XGVZyKB+3blYv6XM4fD3tfcBI7fsTFoTgL6EThu8TwFujZS/1W/VL+DlVcfWmo
 Y5vo/uZMsxhnsiXTpRGJhEf0+AoBtlwEqS3kQ/KmRtRttOTnnGtQdu7SSEsqCEju
 VqJHRdUZbApmpHnXZP0nauXziMdom9f8jqspneb2S6IZKFLvDVeZilzoq1a99iXP
 Jie6jueQpOxHJgVUTZ9904sSsE/YoUe9Inv+hc2GVdrTVFkVIJDv1jaZg3euA625
 Idzul0nSn2U=
 =/g3G
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2019-10-01' into staging

- Fix and re-enable the usb-hcd-ehci-test
- Silence a Coverity warning in hw/m68k/next-cube.c
- Fix crash that can occur when using bad binaries with "-kernel"
- Disallow colons in the "-accel" parameter

# gpg: Signature made Tue 01 Oct 2019 11:03:13 BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2019-10-01:
  Disallow colons in the parameter of "-accel"
  hw/core/loader: Fix possible crash in rom_copy()
  hw/m68k/next-cube: Avoid static RTC variables and introduce control register
  tests: fix echi/ehci typo
  tests: fix usb-hcd-ehci-test compilation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-10-01 13:13:38 +01:00
Peter Maydell
2094695689 QAPI patches for 2019-09-28
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAl2PebUSHGFybWJydUBy
 ZWRoYXQuY29tAAoJEDhwtADrkYZT/VEP/Rru2BgOV/6OSIunW9Ii6qUsVNYtYM0L
 4XrOaVJBhNnakAdPPphXmhk6iRCJESZ+4z+s4Iw+yD4aSRYEWowMFi1blaIk+3lH
 BNBllepKrvX9ZZyMHCooKrrO2PEPOPRin5izCDn5O93onQjwzXfWtuxZRn6WaLzB
 MOtixr340ysa+KNktpAWWPH/NJFq+LLvyQVUdN5xR1i5YBEVE9s0uZg9uq+zpFEg
 xSw45BDQSCjNNywd5mqJ0x+y7PCeGAINS9el43ernn654qVXpNgYepE3PpkCjCH7
 snFKFJA8+h1VjXPd8/amJimD11+CFIUlhvtlVwccCWme8PRE6Hveerf7FvexnjpN
 yGfDOV2ezgrnFspAjI3hrPfsF1Vfxe+eDOUg+y9xGtRgD5LsWmkUBEukKZocVYQG
 H52BT6qt3IlUbWVPuHlWEUOsWKk7e3IeAZgnoaafRxwmLHaVWX0SPZCGm1Bfvxe2
 LxXnS/pPWubyTrmQA9xCDhILrvkquCyOVBufFnS6D3h45psQKXr2Rh+vVjnYslRR
 /B1tDAFZvu9Q6+Y9//AnnLhTZlEPf+qg7Ajv+rH8PTl7SbB/tNVI+vrJJCp5AJab
 OifkqahV4H12STf4N2R3g4j/HqPj2PB1/GdLpmOc94ZY5h8GMxviEpwZkKTnw5xD
 zhwDdMVqL6c1
 =CNvl
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2019-09-28' into staging

QAPI patches for 2019-09-28

# gpg: Signature made Sat 28 Sep 2019 16:18:13 BST
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2019-09-28: (27 commits)
  qapi: Improve source file read error handling
  qapi: Improve reporting of redefinition
  qapi: Improve reporting of missing documentation comment
  qapi: Eliminate check_keys(), rename check_known_keys()
  qapi: Improve reporting of invalid 'if' further
  qapi: Avoid redundant definition references in error messages
  qapi: Improve reporting of missing / unknown definition keys
  qapi: Improve reporting of invalid flags
  qapi: Improve reporting of invalid 'if' errors
  qapi: Move context-free checking to the proper place
  qapi: Move context-sensitive checking to the proper place
  qapi: Inline check_name() into check_union()
  qapi: Plumb info to the QAPISchemaMember
  qapi: Make check_type()'s array case a bit more obvious
  qapi: Move check for reserved names out of add_name()
  qapi: Report invalid '*' prefix like any other invalid name
  qapi: Use check_name_str() where it suffices
  qapi: Improve reporting of invalid name errors
  qapi: Reorder check_FOO() parameters for consistency
  qapi: Improve reporting of member name clashes
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-10-01 11:40:15 +01:00
Thomas Huth
3d5e90a50b Disallow colons in the parameter of "-accel"
Everybody who used something like "-machine accel=kvm:tcg" in the past
might be tempted to specify a similar list with the -accel parameter,
too, for example "-accel kvm:tcg". However, this is not how this
options is thought to be used, since each "-accel" should only take care
of one specific accelerator.

In the long run, we really should rework the "-accel" code completely,
so that it does not set "-machine accel=..." anymore internally, but
is completely independent from "-machine". For the short run, let's
make sure that users cannot use "-accel xyz:tcg", so that we avoid
that we have to deal with such cases in the wild later.

Message-Id: <20190930123505.11607-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-10-01 11:54:17 +02:00
Thomas Huth
e423455c4f hw/core/loader: Fix possible crash in rom_copy()
Both, "rom->addr" and "addr" are derived from the binary image
that can be loaded with the "-kernel" paramer. The code in
rom_copy() then calculates:

    d = dest + (rom->addr - addr);

and uses "d" as destination in a memcpy() some lines later. Now with
bad kernel images, it is possible that rom->addr is smaller than addr,
thus "rom->addr - addr" gets negative and the memcpy() then tries to
copy contents from the image to a bad memory location. This could
maybe be used to inject code from a kernel image into the QEMU binary,
so we better fix it with an additional sanity check here.

Cc: qemu-stable@nongnu.org
Reported-by: Guangming Liu
Buglink: https://bugs.launchpad.net/qemu/+bug/1844635
Message-Id: <20190925130331.27825-1-thuth@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-10-01 11:42:27 +02:00
Thomas Huth
cd4fc14207 hw/m68k/next-cube: Avoid static RTC variables and introduce control register
Coverity currently complains that the "if (0x00 & (0x80 >> (phase - 8))"
in next-cube.c can never be true. Right it is. The "0x00" is meant as value
of the control register of the RTC, which is currently not implemented yet.
Thus, let's add a register variable for this now. However, the RTC
registers are currently defined as static variables in nextscr2_write(),
which is quite ugly. Thus let's also move the RTC variables to the main
machine state instead. In the long run, we should likely even refactor
the whole RTC code into a separate device in a separate file, but that's
something for calm winter nights later... as a first step, cleaning up
the static variables and shutting up the warning from Coverity should
be sufficient.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20190921091738.26953-1-huth@tuxfamily.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
2019-10-01 11:42:27 +02:00
Marc-André Lureau
343143a665 tests: fix echi/ehci typo
While at it, simplify using $(land).

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190926111955.17276-3-marcandre.lureau@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Fixes: dad5ddcea3b661 ("check: Only test usb-ehci when it is compiled in")
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-10-01 11:42:27 +02:00
Marc-André Lureau
7110776b01 tests: fix usb-hcd-ehci-test compilation
Fixes commit
e5758de4e836c3b2edc2befd904651fc6967d74f ("tests/libqtest: Make
qtest_qmp_device_add/del independent from global_qtest")

and commit
dd210749727530cdef7c335040edbf81c3c5d041 ("tests/libqtest: Use
libqtest-single.h in tests that require global_qtest").

Cc: Thomas Huth <thuth@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190926111955.17276-2-marcandre.lureau@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-10-01 11:42:27 +02:00
Peter Maydell
95e9d74fe4 - do not abuse memory_region_allocate_system_memory and split the memory
according to KVM memslots in KVM code instead (Paolo, Igor)
 - change splitting to split at 4TB (Christian)
 - do not claim s390 (31bit) support in configure (Thomas)
 - sclp error checking (Janosch, Claudio)
 - new s390 pci maintainer (Matt, Collin)
 - fix s390 pci (again) (Matt)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJdkeyTAAoJEBF7vIC1phx89SYP/0in+ZJb85eY5s1LwNuJLAuk
 XeMlCFhLPvd6rxxmSg355IFj721ck8V33JhsGNRKstOFZw5BpxUdOadwTLDZrzv1
 0FReyjmgBNZXH+xJj+LqD2DAxSs9EE1Sd2sLQhxbVzrI/6bYOKlU1IQHs7ssfqQa
 /F5G1sHzgWkNUOhXazQNCWtqMY+y2KrcpcRX1whr+/tYabE+9XSNphZ+D8fTdac6
 URBeg147mVh3I1haZ4uumjT+ycFz/CtOScKcHoqlLiLIHfAcxF4WhMPkeaAzY/DR
 BS+q6OBnZ+zLKMQ6ydTViWCrHRBIA3UMX4rCuiPwefBpz3YY5KvTPXIlUOf8l/q4
 NLw/L3fS7s1UeTUviTHB8toVPveTHT7vrk6RhIgTntpdiDzO4C4AF80V3/fzeMER
 4JWYAJfm+9Myodmc4p1nZIkkf18dhfboczDiSIsyYrhxVPNVGErauIc2eGuuNgAL
 hFDAUWI/0pXue8uVsN7+z9Kp1MwTNSy8LFA+Rq/2ih4VtRp/smDX2Gsm9agB6WkB
 meuutRFY971CxRwb8SZMET4R6Kxt2Hx/edZlz/kKsxGLFDHjdOiTjPhckz+BaUPa
 nHv4dR5FsgO6ZP8fujJjTnQ5S3LYht53Zidi5nlbhELJa9FRZw0S0CNXtkKjy2ee
 bP0MbSPEDCY7jr7G+VNG
 =mD2v
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20190930' into staging

- do not abuse memory_region_allocate_system_memory and split the memory
  according to KVM memslots in KVM code instead (Paolo, Igor)
- change splitting to split at 4TB (Christian)
- do not claim s390 (31bit) support in configure (Thomas)
- sclp error checking (Janosch, Claudio)
- new s390 pci maintainer (Matt, Collin)
- fix s390 pci (again) (Matt)

# gpg: Signature made Mon 30 Sep 2019 12:52:51 BST
# gpg:                using RSA key 117BBC80B5A61C7C
# gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@de.ibm.com>" [full]
# Primary key fingerprint: F922 9381 A334 08F9 DBAB  FBCA 117B BC80 B5A6 1C7C

* remotes/borntraeger/tags/s390x-20190930:
  s390/kvm: split kvm mem slots at 4TB
  s390: do not call memory_region_allocate_system_memory() multiple times
  kvm: split too big memory section on several memslots
  kvm: clear dirty bitmaps from all overlapping memslots
  kvm: extract kvm_log_clear_one_slot
  configure: Remove s390 (31-bit mode) from the list of supported CPUs
  s390x: sclp: Report insufficient SCCB length
  s390x: sclp: fix error handling for oversize control blocks
  s390x: sclp: boundary check
  s390x: sclp: refactor invalid command check
  s390: PCI: fix IOMMU region init
  MAINTAINERS: Update S390 PCI Maintainer

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-09-30 14:21:56 +01:00
Christian Borntraeger
c5b9ce518c s390/kvm: split kvm mem slots at 4TB
Instead of splitting at an unaligned address, we can simply split at
4TB.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
2019-09-30 13:51:50 +02:00
Igor Mammedov
fb1fc5a82b s390: do not call memory_region_allocate_system_memory() multiple times
s390 was trying to solve limited KVM memslot size issue by abusing
memory_region_allocate_system_memory(), which breaks API contract
where the function might be called only once.

Beside an invalid use of API, the approach also introduced migration
issue, since RAM chunks for each KVM_SLOT_MAX_BYTES are transferred in
migration stream as separate RAMBlocks.

After discussion [1], it was agreed to break migration from older
QEMU for guest with RAM >8Tb (as it was relatively new (since 2.12)
and considered to be not actually used downstream).
Migration should keep working for guests with less than 8TB and for
more than 8TB with QEMU 4.2 and newer binary.
In case user tries to migrate more than 8TB guest, between incompatible
QEMU versions, migration should fail gracefully due to non-exiting
RAMBlock ID or RAMBlock size mismatch.

Taking in account above and that now KVM code is able to split too
big MemorySection into several memslots, partially revert commit
 (bb223055b s390-ccw-virtio: allow for systems larger that 7.999TB)
and use kvm_set_max_memslot_size() to set KVMSlot size to
KVM_SLOT_MAX_BYTES.

1) [PATCH RFC v2 4/4] s390: do not call  memory_region_allocate_system_memory() multiple times

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20190924144751.24149-5-imammedo@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:50 +02:00
Igor Mammedov
023ae9a88a kvm: split too big memory section on several memslots
Max memslot size supported by kvm on s390 is 8Tb,
move logic of splitting RAM in chunks upto 8T to KVM code.

This way it will hide KVM specific restrictions in KVM code
and won't affect board level design decisions. Which would allow
us to avoid misusing memory_region_allocate_system_memory() API
and eventually use a single hostmem backend for guest RAM.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20190924144751.24149-4-imammedo@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:50 +02:00
Paolo Bonzini
84516e5b8d kvm: clear dirty bitmaps from all overlapping memslots
Currently MemoryRegionSection has 1:1 mapping to KVMSlot.
However next patch will allow splitting MemoryRegionSection into
several KVMSlot-s, make sure that kvm_physical_log_slot_clear()
is able to handle such 1:N mapping.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Message-Id: <20190924144751.24149-3-imammedo@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:50 +02:00
Paolo Bonzini
4222147dfb kvm: extract kvm_log_clear_one_slot
We may need to clear the dirty bitmap for more than one KVM memslot.
First do some code movement with no semantic change.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Message-Id: <20190924144751.24149-2-imammedo@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
[fixup line break]
2019-09-30 13:51:50 +02:00
Thomas Huth
ee35e9684c configure: Remove s390 (31-bit mode) from the list of supported CPUs
On IBM Z, KVM in the kernel is only implemented for 64-bit mode, and
with regards to TCG, we also only support 64-bit host CPUs (see the
check at the beginning of tcg/s390/tcg-target.inc.c), so we should
remove s390 (without "x", i.e. the old 31-bit mode CPUs) from the
list of supported CPUs.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190928190334.6897-1-thuth@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:50 +02:00
Claudio Imbrenda
832be0d8a3 s390x: sclp: Report insufficient SCCB length
Return the correct error code when the SCCB buffer is too small to
contain all of the output, for the Read SCP Information and
Read CPU Information commands.

Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
Reviewed-by: Jason J. Herne <jjherne@linux.ibm.com>
Message-Id: <1569591203-15258-5-git-send-email-imbrenda@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:50 +02:00
Janosch Frank
d959f6cf50 s390x: sclp: fix error handling for oversize control blocks
Requests over 4k are not a spec exception.

Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Reviewed-by: Jason J. Herne <jjherne@linux.ibm.com>
Message-Id: <1569591203-15258-4-git-send-email-imbrenda@linux.ibm.com>
Acked-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:50 +02:00
Janosch Frank
6f6c9333ef s390x: sclp: boundary check
All sclp codes need to be checked for page boundary violations.

Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Reviewed-by: Jason J. Herne <jjherne@linux.ibm.com>
Message-Id: <1569591203-15258-3-git-send-email-imbrenda@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:50 +02:00
Janosch Frank
679b844756 s390x: sclp: refactor invalid command check
Invalid command checking has to be done before the boundary check,
refactoring it now allows to insert the boundary check at the correct
place later.

Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Reviewed-by: Jason J. Herne <jjherne@linux.ibm.com>
Message-Id: <1569591203-15258-2-git-send-email-imbrenda@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:49 +02:00
Matthew Rosato
7df1dac5f1 s390: PCI: fix IOMMU region init
The fix in dbe9cf606c shrinks the IOMMU memory region to a size
that seems reasonable on the surface, however is actually too
small as it is based against a 0-mapped address space.  This
causes breakage with small guests as they can overrun the IOMMU window.

Let's go back to the prior method of initializing iommu for now.

Fixes: dbe9cf606c ("s390x/pci: Set the iommu region size mpcifc request")
Cc: qemu-stable@nongnu.org
Reviewed-by: Pierre Morel <pmorel@linux.ibm.com>
Reported-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Tested-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reported-by: Stefan Zimmerman <stzi@linux.ibm.com>
Signed-off-by: Matthew Rosato <mjrosato@linux.ibm.com>
Message-Id: <1569507036-15314-1-git-send-email-mjrosato@linux.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:49 +02:00
Matthew Rosato
ecd6663d95 MAINTAINERS: Update S390 PCI Maintainer
As discussed previously with Collin, I will take over maintaining
s390 pci.

Signed-off-by: Matthew Rosato <mjrosato@linux.ibm.com>
Message-Id: <1569590461-12562-1-git-send-email-mjrosato@linux.ibm.com>
Acked-by: Collin Walling <walling@linux.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2019-09-30 13:51:49 +02:00
Peter Maydell
786d36ad41 target-arm queue:
* Fix the CBAR register implementation for Cortex-A53,
    Cortex-A57, Cortex-A72
  * Fix direct booting of Linux kernels on emulated CPUs
    which have an AArch32 EL3 (incorrect NSACR settings
    meant they could not access the FPU)
  * semihosting cleanup: do more work at translate time
    and less work at runtime
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAl2OHYsZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3oHlD/4iD57WzVkf2EagPg61EbqV
 KJU0bloj6lpfhI410zv6RLfSxRhuJKj1voBPl0wh/uWz4kIHBjcYZgRQGZz5+Fem
 XE4j7bLfgXlbYkjl6CFo3oqZJM+iVmMofKVbpj7nEnO6cB9nW2O4Uk88vPTqCRUp
 uip/ZveoQ3WvzyM8ERWiIiGZrvCRPnfTFvWGNEDd+ESx3ACmNbeAHilMURESkXR8
 3iRt83bzL+H7xRpVEmLvUAbjJlf+4dzyftJSwTDquLsu+g4I45BDe1ki7ip9U06B
 EvgNZ0TKchNI2kn6I4R0XAYAdZyKRONWqYTPE3xEtweihLwOKYsKfQViSHkhYxuE
 upqMfsSzpT2ivqMb5myFU8JbG6jZZGTguAZ40MQT073gckgFoFfWjAtzR0fWa/Cy
 VJ79fWIfOXrRsc76UDBeDuJ3CFEliFMSzDJWwglxlp9JX6ckfHH0Vwfmj9NPcuRw
 AeAkI7Xh+emNKftJzNtC+6Ba7jMhMLLDBoe1r3NQYK1BFg/JRtkGCja3UAswotXH
 hEYMicbMnkhOGEKxjKL0jbl33XKKAVq3pens2tT0QIz3Xqzh9iIcceCnv4MsddK9
 MPU8yfQYcj6eNxVBLofhuRGURMK4BpQzj2Rxg03G3dRpFuNEwneUrx64q8lEv4Y5
 EWSFxOoBPEpooiMCoboZ/A==
 =/0m2
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190927' into staging

target-arm queue:
 * Fix the CBAR register implementation for Cortex-A53,
   Cortex-A57, Cortex-A72
 * Fix direct booting of Linux kernels on emulated CPUs
   which have an AArch32 EL3 (incorrect NSACR settings
   meant they could not access the FPU)
 * semihosting cleanup: do more work at translate time
   and less work at runtime

# gpg: Signature made Fri 27 Sep 2019 15:32:43 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20190927:
  hw/arm/boot: Use the IEC binary prefix definitions
  hw/arm/boot.c: Set NSACR.{CP11,CP10} for NS kernel boots
  tests/tcg: add linux-user semihosting smoke test for ARM
  target/arm: remove run-time semihosting checks for linux-user
  target/arm: remove run time semihosting checks
  target/arm: handle A-profile semihosting at translate time
  target/arm: handle M-profile semihosting at translate time
  tests/tcg: clean-up some comments after the de-tangling
  target/arm: fix CBAR register for AArch64 CPUs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	tests/tcg/arm/Makefile.target
2019-09-30 11:02:22 +01:00
Markus Armbruster
c615550df3 qapi: Improve source file read error handling
qapi-gen.py crashes when it can't open the main schema file, and when
it can't read from any schema file.  Lazy.

Change QAPISchema.__init__() to take a file name instead of a file
object.  Move the open code from _include() to __init__(), so it's
used for the main schema file, too.

Move the read into the try for good measure, and rephrase the error
message.

Reporting open or read failure for the main schema file needs a
QAPISourceInfo representing "no source".  Make QAPISourceInfo cope
with fname=None.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-27-armbru@redhat.com>
2019-09-28 17:17:48 +02:00
Markus Armbruster
56d2df5e65 qapi: Improve reporting of redefinition
Point to the previous definition, unless it's a built-in.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-26-armbru@redhat.com>
2019-09-28 17:17:48 +02:00
Markus Armbruster
f63326985a qapi: Improve reporting of missing documentation comment
Have check_exprs() check this later, so the error message gains an "in
definition line".  Tweak the error message.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-25-armbru@redhat.com>
2019-09-28 17:17:48 +02:00
Markus Armbruster
13b3997f14 qapi: Eliminate check_keys(), rename check_known_keys()
check_keys() has become a trivial wrapper for check_known_keys().
Eliminate it.

This makes its name available.  Rename check_known_keys().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-24-armbru@redhat.com>
2019-09-28 17:17:48 +02:00
Markus Armbruster
fab12376d0 qapi: Improve reporting of invalid 'if' further
check_if()'s errors don't point to the offending part of the
expression.  For instance:

    tests/qapi-schema/alternate-branch-if-invalid.json:2: 'if' condition ' ' makes no sense

Other check_FOO() do, with the help of a @source argument.  Make
check_if() do that, too.  The example above improves to:

    tests/qapi-schema/alternate-branch-if-invalid.json:2: 'if' condition ' ' of 'data' member 'branch' makes no sense

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190927134639.4284-23-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-28 17:17:45 +02:00
Markus Armbruster
eeb57c85da qapi: Avoid redundant definition references in error messages
Many error messages refer to the offending definition even though
they're preceded by an "in definition" line.  Rephrase them.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190927134639.4284-22-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-09-28 17:17:32 +02:00
Markus Armbruster
3f58cc29a8 qapi: Improve reporting of missing / unknown definition keys
Have check_exprs() call check_keys() later, so its error messages gain
an "in definition" line.

Both check_keys() and check_name_is_str() check the definition's name
is a string.  Since check_keys() now runs after check_name_is_str()
rather than before, its check is dead.  Bury it.  Checking values in
check_keys() is unclean anyway.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-21-armbru@redhat.com>
2019-09-28 17:17:19 +02:00
Markus Armbruster
a6735a5743 qapi: Improve reporting of invalid flags
Split check_flags() off check_keys() and have check_exprs() call it
later, so its error messages gain an "in definition" line.  Tweak the
error messages.

Checking values in a function named check_keys() is unclean anyway.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-20-armbru@redhat.com>
2019-09-28 17:17:19 +02:00
Markus Armbruster
576f0b8a53 qapi: Improve reporting of invalid 'if' errors
Move check_if() from check_keys() to check_exprs() and call it later,
so its error messages gain an "in definition" line.

Checking values in a function named check_keys() is unclean anyway.
The original sin was commit 0545f6b887 "qapi: Better error messages
for bad expressions", which checks the value of key 'name'.  More
sinning in commit 2cbf09925a "qapi: More rigorous checking for type
safety bypass", commit c818408e44 "qapi: Implement boxed types for
commands/events", and commit 967c885108 "qapi: add 'if' to top-level
expressions".  This commit does penance for the latter.  The next
commits will do penance for the others.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-19-armbru@redhat.com>
2019-09-28 17:17:19 +02:00
Markus Armbruster
4ebda5abdb qapi: Move context-free checking to the proper place
QAPISchemaCommand.check() and QAPISchemaEvent().check() check 'data'
is present when 'boxed': true.  That's context-free.  Move to
check_command() and check_event().

Tweak the error message while there.

check_exprs() & friends now check exactly what qapi-code-gen.txt calls
the second layer of syntax.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-18-armbru@redhat.com>
2019-09-28 17:17:19 +02:00
Markus Armbruster
fa110c6a9e qapi: Move context-sensitive checking to the proper place
When we introduced the QAPISchema intermediate representation (commit
ac88219a6c7), we took a shortcut: we left check_exprs() & friends
alone instead of moving semantic checks into the
QAPISchemaFOO.check().  The .check() assert check_exprs() did its job.

Time to finish the conversion job.  Move exactly the context-sensitive
checks to the .check().  They replace assertions there.  Context-free
checks stay put.

Fixes the misleading optional tag error demonstrated by test
flat-union-optional-discriminator.

A few other error message improve.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-17-armbru@redhat.com>
2019-09-28 17:17:19 +02:00
Markus Armbruster
77daece3d9 qapi: Inline check_name() into check_union()
check_name() consists of check_name_is_str() and check_name_str().
check_union() relies on the latter to catch optional discriminators.
The next commit will replace that by a more straightforward check.
Inlining check_name() into check_union() now should make that easier
to review.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190927134639.4284-16-armbru@redhat.com>
2019-09-28 17:17:19 +02:00