Commit Graph

97509 Commits

Author SHA1 Message Date
Peter Delevoryas
1f30db922c hw/gpio/aspeed: Don't let guests modify input pins
Up until now, guests could modify input pins by overwriting the data
value register. The guest OS should only be allowed to modify output pin
values, and the QOM property setter should only be permitted to modify
input pins.

This change also updates the gpio input pin test to match this
expectation.

Andrew suggested this particularly refactoring here:

    https://lore.kernel.org/qemu-devel/23523aa1-ba81-412b-92cc-8174faba3612@www.fastmail.com/

Suggested-by: Andrew Jeffery <andrew@aj.id.au>
Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Fixes: 4b7f956862 ("hw/gpio: Add basic Aspeed GPIO model for AST2400 and AST2500")
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220712023219.41065-3-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
35c86423d3 qtest/aspeed_gpio: Add input pin modification test
Verify the current behavior, which is that input pins can be modified by
guest OS register writes.

Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220712023219.41065-2-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Iris Chen
8abf9ba472 hw: m25p80: add tests for BP and TB bit write protect
Signed-off-by: Iris Chen <irischenlj@fb.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220627185234.1911337-3-irischenlj@fb.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Iris Chen
2113a12897 hw: m25p80: Add Block Protect and Top Bottom bits for write protect
Signed-off-by: Iris Chen <irischenlj@fb.com>
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Message-Id: <20220708164552.3462620-1-irischenlj@fb.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Cédric Le Goater
bceb4d994d test/avocado/machine_aspeed.py: Add SDK tests
The Aspeed SDK kernel usually includes support for the lastest HW
features. This is interesting to exercise QEMU and discover the gaps
in the models.

Add extra I2C tests for the AST2600 EVB machine to check the new
register interface.

Message-Id: <20220707091239.1029561-1-clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Cédric Le Goater
1d6fb3d058 docs: aspeed: Minor updates
Some more controllers have been modeled recently. Reflect that in the
list of supported devices. New machines were also added.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-Id: <20220706172131.809255-1-clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
19d7c0d460 docs: aspeed: Add fby35 multi-SoC machine section
Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
[ clg: - fixed URL links
       - Moved Facebook Yosemite section at the end of the file ]
Message-Id: <20220705191400.41632-10-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
d5829a2920 aspeed: Add AST1030 (BIC) to fby35
With the BIC, the easiest way to run everything is to create two pty's
for each SoC and reserve stdin/stdout for the monitor:

    wget https://github.com/facebook/openbmc/releases/download/openbmc-e2294ff5d31d/fby35.mtd
    wget https://github.com/peterdelevoryas/OpenBIC/releases/download/oby35-cl-2022.13.01/Y35BCL.elf
    qemu-system-arm -machine fby35 \
        -drive file=fby35.mtd,format=raw,if=mtd \
        -device loader,file=fby35.mtd,addr=0,cpu-num=0 \
        -serial pty -serial pty -serial mon:stdio -display none -S

    screen /dev/ttys0
    screen /dev/ttys1
    (qemu) c

This commit only adds the the first server board's Bridge IC, but in the
future we'll try to include the other three server board Bridge IC's
too.

Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220705191400.41632-9-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Cédric Le Goater
9cd8c41d7a aspeed: fby35: Add a bootrom for the BMC
The BMC boots from the first flash device by fetching instructions
from the flash contents. Add an alias region on 0x0 for this
purpose. There are currently performance issues with this method (TBs
being flushed too often), so as a faster alternative, install the
flash contents as a ROM in the BMC memory space.

See commit 1a15311a12 ("hw/arm/aspeed: add a 'execute-in-place'
property to boot directly from CE0")

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Peter Delevoryas <peter@pjd.dev>
[ clg: blk_pread() fixes ]
Message-Id: <20220705191400.41632-8-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
778e14cc5c aspeed: Add AST2600 (BMC) to fby35
You can test booting the BMC with both '-device loader' and '-drive
file'. This is necessary because of how the fb-openbmc boot sequence
works (jump to 0x20000000 after U-Boot SPL).

    wget https://github.com/facebook/openbmc/releases/download/openbmc-e2294ff5d31d/fby35.mtd
    qemu-system-arm -machine fby35 -nographic \
        -device loader,file=fby35.mtd,addr=0,cpu-num=0 -drive file=fby35.mtd,format=raw,if=mtd

Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220705191400.41632-7-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
c2f58c2fa2 aspeed: Add fby35 skeleton
Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220705191400.41632-6-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
1099ad10b0 aspeed: Make aspeed_board_init_flashes public
Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220705191400.41632-5-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
d2b3eaefb4 aspeed: Refactor UART init for multi-SoC machines
This change moves the code that connects the SoC UART's to serial_hd's
to the machine.

It makes each UART a proper child member of the SoC, and then allows the
machine to selectively initialize the chardev for each UART with a
serial_hd.

This should preserve backwards compatibility, but also allow multi-SoC
boards to completely change the wiring of serial devices from the
command line to specific SoC UART's.

This also removes the uart-default property from the SoC, since the SoC
doesn't need to know what UART is the "default" on the machine anymore.

I tested this using the images and commands from the previous
refactoring, and another test image for the ast1030:

    wget https://github.com/facebook/openbmc/releases/download/v2021.49.0/fuji.mtd
    wget https://github.com/facebook/openbmc/releases/download/v2021.49.0/wedge100.mtd
    wget https://github.com/peterdelevoryas/OpenBIC/releases/download/oby35-cl-2022.13.01/Y35BCL.elf

Fuji uses UART1:

    qemu-system-arm -machine fuji-bmc \
        -drive file=fuji.mtd,format=raw,if=mtd \
        -nographic

ast2600-evb uses uart-default=UART5:

    qemu-system-arm -machine ast2600-evb \
        -drive file=fuji.mtd,format=raw,if=mtd \
        -serial null -serial mon:stdio -display none

Wedge100 uses UART3:

    qemu-system-arm -machine palmetto-bmc \
        -drive file=wedge100.mtd,format=raw,if=mtd \
        -serial null -serial null -serial null \
        -serial mon:stdio -display none

AST1030 EVB uses UART5:

    qemu-system-arm -machine ast1030-evb \
        -kernel Y35BCL.elf -nographic

Fixes: 6827ff20b2 ("hw: aspeed: Init all UART's with serial devices")
Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220705191400.41632-4-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
72a7c47393 aspeed: Create SRAM name from first CPU index
To support multiple SoC's running simultaneously, we need a unique name for
each RAM region. DRAM is created by the machine, but SRAM is created by the
SoC, since in hardware it is part of the SoC's internals.

We need a way to uniquely identify each SRAM region though, for VM
migration. Since each of the SoC's CPU's has an index which identifies it
uniquely from other CPU's in the machine, we can use the index of any of the
CPU's in the SoC to uniquely identify differentiate the SRAM name from other
SoC SRAM's. In this change, I just elected to use the index of the first CPU
in each SoC.

Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220705191400.41632-3-peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
b347dd5ef3 hw/sensor: Add Renesas ISL69259 device model
This adds the ISL69259, using all the same functionality as the existing
ISL69260 but overriding the IC_DEVICE_ID.

Signed-off-by: Peter Delevoryas <pdel@fb.com>
Reviewed-by: Titus Rwantare <titusr@google.com>
Message-Id: <20220701000626.77395-4-me@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
e51ae82571 hw/sensor: Add IC_DEVICE_ID to ISL voltage regulators
This commit adds a passthrough for PMBUS_IC_DEVICE_ID to allow Renesas
voltage regulators to return the integrated circuit device ID if they
would like to.

The behavior is very device specific, so it hasn't been added to the
general PMBUS model. Additionally, if the device ID hasn't been set,
then the voltage regulator will respond with the error byte value.  The
guest error message will change slightly for IC_DEVICE_ID with this
commit.

Signed-off-by: Peter Delevoryas <pdel@fb.com>
Reviewed-by: Titus Rwantare <titusr@google.com>
Message-Id: <20220701000626.77395-3-me@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Delevoryas
d272d1410c hw/i2c/pmbus: Add idle state to return 0xff's
Signed-off-by: Peter Delevoryas <pdel@fb.com>
Reviewed-by: Titus Rwantare <titusr@google.com>
Message-Id: <20220701000626.77395-2-me@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Joel Stanley
54ee564132 aspeed: sbc: Allow per-machine settings
In order to correctly report secure boot running firmware the values
of certain registers must be set.

We don't yet have documentation from ASPEED on what they mean. The
meaning is inferred from u-boot's use of them.

Introduce properties so the settings can be configured per-machine.

Reviewed-by: Peter Delevoryas <pdel@fb.com>
Tested-by: Peter Delevoryas <pdel@fb.com>
Signed-off-by: Joel Stanley <joel@jms.id.au>
Message-Id: <20220628154740.1117349-4-clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-07-14 16:24:38 +02:00
Peter Maydell
8482ab545e qga-win32-pull-2022-07-13
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEwsLBCepDxjwUI+uE711egWG6hOcFAmLOmswACgkQ711egWG6
 hOcnlA/+JejQ1F/Xhmi8b4KWE/U1+G8CbhOmk69XzLO+TsG5hmrPXr/oCtK/DMK8
 raWFnoEmSR03X0T6vwLJxcmS+m+FaC7Bpfq+BYbqmWKvO5SvA6/CPkyBszEgOwTd
 ufLjy5UZTXmeMneJdpKGm24E6AGr8SJSZEc/18SH4Na8LTt5muS1OniwvSBQCRrQ
 /vO/E1njV+fvRFVkKKmu3Wridb9A8KL7/K6jmbsdmubOHAVJfGVvzyVonCR1MyTH
 4qODKuvQT7Jo4XTekx8CcdRPFRSrvfq85tXp+pi80prnRmUZOTbMwD7+6jC3DM4n
 6r79CLzn39oZppDgupIdizwhI2f482UUu0Gs1c1VVP3grEB3LsdDZbNwFESuOSgm
 7+/P88HmqueKKokK6T6EcGHyBqBbx3FjG0efuNPGCc2uE24sCA6x/PZL78psczfI
 uNhd8waZE7LVNAu2cbWmtWxqxuR8pxrnar9H2u/gwoq2yIKWOi4fCPyozwFfSFOs
 /8f3rpuBETNw9JR3Pb96BeLGEetBGZIBvDSGHvJhB9EgBtrngdZ/fOQMDOdErROS
 ujx4JvT3hBwZllt12vJ0ABxUFh8A/Usu8mN0+1mildfp/v+nA+kF0tHd4CH26Uul
 z6NywOc4HAdXPzURH0m51fTC0RoVTcO6r8iH7QrTQxEOS7r75j4=
 =qtih
 -----END PGP SIGNATURE-----

Merge tag 'qga-win32-pull-2022-07-13' of github.com:kostyanf14/qemu into staging

qga-win32-pull-2022-07-13

# gpg: Signature made Wed 13 Jul 2022 11:13:32 BST
# gpg:                using RSA key C2C2C109EA43C63C1423EB84EF5D5E8161BA84E7
# gpg: Good signature from "Kostiantyn Kostiuk (Upstream PR sign) <kkostiuk@redhat.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: C2C2 C109 EA43 C63C 1423  EB84 EF5D 5E81 61BA 84E7

* tag 'qga-win32-pull-2022-07-13' of github.com:kostyanf14/qemu:
  qga: add command 'guest-get-cpustats'
  qapi: Avoid generating C identifier 'linux'
  MAINTAINERS: Add myself as Guest Agent reviewer

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-14 14:52:16 +01:00
Peter Maydell
08c9f7eec7 Darwin patches:
- Enable RDTSCP support on HVF
 - ui/cocoa: Take refresh rate into account
 
 Few buildsys fixes:
 
 - Restrict TCG to emulation
 - Remove a unused-but-set-variable warning
 - Allow running Avocado from pseudo-"in source tree" builds
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmLN8k0ACgkQ4+MsLN6t
 wN4xchAAnzdeE2l95qlAHztx+VMDZT9JzAI1aErexTk0fe1jZ+uapin+qcXq8ICu
 TOQbqZO0DjIfPiptuZsuJbapUIuc5kz7imSvBFst3kYvFXb0KAIcWaykkWvjzk3c
 Wt33cPuBhcWKB2g9YyNj8ac+HvAgQY5I2Qn80l23lOuNJP3iriY9+yJbNffO9TjV
 t3ZKTAvKDMmio098dQEDeMVfn7cIXGnv+Xiab4H4fVTo/gNG9jydfi140El4rXAR
 qvM0/rZ9cbcVzQUgkqvcc+xJCzCEgfJygezTKSi5XW9g6A4s0QeMe/oxThBdP6AY
 BuFEuyNq9FWwExVNFk+FS7zgZW5xRZLtZ5PLdeb7fQ0abllVDFL80OmaB/sahVno
 seSc3JPG7DLMLJy51H9sd1jlWMTgkdDT5fFfQ3A9pnMN81wJj7PM15AQgG3+129m
 bWyMe+wkod4c+C6o3+dr6xLkT/Oz0OsuaOP/IDsihtI3iqBorF6TEKck9kn9Vlz3
 05TbJFiE6tOXJ05H0Jsx/BQSUBTVIiGp5mBzJrSnzPxvN+AjZ4SEHpvWteXWS0Yf
 Zx7IK6pkWYBa1W/sqh96dwbt00Bpoheqdhmq3ZYdLjVll7H5fRR3IZgKN1p8CPr1
 NOJONUNYDMvpdpxFBl0HPLlLW5V7yRl7xjsXEWajYsvfMx6lpak=
 =3QvX
 -----END PGP SIGNATURE-----

Merge tag 'darwin-20220712' of https://github.com/philmd/qemu into staging

Darwin patches:

- Enable RDTSCP support on HVF
- ui/cocoa: Take refresh rate into account

Few buildsys fixes:

- Restrict TCG to emulation
- Remove a unused-but-set-variable warning
- Allow running Avocado from pseudo-"in source tree" builds

# gpg: Signature made Tue 12 Jul 2022 23:14:37 BST
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* tag 'darwin-20220712' of https://github.com/philmd/qemu:
  avocado: Fix BUILD_DIR if it's equal to SOURCE_DIR
  ui/cocoa: Take refresh rate into account
  ui/cocoa: Fix switched_to_fullscreen warning
  configure: Restrict TCG to emulation
  hvf: Enable RDTSCP support

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-14 09:30:55 +01:00
Peter Maydell
455c62d85f MIPS patches queue
- Cavium Octeon MIPS extension and CPU model (Pavel Dovgalyuk)
 - Semihosting cleanup (Richard Henderson)
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmLN3yQACgkQ4+MsLN6t
 wN4RcBAAglgmqoFSHerA/oyK6AfsiMar8doL+hzr0YLdZcGpSYXOAhOHoTkNXg4u
 +DeXBOZUE5E36XonTEhBPY1bNHs07HfESqOYPqp/z1q1Z6sXV1FvJmhqbfmkYCJp
 rM18n7tK2vtB8XO/HwcUPQMN3HwKQsaikoA254bKVLPAMseBrTD+TBOTlA6dWIOg
 Vwk5EdhqSTmJn/MhetI7xBwTt5H1gs6ZDXAi+URs4bbw55+Z4tAmLaAX/pw+HSls
 aDT17RR1QcMlBx6kA48r2CsGMA0MZtPiVT92Sl7KynZQ3Q6pQcrqs5GV+IYXe9QV
 RUkBLYHww5znwY8KwLX8hEGyS4LkHihzHlHTtCQS6X2iRsnBEWwTi+ODBDwAsOTf
 xU39Wtno/Tq+UEnIerGGrzFidCLxbw68Dwq+60+JqAmk58soAP+vE4FTeN5ddjpB
 kQY6W85lhwshI00WQ/dk7Xw1w2BDBEXPJ6YHiQjcTLep2Gvp8FvudVW6metvrf4r
 uIOtouYwy3JGNWD0lmssUBSB7nb1VrLviufU26bDCnME1NRRID25ryiu//x1p9en
 u6Jp8zfMU4d4VpYv9jTbeMRYUM1gl/tPOMcR+sLFbEJ3R9xi1ngIO5Zu6OMgWn5T
 fuHUp6z4O++n4Xb5MhVi10+wye++eQJhM/n4OiQAFM8aJtz3KZw=
 =O4Yo
 -----END PGP SIGNATURE-----

Merge tag 'mips-20220712' of https://github.com/philmd/qemu into staging

MIPS patches queue

- Cavium Octeon MIPS extension and CPU model (Pavel Dovgalyuk)
- Semihosting cleanup (Richard Henderson)

# gpg: Signature made Tue 12 Jul 2022 21:52:52 BST
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* tag 'mips-20220712' of https://github.com/philmd/qemu:
  target/mips: Remove GET_TARGET_STRING and FREE_TARGET_STRING
  target/mips: Simplify UHI_argnlen and UHI_argn
  semihosting: Remove qemu_semihosting_log_out
  target/mips: Use error_report for UHI_assert
  target/mips: Avoid qemu_semihosting_log_out for UHI_plog
  target/mips: Use semihosting/syscalls.h
  target/mips: Drop link syscall from semihosting
  target/mips: Create report_fault for semihosting
  target/mips: introduce Cavium Octeon CPU model
  target/mips: implement Octeon-specific arithmetic instructions
  target/mips: implement Octeon-specific BBIT instructions
  target/mips: introduce decodetree structure for Cavium Octeon extension

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-07-13 21:48:16 +01:00
Paolo Bonzini
c0b3607d59 pc-bios/s390-ccw: add -Wno-array-bounds
The option generates a lot of warnings for integers casted to pointers,
for example:

/home/pbonzini/work/upstream/qemu/pc-bios/s390-ccw/dasd-ipl.c:174:19: warning: array subscript 0 is outside array bounds of ‘CcwSeekData[0]’ [-Warray-bounds]
  174 |     seekData->cyl = 0x00;
      |     ~~~~~~~~~~~~~~^~~~~~

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
74518fb615 q800: add default vendor and product information for scsi-cd devices
The MacOS CDROM driver uses a SCSI INQUIRY command to check that any SCSI CDROMs
detected match a whitelist of vendors and products before adding them to the
list of available devices.

Add known-good default vendor and product information using the existing
compat_prop mechanism so the user doesn't have to use long command lines to set
the qdev properties manually.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220622105314.802852-15-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
0fc37adac6 q800: add default vendor and product information for scsi-hd devices
The Apple HD SC Setup program uses a SCSI INQUIRY command to check that any SCSI
hard disks detected match a whitelist of vendors and products before allowing
the "Initialise" button to prepare an empty disk.

Add known-good default vendor and product information using the existing
compat_prop mechanism so the user doesn't have to use long command lines to set
the qdev properties manually.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220622105314.802852-14-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
356c4c441e scsi-disk: allow MODE SELECT block descriptor to set the block size
The MODE SELECT command can contain an optional block descriptor that can be used
to set the device block size. If the block descriptor is present then update the
block size on the SCSI device accordingly.

This allows CDROMs to be used with A/UX which requires a CDROM drive which is
capable of switching from a 2048 byte sector size to a 512 byte sector size.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220622105314.802852-13-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
4536fba00a scsi-disk: allow the MODE_PAGE_R_W_ERROR AWRE bit to be changeable for CDROM drives
A/UX sends a MODE_PAGE_R_W_ERROR command with the AWRE bit set to 0 when enumerating
CDROM drives. Since the bit is currently hardcoded to 1 then indicate that the AWRE
bit can be changed (even though we don't care about the value) so that
the MODE_PAGE_R_W_ERROR page can be set successfully.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220622105314.802852-12-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
2724b90dfb q800: implement compat_props to enable quirk_mode_page_truncated for scsi-cd devices
By default quirk_mode_page_truncated should be enabled for all scsi-cd devices
connected to the q800 machine to allow A/UX to enumerate SCSI CDROM devices
without hanging.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220622105314.802852-11-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
389e18eb9a scsi-disk: add SCSI_DISK_QUIRK_MODE_PAGE_TRUNCATED quirk for Macintosh
When A/UX configures the CDROM device it sends a truncated MODE SELECT request
for page 1 (MODE_PAGE_R_W_ERROR) which is only 6 bytes in length rather than
10. This seems to be due to bug in Apple's code which calculates the CDB message
length incorrectly.

The work at [1] suggests that this truncated request is accepted on real
hardware whereas in QEMU it generates an INVALID_PARAM_LEN sense code which
causes A/UX to get stuck in a loop retrying the command in an attempt to succeed.

Alter the mode page request length check so that truncated requests are allowed
if the SCSI_DISK_QUIRK_MODE_PAGE_TRUNCATED quirk is enabled, whilst also adding a
trace event to enable the condition to be detected.

[1] https://68kmla.org/bb/index.php?threads/scsi2sd-project-anyone-interested.29040/page-7#post-316444

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220622105314.802852-10-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
6ab717610f scsi-disk: add FORMAT UNIT command
When initialising a drive ready to install MacOS, Apple HD SC Setup first attempts
to format the drive. Add a simple FORMAT UNIT command which simply returns success
to allow the format to succeed.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220622105314.802852-9-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
d9a107d153 q800: implement compat_props to enable quirk_mode_page_vendor_specific_apple for scsi devices
By default quirk_mode_page_vendor_specific_apple should be enabled for both scsi-hd
and scsi-cd devices to allow MacOS to format SCSI disk devices, and A/UX to
enumerate SCSI CDROM devices succesfully without getting stuck in a loop.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220622105314.802852-8-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
09274de1f7 scsi-disk: add SCSI_DISK_QUIRK_MODE_PAGE_VENDOR_SPECIFIC_APPLE quirk for Macintosh
Both MacOS and A/UX make use of vendor-specific MODE SELECT commands with PF=0
to identify SCSI devices:

- MacOS sends a MODE SELECT command with PF=0 for the MODE_PAGE_VENDOR_SPECIFIC
  (0x0) mode page containing 2 bytes before initialising a disk

- A/UX (installed on disk) sends a MODE SELECT command with PF=0 during SCSI
  bus enumeration, and gets stuck in an infinite loop if it fails

Add a new SCSI_DISK_QUIRK_MODE_PAGE_VENDOR_SPECIFIC_APPLE quirk to allow both
PF=0 MODE SELECT commands and implement a MODE_PAGE_VENDOR_SPECIFIC (0x0)
mode page which is compatible with MacOS.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220622105314.802852-7-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
f7c30a0f41 q800: implement compat_props to enable quirk_mode_sense_rom_use_dbd for scsi-cd devices
By default quirk_mode_sense_rom_use_dbd should be enabled for all scsi-cd devices
connected to the q800 machine to correctly report the CDROM block descriptor back
to A/UX.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220622105314.802852-6-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:58 +02:00
Mark Cave-Ayland
f43c2b94cd scsi-disk: add SCSI_DISK_QUIRK_MODE_SENSE_ROM_USE_DBD quirk for Macintosh
During SCSI bus enumeration A/UX sends a MODE SENSE command to the CDROM with
the DBD bit unset and expects the response to include a block descriptor. As per
the latest SCSI documentation, QEMU currently force-disables the block
descriptor for CDROM devices but the A/UX driver expects the requested block
descriptor to be returned.

If the block descriptor is not returned in the response then A/UX becomes
confused, since the block descriptor returned in the MODE SENSE response is
used to generate a subsequent MODE SELECT command which is then invalid.

Add a new SCSI_DISK_QUIRK_MODE_SENSE_ROM_USE_DBD quirk to allow this behaviour
to be enabled as required. Note that an additional workaround is required for
the previous SCSI_DISK_QUIRK_MODE_PAGE_APPLE_VENDOR quirk which must never
return a block descriptor even though the DBD bit is left unset.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220622105314.802852-5-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
Mark Cave-Ayland
f358241029 q800: implement compat_props to enable quirk_mode_page_apple_vendor for scsi-cd devices
By default quirk_mode_page_apple_vendor should be enabled for all scsi-cd devices
connected to the q800 machine to enable MacOS to detect and use them.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220622105314.802852-4-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
Mark Cave-Ayland
09d3786762 scsi-disk: add MODE_PAGE_APPLE_VENDOR quirk for Macintosh
One of the mechanisms MacOS uses to identify CDROM drives compatible with MacOS
is to send a custom MODE SELECT command for page 0x30 to the drive. The
response to this is a hard-coded manufacturer string which must match in order
for the CDROM to be usable within MacOS.

Add an implementation of the MODE SELECT page 0x30 response guarded by a newly
defined SCSI_DISK_QUIRK_MODE_PAGE_APPLE_VENDOR quirk bit so that CDROM drives
attached to non-Apple machines function exactly as before.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220622105314.802852-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
Mark Cave-Ayland
3412f9c3b4 scsi-disk: add new quirks bitmap to SCSIDiskState
Since the MacOS SCSI implementation is quite old (and Apple added some firmware
customisations to their drives for m68k Macs) there is need to add a mechanism
to correctly handle Apple-specific quirks.

Add a new quirks bitmap to SCSIDiskState that can be used to enable these
features as required.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220622105314.802852-2-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
Akihiko Odaki
8154f5e64b meson: Prefix each element of firmware path
Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Message-Id: <20220624154042.51512-1-akihiko.odaki@gmail.com>
[Rewrite shell function without using Bash extensions. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
Akihiko Odaki
98753e9a8f module: Use bundle mechanism
Before this change, the directory of the executable was being added to
resolve modules in the build tree. However, get_relocated_path() can now
resolve them with the new bundle mechanism.

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Message-Id: <20220624145039.49929-5-akihiko.odaki@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
Akihiko Odaki
882084a04a datadir: Use bundle mechanism
softmmu/datadir.c had its own implementation to find files in the
build tree, but now bundle mechanism provides the unified
implementation which works for datadir and the other files.

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Message-Id: <20220624145039.49929-4-akihiko.odaki@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
Akihiko Odaki
cf60ccc330 cutils: Introduce bundle mechanism
Developers often run QEMU without installing. The bundle mechanism
allows to look up files which should be present in installation even in
such a situation.

It is a general mechanism and can find any files in the installation
tree. The build tree will have a new directory, qemu-bundle, to
represent what files the installation tree would have for reference by
the executables.

Note that it abandons compatibility with Windows older than 8. The
extended support for the prior version, 7 ended more than 2 years ago,
and it is unlikely that someone would like to run the latest QEMU on
such an old system.

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20220624145039.49929-3-akihiko.odaki@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
Mauro Matteo Cascella
4367a20cc4 scsi/lsi53c895a: really fix use-after-free in lsi_do_msgout (CVE-2022-0216)
Set current_req to NULL, not current_req->req, to prevent reusing a free'd
buffer in case of repeated SCSI cancel requests.  Also apply the fix to
CLEAR QUEUE and BUS DEVICE RESET messages as well, since they also cancel
the request.

Thanks to Alexander Bulekov for providing a reproducer.

Fixes: CVE-2022-0216
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/972
Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
Tested-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20220711123316.421279-1-mcascell@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-07-13 16:58:57 +02:00
zhenwei pi
1db8a0b0ea qga: add command 'guest-get-cpustats'
A vCPU thread always reaches 100% utilization when:
- guest uses idle=poll
- disable HLT vm-exit
- enable MWAIT

Add new guest agent command 'guest-get-cpustats' to get guest CPU
statistics, we can know the guest workload and how busy the CPU is.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Message-Id: <20220707005602.696557-3-pizhenwei@bytedance.com>
Reviewed-by: Konstantin Kostiuk <kkostiuk@redhat.com>
Signed-off-by: Konstantin Kostiuk <kkostiuk@redhat.com>
2022-07-13 12:19:18 +03:00
zhenwei pi
fd89c8ab09 qapi: Avoid generating C identifier 'linux'
'linux' is not usable as identifier, because C compilers targeting
Linux predefine it as a macro expanding to 1.  Add it to
@polluted_words. 'unix' is already there.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Message-Id: <20220707005602.696557-2-pizhenwei@bytedance.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Konstantin Kostiuk <kkostiuk@redhat.com>
2022-07-13 12:19:18 +03:00
Konstantin Kostiuk
1d02ef4b61 MAINTAINERS: Add myself as Guest Agent reviewer
Signed-off-by: Konstantin Kostiuk <kkostiuk@redhat.com>
Message-Id: <20220712092715.2136898-1-kkostiuk@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Konstantin Kostiuk <kkostiuk@redhat.com>
2022-07-13 12:19:09 +03:00
Peter Delevoryas
50b13d31f4 avocado: Fix BUILD_DIR if it's equal to SOURCE_DIR
I like to build QEMU from the root source directory [*], rather
than cd'ing into the build directory. This code may as well include
a search path for that, so that you can run avocado tests individually
without specifying "-p qemu_bin=build/qemu-system-arm" manually.

[*] See commit dedad02720 ("configure: add support for pseudo-"in source tree" builds")

Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220702185604.46643-1-peter@pjd.dev>
[PMD: Mention commit dedad02720]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-07-13 00:06:02 +02:00
Akihiko Odaki
52eaefd36c ui/cocoa: Take refresh rate into account
Retrieve the refresh rate of the display and reflect it with
dpy_set_ui_info() and update_displaychangelistener(), allowing the
guest and DisplayChangeListener to consume the information.

The information will be used as a hint how often the display should
be updated. For example, when we run 30 Hz physical display updates
it is pointless for the guest to update the screen at 60Hz
frequency, the guest can spare some work instead.

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220702142519.12188-1-akihiko.odaki@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-07-13 00:06:02 +02:00
Peter Delevoryas
713911a107 ui/cocoa: Fix switched_to_fullscreen warning
I noticed this error while building QEMU on Mac OS X:

    [1040/1660] Compiling Objective-C object libcommon.fa.p/ui_cocoa.m.o
    ../ui/cocoa.m:803:17: warning: variable 'switched_to_fullscreen' set but not used [-Wunused-but-set-variable]
        static bool switched_to_fullscreen = false;
                    ^
    1 warning generated.

I think the behavior is fine if you remove "switched_to_fullscreen", I can
still switch in and out of mouse grabbed mode and fullscreen mode with this
change, and Command keycodes will only be passed to the guest if the mouse
is grabbed, which I think is the right behavior. I'm not sure why a static
piece of state was needed to handle that in the first place. Perhaps the
refactoring of the flags-state-change fixed that by toggling the Command
keycode on.

I tested this with an Ubuntu core image on macOS 12.4

    wget https://cdimage.ubuntu.com/ubuntu-core/18/stable/current/ubuntu-core-18-i386.img.xz
    xz -d ubuntu-core-18-i386.img.xz
    qemu-system-x86_64 -drive file=ubuntu-core-18.i386.img,format=raw

Fixes: 6d73bb643a ("ui/cocoa: Clear modifiers whenever possible")
Signed-off-by: Peter Delevoryas <peter@pjd.dev>
Reviewed-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220702044304.90553-1-peter@pjd.dev>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-07-13 00:06:02 +02:00
Philippe Mathieu-Daudé
7630156d34 configure: Restrict TCG to emulation
If we don't need to emulate any target, we certainly don't need TCG.

This should also help to compile again with
 ".../configure --enable-tools --disable-system --disable-user"
on systems that do not have a TCG backend.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
[thuth: Re-arranged the code, remove check-softfloat from buildtest.yml]
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220706153816.768143-1-thuth@redhat.com>
2022-07-13 00:06:02 +02:00
Cameron Esfahani
d8cf2c29cc hvf: Enable RDTSCP support
Pass through RDPID and RDTSCP support in CPUID if host supports it.
Correctly detect if CPU_BASED_TSC_OFFSET and CPU_BASED2_RDTSCP would
be supported in primary and secondary processor-based VM-execution
controls.  Enable RDTSCP in secondary processor controls if RDTSCP
support is indicated in CPUID.

Signed-off-by: Cameron Esfahani <dirty@apple.com>
Message-Id: <20220214185605.28087-7-f4bug@amsat.org>
Tested-by: Silvio Moioli <moio@suse.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1011
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-07-13 00:05:39 +02:00
Richard Henderson
b10ccec100 target/mips: Remove GET_TARGET_STRING and FREE_TARGET_STRING
Inline these macros into the only two callers.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220628111701.677216-9-richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-07-12 22:32:22 +02:00