Re: [Qemu-devel] [PATCH 0/4] cryptodev: add vhost support

[Gonglei (Arei)]

> -Original Message-
> From: Michael S. Tsirkin [mailto:m...@redhat.com]
> Sent: Thursday, December 21, 2017 10:25 PM
> To: Gonglei (Arei)
> Cc: qemu-devel@nongnu.org; pbonz...@redhat.com; Huangweidong (C);
> stefa...@redhat.com; Zhoujian (jay); pa...@linux.vnet.ibm.com; longpeng;
> xin.z...@intel.com; roy.fan.zh...@intel.com
> Subject: Re: [PATCH 0/4] cryptodev: add vhost support
> 
> On Tue, Nov 28, 2017 at 05:03:05PM +0800, Gonglei wrote:
> > I posted the RFC verion five months ago for DPDK
> > vhost-crypto implmention, and now it's time to send
> > the formal version. Because we need an user space scheme
> > for better performance.
> >
> > The vhost user crypto server side patches had been
> > sent to DPDK community, pls see
> >
> > [RFC PATCH 0/6] lib/librte_vhost: introduce new vhost_user crypto
> backend support
> > http://dpdk.org/ml/archives/dev/2017-November/081048.html
> >
> > You also can get virtio-crypto polling mode driver from:
> >
> > [PATCH] virtio: add new driver for crypto devices
> > http://dpdk.org/ml/archives/dev/2017-November/081985.html
> >
> 
> This makes build on mingw break:
> 
>   CC  sparc64-softmmu/hw/scsi/virtio-scsi-dataplane.o
> hw/virtio/virtio-crypto.o: In function `virtio_crypto_vhost_status':
> /scm/qemu/hw/virtio/virtio-crypto.c:898: undefined reference to
> `cryptodev_get_vhost'
> /scm/qemu/hw/virtio/virtio-crypto.c:910: undefined reference to
> `cryptodev_vhost_start'
> /scm/qemu/hw/virtio/virtio-crypto.c:917: undefined reference to
> `cryptodev_vhost_stop'
> hw/virtio/virtio-crypto.o: In function `virtio_crypto_guest_notifier_pending':
> /scm/qemu/hw/virtio/virtio-crypto.c:947: undefined reference to
> `cryptodev_vhost_virtqueue_pending'
> hw/virtio/virtio-crypto.o: In function `virtio_crypto_guest_notifier_mask':
> /scm/qemu/hw/virtio/virtio-crypto.c:937: undefined reference to
> `cryptodev_vhost_virtqueue_mask'
> collect2: error: ld returned 1 exit status
> make[1]: *** [Makefile:193: qemu-system-i386.exe] Error 1
> make: *** [Makefile:383: subdir-i386-softmmu] Error 2
> 
> 
Sorry about that. We'll build it on a cross-compiler environment.

Thanks,
-Gonglei

Re: [Qemu-devel] [PATCH v1] hmp: 'info snapshots' not showing the id

[Markus Armbruster]

Eric Blake  writes:

> On 12/19/2017 08:20 AM, Max Reitz wrote:
>
>> So there are three things:
>>
>> (1) We probably should not allow snapshot names that could be IDs.
>> Easiest way to solve this: Names have to start with a non-digit.
>
> Yes, that would be a nice change.  It is not strictly backwards
> compatible (so we'd still have to cope with images that didn't follow
> the rule, whether created by older qemu or by non-qemu implementations
> of qcow2), but would alleviate a lot of confusion.

I recommend to restrict ID strings to letters, digits, '-', '.', '_',
starting with a letter.  Use id_wellformed() to check.

If backward compatibility is an issue, deprecate offending IDs (with a
suitable warning), and kill them off after the customary grace period.

IDs embedded in image files and such you may have to keep working
somehow indefinitely.

Re: [Qemu-devel] [PATCH] hw/block: Fix pin-based interrupt behaviour of NVMe

[Hikaru Nishida]

ping
http://patchwork.ozlabs.org/patch/849786/

2017-12-18 14:00 GMT+09:00 Hikaru Nishida :
> Pin-based interrupt of NVMe controller did not work properly
> because using an obsolated function pci_irq_pulse().
> To fix this, change to use pci_irq_assert() / pci_irq_deassert()
> instead of pci_irq_pulse().
>
> Signed-off-by: Hikaru Nishida 
> ---
>  hw/block/nvme.c | 39 ++-
>  hw/block/nvme.h |  1 +
>  2 files changed, 35 insertions(+), 5 deletions(-)
>
> diff --git a/hw/block/nvme.c b/hw/block/nvme.c
> index 441e21e..2d164fc 100644
> --- a/hw/block/nvme.c
> +++ b/hw/block/nvme.c
> @@ -82,13 +82,40 @@ static uint8_t nvme_sq_empty(NvmeSQueue *sq)
>  return sq->head == sq->tail;
>  }
>
> -static void nvme_isr_notify(NvmeCtrl *n, NvmeCQueue *cq)
> +static void nvme_irq_check(NvmeCtrl *n)
> +{
> +if (msix_enabled(&(n->parent_obj))) {
> +return;
> +}
> +if (~n->bar.intms & n->irq_status) {
> +pci_irq_assert(>parent_obj);
> +} else {
> +pci_irq_deassert(>parent_obj);
> +}
> +}
> +
> +static void nvme_irq_assert(NvmeCtrl *n, NvmeCQueue *cq)
>  {
>  if (cq->irq_enabled) {
>  if (msix_enabled(&(n->parent_obj))) {
>  msix_notify(&(n->parent_obj), cq->vector);
>  } else {
> -pci_irq_pulse(>parent_obj);
> +assert(cq->cqid < 64);
> +n->irq_status |= 1 << cq->cqid;
> +nvme_irq_check(n);
> +}
> +}
> +}
> +
> +static void nvme_irq_deassert(NvmeCtrl *n, NvmeCQueue *cq)
> +{
> +if (cq->irq_enabled) {
> +if (msix_enabled(&(n->parent_obj))) {
> +return;
> +} else {
> +assert(cq->cqid < 64);
> +n->irq_status &= ~(1 << cq->cqid);
> +nvme_irq_check(n);
>  }
>  }
>  }
> @@ -220,7 +247,7 @@ static void nvme_post_cqes(void *opaque)
>  sizeof(req->cqe));
>  QTAILQ_INSERT_TAIL(>req_list, req, entry);
>  }
> -nvme_isr_notify(n, cq);
> +nvme_irq_assert(n, cq);
>  }
>
>  static void nvme_enqueue_req_completion(NvmeCQueue *cq, NvmeRequest *req)
> @@ -753,10 +780,12 @@ static void nvme_write_bar(NvmeCtrl *n, hwaddr offset, 
> uint64_t data,
>  case 0xc:
>  n->bar.intms |= data & 0x;
>  n->bar.intmc = n->bar.intms;
> +nvme_irq_check(n);
>  break;
>  case 0x10:
>  n->bar.intms &= ~(data & 0x);
>  n->bar.intmc = n->bar.intms;
> +nvme_irq_check(n);
>  break;
>  case 0x14:
>  /* Windows first sends data, then sends enable bit */
> @@ -851,8 +880,8 @@ static void nvme_process_db(NvmeCtrl *n, hwaddr addr, int 
> val)
>  timer_mod(cq->timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 
> 500);
>  }
>
> -if (cq->tail != cq->head) {
> -nvme_isr_notify(n, cq);
> +if (cq->tail == cq->head) {
> +nvme_irq_deassert(n, cq);
>  }
>  } else {
>  uint16_t new_tail = val & 0x;
> diff --git a/hw/block/nvme.h b/hw/block/nvme.h
> index 6aab338..7b62dad 100644
> --- a/hw/block/nvme.h
> +++ b/hw/block/nvme.h
> @@ -775,6 +775,7 @@ typedef struct NvmeCtrl {
>  uint32_tcmbsz;
>  uint32_tcmbloc;
>  uint8_t *cmbuf;
> +uint64_tirq_status;
>
>  char*serial;
>  NvmeNamespace   *namespaces;
> --
> 2.7.4
>

Re: [Qemu-devel] [RESEND PATCH 2/6] memory: introduce AddressSpaceOps and IOMMUObject

[Liu, Yi L]

On Wed, Dec 20, 2017 at 10:01:10PM +1100, David Gibson wrote:
> On Wed, Dec 20, 2017 at 02:32:42PM +0800, Liu, Yi L wrote:
> > On Mon, Dec 18, 2017 at 10:22:18PM +1100, David Gibson wrote:
> > > On Mon, Dec 18, 2017 at 05:17:35PM +0800, Liu, Yi L wrote:
> > > > On Mon, Dec 18, 2017 at 05:14:42PM +1100, David Gibson wrote:
> > > > > On Thu, Nov 16, 2017 at 04:57:09PM +0800, Liu, Yi L wrote:
[snip]
> > > Partly.  Each PE has an address space which all devices in the PE see.
> > > Only some of that address space is mapped to system memory though,
> > > other parts are occupied by devices, others are unmapped.
> > > 
> > > Only the parts mapped by the IOMMU vary between PEs - the other parts
> > > of the address space will be identical for all PEs on the host
> > 
> > Thx, this comment addressed me well. This is different from what we have
> > on VT-d.
> 
> Really?  That's hard to believe.  I'm pretty sure the VT-d IOMMU must
> have a range < 2^64, and anything on the bus outside that range I
> expect would be common between all domains.  In particular I'd expect
> the BARs for other devices not to be remapped by the IOMMU (though
> they may be inaccessible on PCI-E due peer to peer transactions being
> blocked).  As well as things above the IOMMU's range, I'd expect the
> region for 32-bit BARs to be common between all domains.

Sorry I misunderstood you. In each IOVA space, there is reserved range
, it is the BARs MMIO range. Such reservation is to avoid un-expected
Peer-To-Peer transaction. So regards to the IOVA space, all vendors should
be similar. So you are right~

Thanks,
Yi L 

Re: [Qemu-devel] [PATCH] target/ppc: more use of the PPC_*() macros

[Cédric Le Goater]

On 12/22/2017 01:39 AM, David Gibson wrote:
> On Thu, Dec 21, 2017 at 05:54:56PM +0100, Cédric Le Goater wrote:
>> Also introduce utilities to manipulate bitmasks (originaly from OPAL)
>> which be will be used in the model of the XIVE interrupt controller.
>>
>> Signed-off-by: Cédric Le Goater 
> 
> Applied to ppc-for-2.12, thanks.  Unfortunately getting my tree pulled
> is held up because something is breaking on arm.

yes. I saw. I gave it a try on ppc64,pp64el,x86-64 hosts and didn't 
see anything wrong. I also have a raspberrypi3. Would that be a good 
candidate ?

C.
  

>> ---
>>  hw/ppc/pnv_lpc.c| 10 +-
>>  target/ppc/cpu.h| 49 
>> +++--
>>  target/ppc/int_helper.c |  2 +-
>>  3 files changed, 33 insertions(+), 28 deletions(-)
>>
>> diff --git a/hw/ppc/pnv_lpc.c b/hw/ppc/pnv_lpc.c
>> index b777b78e1837..c42b4a8f6c0f 100644
>> --- a/hw/ppc/pnv_lpc.c
>> +++ b/hw/ppc/pnv_lpc.c
>> @@ -146,13 +146,13 @@ static bool opb_write(PnvLpcController *lpc, uint32_t 
>> addr, uint8_t *data,
>>  return success;
>>  }
>>  
>> -#define ECCB_CTL_READ   (1ull << (63 - 15))
>> +#define ECCB_CTL_READ   PPC_BIT(15)
>>  #define ECCB_CTL_SZ_LSH (63 - 7)
>> -#define ECCB_CTL_SZ_MASK(0xfull << ECCB_CTL_SZ_LSH)
>> -#define ECCB_CTL_ADDR_MASK  0xu;
>> +#define ECCB_CTL_SZ_MASKPPC_BITMASK(4, 7)
>> +#define ECCB_CTL_ADDR_MASK  PPC_BITMASK(32, 63)
>>  
>> -#define ECCB_STAT_OP_DONE   (1ull << (63 - 52))
>> -#define ECCB_STAT_OP_ERR(1ull << (63 - 52))
>> +#define ECCB_STAT_OP_DONE   PPC_BIT(52)
>> +#define ECCB_STAT_OP_ERRPPC_BIT(52)
>>  #define ECCB_STAT_RD_DATA_LSH   (63 - 37)
>>  #define ECCB_STAT_RD_DATA_MASK  (0x << ECCB_STAT_RD_DATA_LSH)
>>  
>> diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
>> index 370b05e76ede..894fb76fabe1 100644
>> --- a/target/ppc/cpu.h
>> +++ b/target/ppc/cpu.h
>> @@ -93,6 +93,12 @@
>>  #define PPC_BITMASK(bs, be) ((PPC_BIT(bs) - PPC_BIT(be)) | PPC_BIT(bs))
>>  #define PPC_BITMASK32(bs, be)   ((PPC_BIT32(bs) - PPC_BIT32(be)) | \
>>   PPC_BIT32(bs))
>> +#define PPC_BITMASK8(bs, be)((PPC_BIT8(bs) - PPC_BIT8(be)) | 
>> PPC_BIT8(bs))
>> +
>> +#define MASK_TO_LSH(m)  (__builtin_ffsl(m) - 1)
>> +#define GETFIELD(m, v)  (((v) & (m)) >> MASK_TO_LSH(m))
>> +#define SETFIELD(m, v, val) \
>> +(((v) & ~(m)) | typeof(v))(val)) << MASK_TO_LSH(m)) & (m)))
>>  
>>  
>> /*/
>>  /* Exception vectors definitions
>>  */
>> @@ -2349,32 +2355,31 @@ enum {
>>  
>>  /* Processor Compatibility mask (PCR) */
>>  enum {
>> -PCR_COMPAT_2_05 = 1ull << (63-62),
>> -PCR_COMPAT_2_06 = 1ull << (63-61),
>> -PCR_COMPAT_2_07 = 1ull << (63-60),
>> -PCR_COMPAT_3_00 = 1ull << (63-59),
>> -PCR_VEC_DIS = 1ull << (63-0), /* Vec. disable (bit NA since 
>> POWER8) */
>> -PCR_VSX_DIS = 1ull << (63-1), /* VSX disable (bit NA since 
>> POWER8) */
>> -PCR_TM_DIS  = 1ull << (63-2), /* Trans. memory disable (POWER8) 
>> */
>> +PCR_COMPAT_2_05 = PPC_BIT(62),
>> +PCR_COMPAT_2_06 = PPC_BIT(61),
>> +PCR_COMPAT_2_07 = PPC_BIT(60),
>> +PCR_COMPAT_3_00 = PPC_BIT(59),
>> +PCR_VEC_DIS = PPC_BIT(0), /* Vec. disable (bit NA since POWER8) 
>> */
>> +PCR_VSX_DIS = PPC_BIT(1), /* VSX disable (bit NA since POWER8) 
>> */
>> +PCR_TM_DIS  = PPC_BIT(2), /* Trans. memory disable (POWER8) */
>>  };
>>  
>>  /* HMER/HMEER */
>>  enum {
>> -HMER_MALFUNCTION_ALERT  = 1ull << (63 - 0),
>> -HMER_PROC_RECV_DONE = 1ull << (63 - 2),
>> -HMER_PROC_RECV_ERROR_MASKED = 1ull << (63 - 3),
>> -HMER_TFAC_ERROR = 1ull << (63 - 4),
>> -HMER_TFMR_PARITY_ERROR  = 1ull << (63 - 5),
>> -HMER_XSCOM_FAIL = 1ull << (63 - 8),
>> -HMER_XSCOM_DONE = 1ull << (63 - 9),
>> -HMER_PROC_RECV_AGAIN= 1ull << (63 - 11),
>> -HMER_WARN_RISE  = 1ull << (63 - 14),
>> -HMER_WARN_FALL  = 1ull << (63 - 15),
>> -HMER_SCOM_FIR_HMI   = 1ull << (63 - 16),
>> -HMER_TRIG_FIR_HMI   = 1ull << (63 - 17),
>> -HMER_HYP_RESOURCE_ERR   = 1ull << (63 - 20),
>> -HMER_XSCOM_STATUS_MASK  = 7ull << (63 - 23),
>> -HMER_XSCOM_STATUS_LSH   = (63 - 23),
>> +HMER_MALFUNCTION_ALERT  = PPC_BIT(0),
>> +HMER_PROC_RECV_DONE = PPC_BIT(2),
>> +HMER_PROC_RECV_ERROR_MASKED = PPC_BIT(3),
>> +HMER_TFAC_ERROR = PPC_BIT(4),
>> +HMER_TFMR_PARITY_ERROR  = PPC_BIT(5),
>> +HMER_XSCOM_FAIL = PPC_BIT(8),
>> +HMER_XSCOM_DONE = PPC_BIT(9),
>> +HMER_PROC_RECV_AGAIN= PPC_BIT(11),

[Qemu-devel] [PATCH] Virt: ACPI: fix qemu assert due to re-assigned table data address

[Shannon Zhao]

acpi_data_push uses g_array_set_size to resize the memory size. If there is no
enough contiguous memory, the address will be changed. If we use the old value,
it will assert.
qemu-kvm: hw/acpi/bios-linker-loader.c:214: bios_linker_loader_add_checksum:
Assertion `start_offset < file->blob->len' failed.`

Signed-off-by: Shannon Zhao 
---
 hw/arm/virt-acpi-build.c | 18 +++---
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index 3d78ff6..5901142 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -453,6 +453,7 @@ build_spcr(GArray *table_data, BIOSLinker *linker, 
VirtMachineState *vms)
 AcpiSerialPortConsoleRedirection *spcr;
 const MemMapEntry *uart_memmap = >memmap[VIRT_UART];
 int irq = vms->irqmap[VIRT_UART] + ARM_SPI_BASE;
+int spcr_start = table_data->len;
 
 spcr = acpi_data_push(table_data, sizeof(*spcr));
 
@@ -476,8 +477,8 @@ build_spcr(GArray *table_data, BIOSLinker *linker, 
VirtMachineState *vms)
 spcr->pci_device_id = 0x;  /* PCI Device ID: not a PCI device */
 spcr->pci_vendor_id = 0x;  /* PCI Vendor ID: not a PCI device */
 
-build_header(linker, table_data, (void *)spcr, "SPCR", sizeof(*spcr), 2,
- NULL, NULL);
+build_header(linker, table_data, (void *)(table_data->data + spcr_start),
+ "SPCR", table_data->len - spcr_start, 2, NULL, NULL);
 }
 
 static void
@@ -512,8 +513,8 @@ build_srat(GArray *table_data, BIOSLinker *linker, 
VirtMachineState *vms)
 mem_base += numa_info[i].node_mem;
 }
 
-build_header(linker, table_data, (void *)srat, "SRAT",
- table_data->len - srat_start, 3, NULL, NULL);
+build_header(linker, table_data, (void *)(table_data->data + srat_start),
+ "SRAT", table_data->len - srat_start, 3, NULL, NULL);
 }
 
 static void
@@ -522,6 +523,7 @@ build_mcfg(GArray *table_data, BIOSLinker *linker, 
VirtMachineState *vms)
 AcpiTableMcfg *mcfg;
 const MemMapEntry *memmap = vms->memmap;
 int len = sizeof(*mcfg) + sizeof(mcfg->allocation[0]);
+int mcfg_start = table_data->len;
 
 mcfg = acpi_data_push(table_data, len);
 mcfg->allocation[0].address = cpu_to_le64(memmap[VIRT_PCIE_ECAM].base);
@@ -532,7 +534,8 @@ build_mcfg(GArray *table_data, BIOSLinker *linker, 
VirtMachineState *vms)
 mcfg->allocation[0].end_bus_number = (memmap[VIRT_PCIE_ECAM].size
   / PCIE_MMCFG_SIZE_MIN) - 1;
 
-build_header(linker, table_data, (void *)mcfg, "MCFG", len, 1, NULL, NULL);
+build_header(linker, table_data, (void *)(table_data->data + mcfg_start),
+ "MCFG", len, 1, NULL, NULL);
 }
 
 /* GTDT */
@@ -651,6 +654,7 @@ build_madt(GArray *table_data, BIOSLinker *linker, 
VirtMachineState *vms)
 static void build_fadt(GArray *table_data, BIOSLinker *linker,
VirtMachineState *vms, unsigned dsdt_tbl_offset)
 {
+int fadt_start = table_data->len;
 AcpiFadtDescriptorRev5_1 *fadt = acpi_data_push(table_data, sizeof(*fadt));
 unsigned xdsdt_entry_offset = (char *)>x_dsdt - table_data->data;
 uint16_t bootflags;
@@ -681,8 +685,8 @@ static void build_fadt(GArray *table_data, BIOSLinker 
*linker,
 ACPI_BUILD_TABLE_FILE, xdsdt_entry_offset, sizeof(fadt->x_dsdt),
 ACPI_BUILD_TABLE_FILE, dsdt_tbl_offset);
 
-build_header(linker, table_data,
- (void *)fadt, "FACP", sizeof(*fadt), 5, NULL, NULL);
+build_header(linker, table_data, (void *)(table_data->data + fadt_start),
+ "FACP", table_data->len - fadt_start, 5, NULL, NULL);
 }
 
 /* DSDT */
-- 
2.0.4

[Qemu-devel] [RFC 3/3] vhost-user: add VFIO based accelerators support

[Tiwei Bie]

Signed-off-by: Tiwei Bie 
---
 docs/interop/vhost-user.txt|  57 ++
 hw/vfio/common.c   |   2 +-
 hw/virtio/vhost-user.c | 381 -
 hw/virtio/vhost.c  |   3 +-
 hw/virtio/virtio-pci.c |   8 -
 hw/virtio/virtio-pci.h |   8 +
 include/hw/vfio/vfio.h |   2 +
 include/hw/virtio/vhost-user.h |  26 +++
 8 files changed, 476 insertions(+), 11 deletions(-)

diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt
index 954771d0d8..dd029e4b9d 100644
--- a/docs/interop/vhost-user.txt
+++ b/docs/interop/vhost-user.txt
@@ -116,6 +116,15 @@ Depending on the request type, payload can be:
 - 3: IOTLB invalidate
 - 4: IOTLB access fail
 
+ * Vring area description
+   ---
+   | u64 | size | offset |
+   ---
+
+   u64: a 64-bit unsigned integer
+   Size: a 64-bit size
+   Offset: a 64-bit offset
+
 In QEMU the vhost-user message is implemented with the following struct:
 
 typedef struct VhostUserMsg {
@@ -129,6 +138,7 @@ typedef struct VhostUserMsg {
 VhostUserMemory memory;
 VhostUserLog log;
 struct vhost_iotlb_msg iotlb;
+VhostUserVringArea area;
 };
 } QEMU_PACKED VhostUserMsg;
 
@@ -317,6 +327,17 @@ The fd is provided via VHOST_USER_SET_SLAVE_REQ_FD 
ancillary data.
 A slave may then send VHOST_USER_SLAVE_* messages to the master
 using this fd communication channel.
 
+VFIO based accelerators
+---
+
+The VFIO based accelerators feature is a protocol extension. It is supported
+when the protocol feature VHOST_USER_PROTOCOL_F_VFIO (bit 7) is set.
+
+The vhost-user backend will set the accelerator context via slave channel,
+and QEMU just needs to handle those messages passively. The accelerator
+context will be set for each queue independently. So the page-per-vq property
+should also be enabled.
+
 Protocol features
 -
 
@@ -327,6 +348,7 @@ Protocol features
 #define VHOST_USER_PROTOCOL_F_MTU4
 #define VHOST_USER_PROTOCOL_F_SLAVE_REQ  5
 #define VHOST_USER_PROTOCOL_F_CROSS_ENDIAN   6
+#define VHOST_USER_PROTOCOL_F_VFIO   7
 
 Master message types
 
@@ -614,6 +636,41 @@ Slave message types
   This request should be send only when VIRTIO_F_IOMMU_PLATFORM feature
   has been successfully negotiated.
 
+ * VHOST_USER_SLAVE_VFIO_SET_VRING_GROUP_FD
+
+  Id: 2
+  Equivalent ioctl: N/A
+  Slave payload: u64
+  Master payload: N/A
+
+  Sets the VFIO group file descriptor which is passed as ancillary data
+  for a specified queue (queue index is carried in the u64 payload).
+  Slave sends this request to tell QEMU to add or delete a VFIO group.
+  QEMU will delete the current group if any for the specified queue when 
the
+  message is sent without a file descriptor. A VFIO group will be actually
+  deleted when its reference count reaches zero.
+  This request should be sent only when VHOST_USER_PROTOCOL_F_VFIO protocol
+  feature has been successfully negotiated.
+
+ * VHOST_USER_SLAVE_VFIO_SET_VRING_NOTIFY_AREA
+
+  Id: 3
+  Equivalent ioctl: N/A
+  Slave payload: vring area description
+  Master payload: N/A
+
+  Sets the notify area for a specified queue (queue index is carried
+  in the u64 field of the vring area description). A file descriptor is
+  passed as ancillary data (typically it's a VFIO device fd). QEMU can
+  mmap the file descriptor based on the information carried in the vring
+  area description.
+  Slave sends this request to tell QEMU to add or delete a MemoryRegion
+  for a specified queue's notify MMIO region. QEMU will delete the current
+  MemoryRegion if any for the specified queue when the message is sent
+  without a file descriptor.
+  This request should be sent only when VHOST_USER_PROTOCOL_F_VFIO protocol
+  feature and VIRTIO_F_VERSION_1 feature have been successfully negotiated.
+
 VHOST_USER_PROTOCOL_F_REPLY_ACK:
 ---
 The original vhost-user specification only demands replies for certain
diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index 7b2924c0ef..53d8700581 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -49,7 +49,7 @@ struct vfio_as_head vfio_address_spaces =
  * initialized, this file descriptor is only released on QEMU exit and
  * we'll re-use it should another vfio device be attached before then.
  */
-static int vfio_kvm_device_fd = -1;
+int vfio_kvm_device_fd = -1;
 #endif
 
 /*
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index 3e308d0a62..22d7dd5729 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -14,6 +14,8 @@
 #include "hw/virtio/vhost-backend.h"
 #include "hw/virtio/vhost-user.h"
 #include "hw/virtio/virtio-net.h"
+#include "hw/virtio/virtio-pci.h"
+#include "hw/vfio/vfio.h"
 #include 

[Qemu-devel] [RFC 0/3] Extend vhost-user to support VFIO based accelerators

[Tiwei Bie]

This RFC patch set does some small extensions to vhost-user protocol
to support VFIO based accelerators, and makes it possible to get the
similar performance of VFIO passthru while keeping the virtio device
emulation in QEMU.

When we have virtio ring compatible devices, it's possible to setup
the device (DMA mapping, PCI config, etc) based on the existing info
(memory-table, features, vring info, etc) which is available on the
vhost-backend (e.g. DPDK vhost library). Then, we will be able to
use such devices to accelerate the emulated device for the VM. And
we call it vDPA: vhost DataPath Acceleration. The key difference
between VFIO passthru and vDPA is that, in vDPA only the data path
(e.g. ring, notify and queue interrupt) is pass-throughed, the device
control path (e.g. PCI configuration space and MMIO regions) is still
defined and emulated by QEMU.

The benefits of keeping virtio device emulation in QEMU compared
with virtio device VFIO passthru include (but not limit to):

- consistent device interface from guest OS;
- max flexibility on control path and hardware design;
- leveraging the existing virtio live-migration framework;

But the critical issue in vDPA is that the data path performance is
relatively low and some host threads are needed for the data path,
because some necessary mechanisms are missing to support:

1) guest driver notifies the device directly;
2) device interrupts the guest directly;

So this patch set does some small extensions to vhost-user protocol
to make both of them possible. It leverages the same mechanisms (e.g.
EPT and Posted-Interrupt on Intel platform) as the VFIO passthru to
achieve the data path pass through.

A new protocol feature bit is added to negotiate the accelerator feature
support. Two new slave message types are added to enable the notify and
interrupt passthru for each queue. From the view of vhost-user protocol
design, it's very flexible. The passthru can be enabled/disabled for
each queue individually, and it's possible to accelerate each queue by
different devices. More design and implementation details can be found
from the last patch.

There are some rough edges in this patch set (so this is a RFC patch
set for now), but it's never too early to hear the thoughts from the
community! So any comments and suggestions would be really appreciated!

Tiwei Bie (3):
  vhost-user: support receiving file descriptors in slave_read
  vhost-user: introduce shared vhost-user state
  vhost-user: add VFIO based accelerators support

 docs/interop/vhost-user.txt |  57 ++
 hw/scsi/vhost-user-scsi.c   |   6 +-
 hw/vfio/common.c|   2 +-
 hw/virtio/vhost-user.c  | 430 +++-
 hw/virtio/vhost.c   |   3 +-
 hw/virtio/virtio-pci.c  |   8 -
 hw/virtio/virtio-pci.h  |   8 +
 include/hw/vfio/vfio.h  |   2 +
 include/hw/virtio/vhost-user.h  |  43 
 include/hw/virtio/virtio-scsi.h |   6 +-
 net/vhost-user.c|  30 +--
 11 files changed, 561 insertions(+), 34 deletions(-)
 create mode 100644 include/hw/virtio/vhost-user.h

-- 
2.13.3

[Qemu-devel] [RFC 1/3] vhost-user: support receiving file descriptors in slave_read

[Tiwei Bie]

Signed-off-by: Tiwei Bie 
---
 hw/virtio/vhost-user.c | 40 +++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index 093675ed98..e7108138fd 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -614,14 +614,43 @@ static void slave_read(void *opaque)
 struct vhost_user *u = dev->opaque;
 VhostUserMsg msg = { 0, };
 int size, ret = 0;
+struct iovec iov;
+struct msghdr msgh;
+int fd = -1;
+size_t fdsize = sizeof(fd);
+char control[CMSG_SPACE(fdsize)];
+struct cmsghdr *cmsg;
+
+memset(, 0, sizeof(msgh));
+msgh.msg_iov = 
+msgh.msg_iovlen = 1;
+msgh.msg_control = control;
+msgh.msg_controllen = sizeof(control);
 
 /* Read header */
-size = read(u->slave_fd, , VHOST_USER_HDR_SIZE);
+iov.iov_base = 
+iov.iov_len = VHOST_USER_HDR_SIZE;
+
+size = recvmsg(u->slave_fd, , 0);
 if (size != VHOST_USER_HDR_SIZE) {
 error_report("Failed to read from slave.");
 goto err;
 }
 
+if (msgh.msg_flags & MSG_CTRUNC) {
+error_report("Truncated message.");
+goto err;
+}
+
+for (cmsg = CMSG_FIRSTHDR(); cmsg != NULL;
+ cmsg = CMSG_NXTHDR(, cmsg)) {
+if (cmsg->cmsg_level == SOL_SOCKET &&
+cmsg->cmsg_type == SCM_RIGHTS) {
+memcpy(, CMSG_DATA(cmsg), fdsize);
+break;
+}
+}
+
 if (msg.size > VHOST_USER_PAYLOAD_SIZE) {
 error_report("Failed to read msg header."
 " Size %d exceeds the maximum %zu.", msg.size,
@@ -642,9 +671,15 @@ static void slave_read(void *opaque)
 break;
 default:
 error_report("Received unexpected msg type.");
+if (fd != -1) {
+close(fd);
+}
 ret = -EINVAL;
 }
 
+/* Message handlers need to make sure that fd will be consumed. */
+fd = -1;
+
 /*
  * REPLY_ACK feature handling. Other reply types has to be managed
  * directly in their request handlers.
@@ -669,6 +704,9 @@ err:
 qemu_set_fd_handler(u->slave_fd, NULL, NULL, NULL);
 close(u->slave_fd);
 u->slave_fd = -1;
+if (fd != -1) {
+close(fd);
+}
 return;
 }
 
-- 
2.13.3

[Qemu-devel] [RFC 2/3] vhost-user: introduce shared vhost-user state

[Tiwei Bie]

When multi-queue is enabled for virtio-net, each virtio
queue pair will have a vhost_dev, and the only thing they
share currently is the chardev. This patch introduces a
vhost-user state structure which will be shared by all
virtio queue pairs of the same virtio device.

Signed-off-by: Tiwei Bie 
---
 hw/scsi/vhost-user-scsi.c   |  6 +++---
 hw/virtio/vhost-user.c  |  9 +
 include/hw/virtio/vhost-user.h  | 17 +
 include/hw/virtio/virtio-scsi.h |  6 +-
 net/vhost-user.c| 30 --
 5 files changed, 46 insertions(+), 22 deletions(-)
 create mode 100644 include/hw/virtio/vhost-user.h

diff --git a/hw/scsi/vhost-user-scsi.c b/hw/scsi/vhost-user-scsi.c
index f7561e23fa..2c46c74128 100644
--- a/hw/scsi/vhost-user-scsi.c
+++ b/hw/scsi/vhost-user-scsi.c
@@ -73,7 +73,7 @@ static void vhost_user_scsi_realize(DeviceState *dev, Error 
**errp)
 Error *err = NULL;
 int ret;
 
-if (!vs->conf.chardev.chr) {
+if (!vs->conf.vhost_user.chr.chr) {
 error_setg(errp, "vhost-user-scsi: missing chardev");
 return;
 }
@@ -91,7 +91,7 @@ static void vhost_user_scsi_realize(DeviceState *dev, Error 
**errp)
 vsc->dev.vq_index = 0;
 vsc->dev.backend_features = 0;
 
-ret = vhost_dev_init(>dev, (void *)>conf.chardev,
+ret = vhost_dev_init(>dev, (void *)>conf.vhost_user,
  VHOST_BACKEND_TYPE_USER, 0);
 if (ret < 0) {
 error_setg(errp, "vhost-user-scsi: vhost initialization failed: %s",
@@ -132,7 +132,7 @@ static uint64_t vhost_user_scsi_get_features(VirtIODevice 
*vdev,
 }
 
 static Property vhost_user_scsi_properties[] = {
-DEFINE_PROP_CHR("chardev", VirtIOSCSICommon, conf.chardev),
+DEFINE_PROP_CHR("chardev", VirtIOSCSICommon, conf.vhost_user.chr),
 DEFINE_PROP_UINT32("boot_tpgt", VirtIOSCSICommon, conf.boot_tpgt, 0),
 DEFINE_PROP_UINT32("num_queues", VirtIOSCSICommon, conf.num_queues, 1),
 DEFINE_PROP_UINT32("virtqueue_size", VirtIOSCSICommon, conf.virtqueue_size,
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index e7108138fd..3e308d0a62 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -12,6 +12,7 @@
 #include "qapi/error.h"
 #include "hw/virtio/vhost.h"
 #include "hw/virtio/vhost-backend.h"
+#include "hw/virtio/vhost-user.h"
 #include "hw/virtio/virtio-net.h"
 #include "chardev/char-fe.h"
 #include "sysemu/kvm.h"
@@ -123,7 +124,7 @@ static VhostUserMsg m __attribute__ ((unused));
 #define VHOST_USER_VERSION(0x1)
 
 struct vhost_user {
-CharBackend *chr;
+VhostUser *shared;
 int slave_fd;
 };
 
@@ -135,7 +136,7 @@ static bool ioeventfd_enabled(void)
 static int vhost_user_read(struct vhost_dev *dev, VhostUserMsg *msg)
 {
 struct vhost_user *u = dev->opaque;
-CharBackend *chr = u->chr;
+CharBackend *chr = >shared->chr;
 uint8_t *p = (uint8_t *) msg;
 int r, size = VHOST_USER_HDR_SIZE;
 
@@ -221,7 +222,7 @@ static int vhost_user_write(struct vhost_dev *dev, 
VhostUserMsg *msg,
 int *fds, int fd_num)
 {
 struct vhost_user *u = dev->opaque;
-CharBackend *chr = u->chr;
+CharBackend *chr = >shared->chr;
 int ret, size = VHOST_USER_HDR_SIZE + msg->size;
 
 /*
@@ -767,7 +768,7 @@ static int vhost_user_init(struct vhost_dev *dev, void 
*opaque)
 assert(dev->vhost_ops->backend_type == VHOST_BACKEND_TYPE_USER);
 
 u = g_new0(struct vhost_user, 1);
-u->chr = opaque;
+u->shared = opaque;
 u->slave_fd = -1;
 dev->opaque = u;
 
diff --git a/include/hw/virtio/vhost-user.h b/include/hw/virtio/vhost-user.h
new file mode 100644
index 00..10d698abe2
--- /dev/null
+++ b/include/hw/virtio/vhost-user.h
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2017 Intel Corporation
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef HW_VIRTIO_VHOST_USER_H
+#define HW_VIRTIO_VHOST_USER_H
+
+#include "chardev/char-fe.h"
+
+typedef struct VhostUser {
+CharBackend chr;
+} VhostUser;
+
+#endif
diff --git a/include/hw/virtio/virtio-scsi.h b/include/hw/virtio/virtio-scsi.h
index 4c0bcdb788..885c3e84b5 100644
--- a/include/hw/virtio/virtio-scsi.h
+++ b/include/hw/virtio/virtio-scsi.h
@@ -19,6 +19,7 @@
 #define VIRTIO_SCSI_SENSE_SIZE 0
 #include "standard-headers/linux/virtio_scsi.h"
 #include "hw/virtio/virtio.h"
+#include "hw/virtio/vhost-user.h"
 #include "hw/pci/pci.h"
 #include "hw/scsi/scsi.h"
 #include "chardev/char-fe.h"
@@ -54,7 +55,10 @@ struct VirtIOSCSIConf {
 char *vhostfd;
 char *wwpn;
 #endif
-CharBackend chardev;
+union {
+VhostUser vhost_user;
+CharBackend chardev;
+};
 uint32_t boot_tpgt;
 IOThread *iothread;
 };
diff --git a/net/vhost-user.c b/net/vhost-user.c
index c23927c912..b398294074 100644
--- a/net/vhost-user.c
+++ b/net/vhost-user.c
@@ -12,6 +12,7 @@
 #include 

Re: [Qemu-devel] [PATCH V2 0/5] hw/pvrdma: PVRDMA device implementation

[Marcel Apfelbaum]

On 22/12/2017 0:30, Yuval Shaia wrote:

On Thu, Dec 21, 2017 at 10:46:35PM +0200, Michael S. Tsirkin wrote:

On Thu, Dec 21, 2017 at 05:59:38PM +0200, Marcel Apfelbaum wrote:

On 21/12/2017 16:22, Michael S. Tsirkin wrote:

On Thu, Dec 21, 2017 at 09:27:51AM +0200, Yuval Shaia wrote:



What happens if guest attempts to register all its memory?



Then we loose, is not different from bare metal, reg_mr will pin all the RAM.


We need to find a way to communicate to guests about amount
of memory they can pin.


dev_caps.max_mr_size is the way device limits guest driver.
This value is controlled by the command line argument dev-caps-max-mr-size
so we should be fine (btw, default value is 1<<32).


Isn't that still leaving the option for guest to register all memory,
just in chunks?



We also have a parameter limiting the number of mrs (dev-caps-max-mr),
together with dev-caps-max-mr-size we can limit the memory the guests can pin.

Thanks,
Marcel


You might want to limit the default values then.



Hi Yuval,


Right now:

+#define MAX_MR_SIZE   (1UL << 32)
+#define MAX_MR2048


Maybe limiting by constant number is not a good approach, it looks odd if
one guest with 16G ram and second with 32G ram will have the same settings,
right?
So how about limiting by a specific percentage of total memory?
In that case, what would be this percentage? 100%? 80%?



I think is too complicated. Maybe we can limit the max pined memory
to 2G assuming the RDMA guests have a lot of RAM and let the
users fine-tune the parameters.

Thanks,
Marcel



Which is IIUC 8TB.

That's pretty close to unlimited, and so far overcommit seems to be the
main feature for users.





However this is only one scenario, and hopefully not much used
for RoCE. (I know IPoIB does that, but it doesn't make sense to use it with 
RoCE).


SRP does it too AFAIK.

Re: [Qemu-devel] Hi, where can i get a latest full version of QAPI ?

[那个秀才]

Thanks a lot !These are useful to me :)
--发件人：Markus 
Armbruster 发送时间：2017年12月21日(星期四) 21:15收件人：Luiz Capitulino 
抄　送：bob ; qemu-devel 
主　题：Re: [Qemu-devel] Hi, where can i get a latest full 
version of QAPI ? Luiz Capitulino  writes:

> On Wed, 20 Dec 2017 18:37:37 +0800
> "那个秀才"  wrote:
>
>> Hi,
>> Dear master.Where can i get a latest full verson of QAPI ?I 
>>wanna read some file in VMs by qemu-quest-agent, since then, i found things 
>>below:
>> https://wiki.qemu.org/QMPhttps://wiki.qemu.org/Features/GuestAgent   
>> https://wiki.qemu.org/Features/QAPI
>>https://wiki.qemu.org/Features/QAPI/Signals
>> and even:
>> http://shevek.github.io/qemu-java/docs/javadoc/However, those are 
>>all not a API manual like 
>>https://developer.openstack.org/api-ref/application-container/ or 
>>https://dev.office.com/reference/add-ins/shared/asyncresult
>> Need help !Thanks for any response !
>> Regards!
>> Boba little code labour in the world full of dust.
>
> Markus is a better person to ask.

The general guest agent protocol is documented in
docs/interop/qmp-spec.txt.

Guest agent commands are specified in qga/qapi-schema.json.  The build
process extracts documentation from it to docs/interop/qemu-ga-ref.*.
You can browse 2.11's at .

Hope this helps!

[Qemu-devel] [Bug 1738840] Re: qemu-img convert qcow2 to raw fails on OS X

[John Snow]

In the termbin:

So the "good" one is on the left, and the "bad" one is on the right. The
bad one is ... completely blank for the first 200+ MB? That's not great.

so:
.bin.apfs: broken raw file, made on apfs, no arguments(?)
.bin.apfs2: broken raw file, made on apfs, `-S 0` ?
.img.org: qcow2 file (original/working?)
.bin: working raw file, made on Ubuntu?

Do I have that right?

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1738840

Title:
  qemu-img convert qcow2 to raw fails on OS X

Status in QEMU:
  New

Bug description:
  I try to convert a image from qcow2 to raw and the result is a not bootable 
image.
  I dont know if it is a bug in qemu-img convert or with the image it self.

  See this error report for better readability:
  https://github.com/coreos/bugs/issues/1121#issuecomment-351968518

  As a reply here they use 2.9.0 version of

  
  $ qemu-img -V
  qemu-img version 2.11.0
  Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers

  $ uname -v
  Darwin Kernel Version 17.2.0

  $ mount ./
  /dev/disk1s1 on / (apfs, local, journaled)

  $  wget https://beta.release.core-
  os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2

  $ date
  Fri Dec 14 17:15:57 CET 2017

  $ bunzip2 coreos_production_openstack_image.img.bz2

  
  $ cp -a coreos_production_openstack_image.img.org 
coreos_production_openstack_image.img

  $ shasum coreos_production_openstack_image.img.org
  ae2119c6f0390dc36f247f7016923ea85de5d8e6  
coreos_production_openstack_image.img.org

  $ qemu-img convert -f qcow2 -O raw
  coreos_production_openstack_image.img.org
  coreos_production_openstack_image.bin

  $ qemu-system-x86_64 -m 256 -nographic -hda 
coreos_production_openstack_image.img -boot c
  SeaBIOS (version rel-1.11.0-0-g63451fca13-prebuilt.qemu-project.org)

  
  iPXE (http://ipxe.org) 00:03.0 C980 PCI2.10 PnP PMM+0FF915A0+0FEF15A0 C980

 

  
  Booting from Hard Disk...
  GRUB loading
  Welcome to GRUB!
  

  $ qemu-system-x86_64 -m 256 -nographic -hda
  coreos_production_openstack_image.bin -boot c

  SeaBIOS (version rel-1.11.0-0-g63451fca13-prebuilt.qemu-project.org)

  
  iPXE (http://ipxe.org) 00:03.0 C980 PCI2.10 PnP PMM+0FF915A0+0FEF15A0 C980

 

  
  Booting from Hard Disk...
  Boot failed: not a bootable disk
  

  
  $ head -c 8192 coreos_production_openstack_image.bin | hexdump -C
    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ||
  *
  2000

  $ qemu-img info coreos_production_openstack_image.bin
  image: coreos_production_openstack_image.bin
  file format: raw
  virtual size: 8.5G (9116319744 bytes)
  disk size: 217M

  $ qemu-img info coreos_production_openstack_image.img
  image: coreos_production_openstack_image.img
  file format: qcow2
  virtual size: 8.5G (9116319744 bytes)
  disk size: 785M
  cluster_size: 65536
  Format specific information:
  compat: 0.10
  refcount bits: 16

  The same version works on Ubuntu so it looks like its only the Mac
  version or the new APFS filesystem.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1738840/+subscriptions

[Qemu-devel] [PULL 17/18] qemu-doc: The "-net nic" option can be used with "netdev=...", too

[Jason Wang]

From: Thomas Huth 

Looks like we missed to document that it is also possible to specify
a netdev with "-net nic" - which is very useful if you want to
configure your on-board NIC to use a backend that has been specified
with "-netdev".

Signed-off-by: Thomas Huth 
Signed-off-by: Jason Wang 
---
 qemu-options.hx | 14 --
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/qemu-options.hx b/qemu-options.hx
index 94647e2..9f4dd3a 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -2035,9 +2035,10 @@ DEF("netdev", HAS_ARG, QEMU_OPTION_netdev,
 "-netdev hubport,id=str,hubid=n\n"
 "configure a hub port on QEMU VLAN 'n'\n", QEMU_ARCH_ALL)
 DEF("net", HAS_ARG, QEMU_OPTION_net,
-"-net 
nic[,vlan=n][,macaddr=mac][,model=type][,name=str][,addr=str][,vectors=v]\n"
-"old way to create a new NIC and connect it to VLAN 'n'\n"
-"(use the '-device devtype,netdev=str' option if possible 
instead)\n"
+"-net 
nic[,vlan=n][,netdev=nd][,macaddr=mac][,model=type][,name=str][,addr=str][,vectors=v]\n"
+"configure or create an on-board (or machine default) NIC 
and\n"
+"connect it either to VLAN 'n' or the netdev 'nd' (for 
pluggable\n"
+"NICs please use '-device devtype,netdev=nd' instead)\n"
 "-net dump[,vlan=n][,file=f][,len=n]\n"
 "dump traffic on vlan 'n' to file 'f' (max n bytes per 
packet)\n"
 "-net none   use it alone to have zero network devices. If no -net 
option\n"
@@ -2058,10 +2059,11 @@ DEF("net", HAS_ARG, QEMU_OPTION_net,
 "old way to initialize a host network interface\n"
 "(use the -netdev option if possible instead)\n", 
QEMU_ARCH_ALL)
 STEXI
-@item -net nic[,vlan=@var{n}][,macaddr=@var{mac}][,model=@var{type}] 
[,name=@var{name}][,addr=@var{addr}][,vectors=@var{v}]
+@item -net 
nic[,vlan=@var{n}][,netdev=@var{nd}][,macaddr=@var{mac}][,model=@var{type}] 
[,name=@var{name}][,addr=@var{addr}][,vectors=@var{v}]
 @findex -net
-Create a new Network Interface Card and connect it to VLAN @var{n} (@var{n}
-= 0 is the default). The NIC is an e1000 by default on the PC
+Configure or create an on-board (or machine default) Network Interface Card
+(NIC) and connect it either to VLAN @var{n} (@var{n} = 0 is the default), or
+to the netdev @var{nd}. The NIC is an e1000 by default on the PC
 target. Optionally, the MAC address can be changed to @var{mac}, the
 device address set to @var{addr} (PCI cards only),
 and a @var{name} can be assigned for use in monitor commands.
-- 
2.7.4

[Qemu-devel] [PULL 15/18] net: remove unused compute_mcast_idx() function

[Jason Wang]

From: Mark Cave-Ayland 

Now that all of the callers have been converted to compute the multicast index
inline using new net CRC functions, this function can now be dropped.

Signed-off-by: Mark Cave-Ayland 
Signed-off-by: Jason Wang 
---
 net/net.c | 5 -
 1 file changed, 5 deletions(-)

diff --git a/net/net.c b/net/net.c
index 4ecaf80..5bc0a34 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1625,11 +1625,6 @@ uint32_t net_crc32_le(const uint8_t *p, int len)
 return crc;
 }
 
-unsigned compute_mcast_idx(const uint8_t *ep)
-{
-return net_crc32(ep, ETH_ALEN) >> 26;
-}
-
 QemuOptsList qemu_netdev_opts = {
 .name = "netdev",
 .implied_opt_name = "type",
-- 
2.7.4

[Qemu-devel] [PULL 14/18] rtl8139: use inline net_crc32() and bitshift instead of compute_mcast_idx()

[Jason Wang]

From: Mark Cave-Ayland 

This makes it much easier to compare the multicast CRC calculation endian and
bitshift against the Linux driver implementation.

Signed-off-by: Mark Cave-Ayland 
Signed-off-by: Jason Wang 
---
 hw/net/rtl8139.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
index a6b2a9f..1cc95b8 100644
--- a/hw/net/rtl8139.c
+++ b/hw/net/rtl8139.c
@@ -882,7 +882,7 @@ static ssize_t rtl8139_do_receive(NetClientState *nc, const 
uint8_t *buf, size_t
 return size;
 }
 
-int mcast_idx = compute_mcast_idx(buf);
+int mcast_idx = net_crc32(buf, ETH_ALEN) >> 26;
 
 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7
 {
-- 
2.7.4

[Qemu-devel] [PULL 12/18] ftgmac100: use inline net_crc32() and bitshift instead of compute_mcast_idx()

[Jason Wang]

From: Mark Cave-Ayland 

This makes it much easier to compare the multicast CRC calculation endian and
bitshift against the Linux driver implementation.

Signed-off-by: Mark Cave-Ayland 
Signed-off-by: Jason Wang 
---
 hw/net/ftgmac100.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/net/ftgmac100.c b/hw/net/ftgmac100.c
index 3c36ab9..704f452 100644
--- a/hw/net/ftgmac100.c
+++ b/hw/net/ftgmac100.c
@@ -762,7 +762,7 @@ static int ftgmac100_filter(FTGMAC100State *s, const 
uint8_t *buf, size_t len)
 }
 
 /* TODO: this does not seem to work for ftgmac100 */
-mcast_idx = compute_mcast_idx(buf);
+mcast_idx = net_crc32(buf, ETH_ALEN) >> 26;
 if (!(s->math[mcast_idx / 32] & (1 << (mcast_idx % 32 {
 return 0;
 }
-- 
2.7.4

[Qemu-devel] [PULL 08/18] sungem: fix multicast filter CRC calculation

[Jason Wang]

From: Mark Cave-Ayland 

>From the Linux sungem driver, we know that the multicast filter CRC is
implemented using ether_crc_le() which isn't the same as calling zlib's
crc32() function (the zlib implementation requires a complemented initial value
and also returns the complemented result).

Fix the multicast filter by simply using the new net_crc32_le() function.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Jason Wang 
---
 hw/net/sungem.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/net/sungem.c b/hw/net/sungem.c
index 6aa8d11..60f1e47 100644
--- a/hw/net/sungem.c
+++ b/hw/net/sungem.c
@@ -11,12 +11,11 @@
 #include "hw/pci/pci.h"
 #include "qemu/log.h"
 #include "net/net.h"
+#include "net/eth.h"
 #include "net/checksum.h"
 #include "hw/net/mii.h"
 #include "sysemu/sysemu.h"
 #include "trace.h"
-/* For crc32 */
-#include 
 
 #define TYPE_SUNGEM "sungem"
 
@@ -595,7 +594,7 @@ static ssize_t sungem_receive(NetClientState *nc, const 
uint8_t *buf,
 }
 
 /* Get MAC crc */
-mac_crc = crc32(~0, buf, 6);
+mac_crc = net_crc32_le(buf, ETH_ALEN);
 
 /* Packet isn't for me ? */
 rx_cond = sungem_check_rx_mac(s, buf, mac_crc);
-- 
2.7.4

[Qemu-devel] [PULL 11/18] lan9118: use inline net_crc32() and bitshift instead of compute_mcast_idx()

[Jason Wang]

From: Mark Cave-Ayland 

This makes it much easier to compare the multicast CRC calculation endian and
bitshift against the Linux driver implementation.

Signed-off-by: Mark Cave-Ayland 
Signed-off-by: Jason Wang 
---
 hw/net/lan9118.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/net/lan9118.c b/hw/net/lan9118.c
index 3db8937..b9032da 100644
--- a/hw/net/lan9118.c
+++ b/hw/net/lan9118.c
@@ -13,6 +13,7 @@
 #include "qemu/osdep.h"
 #include "hw/sysbus.h"
 #include "net/net.h"
+#include "net/eth.h"
 #include "hw/devices.h"
 #include "sysemu/sysemu.h"
 #include "hw/ptimer.h"
@@ -504,7 +505,7 @@ static int lan9118_filter(lan9118_state *s, const uint8_t 
*addr)
 }
 } else {
 /* Hash matching  */
-hash = compute_mcast_idx(addr);
+hash = net_crc32(addr, ETH_ALEN) >> 26;
 if (hash & 0x20) {
 return (s->mac_hashh >> (hash & 0x1f)) & 1;
 } else {
-- 
2.7.4

[Qemu-devel] [PULL 10/18] opencores_eth: use inline net_crc32() and bitshift instead of compute_mcast_idx()

[Jason Wang]

From: Mark Cave-Ayland 

This makes it much easier to compare the multicast CRC calculation endian and
bitshift against the Linux driver implementation.

Signed-off-by: Mark Cave-Ayland 
Signed-off-by: Jason Wang 
---
 hw/net/opencores_eth.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/net/opencores_eth.c b/hw/net/opencores_eth.c
index 268d6a7..d42b79c 100644
--- a/hw/net/opencores_eth.c
+++ b/hw/net/opencores_eth.c
@@ -36,6 +36,7 @@
 #include "hw/net/mii.h"
 #include "hw/sysbus.h"
 #include "net/net.h"
+#include "net/eth.h"
 #include "sysemu/sysemu.h"
 #include "trace.h"
 
@@ -373,7 +374,7 @@ static ssize_t open_eth_receive(NetClientState *nc,
 if (memcmp(buf, bcast_addr, sizeof(bcast_addr)) == 0) {
 miss = GET_REGBIT(s, MODER, BRO);
 } else if ((buf[0] & 0x1) || GET_REGBIT(s, MODER, IAM)) {
-unsigned mcast_idx = compute_mcast_idx(buf);
+unsigned mcast_idx = net_crc32(buf, ETH_ALEN) >> 26;
 miss = !(s->regs[HASH0 + mcast_idx / 32] &
 (1 << (mcast_idx % 32)));
 trace_open_eth_receive_mcast(
-- 
2.7.4

[Qemu-devel] [PULL 03/18] net: move CRC32 calculation from compute_mcast_idx() into its own net_crc32() function

[Jason Wang]

From: Mark Cave-Ayland 

Separate out the standard ethernet CRC32 calculation into a new net_crc32()
function, renaming the constant POLYNOMIAL to POLYNOMIAL_BE to make it clear
that this is a big-endian CRC32 calculation.

As part of the constant rename, remove the duplicate definition of POLYNOMIAL
from eepro100.c and use the new POLYNOMIAL_BE constant instead.

Once this is complete remove the existing CRC32 implementation from
compute_mcast_idx() and call the new net_crc32() function in its place.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Jason Wang 
---
 hw/net/eepro100.c |  4 +---
 include/net/net.h |  3 ++-
 net/net.c | 16 +++-
 3 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
index 1c0def5..71cddfe 100644
--- a/hw/net/eepro100.c
+++ b/hw/net/eepro100.c
@@ -323,8 +323,6 @@ static const uint16_t eepro100_mdi_mask[] = {
 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x,
 };
 
-#define POLYNOMIAL 0x04c11db6
-
 static E100PCIDeviceInfo *eepro100_get_class(EEPRO100State *s);
 
 /* From FreeBSD (locally modified). */
@@ -342,7 +340,7 @@ static unsigned e100_compute_mcast_idx(const uint8_t *ep)
 crc <<= 1;
 b >>= 1;
 if (carry) {
-crc = ((crc ^ POLYNOMIAL) | carry);
+crc = ((crc ^ POLYNOMIAL_BE) | carry);
 }
 }
 }
diff --git a/include/net/net.h b/include/net/net.h
index 1c55a93..586098c 100644
--- a/include/net/net.h
+++ b/include/net/net.h
@@ -227,7 +227,8 @@ NetClientState *net_hub_port_find(int hub_id);
 
 void qdev_set_nic_properties(DeviceState *dev, NICInfo *nd);
 
-#define POLYNOMIAL 0x04c11db6
+#define POLYNOMIAL_BE 0x04c11db6
+uint32_t net_crc32(const uint8_t *p, int len);
 unsigned compute_mcast_idx(const uint8_t *ep);
 
 #define vmstate_offset_macaddr(_state, _field)   \
diff --git a/net/net.c b/net/net.c
index 39ef546..a14dc99 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1581,25 +1581,31 @@ int net_client_parse(QemuOptsList *opts_list, const 
char *optarg)
 
 /* From FreeBSD */
 /* XXX: optimize */
-unsigned compute_mcast_idx(const uint8_t *ep)
+uint32_t net_crc32(const uint8_t *p, int len)
 {
 uint32_t crc;
 int carry, i, j;
 uint8_t b;
 
 crc = 0x;
-for (i = 0; i < 6; i++) {
-b = *ep++;
+for (i = 0; i < len; i++) {
+b = *p++;
 for (j = 0; j < 8; j++) {
 carry = ((crc & 0x8000L) ? 1 : 0) ^ (b & 0x01);
 crc <<= 1;
 b >>= 1;
 if (carry) {
-crc = ((crc ^ POLYNOMIAL) | carry);
+crc = ((crc ^ POLYNOMIAL_BE) | carry);
 }
 }
 }
-return crc >> 26;
+
+return crc;
+}
+
+unsigned compute_mcast_idx(const uint8_t *ep)
+{
+return net_crc32(ep, ETH_ALEN) >> 26;
 }
 
 QemuOptsList qemu_netdev_opts = {
-- 
2.7.4

[Qemu-devel] [PULL 18/18] qemu-doc: Update the deprecation information of -tftp, -bootp, -redir and -smb

[Jason Wang]

From: Thomas Huth 

The information how to update the deprecated parameters was too scarce,
so that some people did not update to the new syntax yet. Provide some
more information to make sure that it is clear how to update from the
old syntax to the new one.

Signed-off-by: Thomas Huth 
Signed-off-by: Jason Wang 
---
 qemu-doc.texi | 33 +
 1 file changed, 21 insertions(+), 12 deletions(-)

diff --git a/qemu-doc.texi b/qemu-doc.texi
index 140659a..ae90f71 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -2648,27 +2648,36 @@ combined with ``-vnc tls-creds=tls0'
 
 @subsection -tftp (since 2.6.0)
 
-The ``-tftp /some/dir'' argument is now a synonym for setting
-the ``-netdev user,tftp=/some/dir' argument. The new syntax
-allows different settings to be provided per NIC.
+The ``-tftp /some/dir'' argument is replaced by
+``-netdev user,id=x,tftp=/some/dir'', either accompanied with
+``-device ...,netdev=x'' (for pluggable NICs) or ``-net nic,netdev=x''
+(for embedded NICs). The new syntax allows different settings to be
+provided per NIC.
 
 @subsection -bootp (since 2.6.0)
 
-The ``-bootp /some/file'' argument is now a synonym for setting
-the ``-netdev user,bootp=/some/file' argument. The new syntax
-allows different settings to be provided per NIC.
+The ``-bootp /some/file'' argument is replaced by
+``-netdev user,id=x,bootp=/some/file'', either accompanied with
+``-device ...,netdev=x'' (for pluggable NICs) or ``-net nic,netdev=x''
+(for embedded NICs). The new syntax allows different settings to be
+provided per NIC.
 
 @subsection -redir (since 2.6.0)
 
-The ``-redir ARGS'' argument is now a synonym for setting
-the ``-netdev user,hostfwd=ARGS'' argument instead. The new
-syntax allows different settings to be provided per NIC.
+The ``-redir [tcp|udp]:hostport:[guestaddr]:guestport'' argument is
+replaced by ``-netdev
+user,id=x,hostfwd=[tcp|udp]:[hostaddr]:hostport-[guestaddr]:guestport'',
+either accompanied with ``-device ...,netdev=x'' (for pluggable NICs) or
+``-net nic,netdev=x'' (for embedded NICs). The new syntax allows different
+settings to be provided per NIC.
 
 @subsection -smb (since 2.6.0)
 
-The ``-smb /some/dir'' argument is now a synonym for setting
-the ``-netdev user,smb=/some/dir'' argument instead. The new
-syntax allows different settings to be provided per NIC.
+The ``-smb /some/dir'' argument is replaced by
+``-netdev user,id=x,smb=/some/dir'', either accompanied with
+``-device ...,netdev=x'' (for pluggable NICs) or ``-net nic,netdev=x''
+(for embedded NICs). The new syntax allows different settings to be
+provided per NIC.
 
 @subsection -net vlan (since 2.9.0)
 
-- 
2.7.4

[Qemu-devel] [PULL 07/18] sunhme: switch sunhme over to use net_crc32_le()

[Jason Wang]

From: Mark Cave-Ayland 

Instead of sunhme_crc32_le() using its own implementation, we can simply call
net_crc32_le() directly and apply the bit shift inline.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Eric Blake 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Jason Wang 
---
 hw/net/sunhme.c | 25 +
 1 file changed, 1 insertion(+), 24 deletions(-)

diff --git a/hw/net/sunhme.c b/hw/net/sunhme.c
index b1efa1b..7558fca 100644
--- a/hw/net/sunhme.c
+++ b/hw/net/sunhme.c
@@ -698,29 +698,6 @@ static inline void sunhme_set_rx_ring_nr(SunHMEState *s, 
int i)
 s->erxregs[HME_ERXI_RING >> 2] = ring;
 }
 
-#define POLYNOMIAL_LE 0xedb88320
-static uint32_t sunhme_crc32_le(const uint8_t *p, int len)
-{
-uint32_t crc;
-int carry, i, j;
-uint8_t b;
-
-crc = 0x;
-for (i = 0; i < len; i++) {
-b = *p++;
-for (j = 0; j < 8; j++) {
-carry = (crc & 0x1) ^ (b & 0x01);
-crc >>= 1;
-b >>= 1;
-if (carry) {
-crc = crc ^ POLYNOMIAL_LE;
-}
-}
-}
-
-return crc;
-}
-
 #define MIN_BUF_SIZE 60
 
 static ssize_t sunhme_receive(NetClientState *nc, const uint8_t *buf,
@@ -761,7 +738,7 @@ static ssize_t sunhme_receive(NetClientState *nc, const 
uint8_t *buf,
 trace_sunhme_rx_filter_bcast_match();
 } else if (s->macregs[HME_MACI_RXCFG >> 2] & HME_MAC_RXCFG_HENABLE) {
 /* Didn't match local address, check hash filter */
-int mcast_idx = sunhme_crc32_le(buf, 6) >> 26;
+int mcast_idx = net_crc32_le(buf, ETH_ALEN) >> 26;
 if (!(s->macregs[(HME_MACI_HASHTAB0 >> 2) - (mcast_idx >> 4)] &
 (1 << (mcast_idx & 0xf {
 /* Didn't match hash filter */
-- 
2.7.4

[Qemu-devel] [PULL 02/18] e1000: Separate TSO and non-TSO contexts, fixing UDP TX corruption

[Jason Wang]

From: Ed Swierk via Qemu-devel 

The device is supposed to maintain two distinct contexts for transmit
offloads: one has parameters for both segmentation and checksum
offload, the other only for checksum offload. The guest driver can
send two context descriptors, one for each context (the TSE flag
specifies which). Then the guest can refer to one or the other context
in subsequent transmit data descriptors, depending on what offloads it
wants applied to each packet.

Currently the e1000 device stores just one context, and misinterprets
the TSE flags in the context and data descriptors. This is often okay:
Linux happens to send a fresh context descriptor before every data
descriptor, so forgetting the other context doesn't matter. Windows
does rely on separate contexts for TSO vs. non-TSO packets, but for
mostly-TCP traffic the two contexts have identical TCP-specific
offload parameters so confusing them doesn't matter.

One case where this confusion matters is when a Windows guest sets up
a TSO context for TCP and a non-TSO context for UDP, and then
transmits both TCP and UDP traffic in parallel. The e1000 device
sometimes ends up using TCP-specific parameters while doing checksum
offload on a UDP datagram: it writes the checksum to offset 16 (the
correct location for a TCP checksum), stomping on two bytes of UDP
data, and leaving the wrong value in the actual UDP checksum field at
offset 6. (Even worse, the host network stack may then recompute the
UDP checksum, "correcting" it to match the corrupt data before sending
it out a physical interface.)

Correct this by tracking the TSO context independently of the non-TSO
context, and selecting the appropriate context based on the TSE flag
in each transmit data descriptor.

Signed-off-by: Ed Swierk 
Signed-off-by: Jason Wang 
---
 hw/net/e1000.c | 70 +-
 1 file changed, 40 insertions(+), 30 deletions(-)

diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index 30aef93..804ec08 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -101,6 +101,7 @@ typedef struct E1000State_st {
 unsigned char sum_needed;
 bool cptse;
 e1000x_txd_props props;
+e1000x_txd_props tso_props;
 uint16_t tso_frames;
 } tx;
 
@@ -541,35 +542,37 @@ xmit_seg(E1000State *s)
 uint16_t len;
 unsigned int frames = s->tx.tso_frames, css, sofar;
 struct e1000_tx *tp = >tx;
+struct e1000x_txd_props *props = tp->cptse ? >tso_props : >props;
 
-if (tp->props.tse && tp->cptse) {
-css = tp->props.ipcss;
+if (tp->cptse) {
+css = props->ipcss;
 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
frames, tp->size, css);
-if (tp->props.ip) {/* IPv4 */
+if (props->ip) {/* IPv4 */
 stw_be_p(tp->data+css+2, tp->size - css);
 stw_be_p(tp->data+css+4,
  lduw_be_p(tp->data + css + 4) + frames);
 } else { /* IPv6 */
 stw_be_p(tp->data+css+4, tp->size - css);
 }
-css = tp->props.tucss;
+css = props->tucss;
 len = tp->size - css;
-DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->props.tcp, css, len);
-if (tp->props.tcp) {
-sofar = frames * tp->props.mss;
+DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", props->tcp, css, len);
+if (props->tcp) {
+sofar = frames * props->mss;
 stl_be_p(tp->data+css+4, ldl_be_p(tp->data+css+4)+sofar); /* seq */
-if (tp->props.paylen - sofar > tp->props.mss) {
+if (props->paylen - sofar > props->mss) {
 tp->data[css + 13] &= ~9;/* PSH, FIN */
 } else if (frames) {
 e1000x_inc_reg_if_not_full(s->mac_reg, TSCTC);
 }
-} else/* UDP */
+} else {/* UDP */
 stw_be_p(tp->data+css+4, len);
+}
 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
 unsigned int phsum;
 // add pseudo-header length before checksum calculation
-void *sp = tp->data + tp->props.tucso;
+void *sp = tp->data + props->tucso;
 
 phsum = lduw_be_p(sp) + len;
 phsum = (phsum >> 16) + (phsum & 0x);
@@ -579,12 +582,10 @@ xmit_seg(E1000State *s)
 }
 
 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
-putsum(tp->data, tp->size, tp->props.tucso,
-   tp->props.tucss, tp->props.tucse);
+putsum(tp->data, tp->size, props->tucso, props->tucss, props->tucse);
 }
 if (tp->sum_needed & E1000_TXD_POPTS_IXSM) {
-putsum(tp->data, tp->size, tp->props.ipcso,
-   tp->props.ipcss, tp->props.ipcse);
+putsum(tp->data, tp->size, props->ipcso, props->ipcss, props->ipcse);
 }
 if (tp->vlan_needed) {
 memmove(tp->vlan, tp->data, 4);
@@ -616,11 +617,11 @@ 

[Qemu-devel] [PULL 13/18] ne2000: use inline net_crc32() and bitshift instead of compute_mcast_idx()

[Jason Wang]

From: Mark Cave-Ayland 

This makes it much easier to compare the multicast CRC calculation endian and
bitshift against the Linux driver implementation.

Signed-off-by: Mark Cave-Ayland 
Signed-off-by: Jason Wang 
---
 hw/net/ne2000.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hw/net/ne2000.c b/hw/net/ne2000.c
index 6874c8c..687ef84 100644
--- a/hw/net/ne2000.c
+++ b/hw/net/ne2000.c
@@ -23,6 +23,8 @@
  */
 #include "qemu/osdep.h"
 #include "hw/pci/pci.h"
+#include "net/net.h"
+#include "net/eth.h"
 #include "ne2000.h"
 #include "hw/loader.h"
 #include "sysemu/sysemu.h"
@@ -199,7 +201,7 @@ ssize_t ne2000_receive(NetClientState *nc, const uint8_t 
*buf, size_t size_)
 /* multicast */
 if (!(s->rxcr & 0x08))
 return size;
-mcast_idx = compute_mcast_idx(buf);
+mcast_idx = net_crc32(buf, ETH_ALEN) >> 26;
 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7
 return size;
 } else if (s->mem[0] == buf[0] &&
-- 
2.7.4

[Qemu-devel] [PULL 16/18] net: Remove the legacy "-net channel" parameter

[Jason Wang]

From: Thomas Huth 

It has never been documented, so hardly anybody knows about this
parameter, and it is marked as deprecated since QEMU v2.6.
Time to let it go now.

Reviewed-by: Samuel Thibault 
Signed-off-by: Thomas Huth 
Signed-off-by: Jason Wang 
---
 include/net/slirp.h |  2 --
 net/net.c   |  7 ---
 net/slirp.c | 34 --
 qemu-doc.texi   |  5 -
 4 files changed, 48 deletions(-)

diff --git a/include/net/slirp.h b/include/net/slirp.h
index 64b795c..0c98e46 100644
--- a/include/net/slirp.h
+++ b/include/net/slirp.h
@@ -36,8 +36,6 @@ void hmp_hostfwd_remove(Monitor *mon, const QDict *qdict);
 
 int net_slirp_redir(const char *redir_str);
 
-int net_slirp_parse_legacy(QemuOptsList *opts_list, const char *optarg, int 
*ret);
-
 int net_slirp_smb(const char *exported_dir);
 
 void hmp_info_usernet(Monitor *mon, const QDict *qdict);
diff --git a/net/net.c b/net/net.c
index 5bc0a34..2b81c93 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1565,13 +1565,6 @@ int net_init_clients(void)
 
 int net_client_parse(QemuOptsList *opts_list, const char *optarg)
 {
-#if defined(CONFIG_SLIRP)
-int ret;
-if (net_slirp_parse_legacy(opts_list, optarg, )) {
-return ret;
-}
-#endif
-
 if (!qemu_opts_parse_noisily(opts_list, optarg, true)) {
 return -1;
 }
diff --git a/net/slirp.c b/net/slirp.c
index 318a26e..cb8ca23 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -956,37 +956,3 @@ int net_init_slirp(const Netdev *netdev, const char *name,
 
 return ret;
 }
-
-int net_slirp_parse_legacy(QemuOptsList *opts_list, const char *optarg, int 
*ret)
-{
-if (strcmp(opts_list->name, "net") != 0 ||
-strncmp(optarg, "channel,", strlen("channel,")) != 0) {
-return 0;
-}
-
-error_report("The '-net channel' option is deprecated. "
- "Please use '-netdev user,guestfwd=...' instead.");
-
-/* handle legacy -net channel,port:chr */
-optarg += strlen("channel,");
-
-if (QTAILQ_EMPTY(_stacks)) {
-struct slirp_config_str *config;
-
-config = g_malloc(sizeof(*config));
-pstrcpy(config->str, sizeof(config->str), optarg);
-config->flags = SLIRP_CFG_LEGACY;
-config->next = slirp_configs;
-slirp_configs = config;
-*ret = 0;
-} else {
-Error *err = NULL;
-*ret = slirp_guestfwd(QTAILQ_FIRST(_stacks), optarg, 1, );
-if (*ret < 0) {
-error_report_err(err);
-}
-}
-
-return 1;
-}
-
diff --git a/qemu-doc.texi b/qemu-doc.texi
index 90bea73..140659a 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -2670,11 +2670,6 @@ The ``-smb /some/dir'' argument is now a synonym for 
setting
 the ``-netdev user,smb=/some/dir'' argument instead. The new
 syntax allows different settings to be provided per NIC.
 
-@subsection -net channel (since 2.6.0)
-
-The ``--net channel,ARGS'' argument is now a synonym for setting
-the ``-netdev user,guestfwd=ARGS'' argument instead.
-
 @subsection -net vlan (since 2.9.0)
 
 The ``-net vlan=NN'' argument is partially replaced with the
-- 
2.7.4

[Qemu-devel] [PULL 05/18] pcnet: switch pcnet over to use net_crc32_le()

[Jason Wang]

From: Mark Cave-Ayland 

Instead of lnc_mchash() using its own implementation, we can simply call
net_crc32_le() directly and apply the bit shift inline.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Eric Blake 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Jason Wang 
---
 hw/net/pcnet.c | 22 ++
 1 file changed, 2 insertions(+), 20 deletions(-)

diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c
index 6544553..39d5d93 100644
--- a/hw/net/pcnet.c
+++ b/hw/net/pcnet.c
@@ -38,6 +38,7 @@
 #include "qemu/osdep.h"
 #include "hw/qdev.h"
 #include "net/net.h"
+#include "net/eth.h"
 #include "qemu/timer.h"
 #include "qemu/sockets.h"
 #include "sysemu/sysemu.h"
@@ -522,25 +523,6 @@ static inline void pcnet_rmd_store(PCNetState *s, struct 
pcnet_RMD *rmd,
be16_to_cpu(hdr->ether_type));   \
 } while (0)
 
-#define MULTICAST_FILTER_LEN 8
-
-static inline uint32_t lnc_mchash(const uint8_t *ether_addr)
-{
-#define LNC_POLYNOMIAL  0xEDB88320UL
-uint32_t crc = 0x;
-int idx, bit;
-uint8_t data;
-
-for (idx = 0; idx < 6; idx++) {
-for (data = *ether_addr++, bit = 0; bit < MULTICAST_FILTER_LEN; bit++) 
{
-crc = (crc >> 1) ^ (((crc ^ data) & 1) ? LNC_POLYNOMIAL : 0);
-data >>= 1;
-}
-}
-return crc;
-#undef LNC_POLYNOMIAL
-}
-
 #define CRC(crc, ch)(crc = (crc >> 8) ^ crctab[(crc ^ (ch)) & 0xff])
 
 /* generated using the AUTODIN II polynomial
@@ -656,7 +638,7 @@ static inline int ladr_match(PCNetState *s, const uint8_t 
*buf, int size)
 s->csr[10] & 0xff, s->csr[10] >> 8,
 s->csr[11] & 0xff, s->csr[11] >> 8
 };
-int index = lnc_mchash(hdr->ether_dhost) >> 26;
+int index = net_crc32_le(hdr->ether_dhost, ETH_ALEN) >> 26;
 return !!(ladr[index >> 3] & (1 << (index & 7)));
 }
 return 0;
-- 
2.7.4

[Qemu-devel] [PULL 01/18] e1000, e1000e: Move per-packet TX offload flags out of context state

[Jason Wang]

From: Ed Swierk via Qemu-devel 

sum_needed and cptse flags are received from the guest within each
transmit data descriptor. They are not part of the offload context;
instead, they determine how to apply a previously received context to
the packet being transmitted:

- If cptse is set, perform both segmentation and checksum offload
  using the parameters in the TSO context; otherwise just do checksum
  offload. (Currently the e1000 device incorrectly stores only one
  context, which will be fixed in a subsequent patch.)

- Depending on the bits set in sum_needed, possibly perform L4
  checksum offload and/or IP checksum offload, using the parameters in
  the appropriate context.

Move these flags out of struct e1000x_txd_props, which is otherwise
dedicated to storing values from a context descriptor, and into the
per-packet TX struct.

Signed-off-by: Ed Swierk 
Signed-off-by: Jason Wang 
---
 hw/net/e1000.c | 30 --
 hw/net/e1000e.c|  4 ++--
 hw/net/e1000e_core.c   | 16 
 hw/net/e1000e_core.h   |  2 ++
 hw/net/e1000x_common.h |  2 --
 5 files changed, 28 insertions(+), 26 deletions(-)

diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index 05a00cb..30aef93 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -98,6 +98,8 @@ typedef struct E1000State_st {
 unsigned char data[0x1];
 uint16_t size;
 unsigned char vlan_needed;
+unsigned char sum_needed;
+bool cptse;
 e1000x_txd_props props;
 uint16_t tso_frames;
 } tx;
@@ -540,7 +542,7 @@ xmit_seg(E1000State *s)
 unsigned int frames = s->tx.tso_frames, css, sofar;
 struct e1000_tx *tp = >tx;
 
-if (tp->props.tse && tp->props.cptse) {
+if (tp->props.tse && tp->cptse) {
 css = tp->props.ipcss;
 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
frames, tp->size, css);
@@ -564,7 +566,7 @@ xmit_seg(E1000State *s)
 }
 } else/* UDP */
 stw_be_p(tp->data+css+4, len);
-if (tp->props.sum_needed & E1000_TXD_POPTS_TXSM) {
+if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
 unsigned int phsum;
 // add pseudo-header length before checksum calculation
 void *sp = tp->data + tp->props.tucso;
@@ -576,11 +578,11 @@ xmit_seg(E1000State *s)
 tp->tso_frames++;
 }
 
-if (tp->props.sum_needed & E1000_TXD_POPTS_TXSM) {
+if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
 putsum(tp->data, tp->size, tp->props.tucso,
tp->props.tucss, tp->props.tucse);
 }
-if (tp->props.sum_needed & E1000_TXD_POPTS_IXSM) {
+if (tp->sum_needed & E1000_TXD_POPTS_IXSM) {
 putsum(tp->data, tp->size, tp->props.ipcso,
tp->props.ipcss, tp->props.ipcse);
 }
@@ -624,17 +626,17 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
 // data descriptor
 if (tp->size == 0) {
-tp->props.sum_needed = le32_to_cpu(dp->upper.data) >> 8;
+tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
 }
-tp->props.cptse = (txd_lower & E1000_TXD_CMD_TSE) ? 1 : 0;
+tp->cptse = (txd_lower & E1000_TXD_CMD_TSE) ? 1 : 0;
 } else {
 // legacy descriptor
-tp->props.cptse = 0;
+tp->cptse = 0;
 }
 
 if (e1000x_vlan_enabled(s->mac_reg) &&
 e1000x_is_vlan_txd(txd_lower) &&
-(tp->props.cptse || txd_lower & E1000_TXD_CMD_EOP)) {
+(tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
 tp->vlan_needed = 1;
 stw_be_p(tp->vlan_header,
   le16_to_cpu(s->mac_reg[VET]));
@@ -643,7 +645,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
 }
 
 addr = le64_to_cpu(dp->buffer_addr);
-if (tp->props.tse && tp->props.cptse) {
+if (tp->props.tse && tp->cptse) {
 msh = tp->props.hdr_len + tp->props.mss;
 do {
 bytes = split_size;
@@ -665,7 +667,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
 }
 split_size -= bytes;
 } while (bytes && split_size);
-} else if (!tp->props.tse && tp->props.cptse) {
+} else if (!tp->props.tse && tp->cptse) {
 // context descriptor TSE is not set, while data descriptor TSE is set
 DBGOUT(TXERR, "TCP segmentation error\n");
 } else {
@@ -676,14 +678,14 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
 
 if (!(txd_lower & E1000_TXD_CMD_EOP))
 return;
-if (!(tp->props.tse && tp->props.cptse && tp->size < tp->props.hdr_len)) {
+if (!(tp->props.tse && tp->cptse && tp->size < tp->props.hdr_len)) {
 xmit_seg(s);
 }
 tp->tso_frames = 0;
-tp->props.sum_needed = 0;
+tp->sum_needed = 0;
 tp->vlan_needed = 0;
 tp->size = 0;
-tp->props.cptse = 

[Qemu-devel] [PULL 04/18] net: introduce net_crc32_le() function

[Jason Wang]

From: Mark Cave-Ayland 

This provides a standard ethernet CRC32 little-endian implementation.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Eric Blake 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Jason Wang 
---
 include/net/net.h |  2 ++
 net/net.c | 22 ++
 2 files changed, 24 insertions(+)

diff --git a/include/net/net.h b/include/net/net.h
index 586098c..4afac1a 100644
--- a/include/net/net.h
+++ b/include/net/net.h
@@ -228,7 +228,9 @@ NetClientState *net_hub_port_find(int hub_id);
 void qdev_set_nic_properties(DeviceState *dev, NICInfo *nd);
 
 #define POLYNOMIAL_BE 0x04c11db6
+#define POLYNOMIAL_LE 0xedb88320
 uint32_t net_crc32(const uint8_t *p, int len);
+uint32_t net_crc32_le(const uint8_t *p, int len);
 unsigned compute_mcast_idx(const uint8_t *ep);
 
 #define vmstate_offset_macaddr(_state, _field)   \
diff --git a/net/net.c b/net/net.c
index a14dc99..4ecaf80 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1603,6 +1603,28 @@ uint32_t net_crc32(const uint8_t *p, int len)
 return crc;
 }
 
+uint32_t net_crc32_le(const uint8_t *p, int len)
+{
+uint32_t crc;
+int carry, i, j;
+uint8_t b;
+
+crc = 0x;
+for (i = 0; i < len; i++) {
+b = *p++;
+for (j = 0; j < 8; j++) {
+carry = (crc & 0x1) ^ (b & 0x01);
+crc >>= 1;
+b >>= 1;
+if (carry) {
+crc ^= POLYNOMIAL_LE;
+}
+}
+}
+
+return crc;
+}
+
 unsigned compute_mcast_idx(const uint8_t *ep)
 {
 return net_crc32(ep, ETH_ALEN) >> 26;
-- 
2.7.4

[Qemu-devel] [PULL 00/18] Net patches

[Jason Wang]

The following changes since commit 43ab9a5376c95c61ae898a222c4d04bdf60e239b:

  hw/i386/vmport: fix missing definitions with non-log trace backends 
(2017-12-21 22:52:28 +)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to 0065e915192cdf83c2700bb377e5323c2649476e:

  qemu-doc: Update the deprecation information of -tftp, -bootp, -redir and 
-smb (2017-12-22 10:06:05 +0800)




Ed Swierk via Qemu-devel (2):
  e1000, e1000e: Move per-packet TX offload flags out of context state
  e1000: Separate TSO and non-TSO contexts, fixing UDP TX corruption

Mark Cave-Ayland (13):
  net: move CRC32 calculation from compute_mcast_idx() into its own 
net_crc32() function
  net: introduce net_crc32_le() function
  pcnet: switch pcnet over to use net_crc32_le()
  eepro100: switch eepro100 e100_compute_mcast_idx() over to use net_crc32()
  sunhme: switch sunhme over to use net_crc32_le()
  sungem: fix multicast filter CRC calculation
  eepro100: use inline net_crc32() and bitshift instead of 
compute_mcast_idx()
  opencores_eth: use inline net_crc32() and bitshift instead of 
compute_mcast_idx()
  lan9118: use inline net_crc32() and bitshift instead of 
compute_mcast_idx()
  ftgmac100: use inline net_crc32() and bitshift instead of 
compute_mcast_idx()
  ne2000: use inline net_crc32() and bitshift instead of compute_mcast_idx()
  rtl8139: use inline net_crc32() and bitshift instead of 
compute_mcast_idx()
  net: remove unused compute_mcast_idx() function

Thomas Huth (3):
  net: Remove the legacy "-net channel" parameter
  qemu-doc: The "-net nic" option can be used with "netdev=...", too
  qemu-doc: Update the deprecation information of -tftp, -bootp, -redir and 
-smb

 hw/net/e1000.c | 92 --
 hw/net/e1000e.c|  4 +--
 hw/net/e1000e_core.c   | 16 -
 hw/net/e1000e_core.h   |  2 ++
 hw/net/e1000x_common.h |  2 --
 hw/net/eepro100.c  | 32 +++---
 hw/net/ftgmac100.c |  2 +-
 hw/net/lan9118.c   |  3 +-
 hw/net/ne2000.c|  4 ++-
 hw/net/opencores_eth.c |  3 +-
 hw/net/pcnet.c | 22 ++--
 hw/net/rtl8139.c   |  2 +-
 hw/net/sungem.c|  5 ++-
 hw/net/sunhme.c| 25 +-
 include/net/net.h  |  5 ++-
 include/net/slirp.h|  2 --
 net/net.c  | 40 +++---
 net/slirp.c| 34 ---
 qemu-doc.texi  | 38 +++--
 qemu-options.hx| 14 
 20 files changed, 144 insertions(+), 203 deletions(-)

[Qemu-devel] [PULL 09/18] eepro100: use inline net_crc32() and bitshift instead of compute_mcast_idx()

[Jason Wang]

From: Mark Cave-Ayland 

This makes it much easier to compare the multicast CRC calculation endian and
bitshift against the Linux driver implementation.

Signed-off-by: Mark Cave-Ayland 
Signed-off-by: Jason Wang 
---
 hw/net/eepro100.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
index e30fed8..a07a632 100644
--- a/hw/net/eepro100.c
+++ b/hw/net/eepro100.c
@@ -1679,7 +1679,7 @@ static ssize_t nic_receive(NetClientState *nc, const 
uint8_t * buf, size_t size)
 rfd_status |= 0x0004;
 } else if (s->configuration[20] & BIT(6)) {
 /* Multiple IA bit set. */
-unsigned mcast_idx = compute_mcast_idx(buf);
+unsigned mcast_idx = net_crc32(buf, ETH_ALEN) >> 26;
 assert(mcast_idx < 64);
 if (s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7))) {
 TRACE(RXTX, logout("%p accepted, multiple IA bit set\n", s));
-- 
2.7.4

[Qemu-devel] [PULL 06/18] eepro100: switch eepro100 e100_compute_mcast_idx() over to use net_crc32()

[Jason Wang]

From: Mark Cave-Ayland 

Instead of e100_compute_mcast_idx() using its own implementation, we can
simply call net_crc32() directly and apply the bit shift inline.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Stefan Weil 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Jason Wang 
---
 hw/net/eepro100.c | 28 
 1 file changed, 4 insertions(+), 24 deletions(-)

diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
index 71cddfe..e30fed8 100644
--- a/hw/net/eepro100.c
+++ b/hw/net/eepro100.c
@@ -44,6 +44,7 @@
 #include "hw/hw.h"
 #include "hw/pci/pci.h"
 #include "net/net.h"
+#include "net/eth.h"
 #include "hw/nvram/eeprom93xx.h"
 #include "sysemu/sysemu.h"
 #include "sysemu/dma.h"
@@ -325,28 +326,6 @@ static const uint16_t eepro100_mdi_mask[] = {
 
 static E100PCIDeviceInfo *eepro100_get_class(EEPRO100State *s);
 
-/* From FreeBSD (locally modified). */
-static unsigned e100_compute_mcast_idx(const uint8_t *ep)
-{
-uint32_t crc;
-int carry, i, j;
-uint8_t b;
-
-crc = 0x;
-for (i = 0; i < 6; i++) {
-b = *ep++;
-for (j = 0; j < 8; j++) {
-carry = ((crc & 0x8000L) ? 1 : 0) ^ (b & 0x01);
-crc <<= 1;
-b >>= 1;
-if (carry) {
-crc = ((crc ^ POLYNOMIAL_BE) | carry);
-}
-}
-}
-return (crc & BITS(7, 2)) >> 2;
-}
-
 /* Read a 16 bit control/status (CSR) register. */
 static uint16_t e100_read_reg2(EEPRO100State *s, E100RegisterOffset addr)
 {
@@ -843,7 +822,8 @@ static void set_multicast_list(EEPRO100State *s)
 uint8_t multicast_addr[6];
 pci_dma_read(>dev, s->cb_address + 10 + i, multicast_addr, 6);
 TRACE(OTHER, logout("multicast entry %s\n", nic_dump(multicast_addr, 
6)));
-unsigned mcast_idx = e100_compute_mcast_idx(multicast_addr);
+unsigned mcast_idx = (net_crc32(multicast_addr, ETH_ALEN) &
+  BITS(7, 2)) >> 2;
 assert(mcast_idx < 64);
 s->mult[mcast_idx >> 3] |= (1 << (mcast_idx & 7));
 }
@@ -1679,7 +1659,7 @@ static ssize_t nic_receive(NetClientState *nc, const 
uint8_t * buf, size_t size)
 if (s->configuration[21] & BIT(3)) {
   /* Multicast all bit is set, receive all multicast frames. */
 } else {
-  unsigned mcast_idx = e100_compute_mcast_idx(buf);
+  unsigned mcast_idx = (net_crc32(buf, ETH_ALEN) & BITS(7, 2)) >> 2;
   assert(mcast_idx < 64);
   if (s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7))) {
 /* Multicast frame is allowed in hash table. */
-- 
2.7.4

Re: [Qemu-devel] [PATCHv3 00/13] net: introduce common net_crc32() and net_crc32_le() functions

[Jason Wang]

On 2017年12月20日 16:58, Mark Cave-Ayland wrote:

Series looks good to me.

A small question is that, is this better to keep compute_mcast_idx()?

Thanks


Hi Jason,

I did think about this, however at the very minimum you'd need 
big-endian and little-endian variants of compute_mcast_idx(), and then 
you see that eepro100 applies a different bitmask/shift which is yet 
another variant...


For this reason I moved them all inline to the QEMU driver and that 
made it possible to compare the hash calculation directly with the 
corresponding Linux driver which found the 3 potential bugs above. So 
I think this is a net win (pardon the pun) on all sides :)



ATB,


Ok, applied.

Thanks

Re: [Qemu-devel] [PATCH 0/3] net: Remove "-net channel" and update "-net nic" docs

[Jason Wang]

On 2017年12月19日 23:28, Thomas Huth wrote:

Remove the deprecated (and even undocumented) "-net channel" parameter,
and update our docs with regards to the possibility to use "netdev=..."
together with the "-net nic" option for embedded NICs.

Thomas Huth (3):
   net: Remove the legacy "-net channel" parameter
   qemu-doc: The "-net nic" option can be used with "netdev=...", too
   qemu-doc: Update the deprecation information of -tftp, -bootp, -redir
 and -smb

  include/net/slirp.h |  2 --
  net/net.c   |  7 ---
  net/slirp.c | 34 --
  qemu-doc.texi   | 38 +-
  qemu-options.hx | 14 --
  5 files changed, 29 insertions(+), 66 deletions(-)



Applied.

Thanks

Re: [Qemu-devel] [PATCH] target/ppc: more use of the PPC_*() macros

[David Gibson]

On Thu, Dec 21, 2017 at 05:54:56PM +0100, Cédric Le Goater wrote:
> Also introduce utilities to manipulate bitmasks (originaly from OPAL)
> which be will be used in the model of the XIVE interrupt controller.
> 
> Signed-off-by: Cédric Le Goater 

Applied to ppc-for-2.12, thanks.  Unfortunately getting my tree pulled
is held up because something is breaking on arm.

> ---
>  hw/ppc/pnv_lpc.c| 10 +-
>  target/ppc/cpu.h| 49 
> +++--
>  target/ppc/int_helper.c |  2 +-
>  3 files changed, 33 insertions(+), 28 deletions(-)
> 
> diff --git a/hw/ppc/pnv_lpc.c b/hw/ppc/pnv_lpc.c
> index b777b78e1837..c42b4a8f6c0f 100644
> --- a/hw/ppc/pnv_lpc.c
> +++ b/hw/ppc/pnv_lpc.c
> @@ -146,13 +146,13 @@ static bool opb_write(PnvLpcController *lpc, uint32_t 
> addr, uint8_t *data,
>  return success;
>  }
>  
> -#define ECCB_CTL_READ   (1ull << (63 - 15))
> +#define ECCB_CTL_READ   PPC_BIT(15)
>  #define ECCB_CTL_SZ_LSH (63 - 7)
> -#define ECCB_CTL_SZ_MASK(0xfull << ECCB_CTL_SZ_LSH)
> -#define ECCB_CTL_ADDR_MASK  0xu;
> +#define ECCB_CTL_SZ_MASKPPC_BITMASK(4, 7)
> +#define ECCB_CTL_ADDR_MASK  PPC_BITMASK(32, 63)
>  
> -#define ECCB_STAT_OP_DONE   (1ull << (63 - 52))
> -#define ECCB_STAT_OP_ERR(1ull << (63 - 52))
> +#define ECCB_STAT_OP_DONE   PPC_BIT(52)
> +#define ECCB_STAT_OP_ERRPPC_BIT(52)
>  #define ECCB_STAT_RD_DATA_LSH   (63 - 37)
>  #define ECCB_STAT_RD_DATA_MASK  (0x << ECCB_STAT_RD_DATA_LSH)
>  
> diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
> index 370b05e76ede..894fb76fabe1 100644
> --- a/target/ppc/cpu.h
> +++ b/target/ppc/cpu.h
> @@ -93,6 +93,12 @@
>  #define PPC_BITMASK(bs, be) ((PPC_BIT(bs) - PPC_BIT(be)) | PPC_BIT(bs))
>  #define PPC_BITMASK32(bs, be)   ((PPC_BIT32(bs) - PPC_BIT32(be)) | \
>   PPC_BIT32(bs))
> +#define PPC_BITMASK8(bs, be)((PPC_BIT8(bs) - PPC_BIT8(be)) | 
> PPC_BIT8(bs))
> +
> +#define MASK_TO_LSH(m)  (__builtin_ffsl(m) - 1)
> +#define GETFIELD(m, v)  (((v) & (m)) >> MASK_TO_LSH(m))
> +#define SETFIELD(m, v, val) \
> +(((v) & ~(m)) | typeof(v))(val)) << MASK_TO_LSH(m)) & (m)))
>  
>  
> /*/
>  /* Exception vectors definitions 
> */
> @@ -2349,32 +2355,31 @@ enum {
>  
>  /* Processor Compatibility mask (PCR) */
>  enum {
> -PCR_COMPAT_2_05 = 1ull << (63-62),
> -PCR_COMPAT_2_06 = 1ull << (63-61),
> -PCR_COMPAT_2_07 = 1ull << (63-60),
> -PCR_COMPAT_3_00 = 1ull << (63-59),
> -PCR_VEC_DIS = 1ull << (63-0), /* Vec. disable (bit NA since 
> POWER8) */
> -PCR_VSX_DIS = 1ull << (63-1), /* VSX disable (bit NA since 
> POWER8) */
> -PCR_TM_DIS  = 1ull << (63-2), /* Trans. memory disable (POWER8) 
> */
> +PCR_COMPAT_2_05 = PPC_BIT(62),
> +PCR_COMPAT_2_06 = PPC_BIT(61),
> +PCR_COMPAT_2_07 = PPC_BIT(60),
> +PCR_COMPAT_3_00 = PPC_BIT(59),
> +PCR_VEC_DIS = PPC_BIT(0), /* Vec. disable (bit NA since POWER8) 
> */
> +PCR_VSX_DIS = PPC_BIT(1), /* VSX disable (bit NA since POWER8) */
> +PCR_TM_DIS  = PPC_BIT(2), /* Trans. memory disable (POWER8) */
>  };
>  
>  /* HMER/HMEER */
>  enum {
> -HMER_MALFUNCTION_ALERT  = 1ull << (63 - 0),
> -HMER_PROC_RECV_DONE = 1ull << (63 - 2),
> -HMER_PROC_RECV_ERROR_MASKED = 1ull << (63 - 3),
> -HMER_TFAC_ERROR = 1ull << (63 - 4),
> -HMER_TFMR_PARITY_ERROR  = 1ull << (63 - 5),
> -HMER_XSCOM_FAIL = 1ull << (63 - 8),
> -HMER_XSCOM_DONE = 1ull << (63 - 9),
> -HMER_PROC_RECV_AGAIN= 1ull << (63 - 11),
> -HMER_WARN_RISE  = 1ull << (63 - 14),
> -HMER_WARN_FALL  = 1ull << (63 - 15),
> -HMER_SCOM_FIR_HMI   = 1ull << (63 - 16),
> -HMER_TRIG_FIR_HMI   = 1ull << (63 - 17),
> -HMER_HYP_RESOURCE_ERR   = 1ull << (63 - 20),
> -HMER_XSCOM_STATUS_MASK  = 7ull << (63 - 23),
> -HMER_XSCOM_STATUS_LSH   = (63 - 23),
> +HMER_MALFUNCTION_ALERT  = PPC_BIT(0),
> +HMER_PROC_RECV_DONE = PPC_BIT(2),
> +HMER_PROC_RECV_ERROR_MASKED = PPC_BIT(3),
> +HMER_TFAC_ERROR = PPC_BIT(4),
> +HMER_TFMR_PARITY_ERROR  = PPC_BIT(5),
> +HMER_XSCOM_FAIL = PPC_BIT(8),
> +HMER_XSCOM_DONE = PPC_BIT(9),
> +HMER_PROC_RECV_AGAIN= PPC_BIT(11),
> +HMER_WARN_RISE  = PPC_BIT(14),
> +HMER_WARN_FALL  = PPC_BIT(15),
> +HMER_SCOM_FIR_HMI   = PPC_BIT(16),
> +HMER_TRIG_FIR_HMI   = PPC_BIT(17),
> +HMER_HYP_RESOURCE_ERR   = PPC_BIT(20),
> +HMER_XSCOM_STATUS_MASK  = PPC_BITMASK(21, 23),
>  };
>  

Re: [Qemu-devel] [PATCH v9 04/13] dirty-bitmap: add locked state

[John Snow]

On 12/20/2017 10:49 AM, Vladimir Sementsov-Ogievskiy wrote:
> Add special state, when qmp operations on the bitmap are disabled.
> It is needed during bitmap migration. "Frozen" state is not
> appropriate here, because it looks like bitmap is unchanged.
> 

As of right now this breaks test 124, do you want me to review the rest
anyway?

--js

(As a warning, most of the US goes on holiday today, but I will try to
check my mail for just this one series as I'd really like it get it
through. I will be back to normal duties 9th January.)

Re: [Qemu-devel] [PATCH] scsi-generic: Add share-rw option

[Fam Zheng]

On Wed, 12/20 11:06, Paolo Bonzini wrote:
> On 20/12/2017 10:51, Fam Zheng wrote:
> > On Tue, 12/05 23:15, Fam Zheng wrote:
> >> Add the property to the device model, then parse it by calling
> >> blkconf_apply_backend_options().
> >>
> >> In addition to blk_set_perm(), the called function also handles error
> >> options and wce. For error options we've already checked that the
> >> default values are used, for wce we don't have the option either so it
> >> is always the default (true). In other words there is no change of
> >> behavior in these regards.
> >>
> >> Signed-off-by: Fam Zheng 
> > 
> > Ping? :)
> 
> Already queued.
> 

But I think it was not in yesterday's PULL?

Fam

[Qemu-devel] [PATCH] pc: fail memory hot-plug/unplug with -no-acpi and Q35 machine type

[Haozhong Zhang]

When -no-acpi option is used with Q35 machine type, no guest ACPI is
built, but the ACPI device is still created, so only checking the
presence of ACPI device before memory plug/unplug is not enough in
such cases. Check whether ACPI is disabled globally in addition and
fail memory plug/unplug if it's disabled.

Signed-off-by: Haozhong Zhang 
---
 hw/i386/pc.c | 18 ++
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 3fcf318a95..55686bf5d8 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1695,9 +1695,14 @@ static void pc_dimm_plug(HotplugHandler *hotplug_dev,
 align = memory_region_get_alignment(mr);
 }
 
-if (!pcms->acpi_dev) {
+/*
+ * When -no-acpi is used with Q35 machine type, no ACPI is built,
+ * but pcms->acpi_dev is still created. Check !acpi_enabled in
+ * addition to cover this case.
+ */
+if (!pcms->acpi_dev || !acpi_enabled) {
 error_setg(_err,
-   "memory hotplug is not enabled: missing acpi device");
+   "memory hotplug is not enabled: missing acpi device or acpi 
disabled");
 goto out;
 }
 
@@ -1729,9 +1734,14 @@ static void pc_dimm_unplug_request(HotplugHandler 
*hotplug_dev,
 Error *local_err = NULL;
 PCMachineState *pcms = PC_MACHINE(hotplug_dev);
 
-if (!pcms->acpi_dev) {
+/*
+ * When -no-acpi is used with Q35 machine type, no ACPI is built,
+ * but pcms->acpi_dev is still created. Check !acpi_enabled in
+ * addition to cover this case.
+ */
+if (!pcms->acpi_dev || !acpi_enabled) {
 error_setg(_err,
-   "memory hotplug is not enabled: missing acpi device");
+   "memory hotplug is not enabled: missing acpi device or acpi 
disabled");
 goto out;
 }
 
-- 
2.14.1

Re: [Qemu-devel] [PATCH v2] util: add is_equal to UUID API

[Fam Zheng]

On Wed, 12/20 16:54, Roman Kagan wrote:
> > Thanks, queued. Will send a pull request once next release dev window opens.
> 
> Ping?

In master now.

Fam

Re: [Qemu-devel] [Qemu-block] [PATCH v1 1/1] block: Add numeric errno field to BLOCK_IO_ERROR events

[Eric Blake]

On 12/21/2017 07:08 PM, Eric Blake wrote:


  #
+# @errno: int describing the error cause, provided for applications.
+# (Note: while most errnos are posix compliant between OSs, it
+# is possible some errno values can vary among different OSs.)
+# (since 2.12)


The proof is in the pudding - if your documentation has to give this big 
disclaimer, then what you are adding is not portable and should not be 
added in that manner.


To follow up to myself, POSIX explicitly says that errno values are 
implementation dependent, and there is NO requirement that errno value 1 
be EPERM, for example.  And while qemu does not target GNU Hurd, that is 
a classic example of a system where errno values intentionally do not 
fit in 8 bits.  So you can't argue that there are "POSIX-compliant errno 
values", because POSIX doesn't mandate specific values.


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH v1 1/1] block: Add numeric errno field to BLOCK_IO_ERROR events

[Eric Blake]

On 12/21/2017 06:11 PM, Jack Schwartz wrote:

BLOCK_IO_ERROR events currently contain a "reason" string which is
strerror(errno) of the error.  This enhancement provides those events with
the numeric errno value as well, since it is easier to parse for error type
than a string.


NACK.  Numeric errno values are platform-dependent, but QMP must be 
platform-independent.  If you want to expose errno NAMES (not values), 
then create a QAPI enum and add the enum to the error structure (so that 
you are still passing names, not int values, over the wire).



+++ b/qapi/block-core.json
@@ -3660,6 +3660,11 @@
  #   io-status is present, please see query-block documentation
  #   for more information (since: 2.2)
  #
+# @errno: int describing the error cause, provided for applications.
+# (Note: while most errnos are posix compliant between OSs, it
+# is possible some errno values can vary among different OSs.)
+# (since 2.12)


The proof is in the pudding - if your documentation has to give this big 
disclaimer, then what you are adding is not portable and should not be 
added in that manner.



+#
  # @reason: human readable string describing the error cause.
  #  (This field is a debugging aid for humans, it should not
  #   be parsed by applications) (since: 2.2)
@@ -3675,14 +3680,17 @@
  #  "data": { "device": "ide0-hd1",
  #"node-name": "#block212",
  #"operation": "write",
-#"action": "stop" },
+#"action": "stop",
+#"nospace": false,
+#"errno": 5,


So this should be "errno":"ENOSPC", not 5.


+#"reason": "Input/output error" },
  #  "timestamp": { "seconds": 1265044230, "microseconds": 450486 } }
  #
  ##
  { 'event': 'BLOCK_IO_ERROR',
'data': { 'device': 'str', 'node-name': 'str', 'operation': 
'IoOperationType',
  'action': 'BlockErrorAction', '*nospace': 'bool',
-'reason': 'str' } }
+'errno': 'int', 'reason': 'str' } }


and this should be the name of a QAPI enum type, not 'int'.

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PULL 00/25] pc, pci, virtio: features, fixes, cleanups

[Philippe Mathieu-Daudé]

>> > Done and pushed - I dropped the conflicting patch.
>>
>> Have you also dropped the other one Philippe says depends on it?

Now than I could take time to check, dropping this single patch was
correct and inoffensive, since conflicting patch from Mao Zhongyi is
doing exactly the same change (e01d6a415be).

But better safe than sorry :) I'll resend the "remove obsolete
PCIDevice->init()" patch later to you Michael since it makes more sens
it enters thru the PCI tree than the Block tree.

Sorry again for any trouble caused,

Phil.

[Qemu-devel] [PATCH v1 1/1] block: Add numeric errno field to BLOCK_IO_ERROR events

[Jack Schwartz]

BLOCK_IO_ERROR events currently contain a "reason" string which is
strerror(errno) of the error.  This enhancement provides those events with
the numeric errno value as well, since it is easier to parse for error type
than a string.

Signed-off-by: Jack Schwartz 
Reviewed-by: Konrad Rzeszutek Wilk 
Reviewed-by: Karl Heubaum 
---
 block/block-backend.c |  2 +-
 qapi/block-core.json  | 12 ++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/block/block-backend.c b/block/block-backend.c
index baef8e7..f628668 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -1572,7 +1572,7 @@ static void send_qmp_error_event(BlockBackend *blk,
 qapi_event_send_block_io_error(blk_name(blk),
bdrv_get_node_name(blk_bs(blk)), optype,
action, blk_iostatus_is_enabled(blk),
-   error == ENOSPC, strerror(error),
+   error == ENOSPC, error, strerror(error),
_abort);
 }
 
diff --git a/qapi/block-core.json b/qapi/block-core.json
index a8cdbc3..b7beca7 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -3660,6 +3660,11 @@
 #   io-status is present, please see query-block documentation
 #   for more information (since: 2.2)
 #
+# @errno: int describing the error cause, provided for applications.
+# (Note: while most errnos are posix compliant between OSs, it
+# is possible some errno values can vary among different OSs.)
+# (since 2.12)
+#
 # @reason: human readable string describing the error cause.
 #  (This field is a debugging aid for humans, it should not
 #   be parsed by applications) (since: 2.2)
@@ -3675,14 +3680,17 @@
 #  "data": { "device": "ide0-hd1",
 #"node-name": "#block212",
 #"operation": "write",
-#"action": "stop" },
+#"action": "stop",
+#"nospace": false,
+#"errno": 5,
+#"reason": "Input/output error" },
 #  "timestamp": { "seconds": 1265044230, "microseconds": 450486 } }
 #
 ##
 { 'event': 'BLOCK_IO_ERROR',
   'data': { 'device': 'str', 'node-name': 'str', 'operation': 
'IoOperationType',
 'action': 'BlockErrorAction', '*nospace': 'bool',
-'reason': 'str' } }
+'errno': 'int', 'reason': 'str' } }
 
 ##
 # @BLOCK_JOB_COMPLETED:
-- 
1.8.3.1

[Qemu-devel] [PATCH v1 0/1] block: Add numeric errno field to BLOCK_IO_ERROR events

[Jack Schwartz]

Currently, BLOCK_IO_ERROR events have a string error "reason" field
which is derived from errno.  The proposed change adds errno itself
as a field to these events.  Figuring out the error by comparing the
(int) errno itself is easier than comparing a string.  There is also
a comment in the code that the reason field should not be parsed by
applications.

Sample QMP output of modified events adds the errno field as follows (see
last line):

{"timestamp": {"seconds": 1509071709, "microseconds": 563303}, "event":
"BLOCK_IO_ERROR", "data": {"device": "ide0-hd0", "node-name": "#block128",
"reason": "Input/output error", "operation": "write", "action": "ignore",
"errno": 5}}

Testing:
- Artificially created error conditions that emit BLOCK_IO_ERROR events.
Verified those events could be viewed by the QMP monitor and by the
qmp-shell; and that event behavior with those two utilities was identical.
- Ran tests via "make check" from the build root.  There were no changes
from vanilla build when building or running.

Homework:
- Looked through source and build trees for tests and scripts which
reference BLOCK_IO_ERROR events.  No direct references to such events were
found.  No direct references to BLOCK_IO_ERROR events implies there won't be
references to specific fields within those events.

- What about Windows?
  - The file block/block-backend.c is the only C file with a code change.
The file block/Makefile brings block-backend.o into both Windows and Linux
compilations.  The change introduces an additional reference to errno, which
strerror already calls, even with Windows.  That file's prior reference to
errno confirms that Windows will work with the code change.
  - If there would be a Linux vs Windows difference in mapping of errno to
error string values, that difference would have been in place before my
changes.

  Thanks,
  Jack

Jack Schwartz (1):
  block: Add numeric errno field to BLOCK_IO_ERROR events

 block/block-backend.c |  2 +-
 qapi/block-core.json  | 12 ++--
 2 files changed, 11 insertions(+), 3 deletions(-)

-- 
1.8.3.1

[Qemu-devel] [Bug 1728635] Re: qemu-io crashes with SIGSEGV when did -c aio_write 9233408 28160 on a image_fuzzer image

[John Snow]

I can't reproduce this on commit
a93ece47fd9edbd4558db24300056c9a57d3bcd4:

# ./qemu-io copy.img -c "aio_write 9233408 28160"
can't open device copy.img: Could not open backing file: Could not open 
'backing_img.file': No such file or directory

and on the latest commit, I get a different error that makes me suspect
this has been fixed:

# ./qemu-io copy.img -c "aio_write 9233408 28160"
can't open device copy.img: Image does not contain a reference count table

It just doesn't look as if this was fixed explicitly, as the recent
refcount changes reference your other fuzzer disclosures, and not this
one.

...Max?

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1728635

Title:
  qemu-io crashes with SIGSEGV when did  -c aio_write 9233408 28160 on a
  image_fuzzer image

Status in QEMU:
  New

Bug description:
  git is at HEAD a93ece47fd9edbd4558db24300056c9a57d3bcd4
  This is on ppc64le architecture.

  Re-production steps:

  1. Copy the attached file named test.img to a directory
  2. And customize the following command to point to the above directory and 
run the same.
  # cp test.img copy.img
  # qemu/qemu-io /copy.img -c "aio_write 9233408 28160"

  from gdb:
  Program terminated with signal 11, Segmentation fault.
  #0  0x3fffa0077644 in __memcpy_power7 () from /lib64/libc.so.6
  Missing separate debuginfos, use: debuginfo-install 
cyrus-sasl-lib-2.1.26-21.el7.ppc64le glib2-2.50.3-3.el7.ppc64le 
glibc-2.17-196.el7.ppc64le gmp-6.0.0-15.el7.ppc64le gnutls-3.3.26-9.el7.ppc64le 
keyutils-libs-1.5.8-3.el7.ppc64le krb5-libs-1.15.1-8.el7.ppc64le 
libaio-0.3.109-13.el7.ppc64le libcom_err-1.42.9-10.el7.ppc64le 
libcurl-7.29.0-42.el7.ppc64le libffi-3.0.13-18.el7.ppc64le 
libgcc-4.8.5-16.el7_4.1.ppc64le libidn-1.28-4.el7.ppc64le 
libselinux-2.5-11.el7.ppc64le libssh2-1.4.3-10.el7_2.1.ppc64le 
libstdc++-4.8.5-16.el7_4.1.ppc64le libtasn1-4.10-1.el7.ppc64le 
nettle-2.7.1-8.el7.ppc64le nspr-4.13.1-1.0.el7_3.ppc64le 
nss-3.28.4-15.el7_4.ppc64le nss-softokn-freebl-3.28.3-8.el7_4.ppc64le 
nss-util-3.28.4-3.el7.ppc64le openldap-2.4.44-5.el7.ppc64le 
openssl-libs-1.0.2k-8.el7.ppc64le p11-kit-0.23.5-3.el7.ppc64le 
pcre-8.32-17.el7.ppc64le zlib-1.2.7-17.el7.ppc64le
  (gdb) bt
  #0  0x3fffa0077644 in __memcpy_power7 () from /lib64/libc.so.6
  #1  0x10056738 in qcow2_refcount_area (bs=0x25f56f60, 
start_offset=137438953472, additional_clusters=0, exact_size=false, 
new_refblock_index=0,
  new_refblock_offset=524288) at block/qcow2-refcount.c:573
  #2  0x10056374 in alloc_refcount_block (bs=0x25f56f60, 
cluster_index=0, refcount_block=0x3fff9dadf838) at block/qcow2-refcount.c:479
  #3  0x10057520 in update_refcount (bs=0x25f56f60, offset=0, 
length=524288, addend=1, decrease=false, type=QCOW2_DISCARD_NEVER)
  at block/qcow2-refcount.c:834
  #4  0x10057c24 in qcow2_alloc_clusters (bs=0x25f56f60, size=524288) 
at block/qcow2-refcount.c:996
  #5  0x10063684 in do_alloc_cluster_offset (bs=0x25f56f60, 
guest_offset=9233408, host_offset=0x3fff9dadf9e0, nb_clusters=0x3fff9dadf9d8)
  at block/qcow2-cluster.c:1213
  #6  0x10063afc in handle_alloc (bs=0x25f56f60, guest_offset=9233408, 
host_offset=0x3fff9dadfab0, bytes=0x3fff9dadfab8, m=0x3fff9dadfb60)
  at block/qcow2-cluster.c:1324
  #7  0x10064178 in qcow2_alloc_cluster_offset (bs=0x25f56f60, 
offset=9233408, bytes=0x3fff9dadfb4c, host_offset=0x3fff9dadfb58, 
m=0x3fff9dadfb60)
  at block/qcow2-cluster.c:1511
  #8  0x1004d3f4 in qcow2_co_pwritev (bs=0x25f56f60, offset=9233408, 
bytes=28160, qiov=0x25f6fa08, flags=0) at block/qcow2.c:1919
  #9  0x100a9648 in bdrv_driver_pwritev (bs=0x25f56f60, offset=9233408, 
bytes=28160, qiov=0x25f6fa08, flags=16) at block/io.c:898
  #10 0x100ab630 in bdrv_aligned_pwritev (child=0x25f627f0, 
req=0x3fff9dadfdd8, offset=9233408, bytes=28160, align=1, qiov=0x25f6fa08, 
flags=16)
  at block/io.c:1440
  #11 0x100ac4ac in bdrv_co_pwritev (child=0x25f627f0, offset=9233408, 
bytes=28160, qiov=0x25f6fa08, flags=BDRV_REQ_FUA) at block/io.c:1691
  #12 0x1008da0c in blk_co_pwritev (blk=0x25f49410, offset=9233408, 
bytes=28160, qiov=0x25f6fa08, flags=BDRV_REQ_FUA) at block/block-backend.c:1085
  #13 0x1008e718 in blk_aio_write_entry (opaque=0x25f6fa70) at 
block/block-backend.c:1276
  #14 0x101aa444 in coroutine_trampoline (i0=636902032, i1=0) at 
util/coroutine-ucontext.c:79
  #15 0x3fffa0022b9c in makecontext () from /lib64/libc.so.6
  #16 0x in ?? ()
  (gdb) bt full
  #0  0x3fffa0077644 in __memcpy_power7 () from /lib64/libc.so.6
  No symbol table info available.
  #1  0x10056738 in qcow2_refcount_area (bs=0x25f56f60, 
start_offset=137438953472, additional_clusters=0, exact_size=false, 
new_refblock_index=0,
  new_refblock_offset=524288) at block/qcow2-refcount.c:573
  s = 

Re: [Qemu-devel] [PATCH v7 1/4] vhost-user: add new vhost user messages to support virtio config space

[Liu, Changpeng]

> -Original Message-
> From: Marc-André Lureau [mailto:marcandre.lur...@gmail.com]
> Sent: Thursday, December 21, 2017 6:48 PM
> To: Michael S. Tsirkin 
> Cc: Liu, Changpeng ; QEMU  de...@nongnu.org>; Harris, James R ; Stefan Hajnoczi
> ; Paolo Bonzini ; Felipe Franciosi
> 
> Subject: Re: [Qemu-devel] [PATCH v7 1/4] vhost-user: add new vhost user 
> messages
> to support virtio config space
> 
> Hi
> 
> On Thu, Dec 21, 2017 at 1:21 AM, Michael S. Tsirkin  wrote:
> > On Wed, Dec 20, 2017 at 04:47:13PM +0100, Marc-André Lureau wrote:
> >> Hi
> >>
> >> On Wed, Dec 13, 2017 at 3:29 AM, Changpeng Liu 
> wrote:
> >> > Add VHOST_USER_GET_CONFIG/VHOST_USER_SET_CONFIG messages which
> can be
> >> > used for live migration of vhost user devices, also vhost user devices
> >> > can benefit from the messages to get/set virtio config space from/to the
> >> > I/O target. For the purpose to support virtio config space change,
> >> > VHOST_USER_SET_CONFIG_FD message is added as the event notifier
> >> > in case virtio config space change in the I/O target.
> >>
> >> Why not use a new slave message instead of adding another fd to watch for?
> >>
> >> VHOST_USER_SLAVE_SET_CONFIG: notify the master of device configuration
> >> space change
> >
> >
> > Well that's a nice idea, but at v7 I'd expect it we are past such
> > fundamental suggestions.
> 
> I am sorry, I was quite busy with other work. (that happen to all of
> us). Hopefully, we still have some time for development for this
> release. Eventually, we could make this improvement on top during this
> cycle, but I would rather have protocol changes agreed before they hit
> master.
I can replace the event file descriptor for configuration space with a new 
slave message,
since the patch set was first developed based on QEMU 2.8, and the vhost slave 
channel
didn't support at that time, currently add a new slave message also make sense.
I will send v8 to cover this change and the comments you mentioned. 
Is everyone agreed that use a slave channel message about virtio configuration 
changes?
> 
> >
> > In particular Stefan wanted to require that slave is non-blocking,
> > and it's quite hard to support for the existing channel.
> 
> The notification could be non blocking, but the messages will go on
> the same channel.
> 
> The slave channel is actually not so busy and will require a single
> message (instead of notify + master get with current proposal)
> 
> Adding a slave channel message should also be easier than adding
> another event fd (both in master and slave).
> 
> >
> > It's up to the contributor whether to make this change, I'm fine
> > either way.
> >
> > Concerns such as overflow possibility below need to be addressed.
> 
> thanks
> 
> >
> >>
> >> >
> >> > Signed-off-by: Changpeng Liu 
> >> > ---
> >> >  docs/interop/vhost-user.txt   |  45 
> >> >  hw/virtio/vhost-user.c| 107
> ++
> >> >  hw/virtio/vhost.c |  64 +++
> >> >  include/hw/virtio/vhost-backend.h |  14 +
> >> >  include/hw/virtio/vhost.h |  16 ++
> >> >  5 files changed, 246 insertions(+)
> >> >
> >> > diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt
> >> > index 954771d..826ba18 100644
> >> > --- a/docs/interop/vhost-user.txt
> >> > +++ b/docs/interop/vhost-user.txt
> >> > @@ -116,6 +116,19 @@ Depending on the request type, payload can be:
> >> >  - 3: IOTLB invalidate
> >> >  - 4: IOTLB access fail
> >> >
> >> > + * Virtio device config space
> >> > +   ---
> >> > +   | offset | size | flags | payload |
> >> > +   ---
> >> > +
> >> > +   Offset: a 32-bit offset of virtio device's configuration space
> >> > +   Size: a 32-bit configuration space access size in bytes
> >> > +   Flags: a 32-bit value:
> >> > +- 0: Vhost master messages used for writeable fields
> >> > +- 1: Vhost master messages used for live migration
> >> > +   Payload: Size bytes array holding the contents of the virtio
> >> > +   device's configuration space
> >> > +
> >> >  In QEMU the vhost-user message is implemented with the following struct:
> >> >
> >> >  typedef struct VhostUserMsg {
> >> > @@ -129,6 +142,7 @@ typedef struct VhostUserMsg {
> >> >  VhostUserMemory memory;
> >> >  VhostUserLog log;
> >> >  struct vhost_iotlb_msg iotlb;
> >> > +VhostUserConfig config;
> >> >  };
> >> >  } QEMU_PACKED VhostUserMsg;
> >> >
> >> > @@ -596,6 +610,37 @@ Master message types
> >> >and expect this message once (per VQ) during device configuration
> >> >(ie. before the master starts the VQ).
> >> >
> >> > + * VHOST_USER_GET_CONFIG
> >>
> >> Please add an 

Re: [Qemu-devel] [PULL 00/25] pc, pci, virtio: features, fixes, cleanups

[Michael S. Tsirkin]

On Thu, Dec 21, 2017 at 08:05:51PM -0300, Philippe Mathieu-Daudé wrote:
> Hi Peter, Michael,
> 
> On Thu, Dec 21, 2017 at 5:37 PM, Michael S. Tsirkin  wrote:
> > On Thu, Dec 21, 2017 at 08:26:47PM +, Peter Maydell wrote:
> >> On 21 December 2017 at 14:27, Michael S. Tsirkin  wrote:
> >> > The following changes since commit 
> >> > 2babfe0c9241c239272a03fec785165a50e8288c:
> >> >
> >> >   Update version for v2.11.0-rc4 release (2017-12-05 16:36:46 +)
> >> >
> >> > are available in the git repository at:
> >> >
> >> >   git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream
> >> >
> >> > for you to fetch changes up to 664ed92706ff6e66fa278c3163b5387f11d6daca:
> >> >
> >> >   smbus: do not immediately complete commands (2017-12-21 16:24:44 +0200)
> >> >
> >> > 
> >> > pc, pci, virtio: features, fixes, cleanups
> >> >
> >> > A bunch of fixes, cleanus and new features all over the place.
> >> >
> >> > Signed-off-by: Michael S. Tsirkin 
> >> >
> >>
> >> Conflicts in hw/block/nvme.c -- can you fix and resend, please?
> >>
> > Done and pushed - I dropped the conflicting patch.
> 
> NACK :(
> 
> you also need to drop "hw/pci: remove obsolete PCIDevice->init()"
> (applied in your tree as 18951fce55d5aa58cd1629b4cb704ee51bab4420)
> else the not-yet-QOM'ified NVME won't work anymore.

Done that too, thanks a lot

Re: [Qemu-devel] [PULL 00/25] pc, pci, virtio: features, fixes, cleanups

[Michael S. Tsirkin]

On Thu, Dec 21, 2017 at 11:05:01PM +, Peter Maydell wrote:
> On 21 December 2017 at 20:37, Michael S. Tsirkin  wrote:
> > Done and pushed - I dropped the conflicting patch.
> 
> Have you also dropped the other one Philippe says depends on it?
> 
> thanks
> -- PMM

I did now

Re: [Qemu-devel] [PATCH] file-posix: refuse to open directories

[Eric Blake]

On 12/21/2017 04:44 PM, John Snow wrote:

I don't think there's a legitimate reason to open directories as if
they were files. This prevents QEMU from opening and attempting to probe
a directory inode, which can break in exciting ways. One of those ways
is lseek on ext4/xfs, which will return 0x7fff as the file
size instead of EISDIR. This can coax QEMU into responding with a
confusing "file too big" instead of "Hey, that's not a file".

See: https://bugs.launchpad.net/qemu/+bug/1739304/
Signed-off-by: John Snow 
---
  block/file-posix.c | 5 +
  1 file changed, 5 insertions(+)

diff --git a/block/file-posix.c b/block/file-posix.c
index 36ee89e940..bd29bdada6 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -589,6 +589,11 @@ static int raw_open_common(BlockDriverState *bs, QDict 
*options,
  s->needs_alignment = true;
  }
  #endif
+if (S_ISDIR(st.st_mode)) {
+ret = -EISDIR;
+error_setg_errno(errp, errno, "Cannot open directory as file");
+goto fail;
+}


Reviewed-by: Eric Blake 

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH 11/19] block: Don't notify parents in drain call chain

[Eric Blake]

On 12/20/2017 04:34 AM, Kevin Wolf wrote:

This is in preparation for subtree drains, i.e. drained sections that
affect not only a single node, but recursively all child nodes, too.

Calling the parent callbacks for drain is pointless when we just came
from that parent node recursively and leads to multiple increases of
bs->quiesce_counter in a single drain call. Don't do it.

In order for this to work correctly, the parent callback must be called
for every bdrv_drain_begin/end() call, not only for the outermost one:

If we have a node N with two parents A and B, recursive draining of A
should cause the quiesce_counter of B to increased because its child N


either 'to be increased' or 'to increase'


is drained independently of B. If now B is recursively drained, too, A
must increase its quiesce_counter because N is drained independently of
A only now, even if N is going from quiesce_counter 1 to 2.

Signed-off-by: Kevin Wolf 
---
  include/block/block.h |  4 ++--
  block.c   | 13 +
  block/io.c| 47 ++-
  3 files changed, 45 insertions(+), 19 deletions(-)



--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH 08/19] block: Don't block_job_pause_all() in bdrv_drain_all()

[Eric Blake]

On 12/20/2017 04:34 AM, Kevin Wolf wrote:

Block jobs are already paused using the BdrvChildRole drain callbacks,
so we don't need an additionall block_job_pause_all() call.


s/additionall/additional/



Signed-off-by: Kevin Wolf 
---
  block/io.c  |  4 
  tests/test-bdrv-drain.c | 10 --
  2 files changed, 4 insertions(+), 10 deletions(-)


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

[Qemu-devel] [Bug 1739378] Re: qemu git master snapshot doesn't work

[Gustavo Moreira]

So, it should be only related to SD? Which virtual device/storage
backend do you recommend for snapshots?

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1739378

Title:
  qemu git master snapshot doesn't work

Status in QEMU:
  New

Bug description:
  I'm having different issues trying to have QEMU snapshots working
  using qemu-system-arm with vexpress-a15 board.

  In this opportunity, I'm trying the git master head version:
  # git rev-parse HEAD
  af352675efb7e92a1f5f6461a042a12015ab3d12

  $ /usr/local/bin/qemu-system-arm -kernel kernel/vmlinuz-4.10.0-42-generic 
-initrd kernel/initrd.img-4.10.0-42-generic -M vexpress-a15 -m 2048 -append 
'root=/dev/mmcblk0 rootwait console=tty0' -sd vexpress-4G.qcow2 -dtb 
device-tree/vexpress-v2p-ca15-tc1.dtb
  audio: Could not init `oss' audio driver

  Later on, when the machine finishes booting I savevm ss and quit.
  However, when I try to restore it, I have that Missing section footer
  error:

  $ /usr/local/bin/qemu-system-arm -kernel kernel/vmlinuz-4.10.0-42-generic 
-initrd kernel/initrd.img-4.10.0-42-generic -M vexpress-a15 -m 2048 -append 
'root=/dev/mmcblk0 rootwait console=tty0' -sd vexpress-4G.qcow2 -dtb 
device-tree/vexpress-v2p-ca15-tc1.dtb  -loadvm ss
  audio: Could not init `oss' audio driver
  qemu-system-arm: Missing section footer for sd-card
  qemu-system-arm: Error -22 while loading VM state

  OS: Ubuntu 16.04.3 LTS (xenial)

  $ gcc --version
  gcc (Ubuntu 5.4.0-6ubuntu1~16.04.5) 5.4.0 20160609

  How have I built it?
  # git clone git://git.qemu.org/qemu.git
  # cd qemu
  # git submodule update --init --checkout
  # make clean && ./configure --target-list=arm-softmmu && make -j8
  # sudo make install

  I've also tried a different ./configure line, explicitly enabling some
  of the features, i.e. smartcard, with the same results:

  ./configure '--disable-user' '--enable-system' '--enable-linux-user'
  '--enable-modules' '--enable-linux-aio' '--audio-drv-list=pa'
  '--enable-attr' '--enable-brlapi' '--enable-virtfs' '--enable-cap-ng'
  '--enable-curl' '--enable-fdt' '--enable-gnutls' '--disable-gtk'
  '--disable-vte' '--enable-libiscsi' '--enable-curses' '--enable-
  smartcard' '--enable-rbd' '--enable-vnc-sasl' '--enable-seccomp'
  '--enable-spice' '--enable-libusb' '--enable-usb-redir' '--enable-
  xfsctl' '--enable-vnc' '--enable-vnc-jpeg' '--enable-vnc-png'
  '--enable-kvm' '--enable-vhost-net'

  As a reference, and just in case these may be in some way related,
  I've just submitted another ticket for a different issue with
  snapshots using Ubuntu Qemu version
  (https://bugs.launchpad.net/qemu/+bug/1739371)

  Cheers,
  Gus

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1739378/+subscriptions

Re: [Qemu-devel] [PATCH v1] hmp: 'info snapshots' not showing the id

[Eric Blake]

On 12/19/2017 08:20 AM, Max Reitz wrote:


So there are three things:

(1) We probably should not allow snapshot names that could be IDs.
Easiest way to solve this: Names have to start with a non-digit.


Yes, that would be a nice change.  It is not strictly backwards 
compatible (so we'd still have to cope with images that didn't follow 
the rule, whether created by older qemu or by non-qemu implementations 
of qcow2), but would alleviate a lot of confusion.




(2) If we want to print a global snapshot's common ID, we need to affirm
that this ID is indeed the same on all disks before we can print it.
Same for names, but currently the name is always the same on all disks
because that is how we identify global snapshots.

(3) You can give an ID to loadvm and then it will load the snapshot with
that ID from all disks.  So if you have snapshots with a common ID on
all disks, these are kind of global snapshots, too, even though they
don't share a name.  Thus, they should probably be included in the
listing (this is what you have just proposed).
I don't like this at all, though.  A snapshot's ID is not really
user-controlled, it's just some auto-generated number.  Therefore, just
because the ID of a snapshot matches across multiple disks, this doesn't
mean that they are related whatsoever.
So, first, I don't think loadvm should work with IDs (at least not
across multiple disks).  But I don't think this really needs to be fixed.
On the other hand, I really don't think info snapshots should list
snapshots that match by ID, because a matching ID does not mean that
snapshots are actually related.  A matching name usually does, though,
so I think what we currently do is sufficient and the right way to do it.

Max



--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PULL 00/25] pc, pci, virtio: features, fixes, cleanups

[Philippe Mathieu-Daudé]

Hi Peter, Michael,

On Thu, Dec 21, 2017 at 5:37 PM, Michael S. Tsirkin  wrote:
> On Thu, Dec 21, 2017 at 08:26:47PM +, Peter Maydell wrote:
>> On 21 December 2017 at 14:27, Michael S. Tsirkin  wrote:
>> > The following changes since commit 
>> > 2babfe0c9241c239272a03fec785165a50e8288c:
>> >
>> >   Update version for v2.11.0-rc4 release (2017-12-05 16:36:46 +)
>> >
>> > are available in the git repository at:
>> >
>> >   git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream
>> >
>> > for you to fetch changes up to 664ed92706ff6e66fa278c3163b5387f11d6daca:
>> >
>> >   smbus: do not immediately complete commands (2017-12-21 16:24:44 +0200)
>> >
>> > 
>> > pc, pci, virtio: features, fixes, cleanups
>> >
>> > A bunch of fixes, cleanus and new features all over the place.
>> >
>> > Signed-off-by: Michael S. Tsirkin 
>> >
>>
>> Conflicts in hw/block/nvme.c -- can you fix and resend, please?
>>
> Done and pushed - I dropped the conflicting patch.

NACK :(

you also need to drop "hw/pci: remove obsolete PCIDevice->init()"
(applied in your tree as 18951fce55d5aa58cd1629b4cb704ee51bab4420)
else the not-yet-QOM'ified NVME won't work anymore.

Re: [Qemu-devel] [PULL 00/25] pc, pci, virtio: features, fixes, cleanups

[Peter Maydell]

On 21 December 2017 at 20:37, Michael S. Tsirkin  wrote:
> Done and pushed - I dropped the conflicting patch.

Have you also dropped the other one Philippe says depends on it?

thanks
-- PMM

Re: [Qemu-devel] [PATCH] hw/i386/vmport: fix missing definitions with x86_64-w64-mingw32

[Peter Maydell]

On 21 December 2017 at 22:55, Philippe Mathieu-Daudé  wrote:
>>> Fixes: 7299e1a411
>>>("hw/i386/vmport: replace fprintf() by trace events or LOG_UNIMP")
>>> Signed-off-by: Laurent Vivier 
>>
>> Looks to me like it'll be a bug for anything not configured
>> using the 'log' trace backend, rather than win32 specific.
>
> Sorry my bad, it seems I don't test enough lately, I'll try to do more
> testing, and somehow to reduce CI build time, more they last, less we
> rely on it, even with personal repositories.

It's unfortunate that trace.h pulls in qemu/log.h if you're
using the log backend, because it makes this particular
mistake easy; we've had quite a few instances of it...
(I could probably configure one of my test setups with a
different trace backend which would at least catch these
before they hit master.)

thanks
-- PMM

Re: [Qemu-devel] [PULL 15/25] hw/block/nvme: QOM'ify PCI NVME

[Philippe Mathieu-Daudé]

Hi Michael,

On Thu, Dec 21, 2017 at 5:38 PM, Michael S. Tsirkin  wrote:
> On Thu, Dec 21, 2017 at 04:29:21PM +0200, Michael S. Tsirkin wrote:
>> From: Philippe Mathieu-Daudé 
>>
>> Signed-off-by: Philippe Mathieu-Daudé 
>> Reviewed-by: Michael S. Tsirkin 
>> Signed-off-by: Michael S. Tsirkin 
>
> Dropped due to merge conflicts. Pls rebase and ask
> storage maintainers to apply as appropriate.

Ok, sorry about this.
Many patch queue during freezing in different trees lead to this.

However you must also drop the patch "hw/pci: remove obsolete
PCIDevice->init()" else the NVME device won't work.

Regards,

Phil.

Re: [Qemu-devel] [PATCH] file-posix: refuse to open directories

[John Snow]

On 12/21/2017 05:56 PM, no-re...@patchew.org wrote:
> /tmp/qemu-test/src/hw/i386/vmport.c: In function 'vmport_ioport_read':
> /tmp/qemu-test/src/hw/i386/vmport.c:81:9: error: implicit declaration of 
> function 'qemu_log_mask' [-Werror=implicit-function-declaration]
>  qemu_log_mask(LOG_UNIMP, "vmport: unknown command %x\n", command);
>  ^
> /tmp/qemu-test/src/hw/i386/vmport.c:81:9: error: nested extern declaration of 
> 'qemu_log_mask' [-Werror=nested-externs]
> /tmp/qemu-test/src/hw/i386/vmport.c:81:23: error: 'LOG_UNIMP' undeclared 
> (first use in this function)
>  qemu_log_mask(LOG_UNIMP, "vmport: unknown command %x\n", command);
>^

fake news

Re: [Qemu-devel] qemu 2.9.0 qcow2 file failed to open after hard server reset

[John Snow]

On 12/21/2017 05:13 PM, Vasiliy Tolstov wrote:
> Hi! Today my server have forced reboot and one of my vm can't start
> with message:
> qcow2: Marking image as corrupt: L2 table offset 0x3f786d6c207600
> unaligned (L1 index: 0); further corruption events will be suppressed
> 
> i'm use debian jessie with hand builded qemu 2.9.0, i'm try to
> qemu-img check but it not helps. How can i recover data inside qcow2
> file? (i'm not use compression or encryption inside it).
> 

Not looking good if you're missing the very first L2 table in its entirety.

You might be able to go through this thing by hand and learn for
yourself where the L2 table is (it will be a 64KiB region, aligned to a
64KiB boundary, that all contain 64bit, 64KiB aligned pointers that will
be less than the size of the file. the offset of this missing region is
not likely to be referenced elsewhere in your file.)

and then, once you've found it, you can update the pointer that's wrong.
However, where there's smoke there's often fire, so...

best of luck.

--js

Re: [Qemu-devel] [PATCH 0/8] Small IPMI (and other) fixes

[Corey Minyard]

On 12/07/2017 03:30 PM, miny...@acm.org wrote:

These are some fixes I've had for a while (mostly).  They are small
fixes and additions for various things.  It would be nice to be able
to get at least some of these into the upcoming release, but it's
probably too late.

I also add myself as the maintainer for the IPMI code, since that
seemed appropriate.


Can someone pick this up?

-corey

Re: [Qemu-devel] [PATCH] hw/i386/vmport: fix missing definitions with x86_64-w64-mingw32

[Philippe Mathieu-Daudé]

>> Fixes: 7299e1a411
>>("hw/i386/vmport: replace fprintf() by trace events or LOG_UNIMP")
>> Signed-off-by: Laurent Vivier 
>
> Looks to me like it'll be a bug for anything not configured
> using the 'log' trace backend, rather than win32 specific.

Sorry my bad, it seems I don't test enough lately, I'll try to do more
testing, and somehow to reduce CI build time, more they last, less we
rely on it, even with personal repositories.

Re: [Qemu-devel] [PATCH v2 02/19] spapr: introduce a skeleton for the XIVE interrupt controller

[Benjamin Herrenschmidt]

On Thu, 2017-12-21 at 10:16 +0100, Cédric Le Goater wrote:
> On 12/21/2017 01:12 AM, Benjamin Herrenschmidt wrote:
> > On Wed, 2017-12-20 at 16:09 +1100, David Gibson wrote:
> > > 
> > > As you've suggested in yourself, I think we might need to more
> > > explicitly model the different components of the XIVE system.  As part
> > > of that, I think you need to be clearer in this base skeleton about
> > > exactly what component your XIVE object represents.
> > > 
> > > If the answer is "the overall thing" I suspect that's not what you
> > > want - I had one of those for XICs which proved to be a mistake
> > > (eventually replaced by the XICSFabric interface).
> > > 
> > > Changing the model later isn't impossible, but doing so without
> > > breaking migration can be a real pain, so I think it's worth a
> > > reasonable effort to try and get it right initially.
> > 
> > Note: we do need to speed things up a bit, as having exploitation mode
> > in KVM will significantly help with IPI performance among other things.
> > 
> > I'm about ready to do the KVM bits. The one thing we need to discuss
> > and figure a good design for is how we map all those interrupt control
> > pages into qemu.
> > 
> > Each interrupt (either PCIe pass-through or the "generic XIVE IPIs"
> > which are used for guest IPIs and for vio/virtio/emulated interrupts)
> > comes with a "control page" (ESB page) which needs to be mapped into
> > the guest, and the generic IPIs also come with a trigger page which
> > needs to be mapped into the guest for guest IPIs or OpenCAPI
> > interrupts, or just qemu for emulated devices.
> 
> what about the OS TIMA page ? Do we trap the accesses in QEMU and
> forward them to KVM ? or do we use a similar mechanism. 

No, no, we'll have an mmap facility for it in kvm but it worries me
less as there's only one of these and there's little damage qemu can do
having access to it :)
> 
> > Now that can be thousands of these critters. I certainly don't want to
> > create thousands of VMAs in qemu and even less thousands of memory
> > regions in KVM.
> 
> we can provision one mapping per kvmppc_xive_src_block  maybe ?  

Maybe. Last I looked KVM walk of memory regions was linear though. Mind
you it's not a huge deal if the guest RAM is always in the first
entries.

> > So we need some kind of mechanism by wich a single large VMA gets
> > mmap'ed into qemu (or maybe a couple of these, but not too many) and
> > the interrupt pages can be assigned to slots in there and demand
> > faulted.
> 
> Frederic has started to put in place a similar mecanism for OpenCAPI.

I know, though he made it rather OpenCAPI specific which is going to be
"interesting" when it comes to virtualizing OpenCAPI...

> > For the generic interrupts, this can probably be covered by KVM, adding
> > some arch ioctls for allocating IPIs and mmap'ing that region etc...
> 
> The KVM device has a ioctl handler :
>
>   struct kvm_device_ops {
> 
>   long (*ioctl)(struct kvm_device *dev, unsigned int ioctl,
> unsigned long arg);
>   };
> 
> So a KVM device for the XIVE interrupt controller can implement a couple 
> of extra calls for its need, like getting the VMA addresses, etc
> 
> > For pass-through, it's trickier, we don't want to mmap each irqfd
> > individually for the above reason, so we want to "link" them to KVM. We
> > don't want to allow qemu to take control of any arbitrary interrupt in
> > the system though, so it has to related to the ownership of the irqfd
> > coming from vfio.
> > 
> > OpenCAPI I suspect will be its own can of worms...
> > 
> > Also, have we decided how the process of switching between XICS and
> > XIVE will work vs. CAS ? 
> 
> That's how it is described in the architecture. The current choice is
> to create both XICS and XIVE objects and choose at CAS which one to
> use. It relies today on the capability of the pseries machine to 
> allocate IRQ numbers for both interrupt controller backends. These
> patches have been merged in QEMU.
> 
> A change of interrupt mode results in a reset. The device tree is 
> populated accordingly and the ICPs are switched for the model in 
> use. 

For KVM we need to only instanciate one of them though.

> > And how that will interact with KVM ? 
> 
> I expect we will do the same, which is to create two KVM devices to 
> be able to handle both interrupt controller backends depending on the 
> mode negotiated by the guest.  

That will be an ungodly mess, I'd rather we only instanciate the right
one.

> > I was
> > thinking the kernel would implement a different KVM device type, ie
> > the "emulated XICS" would remain KVM_DEV_TYPE_XICS and XIVE would be
> > KVM_DEV_TYPE_XIVE.
> 
> yes. it makes sense. The new device will have a lot in common with the 
> KVM_DEV_TYPE_XICS using kvm_xive_ops.

Ben.

Re: [Qemu-devel] [PATCH v3 0/5] vhost-user-test: Fixes & code clean-up

[Michael S. Tsirkin]

On Thu, Dec 21, 2017 at 10:21:20PM +0100, Maxime Coquelin wrote:
> Sorry, I missed to fixup the feature mask in patch 4,
> this is the only change in this v3.
> 
> The two changes in v2 are fixing the features mask
> before the function rework, and reword of commit message
> of patch "vhost-user-test: extract read-guest-mem test
> from main loop" (Thanks Marc-André).
> 
> This series fixes two issues in vhost-user-test:
> 1. Setup virtqueues in all tests
> 2. Fix features mask for all but test_multiqueue()
> 
> The clean-ups comprises making read-guest-mem test consistent
> with other tests by initializing the device in the qtest thread.
> Also, some code factorization is done with regard to device
> initialization so that all tests share the same init.

Looks like mingw tests fail with this.

> Maxime Coquelin (5):
>   vhost-user-test: fix features mask
>   vhost-user-test: extract read-guest-mem test from main loop
>   vhost-user-test: setup virtqueues in all tests
>   vhost-user-test: make features mask an init_virtio_dev() argument
>   vhost-user-test: use init_virtio_dev in multiqueue test
> 
>  tests/vhost-user-test.c | 171 
> ++--
>  1 file changed, 79 insertions(+), 92 deletions(-)
> 
> -- 
> 2.14.3

Re: [Qemu-devel] [PATCH] hw/i386/vmport: fix missing definitions with x86_64-w64-mingw32

[Peter Maydell]

On 21 December 2017 at 21:11, Laurent Vivier  wrote:
> When compiled with x86_64-w64-mingw32, we have:
>
>error: implicit declaration of function 'qemu_log_mask'
>error: 'LOG_UNIMP' undeclared (first use in this function)
>
> This patch adds the missing include.
>
> Fixes: 7299e1a411
>("hw/i386/vmport: replace fprintf() by trace events or LOG_UNIMP")
> Signed-off-by: Laurent Vivier 

Looks to me like it'll be a bug for anything not configured
using the 'log' trace backend, rather than win32 specific.

I'll apply (and fix up the commit message).

thanks
-- PMM

Re: [Qemu-devel] [PULL v2 00/13] Block layer patches

[Peter Maydell]

On 21 December 2017 at 15:26, Kevin Wolf  wrote:
> The following changes since commit 4da5c51cac8363f86ec92dc99c38f9382d617647:
>
>   Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2017-12-20' 
> into staging (2017-12-20 20:38:36 +)
>
> are available in the git repository at:
>
>   git://repo.or.cz/qemu/kevin.git tags/for-upstream
>
> for you to fetch changes up to af65cdae56861d5e163559a53f7ec34142a249f1:
>
>   nvme: Add tracing (2017-12-21 16:02:14 +0100)
>
> 
> Block layer patches
>
> 

Now I get these warnings on NetBSD/OpenBSD/OSX:

  GEN qemu-doc.txt
/root/qemu/qemu-doc.texi:8: warning: unrecognized encoding name `UTF-8'.
/root/qemu//qemu-img.texi:61: warning: unlikely character ( in @var.
/root/qemu//qemu-img.texi:61: warning: unlikely character ) in @var.

The UTF-8 one is longstanding and ignorable, but the other two are new.

thanks
-- PMM

[Qemu-devel] [PATCH] file-posix: refuse to open directories

[John Snow]

I don't think there's a legitimate reason to open directories as if
they were files. This prevents QEMU from opening and attempting to probe
a directory inode, which can break in exciting ways. One of those ways
is lseek on ext4/xfs, which will return 0x7fff as the file
size instead of EISDIR. This can coax QEMU into responding with a
confusing "file too big" instead of "Hey, that's not a file".

See: https://bugs.launchpad.net/qemu/+bug/1739304/
Signed-off-by: John Snow 
---
 block/file-posix.c | 5 +
 1 file changed, 5 insertions(+)

diff --git a/block/file-posix.c b/block/file-posix.c
index 36ee89e940..bd29bdada6 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -589,6 +589,11 @@ static int raw_open_common(BlockDriverState *bs, QDict 
*options,
 s->needs_alignment = true;
 }
 #endif
+if (S_ISDIR(st.st_mode)) {
+ret = -EISDIR;
+error_setg_errno(errp, errno, "Cannot open directory as file");
+goto fail;
+}
 
 #ifdef CONFIG_XFS
 if (platform_test_xfs_fd(s->fd)) {
-- 
2.14.3

Re: [Qemu-devel] [PATCH V2 0/5] hw/pvrdma: PVRDMA device implementation

[Yuval Shaia]

On Thu, Dec 21, 2017 at 10:46:35PM +0200, Michael S. Tsirkin wrote:
> On Thu, Dec 21, 2017 at 05:59:38PM +0200, Marcel Apfelbaum wrote:
> > On 21/12/2017 16:22, Michael S. Tsirkin wrote:
> > > On Thu, Dec 21, 2017 at 09:27:51AM +0200, Yuval Shaia wrote:
> > > > > > 
> > > > > > > What happens if guest attempts to register all its memory?
> > > > > > > 
> > > > > > 
> > > > > > Then we loose, is not different from bare metal, reg_mr will pin 
> > > > > > all the RAM.
> > > > > 
> > > > > We need to find a way to communicate to guests about amount
> > > > > of memory they can pin.
> > > > 
> > > > dev_caps.max_mr_size is the way device limits guest driver.
> > > > This value is controlled by the command line argument 
> > > > dev-caps-max-mr-size
> > > > so we should be fine (btw, default value is 1<<32).
> > > 
> > > Isn't that still leaving the option for guest to register all memory,
> > > just in chunks?
> > > 
> > 
> > We also have a parameter limiting the number of mrs (dev-caps-max-mr),
> > together with dev-caps-max-mr-size we can limit the memory the guests can 
> > pin.
> > 
> > Thanks,
> > Marcel
> 
> You might want to limit the default values then.
> 
> Right now:
> 
> +#define MAX_MR_SIZE   (1UL << 32)
> +#define MAX_MR2048

Maybe limiting by constant number is not a good approach, it looks odd if
one guest with 16G ram and second with 32G ram will have the same settings,
right?
So how about limiting by a specific percentage of total memory?
In that case, what would be this percentage? 100%? 80%?

> 
> Which is IIUC 8TB.
> 
> That's pretty close to unlimited, and so far overcommit seems to be the
> main feature for users.
> 
> 
> > > > > 
> > > > > > However this is only one scenario, and hopefully not much used
> > > > > > for RoCE. (I know IPoIB does that, but it doesn't make sense to use 
> > > > > > it with RoCE).
> > > > > 
> > > > > SRP does it too AFAIK.
> > > > > 

[Qemu-devel] qemu 2.9.0 qcow2 file failed to open after hard server reset

[Vasiliy Tolstov]

Hi! Today my server have forced reboot and one of my vm can't start
with message:
qcow2: Marking image as corrupt: L2 table offset 0x3f786d6c207600
unaligned (L1 index: 0); further corruption events will be suppressed

i'm use debian jessie with hand builded qemu 2.9.0, i'm try to
qemu-img check but it not helps. How can i recover data inside qcow2
file? (i'm not use compression or encryption inside it).

-- 
Vasiliy Tolstov,
e-mail: v.tols...@selfip.ru

[Qemu-devel] [PATCH v3 4/5] vhost-user-test: make features mask an init_virtio_dev() argument

[Maxime Coquelin]

The goal is to generalize the use of [un]init_virtio_dev() to
all tests, which does not necessarily expose the same features
set.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index 969e3932cc..6a144e8d7e 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -164,7 +164,7 @@ typedef struct TestServer {
 static const char *tmpfs;
 static const char *root;
 
-static void init_virtio_dev(TestServer *s)
+static void init_virtio_dev(TestServer *s, uint32_t features_mask)
 {
 uint32_t features;
 int i;
@@ -187,7 +187,7 @@ static void init_virtio_dev(TestServer *s)
 }
 
 features = qvirtio_get_features(>dev->vdev);
-features = features & (1u << VIRTIO_NET_F_MAC);
+features = features & features_mask;
 qvirtio_set_features(>dev->vdev, features);
 
 qvirtio_set_driver_ok(>dev->vdev);
@@ -652,7 +652,7 @@ static void test_read_guest_mem(void)
 s = qtest_start(qemu_cmd);
 g_free(qemu_cmd);
 
-init_virtio_dev(server);
+init_virtio_dev(server, 1u << VIRTIO_NET_F_MAC);
 
 read_guest_mem(server);
 
@@ -681,7 +681,7 @@ static void test_migrate(void)
 from = qtest_start(cmd);
 g_free(cmd);
 
-init_virtio_dev(s);
+init_virtio_dev(s, 1u << VIRTIO_NET_F_MAC);
 wait_for_fds(s);
 size = get_log_size(s);
 g_assert_cmpint(size, ==, (2 * 1024 * 1024) / (VHOST_LOG_PAGE * 8));
@@ -803,7 +803,7 @@ static void test_reconnect_subprocess(void)
 qtest_start(cmd);
 g_free(cmd);
 
-init_virtio_dev(s);
+init_virtio_dev(s, 1u << VIRTIO_NET_F_MAC);
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
@@ -841,7 +841,7 @@ static void test_connect_fail_subprocess(void)
 qtest_start(cmd);
 g_free(cmd);
 
-init_virtio_dev(s);
+init_virtio_dev(s, 1u << VIRTIO_NET_F_MAC);
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
@@ -871,7 +871,7 @@ static void test_flags_mismatch_subprocess(void)
 qtest_start(cmd);
 g_free(cmd);
 
-init_virtio_dev(s);
+init_virtio_dev(s, 1u << VIRTIO_NET_F_MAC);
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
-- 
2.14.3

[Qemu-devel] [PATCH v3 3/5] vhost-user-test: setup virtqueues in all tests

[Maxime Coquelin]

Only the multiqueue test setups the virtqueues.
This patch generalizes the setup of virtqueues for all tests.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 53 +++--
 1 file changed, 42 insertions(+), 11 deletions(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index df567248ae..969e3932cc 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -55,6 +55,7 @@
 /*** FROM hw/virtio/vhost-user.c */
 
 #define VHOST_MEMORY_MAX_NREGIONS8
+#define VHOST_MAX_VIRTQUEUES0x100
 
 #define VHOST_USER_F_PROTOCOL_FEATURES 30
 #define VHOST_USER_PROTOCOL_F_MQ 0
@@ -141,6 +142,8 @@ enum {
 
 typedef struct TestServer {
 QPCIBus *bus;
+QVirtioPCIDevice *dev;
+QVirtQueue *vq[VHOST_MAX_VIRTQUEUES];
 gchar *socket_path;
 gchar *mig_path;
 gchar *chr_name;
@@ -155,6 +158,7 @@ typedef struct TestServer {
 bool test_fail;
 int test_flags;
 int queues;
+QGuestAllocator *alloc;
 } TestServer;
 
 static const char *tmpfs;
@@ -162,26 +166,43 @@ static const char *root;
 
 static void init_virtio_dev(TestServer *s)
 {
-QVirtioPCIDevice *dev;
 uint32_t features;
+int i;
 
 s->bus = qpci_init_pc(NULL);
 g_assert_nonnull(s->bus);
 
-dev = qvirtio_pci_device_find(s->bus, VIRTIO_ID_NET);
-g_assert_nonnull(dev);
+s->dev = qvirtio_pci_device_find(s->bus, VIRTIO_ID_NET);
+g_assert_nonnull(s->dev);
 
-qvirtio_pci_device_enable(dev);
-qvirtio_reset(>vdev);
-qvirtio_set_acknowledge(>vdev);
-qvirtio_set_driver(>vdev);
+qvirtio_pci_device_enable(s->dev);
+qvirtio_reset(>dev->vdev);
+qvirtio_set_acknowledge(>dev->vdev);
+qvirtio_set_driver(>dev->vdev);
+
+s->alloc = pc_alloc_init();
 
-features = qvirtio_get_features(>vdev);
+for (i = 0; i < s->queues * 2; i++) {
+s->vq[i] = qvirtqueue_setup(>dev->vdev, s->alloc, i);
+}
+
+features = qvirtio_get_features(>dev->vdev);
 features = features & (1u << VIRTIO_NET_F_MAC);
-qvirtio_set_features(>vdev, features);
+qvirtio_set_features(>dev->vdev, features);
 
-qvirtio_set_driver_ok(>vdev);
-qvirtio_pci_device_free(dev);
+qvirtio_set_driver_ok(>dev->vdev);
+}
+
+static void uninit_virtio_dev(TestServer *s)
+{
+int i;
+
+for (i = 0; i < s->queues * 2; i++) {
+qvirtqueue_cleanup(s->dev->vdev.bus, s->vq[i], s->alloc);
+}
+pc_alloc_uninit(s->alloc);
+
+qvirtio_pci_device_free(s->dev);
 }
 
 static void wait_for_fds(TestServer *s)
@@ -635,6 +656,8 @@ static void test_read_guest_mem(void)
 
 read_guest_mem(server);
 
+uninit_virtio_dev(server);
+
 qtest_quit(s);
 test_server_free(server);
 }
@@ -711,6 +734,8 @@ static void test_migrate(void)
 
 read_guest_mem(dest);
 
+uninit_virtio_dev(s);
+
 g_source_destroy(source);
 g_source_unref(source);
 
@@ -789,6 +814,8 @@ static void test_reconnect_subprocess(void)
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
+uninit_virtio_dev(s);
+
 qtest_end();
 test_server_free(s);
 return;
@@ -818,6 +845,8 @@ static void test_connect_fail_subprocess(void)
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
+uninit_virtio_dev(s);
+
 qtest_end();
 test_server_free(s);
 }
@@ -846,6 +875,8 @@ static void test_flags_mismatch_subprocess(void)
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
+uninit_virtio_dev(s);
+
 qtest_end();
 test_server_free(s);
 }
-- 
2.14.3

[Qemu-devel] [PATCH v3 5/5] vhost-user-test: use init_virtio_dev in multiqueue test

[Maxime Coquelin]

Now that init_virtio_dev() has been generalized to all cases,
use it in test_multiqueue() to avoid code duplication.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 65 ++---
 1 file changed, 8 insertions(+), 57 deletions(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index 6a144e8d7e..ec6ac9dc9e 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -892,79 +892,30 @@ static void test_flags_mismatch(void)
 
 #endif
 
-static QVirtioPCIDevice *virtio_net_pci_init(QPCIBus *bus, int slot)
-{
-QVirtioPCIDevice *dev;
-
-dev = qvirtio_pci_device_find(bus, VIRTIO_ID_NET);
-g_assert(dev != NULL);
-g_assert_cmphex(dev->vdev.device_type, ==, VIRTIO_ID_NET);
-
-qvirtio_pci_device_enable(dev);
-qvirtio_reset(>vdev);
-qvirtio_set_acknowledge(>vdev);
-qvirtio_set_driver(>vdev);
-
-return dev;
-}
-
-static void driver_init(QVirtioDevice *dev)
-{
-uint32_t features;
-
-features = qvirtio_get_features(dev);
-features = features & ~(QVIRTIO_F_BAD_FEATURE |
-(1u << VIRTIO_RING_F_INDIRECT_DESC) |
-(1u << VIRTIO_RING_F_EVENT_IDX));
-qvirtio_set_features(dev, features);
-
-qvirtio_set_driver_ok(dev);
-}
-
-#define PCI_SLOT0x04
-
 static void test_multiqueue(void)
 {
-const int queues = 2;
 TestServer *s = test_server_new("mq");
-QVirtioPCIDevice *dev;
-QPCIBus *bus;
-QVirtQueuePCI *vq[queues * 2];
-QGuestAllocator *alloc;
 char *cmd;
-int i;
-
-s->queues = queues;
+uint32_t features_mask = ~(QVIRTIO_F_BAD_FEATURE |
+(1u << VIRTIO_RING_F_INDIRECT_DESC) |
+(1u << VIRTIO_RING_F_EVENT_IDX));
+s->queues = 2;
 test_server_listen(s);
 
 cmd = g_strdup_printf(QEMU_CMD_MEM QEMU_CMD_CHR QEMU_CMD_NETDEV 
",queues=%d "
   "-device 
virtio-net-pci,netdev=net0,mq=on,vectors=%d",
   512, 512, root, s->chr_name,
   s->socket_path, "", s->chr_name,
-  queues, queues * 2 + 2);
+  s->queues, s->queues * 2 + 2);
 qtest_start(cmd);
 g_free(cmd);
 
-bus = qpci_init_pc(NULL);
-dev = virtio_net_pci_init(bus, PCI_SLOT);
+init_virtio_dev(s, features_mask);
 
-alloc = pc_alloc_init();
-for (i = 0; i < queues * 2; i++) {
-vq[i] = (QVirtQueuePCI *)qvirtqueue_setup(>vdev, alloc, i);
-}
+wait_for_rings_started(s, s->queues * 2);
 
-driver_init(>vdev);
-wait_for_rings_started(s, queues * 2);
+uninit_virtio_dev(s);
 
-/* End test */
-for (i = 0; i < queues * 2; i++) {
-qvirtqueue_cleanup(dev->vdev.bus, [i]->vq, alloc);
-}
-pc_alloc_uninit(alloc);
-qvirtio_pci_device_disable(dev);
-g_free(dev->pdev);
-g_free(dev);
-qpci_free_pc(bus);
 qtest_end();
 
 test_server_free(s);
-- 
2.14.3

[Qemu-devel] [PATCH v3 2/5] vhost-user-test: extract read-guest-mem test from main loop

[Maxime Coquelin]

This patch makes read-guest-test consistent with other tests,
i.e. create the test server in the test function.

Reviewed-by: Marc-André Lureau 
Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 41 +++--
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index 43c6528644..df567248ae 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -617,6 +617,28 @@ GSourceFuncs test_migrate_source_funcs = {
 .check = test_migrate_source_check,
 };
 
+static void test_read_guest_mem(void)
+{
+TestServer *server = NULL;
+char *qemu_cmd = NULL;
+QTestState *s = NULL;
+
+server = test_server_new("test");
+test_server_listen(server);
+
+qemu_cmd = GET_QEMU_CMD(server);
+
+s = qtest_start(qemu_cmd);
+g_free(qemu_cmd);
+
+init_virtio_dev(server);
+
+read_guest_mem(server);
+
+qtest_quit(s);
+test_server_free(server);
+}
+
 static void test_migrate(void)
 {
 TestServer *s = test_server_new("src");
@@ -919,10 +941,7 @@ static void test_multiqueue(void)
 
 int main(int argc, char **argv)
 {
-QTestState *s = NULL;
-TestServer *server = NULL;
 const char *hugefs;
-char *qemu_cmd = NULL;
 int ret;
 char template[] = "/tmp/vhost-test-XX";
 GMainLoop *loop;
@@ -947,20 +966,11 @@ int main(int argc, char **argv)
 root = tmpfs;
 }
 
-server = test_server_new("test");
-test_server_listen(server);
-
 loop = g_main_loop_new(NULL, FALSE);
 /* run the main loop thread so the chardev may operate */
 thread = g_thread_new(NULL, thread_function, loop);
 
-qemu_cmd = GET_QEMU_CMD(server);
-
-s = qtest_start(qemu_cmd);
-g_free(qemu_cmd);
-init_virtio_dev(server);
-
-qtest_add_data_func("/vhost-user/read-guest-mem", server, read_guest_mem);
+qtest_add_func("/vhost-user/read-guest-mem", test_read_guest_mem);
 qtest_add_func("/vhost-user/migrate", test_migrate);
 qtest_add_func("/vhost-user/multiqueue", test_multiqueue);
 
@@ -978,12 +988,7 @@ int main(int argc, char **argv)
 
 ret = g_test_run();
 
-if (s) {
-qtest_quit(s);
-}
-
 /* cleanup */
-test_server_free(server);
 
 /* finish the helper thread and dispatch pending sources */
 g_main_loop_quit(loop);
-- 
2.14.3

[Qemu-devel] [PATCH v3 0/5] vhost-user-test: Fixes & code clean-up

[Maxime Coquelin]

Sorry, I missed to fixup the feature mask in patch 4,
this is the only change in this v3.

The two changes in v2 are fixing the features mask
before the function rework, and reword of commit message
of patch "vhost-user-test: extract read-guest-mem test
from main loop" (Thanks Marc-André).

This series fixes two issues in vhost-user-test:
1. Setup virtqueues in all tests
2. Fix features mask for all but test_multiqueue()

The clean-ups comprises making read-guest-mem test consistent
with other tests by initializing the device in the qtest thread.
Also, some code factorization is done with regard to device
initialization so that all tests share the same init.

Maxime Coquelin (5):
  vhost-user-test: fix features mask
  vhost-user-test: extract read-guest-mem test from main loop
  vhost-user-test: setup virtqueues in all tests
  vhost-user-test: make features mask an init_virtio_dev() argument
  vhost-user-test: use init_virtio_dev in multiqueue test

 tests/vhost-user-test.c | 171 ++--
 1 file changed, 79 insertions(+), 92 deletions(-)

-- 
2.14.3

[Qemu-devel] [PATCH v3 1/5] vhost-user-test: fix features mask

[Maxime Coquelin]

VIRTIO_NET_F_MAC is a bit position, not a bit mask.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index e2c89ed376..43c6528644 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -177,7 +177,7 @@ static void init_virtio_dev(TestServer *s)
 qvirtio_set_driver(>vdev);
 
 features = qvirtio_get_features(>vdev);
-features = features & VIRTIO_NET_F_MAC;
+features = features & (1u << VIRTIO_NET_F_MAC);
 qvirtio_set_features(>vdev, features);
 
 qvirtio_set_driver_ok(>vdev);
-- 
2.14.3

[Qemu-devel] [PATCH] hw/i386/vmport: fix missing definitions with x86_64-w64-mingw32

[Laurent Vivier]

When compiled with x86_64-w64-mingw32, we have:

   error: implicit declaration of function 'qemu_log_mask'
   error: 'LOG_UNIMP' undeclared (first use in this function)

This patch adds the missing include.

Fixes: 7299e1a411
   ("hw/i386/vmport: replace fprintf() by trace events or LOG_UNIMP")
Signed-off-by: Laurent Vivier 
---
 hw/i386/vmport.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/i386/vmport.c b/hw/i386/vmport.c
index 9b8c68806e..116aa09819 100644
--- a/hw/i386/vmport.c
+++ b/hw/i386/vmport.c
@@ -27,6 +27,7 @@
 #include "hw/i386/pc.h"
 #include "sysemu/hw_accel.h"
 #include "hw/qdev.h"
+#include "qemu/log.h"
 #include "trace.h"
 
 #define VMPORT_CMD_GETVERSION 0x0a
-- 
2.14.3

[Qemu-devel] [PATCH v2 5/5] vhost-user-test: use init_virtio_dev in multiqueue test

[Maxime Coquelin]

Now that init_virtio_dev() has been generalized to all cases,
use it in test_multiqueue() to avoid code duplication.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 65 ++---
 1 file changed, 8 insertions(+), 57 deletions(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index be7a401789..e79510420d 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -892,79 +892,30 @@ static void test_flags_mismatch(void)
 
 #endif
 
-static QVirtioPCIDevice *virtio_net_pci_init(QPCIBus *bus, int slot)
-{
-QVirtioPCIDevice *dev;
-
-dev = qvirtio_pci_device_find(bus, VIRTIO_ID_NET);
-g_assert(dev != NULL);
-g_assert_cmphex(dev->vdev.device_type, ==, VIRTIO_ID_NET);
-
-qvirtio_pci_device_enable(dev);
-qvirtio_reset(>vdev);
-qvirtio_set_acknowledge(>vdev);
-qvirtio_set_driver(>vdev);
-
-return dev;
-}
-
-static void driver_init(QVirtioDevice *dev)
-{
-uint32_t features;
-
-features = qvirtio_get_features(dev);
-features = features & ~(QVIRTIO_F_BAD_FEATURE |
-(1u << VIRTIO_RING_F_INDIRECT_DESC) |
-(1u << VIRTIO_RING_F_EVENT_IDX));
-qvirtio_set_features(dev, features);
-
-qvirtio_set_driver_ok(dev);
-}
-
-#define PCI_SLOT0x04
-
 static void test_multiqueue(void)
 {
-const int queues = 2;
 TestServer *s = test_server_new("mq");
-QVirtioPCIDevice *dev;
-QPCIBus *bus;
-QVirtQueuePCI *vq[queues * 2];
-QGuestAllocator *alloc;
 char *cmd;
-int i;
-
-s->queues = queues;
+uint32_t features_mask = ~(QVIRTIO_F_BAD_FEATURE |
+(1u << VIRTIO_RING_F_INDIRECT_DESC) |
+(1u << VIRTIO_RING_F_EVENT_IDX));
+s->queues = 2;
 test_server_listen(s);
 
 cmd = g_strdup_printf(QEMU_CMD_MEM QEMU_CMD_CHR QEMU_CMD_NETDEV 
",queues=%d "
   "-device 
virtio-net-pci,netdev=net0,mq=on,vectors=%d",
   512, 512, root, s->chr_name,
   s->socket_path, "", s->chr_name,
-  queues, queues * 2 + 2);
+  s->queues, s->queues * 2 + 2);
 qtest_start(cmd);
 g_free(cmd);
 
-bus = qpci_init_pc(NULL);
-dev = virtio_net_pci_init(bus, PCI_SLOT);
+init_virtio_dev(s, features_mask);
 
-alloc = pc_alloc_init();
-for (i = 0; i < queues * 2; i++) {
-vq[i] = (QVirtQueuePCI *)qvirtqueue_setup(>vdev, alloc, i);
-}
+wait_for_rings_started(s, s->queues * 2);
 
-driver_init(>vdev);
-wait_for_rings_started(s, queues * 2);
+uninit_virtio_dev(s);
 
-/* End test */
-for (i = 0; i < queues * 2; i++) {
-qvirtqueue_cleanup(dev->vdev.bus, [i]->vq, alloc);
-}
-pc_alloc_uninit(alloc);
-qvirtio_pci_device_disable(dev);
-g_free(dev->pdev);
-g_free(dev);
-qpci_free_pc(bus);
 qtest_end();
 
 test_server_free(s);
-- 
2.14.3

[Qemu-devel] [PATCH v2 3/5] vhost-user-test: setup virtqueues in all tests

[Maxime Coquelin]

Only the multiqueue test setups the virtqueues.
This patch generalizes the setup of virtqueues for all tests.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 53 +++--
 1 file changed, 42 insertions(+), 11 deletions(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index df567248ae..969e3932cc 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -55,6 +55,7 @@
 /*** FROM hw/virtio/vhost-user.c */
 
 #define VHOST_MEMORY_MAX_NREGIONS8
+#define VHOST_MAX_VIRTQUEUES0x100
 
 #define VHOST_USER_F_PROTOCOL_FEATURES 30
 #define VHOST_USER_PROTOCOL_F_MQ 0
@@ -141,6 +142,8 @@ enum {
 
 typedef struct TestServer {
 QPCIBus *bus;
+QVirtioPCIDevice *dev;
+QVirtQueue *vq[VHOST_MAX_VIRTQUEUES];
 gchar *socket_path;
 gchar *mig_path;
 gchar *chr_name;
@@ -155,6 +158,7 @@ typedef struct TestServer {
 bool test_fail;
 int test_flags;
 int queues;
+QGuestAllocator *alloc;
 } TestServer;
 
 static const char *tmpfs;
@@ -162,26 +166,43 @@ static const char *root;
 
 static void init_virtio_dev(TestServer *s)
 {
-QVirtioPCIDevice *dev;
 uint32_t features;
+int i;
 
 s->bus = qpci_init_pc(NULL);
 g_assert_nonnull(s->bus);
 
-dev = qvirtio_pci_device_find(s->bus, VIRTIO_ID_NET);
-g_assert_nonnull(dev);
+s->dev = qvirtio_pci_device_find(s->bus, VIRTIO_ID_NET);
+g_assert_nonnull(s->dev);
 
-qvirtio_pci_device_enable(dev);
-qvirtio_reset(>vdev);
-qvirtio_set_acknowledge(>vdev);
-qvirtio_set_driver(>vdev);
+qvirtio_pci_device_enable(s->dev);
+qvirtio_reset(>dev->vdev);
+qvirtio_set_acknowledge(>dev->vdev);
+qvirtio_set_driver(>dev->vdev);
+
+s->alloc = pc_alloc_init();
 
-features = qvirtio_get_features(>vdev);
+for (i = 0; i < s->queues * 2; i++) {
+s->vq[i] = qvirtqueue_setup(>dev->vdev, s->alloc, i);
+}
+
+features = qvirtio_get_features(>dev->vdev);
 features = features & (1u << VIRTIO_NET_F_MAC);
-qvirtio_set_features(>vdev, features);
+qvirtio_set_features(>dev->vdev, features);
 
-qvirtio_set_driver_ok(>vdev);
-qvirtio_pci_device_free(dev);
+qvirtio_set_driver_ok(>dev->vdev);
+}
+
+static void uninit_virtio_dev(TestServer *s)
+{
+int i;
+
+for (i = 0; i < s->queues * 2; i++) {
+qvirtqueue_cleanup(s->dev->vdev.bus, s->vq[i], s->alloc);
+}
+pc_alloc_uninit(s->alloc);
+
+qvirtio_pci_device_free(s->dev);
 }
 
 static void wait_for_fds(TestServer *s)
@@ -635,6 +656,8 @@ static void test_read_guest_mem(void)
 
 read_guest_mem(server);
 
+uninit_virtio_dev(server);
+
 qtest_quit(s);
 test_server_free(server);
 }
@@ -711,6 +734,8 @@ static void test_migrate(void)
 
 read_guest_mem(dest);
 
+uninit_virtio_dev(s);
+
 g_source_destroy(source);
 g_source_unref(source);
 
@@ -789,6 +814,8 @@ static void test_reconnect_subprocess(void)
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
+uninit_virtio_dev(s);
+
 qtest_end();
 test_server_free(s);
 return;
@@ -818,6 +845,8 @@ static void test_connect_fail_subprocess(void)
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
+uninit_virtio_dev(s);
+
 qtest_end();
 test_server_free(s);
 }
@@ -846,6 +875,8 @@ static void test_flags_mismatch_subprocess(void)
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
+uninit_virtio_dev(s);
+
 qtest_end();
 test_server_free(s);
 }
-- 
2.14.3

[Qemu-devel] [PATCH v2 4/5] vhost-user-test: make features mask an init_virtio_dev() argument

[Maxime Coquelin]

The goal is to generalize the use of [un]init_virtio_dev() to
all tests, which does not necessarily expose the same features
set.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index 969e3932cc..be7a401789 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -164,7 +164,7 @@ typedef struct TestServer {
 static const char *tmpfs;
 static const char *root;
 
-static void init_virtio_dev(TestServer *s)
+static void init_virtio_dev(TestServer *s, uint32_t features_mask)
 {
 uint32_t features;
 int i;
@@ -187,7 +187,7 @@ static void init_virtio_dev(TestServer *s)
 }
 
 features = qvirtio_get_features(>dev->vdev);
-features = features & (1u << VIRTIO_NET_F_MAC);
+features = features & features_mask;
 qvirtio_set_features(>dev->vdev, features);
 
 qvirtio_set_driver_ok(>dev->vdev);
@@ -652,7 +652,7 @@ static void test_read_guest_mem(void)
 s = qtest_start(qemu_cmd);
 g_free(qemu_cmd);
 
-init_virtio_dev(server);
+init_virtio_dev(server, VIRTIO_NET_F_MAC);
 
 read_guest_mem(server);
 
@@ -681,7 +681,7 @@ static void test_migrate(void)
 from = qtest_start(cmd);
 g_free(cmd);
 
-init_virtio_dev(s);
+init_virtio_dev(s, VIRTIO_NET_F_MAC);
 wait_for_fds(s);
 size = get_log_size(s);
 g_assert_cmpint(size, ==, (2 * 1024 * 1024) / (VHOST_LOG_PAGE * 8));
@@ -803,7 +803,7 @@ static void test_reconnect_subprocess(void)
 qtest_start(cmd);
 g_free(cmd);
 
-init_virtio_dev(s);
+init_virtio_dev(s, VIRTIO_NET_F_MAC);
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
@@ -841,7 +841,7 @@ static void test_connect_fail_subprocess(void)
 qtest_start(cmd);
 g_free(cmd);
 
-init_virtio_dev(s);
+init_virtio_dev(s, VIRTIO_NET_F_MAC);
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
@@ -871,7 +871,7 @@ static void test_flags_mismatch_subprocess(void)
 qtest_start(cmd);
 g_free(cmd);
 
-init_virtio_dev(s);
+init_virtio_dev(s, VIRTIO_NET_F_MAC);
 wait_for_fds(s);
 wait_for_rings_started(s, 2);
 
-- 
2.14.3

[Qemu-devel] [PATCH v2 0/5] vhost-user-test: Fixes & code clean-up

[Maxime Coquelin]

The two changes in this v2 are fixing the features mask
before the function rework, and reword of commit message
of patch "vhost-user-test: extract read-guest-mem test
from main loop" (Thanks Marc-Andr??).

This series fixes two issues in vhost-user-test:
1. Setup virtqueues in all tests
2. Fix features mask for all but test_multiqueue()

The clean-ups comprises making read-guest-mem test consistent
with other tests by initializing the device in the qtest thread.
Also, some code factorization is done with regard to device
initialization so that all tests share the same init.

Maxime Coquelin (5):
  vhost-user-test: fix features mask
  vhost-user-test: extract read-guest-mem test from main loop
  vhost-user-test: setup virtqueues in all tests
  vhost-user-test: make features mask an init_virtio_dev() argument
  vhost-user-test: use init_virtio_dev in multiqueue test

 tests/vhost-user-test.c | 171 ++--
 1 file changed, 79 insertions(+), 92 deletions(-)

-- 
2.14.3

[Qemu-devel] [PATCH v2 1/5] vhost-user-test: fix features mask

[Maxime Coquelin]

VIRTIO_NET_F_MAC is a bit position, not a bit mask.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index e2c89ed376..43c6528644 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -177,7 +177,7 @@ static void init_virtio_dev(TestServer *s)
 qvirtio_set_driver(>vdev);
 
 features = qvirtio_get_features(>vdev);
-features = features & VIRTIO_NET_F_MAC;
+features = features & (1u << VIRTIO_NET_F_MAC);
 qvirtio_set_features(>vdev, features);
 
 qvirtio_set_driver_ok(>vdev);
-- 
2.14.3

[Qemu-devel] [PATCH v2 2/5] vhost-user-test: extract read-guest-mem test from main loop

[Maxime Coquelin]

This patch makes read-guest-test consistent with other tests,
i.e. create the test server in the test function.

Signed-off-by: Maxime Coquelin 
---
 tests/vhost-user-test.c | 41 +++--
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index 43c6528644..df567248ae 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -617,6 +617,28 @@ GSourceFuncs test_migrate_source_funcs = {
 .check = test_migrate_source_check,
 };
 
+static void test_read_guest_mem(void)
+{
+TestServer *server = NULL;
+char *qemu_cmd = NULL;
+QTestState *s = NULL;
+
+server = test_server_new("test");
+test_server_listen(server);
+
+qemu_cmd = GET_QEMU_CMD(server);
+
+s = qtest_start(qemu_cmd);
+g_free(qemu_cmd);
+
+init_virtio_dev(server);
+
+read_guest_mem(server);
+
+qtest_quit(s);
+test_server_free(server);
+}
+
 static void test_migrate(void)
 {
 TestServer *s = test_server_new("src");
@@ -919,10 +941,7 @@ static void test_multiqueue(void)
 
 int main(int argc, char **argv)
 {
-QTestState *s = NULL;
-TestServer *server = NULL;
 const char *hugefs;
-char *qemu_cmd = NULL;
 int ret;
 char template[] = "/tmp/vhost-test-XX";
 GMainLoop *loop;
@@ -947,20 +966,11 @@ int main(int argc, char **argv)
 root = tmpfs;
 }
 
-server = test_server_new("test");
-test_server_listen(server);
-
 loop = g_main_loop_new(NULL, FALSE);
 /* run the main loop thread so the chardev may operate */
 thread = g_thread_new(NULL, thread_function, loop);
 
-qemu_cmd = GET_QEMU_CMD(server);
-
-s = qtest_start(qemu_cmd);
-g_free(qemu_cmd);
-init_virtio_dev(server);
-
-qtest_add_data_func("/vhost-user/read-guest-mem", server, read_guest_mem);
+qtest_add_func("/vhost-user/read-guest-mem", test_read_guest_mem);
 qtest_add_func("/vhost-user/migrate", test_migrate);
 qtest_add_func("/vhost-user/multiqueue", test_multiqueue);
 
@@ -978,12 +988,7 @@ int main(int argc, char **argv)
 
 ret = g_test_run();
 
-if (s) {
-qtest_quit(s);
-}
-
 /* cleanup */
-test_server_free(server);
 
 /* finish the helper thread and dispatch pending sources */
 g_main_loop_quit(loop);
-- 
2.14.3

Re: [Qemu-devel] [PATCH v20 3/7 RESEND] xbitmap: add more operations

[Matthew Wilcox]

OK, here's a rewrite of xbitmap.

Compared to the version you sent:
 - xb_find_set() is the rewrite I sent out yesterday.
 - xb_find_clear() is a new implementation.  I use the IDR_FREE tag to find
   clear bits.  This led to me finding a bug in radix_tree_for_each_tagged().
 - xb_zero() is also a new implementation (replacing xb_clear_bit_range).
   It should also be more efficient in deep trees.
 - Did not accept your change to xb_set_bit(); I think it's important to
   leave the radix tree node in place, so we're guaranteed to make progress
   in low-memory situations.  We're expecting the caller to retry, so the
   memory should not leak.
 - Redid a lot of the kernel-doc.  Thanks for adding it!  I removed mentions
   of implementation details, leaving only information useful to those who
   are using it.

Compared to the version I put out back in February:
 - Accepted your change to xb_preload(); I think it's an improvement.
 - Rewrote xb_set_bit() to use the radix_tree_iter_ family of functions.
   Should improve performance for deep trees.
 - Rewrote xb_clear_bit() for the same reason.
 - Left out the use of radix tree exceptional entries.  Thanks for taking
   them out!  Keeps it clearer for now; if they prove useful, we can put
   them back in.
 - Removed the use of __radix_tree_delete and __radix_tree_create, so drop
   the changes to those functions.

Other miscellaneous notes
 - I left xb_fill() in the header file, even though there's no implementation
   yet.  Wouldn't be hard to add once we have a user.
 - Used SPDX tags instead of a license notice.

I think we need more test cases ... in reviewing this to send out,
I found a bug in xb_zero(), which I've only fixed because I don't have
time to write a test case for it.

diff --git a/include/linux/xbitmap.h b/include/linux/xbitmap.h
new file mode 100644
index ..c008309a9494
--- /dev/null
+++ b/include/linux/xbitmap.h
@@ -0,0 +1,48 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * eXtensible Bitmaps
+ * Copyright (c) 2017 Microsoft Corporation
+ * Author: Matthew Wilcox 
+ *
+ * eXtensible Bitmaps provide an unlimited-size sparse bitmap facility.
+ * All bits are initially zero.
+ *
+ * Locking is to be provided by the user.  No xb_ function is safe to
+ * call concurrently with any other xb_ function.
+ */
+
+#include 
+
+struct xb {
+   struct radix_tree_root xbrt;
+};
+
+#define XB_INIT {  \
+   .xbrt = RADIX_TREE_INIT(IDR_RT_MARKER | GFP_NOWAIT),\
+}
+#define DEFINE_XB(name)struct xb name = XB_INIT
+
+static inline void xb_init(struct xb *xb)
+{
+   INIT_RADIX_TREE(>xbrt, IDR_RT_MARKER | GFP_NOWAIT);
+}
+
+int xb_set_bit(struct xb *xb, unsigned long bit);
+bool xb_test_bit(const struct xb *xb, unsigned long bit);
+void xb_clear_bit(struct xb *xb, unsigned long bit);
+void xb_zero(struct xb *xb, unsigned long min, unsigned long max);
+void xb_fill(struct xb *xb, unsigned long min, unsigned long max);
+bool xb_find_set(const struct xb *xb, unsigned long max, unsigned long *bit);
+bool xb_find_zero(const struct xb *xb, unsigned long max, unsigned long *bit);
+
+static inline bool xb_empty(const struct xb *xb)
+{
+   return radix_tree_empty(>xbrt);
+}
+
+int __must_check xb_preload(gfp_t);
+
+static inline void xb_preload_end(void)
+{
+   preempt_enable();
+}
diff --git a/lib/Makefile b/lib/Makefile
index d11c48ec8ffd..08a8183c390b 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -19,7 +19,7 @@ KCOV_INSTRUMENT_dynamic_debug.o := n
 
 lib-y := ctype.o string.o vsprintf.o cmdline.o \
 rbtree.o radix-tree.o dump_stack.o timerqueue.o\
-idr.o int_sqrt.o extable.o \
+idr.o xbitmap.o int_sqrt.o extable.o \
 sha1.o chacha20.o irq_regs.o argv_split.o \
 flex_proportions.o ratelimit.o show_mem.o \
 is_single_threaded.o plist.o decompress.o kobject_uevent.o \
diff --git a/lib/radix-tree.c b/lib/radix-tree.c
index c8d55565fafa..d2bd8feb7b85 100644
--- a/lib/radix-tree.c
+++ b/lib/radix-tree.c
@@ -37,7 +37,7 @@
 #include 
 #include 
 #include 
-
+#include 
 
 /* Number of nodes in fully populated tree of given height */
 static unsigned long height_to_maxnodes[RADIX_TREE_MAX_PATH + 1] __read_mostly;
@@ -77,6 +77,11 @@ static struct kmem_cache *radix_tree_node_cachep;
RADIX_TREE_MAP_SHIFT))
 #define IDA_PRELOAD_SIZE   (IDA_MAX_PATH * 2 - 1)
 
+#define XB_INDEX_BITS  (BITS_PER_LONG - ilog2(IDA_BITMAP_BITS))
+#define XB_MAX_PATH(DIV_ROUND_UP(XB_INDEX_BITS, \
+   RADIX_TREE_MAP_SHIFT))
+#define XB_PRELOAD_SIZE(XB_MAX_PATH * 2 - 1)
+
 /*
  * Per-cpu pool of preloaded nodes
  */
@@ -1781,7 +1786,7 @@ void __rcu **radix_tree_next_chunk(const struct 
radix_tree_root *root,
child = rcu_dereference_raw(node->slots[offset]);

Re: [Qemu-devel] [PULL 0/5] M68k for 2.12 patches

[Laurent Vivier]

Le 21/12/2017 à 21:27, Laurent Vivier a écrit :
> Le 21/12/2017 à 20:57, no-re...@patchew.org a écrit :
>> Hi,
>>
>> This series failed automatic build test. Please find the testing commands and
>> their output below. If you have docker installed, you can probably reproduce 
>> it
>> locally.
>>
>> Type: series
>> Message-id: 20171221193640.27418-1-laur...@vivier.eu
>> Subject: [Qemu-devel] [PULL 0/5] M68k for 2.12 patches
>>
> ...
>> Configure options:
>> --enable-werror --target-list=x86_64-softmmu,aarch64-softmmu 
>> --prefix=/tmp/qemu-test/install --cross-prefix=x86_64-w64-mingw32- 
>> --enable-trace-backends=simple --enable-debug --enable-gnutls 
>> --enable-nettle --enable-curl --enable-vnc --enable-bzip2 
>> --enable-guest-agent --with-sdlabi=1.2 --with-gtkabi=2.0
> ...
>> /tmp/qemu-test/src/hw/i386/vmport.c: In function 'vmport_ioport_read':
>> /tmp/qemu-test/src/hw/i386/vmport.c:81:9: error: implicit declaration of 
>> function 'qemu_log_mask' [-Werror=implicit-function-declaration]
>>  qemu_log_mask(LOG_UNIMP, "vmport: unknown command %x\n", command);
>>  ^
>> /tmp/qemu-test/src/hw/i386/vmport.c:81:9: error: nested extern declaration 
>> of 'qemu_log_mask' [-Werror=nested-externs]
>> /tmp/qemu-test/src/hw/i386/vmport.c:81:23: error: 'LOG_UNIMP' undeclared 
>> (first use in this function)
>>  qemu_log_mask(LOG_UNIMP, "vmport: unknown command %x\n", command);
>>^
>> /tmp/qemu-test/src/hw/i386/vmport.c:81:23: note: each undeclared identifier 
>> is reported only once for each function it appears in
>> cc1: all warnings being treated as errors
>> make[1]: *** [hw/i386/vmport.o] Error 1
>> make[1]: *** Waiting for unfinished jobs
> 
> Looks like a patch from Paolo's pull is breaking the build:
> 
> commit 7299e1a411de99761a4260e44b4f1cf2e4e126ef
> Author: Philippe Mathieu-Daudé 
> Date:   Fri Dec 15 00:43:55 2017 -0300
> 
> hw/i386/vmport: replace fprintf() by trace events or LOG_UNIMP
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> Message-Id: <20171215034356.4449-2-f4...@amsat.org>
> [Replace unknown command tracepoint with LOG_UNIMP, add
>  generic tracepoint for vmport commands. - Paolo]
> Signed-off-by: Paolo Bonzini 

This is fixed by:

diff --git a/hw/i386/vmport.c b/hw/i386/vmport.c
index 9b8c68806e..116aa09819 100644
--- a/hw/i386/vmport.c
+++ b/hw/i386/vmport.c
@@ -27,6 +27,7 @@
 #include "hw/i386/pc.h"
 #include "sysemu/hw_accel.h"
 #include "hw/qdev.h"
+#include "qemu/log.h"
 #include "trace.h"

 #define VMPORT_CMD_GETVERSION 0x0a


Laurent

Re: [Qemu-devel] [PATCH V2 0/5] hw/pvrdma: PVRDMA device implementation

[Michael S. Tsirkin]

On Thu, Dec 21, 2017 at 05:59:38PM +0200, Marcel Apfelbaum wrote:
> On 21/12/2017 16:22, Michael S. Tsirkin wrote:
> > On Thu, Dec 21, 2017 at 09:27:51AM +0200, Yuval Shaia wrote:
> > > > > 
> > > > > > What happens if guest attempts to register all its memory?
> > > > > > 
> > > > > 
> > > > > Then we loose, is not different from bare metal, reg_mr will pin all 
> > > > > the RAM.
> > > > 
> > > > We need to find a way to communicate to guests about amount
> > > > of memory they can pin.
> > > 
> > > dev_caps.max_mr_size is the way device limits guest driver.
> > > This value is controlled by the command line argument dev-caps-max-mr-size
> > > so we should be fine (btw, default value is 1<<32).
> > 
> > Isn't that still leaving the option for guest to register all memory,
> > just in chunks?
> > 
> 
> We also have a parameter limiting the number of mrs (dev-caps-max-mr),
> together with dev-caps-max-mr-size we can limit the memory the guests can pin.
> 
> Thanks,
> Marcel

You might want to limit the default values then.

Right now:

+#define MAX_MR_SIZE   (1UL << 32)
+#define MAX_MR2048

Which is IIUC 8TB.

That's pretty close to unlimited, and so far overcommit seems to be the
main feature for users.


> > > > 
> > > > > However this is only one scenario, and hopefully not much used
> > > > > for RoCE. (I know IPoIB does that, but it doesn't make sense to use 
> > > > > it with RoCE).
> > > > 
> > > > SRP does it too AFAIK.
> > > > 

Re: [Qemu-devel] [PATCH 2/2] qemu: add linkspeed and duplex setting to virtio-net

[Michael S. Tsirkin]

On Thu, Dec 21, 2017 at 02:42:48PM -0500, Jason Baron wrote:
> 
> 
> On 12/20/2017 09:33 AM, Yan Vugenfirer wrote:
> > 
> >> On 20 Dec 2017, at 16:31, Michael S. Tsirkin  wrote:
> >>
> >> On Tue, Dec 19, 2017 at 11:52:39AM -0500, Jason Baron wrote:
> >>>
> >>>
> >>> On 12/19/2017 04:19 AM, Yan Vugenfirer wrote:
> 
> > On 18 Dec 2017, at 18:04, Jason Baron via Qemu-devel
> > > wrote:
> >
> >
> >
> > On 12/18/2017 06:34 AM, Yan Vugenfirer wrote:
> >>
> >>> On 14 Dec 2017, at 21:33, Jason Baron via Qemu-devel
> >>> > wrote:
> >>>
> >>> Although they can be currently set in linux via 'ethtool -s', this
> >>> requires
> >>> guest changes, and thus it would be nice to extend this
> >>> functionality such
> >>> that it can be configured automatically from the host (as other 
> >>> network
> >>> do).
> >>>
> >>> Linkspeed and duplex settings can be set as:
> >>> '-device virtio-net,speed=1,duplex=full'
> >>>
> >>> where speed is [-1...INT_MAX], and duplex is ["half"|"full"].
> >>>
> >>> Signed-off-by: Jason Baron  >>> >
> >>> Cc: "Michael S. Tsirkin" >
> >>> Cc: Jason Wang >
> >>> ---
> >>> hw/net/virtio-net.c | 29
> >>> +
> >>> include/hw/virtio/virtio-net.h  |  3 +++
> >>> include/standard-headers/linux/virtio_net.h |  4 
> >>> 3 files changed, 36 insertions(+)
> >>>
> >>> diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
> >>> index 38674b0..d63e790 100644
> >>> --- a/hw/net/virtio-net.c
> >>> +++ b/hw/net/virtio-net.c
> >>> @@ -40,6 +40,12 @@
> >>> #define VIRTIO_NET_RX_QUEUE_MIN_SIZE VIRTIO_NET_RX_QUEUE_DEFAULT_SIZE
> >>> #define VIRTIO_NET_TX_QUEUE_MIN_SIZE VIRTIO_NET_TX_QUEUE_DEFAULT_SIZE
> >>>
> >>> +/* duplex and speed defines */
> >>> +#define DUPLEX_UNKNOWN  0xff
> >>> +#define DUPLEX_HALF 0x00
> >>> +#define DUPLEX_FULL 0x01
> >>> +#define SPEED_UNKNOWN   -1
> >>> +
> >>> /*
> >>> * Calculate the number of bytes up to and including the given 'field' 
> >>> of
> >>> * 'container'.
> >>> @@ -61,6 +67,8 @@ static VirtIOFeature feature_sizes[] = {
> >>> .end = endof(struct virtio_net_config, max_virtqueue_pairs)},
> >>>{.flags = 1 << VIRTIO_NET_F_MTU,
> >>> .end = endof(struct virtio_net_config, mtu)},
> >>> +{.flags = 1 << VIRTIO_NET_F_SPEED_DUPLEX,
> >>> + .end = endof(struct virtio_net_config, duplex)},
> >>>{}
> >>> };
> >>>
> >>> @@ -88,6 +96,8 @@ static void virtio_net_get_config(VirtIODevice
> >>> *vdev, uint8_t *config)
> >>>virtio_stw_p(vdev, , n->status);
> >>>virtio_stw_p(vdev, _virtqueue_pairs, n->max_queues);
> >>>virtio_stw_p(vdev, , n->net_conf.mtu);
> >>> +virtio_stl_p(vdev, , n->net_conf.speed);
> >>> +netcfg.duplex = n->net_conf.duplex;
> >>>memcpy(netcfg.mac, n->mac, ETH_ALEN);
> >>>memcpy(config, , n->config_size);
> >>> }
> >>> @@ -1941,6 +1951,23 @@ static void
> >>> virtio_net_device_realize(DeviceState *dev, Error **errp)
> >>>n->host_features |= (0x1 << VIRTIO_NET_F_MTU);
> >>>}
> >>>
> >>> +n->host_features |= (0x1 << VIRTIO_NET_F_SPEED_DUPLEX);
> >>> +if (n->net_conf.duplex_str) {
> >>> +if (strncmp(n->net_conf.duplex_str, "half", 5) == 0) {
> >>> +n->net_conf.duplex = DUPLEX_HALF;
> >>> +} else if (strncmp(n->net_conf.duplex_str, "full", 5) == 0) {
> >>> +n->net_conf.duplex = DUPLEX_FULL;
> >>> +} else {
> >>> +error_setg(errp, "'duplex' must be 'half' or 'full'");
> >>> +}
> >>> +} else {
> >>> +n->net_conf.duplex = DUPLEX_UNKNOWN;
> >>> +}
> >>> +if (n->net_conf.speed < SPEED_UNKNOWN) {
> >>> +error_setg(errp, "'speed' must be between -1
> >>> (SPEED_UNKOWN) and "
> >>> +   "INT_MAX");
> >>> +}
> >>> +
> >>>virtio_net_set_config_size(n, n->host_features);
> >>>virtio_init(vdev, "virtio-net", VIRTIO_ID_NET, n->config_size);
> >>>
> >>> @@ -2160,6 +2187,8 @@ static Property virtio_net_properties[] = {
> >>>DEFINE_PROP_UINT16("host_mtu", VirtIONet, net_conf.mtu, 0),
> >>>DEFINE_PROP_BOOL("x-mtu-bypass-backend", VirtIONet,
> >>> mtu_bypass_backend,
> >>> true),
> >>> +DEFINE_PROP_INT32("speed", VirtIONet, net_conf.speed,
> >>> SPEED_UNKNOWN),
> >>
> >> From 

Re: [Qemu-devel] [PULL 15/25] hw/block/nvme: QOM'ify PCI NVME

[Michael S. Tsirkin]

On Thu, Dec 21, 2017 at 04:29:21PM +0200, Michael S. Tsirkin wrote:
> From: Philippe Mathieu-Daudé 
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> Reviewed-by: Michael S. Tsirkin 
> Signed-off-by: Michael S. Tsirkin 

Dropped due to merge conflicts. Pls rebase and ask
storage maintainers to apply as appropriate.

> ---
>  hw/block/nvme.c | 32 +---
>  1 file changed, 17 insertions(+), 15 deletions(-)
> 
> diff --git a/hw/block/nvme.c b/hw/block/nvme.c
> index 441e21e..9c5f898 100644
> --- a/hw/block/nvme.c
> +++ b/hw/block/nvme.c
> @@ -920,9 +920,9 @@ static const MemoryRegionOps nvme_cmb_ops = {
>  },
>  };
>  
> -static int nvme_init(PCIDevice *pci_dev)
> +static void nvme_realize(PCIDevice *pci, Error **errp)
>  {
> -NvmeCtrl *n = NVME(pci_dev);
> +NvmeCtrl *n = NVME(pci);
>  NvmeIdCtrl *id = >id_ctrl;
>  
>  int i;
> @@ -931,30 +931,33 @@ static int nvme_init(PCIDevice *pci_dev)
>  Error *local_err = NULL;
>  
>  if (!n->conf.blk) {
> -return -1;
> +error_setg(errp, "Block device missing");
> +return;
>  }
>  
>  bs_size = blk_getlength(n->conf.blk);
>  if (bs_size < 0) {
> -return -1;
> +error_setg_errno(errp, -bs_size, "Could not get length of device");
> +return;
>  }
>  
>  blkconf_serial(>conf, >serial);
>  if (!n->serial) {
> -return -1;
> +error_setg(errp, "Could not get device serial number");
> +return;
>  }
>  blkconf_blocksizes(>conf);
>  blkconf_apply_backend_options(>conf, blk_is_read_only(n->conf.blk),
>false, _err);
>  if (local_err) {
> -error_report_err(local_err);
> -return -1;
> +error_propagate(errp, local_err);
> +return;
>  }
>  
> -pci_conf = pci_dev->config;
> +pci_conf = pci->config;
>  pci_conf[PCI_INTERRUPT_PIN] = 1;
> -pci_config_set_prog_interface(pci_dev->config, 0x2);
> -pci_config_set_class(pci_dev->config, PCI_CLASS_STORAGE_EXPRESS);
> +pci_config_set_prog_interface(pci->config, 0x2);
> +pci_config_set_class(pci->config, PCI_CLASS_STORAGE_EXPRESS);
>  pcie_endpoint_cap_init(>parent_obj, 0x80);
>  
>  n->num_namespaces = 1;
> @@ -1046,12 +1049,11 @@ static int nvme_init(PCIDevice *pci_dev)
>  cpu_to_le64(n->ns_size >>
>  id_ns->lbaf[NVME_ID_NS_FLBAS_INDEX(ns->id_ns.flbas)].ds);
>  }
> -return 0;
>  }
>  
> -static void nvme_exit(PCIDevice *pci_dev)
> +static void nvme_exit(PCIDevice *pci)
>  {
> -NvmeCtrl *n = NVME(pci_dev);
> +NvmeCtrl *n = NVME(pci);
>  
>  nvme_clear_ctrl(n);
>  g_free(n->namespaces);
> @@ -1061,7 +1063,7 @@ static void nvme_exit(PCIDevice *pci_dev)
>  memory_region_unref(>ctrl_mem);
>  }
>  
> -msix_uninit_exclusive_bar(pci_dev);
> +msix_uninit_exclusive_bar(pci);
>  }
>  
>  static Property nvme_props[] = {
> @@ -1081,7 +1083,7 @@ static void nvme_class_init(ObjectClass *oc, void *data)
>  DeviceClass *dc = DEVICE_CLASS(oc);
>  PCIDeviceClass *pc = PCI_DEVICE_CLASS(oc);
>  
> -pc->init = nvme_init;
> +pc->realize = nvme_realize;
>  pc->exit = nvme_exit;
>  pc->class_id = PCI_CLASS_STORAGE_EXPRESS;
>  pc->vendor_id = PCI_VENDOR_ID_INTEL;
> -- 
> MST
> 

Re: [Qemu-devel] [PULL 00/25] pc, pci, virtio: features, fixes, cleanups

[Michael S. Tsirkin]

On Thu, Dec 21, 2017 at 08:26:47PM +, Peter Maydell wrote:
> On 21 December 2017 at 14:27, Michael S. Tsirkin  wrote:
> > The following changes since commit 2babfe0c9241c239272a03fec785165a50e8288c:
> >
> >   Update version for v2.11.0-rc4 release (2017-12-05 16:36:46 +)
> >
> > are available in the git repository at:
> >
> >   git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream
> >
> > for you to fetch changes up to 664ed92706ff6e66fa278c3163b5387f11d6daca:
> >
> >   smbus: do not immediately complete commands (2017-12-21 16:24:44 +0200)
> >
> > 
> > pc, pci, virtio: features, fixes, cleanups
> >
> > A bunch of fixes, cleanus and new features all over the place.
> >
> > Signed-off-by: Michael S. Tsirkin 
> >
> 
> Conflicts in hw/block/nvme.c -- can you fix and resend, please?
> 
> thanks
> -- PMM

Done and pushed - I dropped the conflicting patch.

Re: [Qemu-devel] [PATCH v2 0/5] Add aarch64_be-linux-user target

[no-reply]

Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 20171219201613.7399-1-michael.wei...@gmx.de
Subject: [Qemu-devel] [PATCH v2 0/5] Add aarch64_be-linux-user target

=== TEST SCRIPT BEGIN ===
#!/bin/bash

BASE=base
n=1
total=$(git log --oneline $BASE.. | wc -l)
failed=0

git config --local diff.renamelimit 0
git config --local diff.renames True

commits="$(git log --format=%H --reverse $BASE..)"
for c in $commits; do
echo "Checking PATCH $n/$total: $(git log -n 1 --format=%s $c)..."
if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then
failed=1
echo
fi
n=$((n+1))
done

exit $failed
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
1408be599f linux-user: Add aarch64_be magic numbers to qemu-binfmt-conf.sh
246c0913be configure: Add aarch64_be-linux-user target
e845d35c97 linux-user: Fix endianess of aarch64 signal trampoline
c9dc348343 linux-user: Add separate aarch64_be uname
138f48ac61 linux-user: Add support for big-endian aarch64

=== OUTPUT BEGIN ===
Checking PATCH 1/5: linux-user: Add support for big-endian aarch64...
Checking PATCH 2/5: linux-user: Add separate aarch64_be uname...
Checking PATCH 3/5: linux-user: Fix endianess of aarch64 signal trampoline...
Checking PATCH 4/5: configure: Add aarch64_be-linux-user target...
Checking PATCH 5/5: linux-user: Add aarch64_be magic numbers to 
qemu-binfmt-conf.sh...
WARNING: line over 80 characters
#30: FILE: scripts/qemu-binfmt-conf.sh:95:
+aarch64_be_magic='\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7'

ERROR: line over 90 characters
#31: FILE: scripts/qemu-binfmt-conf.sh:96:
+aarch64_be_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'

total: 1 errors, 1 warnings, 18 lines checked

Your patch has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

=== OUTPUT END ===

Test command exited with code: 1


---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-de...@freelists.org

Re: [Qemu-devel] [PULL 0/5] M68k for 2.12 patches

[Laurent Vivier]

Le 21/12/2017 à 20:57, no-re...@patchew.org a écrit :
> Hi,
> 
> This series failed automatic build test. Please find the testing commands and
> their output below. If you have docker installed, you can probably reproduce 
> it
> locally.
> 
> Type: series
> Message-id: 20171221193640.27418-1-laur...@vivier.eu
> Subject: [Qemu-devel] [PULL 0/5] M68k for 2.12 patches
> 
...
> Configure options:
> --enable-werror --target-list=x86_64-softmmu,aarch64-softmmu 
> --prefix=/tmp/qemu-test/install --cross-prefix=x86_64-w64-mingw32- 
> --enable-trace-backends=simple --enable-debug --enable-gnutls --enable-nettle 
> --enable-curl --enable-vnc --enable-bzip2 --enable-guest-agent 
> --with-sdlabi=1.2 --with-gtkabi=2.0
...
> /tmp/qemu-test/src/hw/i386/vmport.c: In function 'vmport_ioport_read':
> /tmp/qemu-test/src/hw/i386/vmport.c:81:9: error: implicit declaration of 
> function 'qemu_log_mask' [-Werror=implicit-function-declaration]
>  qemu_log_mask(LOG_UNIMP, "vmport: unknown command %x\n", command);
>  ^
> /tmp/qemu-test/src/hw/i386/vmport.c:81:9: error: nested extern declaration of 
> 'qemu_log_mask' [-Werror=nested-externs]
> /tmp/qemu-test/src/hw/i386/vmport.c:81:23: error: 'LOG_UNIMP' undeclared 
> (first use in this function)
>  qemu_log_mask(LOG_UNIMP, "vmport: unknown command %x\n", command);
>^
> /tmp/qemu-test/src/hw/i386/vmport.c:81:23: note: each undeclared identifier 
> is reported only once for each function it appears in
> cc1: all warnings being treated as errors
> make[1]: *** [hw/i386/vmport.o] Error 1
> make[1]: *** Waiting for unfinished jobs

Looks like a patch from Paolo's pull is breaking the build:

commit 7299e1a411de99761a4260e44b4f1cf2e4e126ef
Author: Philippe Mathieu-Daudé 
Date:   Fri Dec 15 00:43:55 2017 -0300

hw/i386/vmport: replace fprintf() by trace events or LOG_UNIMP

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20171215034356.4449-2-f4...@amsat.org>
[Replace unknown command tracepoint with LOG_UNIMP, add
 generic tracepoint for vmport commands. - Paolo]
Signed-off-by: Paolo Bonzini 

Thanks,
Laurent

[Qemu-devel] [PULL v3 00/19] Initial support for Hypervisor.framework

[Paolo Bonzini]

The following changes since commit 200780a3a3ed067dfb2e0d2210b0ed09e748ba26:

  Merge remote-tracking branch 'remotes/armbru/tags/pull-cmdline-2017-12-18-v2' 
into staging (2017-12-20 13:20:48 +)

are available in the Git repository at:

  git://github.com/bonzini/qemu.git tags/for-upstream-hvf

for you to fetch changes up to e7c116fa90f3508a7ef5950e9bed5af11d8c192c:

  i386: hvf: cleanup x86_gen.h (2017-12-21 21:24:54 +0100)


Initial support for the HVF accelerator


Paolo Bonzini (10):
  i386: hvf: move all hvf files in the same directory
  i386: hvf: header cleanup
  i386: hvf: unify register enums between HVF and the rest
  i386: hvf: remove more dead emulator code
  i386: hvf: remove ZERO_INIT macro
  i386: hvf: abort on decoding error
  i386: hvf: simplify flag handling
  i386: hvf: remove addr_t
  i386: hvf: remove VM_PANIC from "in"
  i386: hvf: cleanup x86_gen.h

Sergio Andres Gomez Del Real (9):
  apic: add function to apic that will be used by hvf
  i386: hvf: add code base from Google's QEMU repository
  i386: hvf: fix licensing issues; isolate task handling code (GPL v2-only)
  i386: hvf: use new helper functions for put/get xsave
  i386: hvf: implement hvf_get_supported_cpuid
  i386: refactor KVM cpuid code so that it applies to hvf as well
  i386: hvf: implement vga dirty page tracking
  i386: hvf: refactor event injection code for hvf
  i386: hvf: inject General Protection Fault when vmexit through vmcall

 accel/stubs/Makefile.objs |1 +
 accel/stubs/hvf-stub.c|   31 +
 configure |   38 +
 cpus.c|   86 ++
 hw/intc/apic.c|   12 +
 include/hw/i386/apic.h|1 +
 include/qemu/typedefs.h   |1 +
 include/qom/cpu.h |2 +
 include/sysemu/hvf.h  |  107 ++
 qemu-options.hx   |   10 +-
 target/i386/Makefile.objs |1 +
 target/i386/cpu-qom.h |4 +-
 target/i386/cpu.c |   80 +-
 target/i386/cpu.h |  101 +-
 target/i386/hvf/Makefile.objs |2 +
 target/i386/hvf/README.md |7 +
 target/i386/hvf/hvf-i386.h|   48 +
 target/i386/hvf/hvf.c |  959 ++
 target/i386/hvf/panic.h   |   45 +
 target/i386/hvf/vmcs.h|  374 +++
 target/i386/hvf/vmx.h |  222 +
 target/i386/hvf/x86.c |  186 
 target/i386/hvf/x86.h |  400 
 target/i386/hvf/x86_cpuid.c   |  166 
 target/i386/hvf/x86_decode.c  | 2186 +
 target/i386/hvf/x86_decode.h  |  323 ++
 target/i386/hvf/x86_descr.c   |  125 +++
 target/i386/hvf/x86_descr.h   |   58 ++
 target/i386/hvf/x86_emu.c | 1483 
 target/i386/hvf/x86_emu.h |   49 +
 target/i386/hvf/x86_flags.c   |  315 ++
 target/i386/hvf/x86_flags.h   |   80 ++
 target/i386/hvf/x86_mmu.c |  272 +
 target/i386/hvf/x86_mmu.h |   43 +
 target/i386/hvf/x86_task.c|  192 
 target/i386/hvf/x86_task.h|   18 +
 target/i386/hvf/x86hvf.c  |  465 +
 target/i386/hvf/x86hvf.h  |   39 +
 target/i386/kvm.c |2 -
 39 files changed, 8475 insertions(+), 59 deletions(-)
 create mode 100644 accel/stubs/hvf-stub.c
 create mode 100644 include/sysemu/hvf.h
 create mode 100644 target/i386/hvf/Makefile.objs
 create mode 100644 target/i386/hvf/README.md
 create mode 100644 target/i386/hvf/hvf-i386.h
 create mode 100644 target/i386/hvf/hvf.c
 create mode 100644 target/i386/hvf/panic.h
 create mode 100644 target/i386/hvf/vmcs.h
 create mode 100644 target/i386/hvf/vmx.h
 create mode 100644 target/i386/hvf/x86.c
 create mode 100644 target/i386/hvf/x86.h
 create mode 100644 target/i386/hvf/x86_cpuid.c
 create mode 100644 target/i386/hvf/x86_decode.c
 create mode 100644 target/i386/hvf/x86_decode.h
 create mode 100644 target/i386/hvf/x86_descr.c
 create mode 100644 target/i386/hvf/x86_descr.h
 create mode 100644 target/i386/hvf/x86_emu.c
 create mode 100644 target/i386/hvf/x86_emu.h
 create mode 100644 target/i386/hvf/x86_flags.c
 create mode 100644 target/i386/hvf/x86_flags.h
 create mode 100644 target/i386/hvf/x86_mmu.c
 create mode 100644 target/i386/hvf/x86_mmu.h
 create mode 100644 target/i386/hvf/x86_task.c
 create mode 100644 target/i386/hvf/x86_task.h
 create mode 100644 target/i386/hvf/x86hvf.c
 create mode 100644 target/i386/hvf/x86hvf.h
-- 
2.14.3

Re: [Qemu-devel] [PULL 00/25] pc, pci, virtio: features, fixes, cleanups

[Peter Maydell]

On 21 December 2017 at 14:27, Michael S. Tsirkin  wrote:
> The following changes since commit 2babfe0c9241c239272a03fec785165a50e8288c:
>
>   Update version for v2.11.0-rc4 release (2017-12-05 16:36:46 +)
>
> are available in the git repository at:
>
>   git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream
>
> for you to fetch changes up to 664ed92706ff6e66fa278c3163b5387f11d6daca:
>
>   smbus: do not immediately complete commands (2017-12-21 16:24:44 +0200)
>
> 
> pc, pci, virtio: features, fixes, cleanups
>
> A bunch of fixes, cleanus and new features all over the place.
>
> Signed-off-by: Michael S. Tsirkin 
>

Conflicts in hw/block/nvme.c -- can you fix and resend, please?

thanks
-- PMM

Re: [Qemu-devel] [PULL v2 00/19] Initial support for Hypervisor.framework

[Peter Maydell]

On 21 December 2017 at 08:55, Paolo Bonzini  wrote:
> The following changes since commit 200780a3a3ed067dfb2e0d2210b0ed09e748ba26:
>
>   Merge remote-tracking branch 
> 'remotes/armbru/tags/pull-cmdline-2017-12-18-v2' into staging (2017-12-20 
> 13:20:48 +)
>
> are available in the Git repository at:
>
>   git://github.com/bonzini/qemu.git tags/for-upstream-hvf
>
> for you to fetch changes up to 0a4609ab57575f89565845af1ad076579add3e4b:
>
>   i386: hvf: cleanup x86_gen.h (2017-12-21 09:51:53 +0100)
>
> 
> Initial support for the HVF accelerator

Still doesn't build on OSX, I'm afraid:

/Users/pm215/src/qemu-for-merges/target/i386/hvf/hvf.c:657:9: error:
statement requires expression of scalar type ('void' invalid)
if (hvf_inject_interrupts(cpu)) {
^   ~~
1 error generated.

thanks
-- PMM

Re: [Qemu-devel] About my strnlen patch

[Eric Blake]

On 12/21/2017 01:07 PM, Programmingkid wrote:



On Dec 21, 2017, at 1:40 PM, Eric Blake  wrote:

On 12/21/2017 12:36 PM, Programmingkid wrote:

On Dec 21, 2017, at 1:30 PM, Eric Blake  wrote:

On 12/21/2017 08:31 AM, Programmingkid wrote:

Now would be a good time to push the strnlen patch.


No links to the patch? Generally, when pinging a patch, it's best to reply to 
the existing thread, or at least provide a URL to the thread, where the patch 
was proposed.


Yes here is the patch: https://patchwork.kernel.org/patch/10027375/


And that link says it was applied to libfdt on Oct 25.  What still needs to 
happen that caused you to send this ping?


It isn't available in QEMU yet. Without the patch building QEMU on Mac OS 10.6 
fails.

The patch'ed code would be found here: /dtc/libfdt/libfdt_env.h.

I can check on the patch's status by deleting the dtc folder and retrieve it 
again using this command:
$ scripts/git-submodule.sh dtc


In other words, for qemu, you are proposing a patch to update the dtc 
submodule to a newer commit id.  Instead of describing that in words, 
it's better to post an actual patch, such as this, which updates to the 
latest dtc commit available as of my email:


diff --git i/dtc w/dtc
index 558cd81bdd..e671852042 16
--- i/dtc
+++ w/dtc
@@ -1 +1 @@
-Subproject commit 558cd81bdd432769b59bff01240c44f82cfb1a9d
+Subproject commit e671852042a77b15ec72ca908291c7d647e4fb01

Create such a patch by: 'cd dtc; git pull; git merge origin; cd ..; git 
add dtc'.  However, pointing the dtc submodule to a commit in-between 
releases may not be desirable; your commit landed in dtc as commit 
c8f8194d, missing v1.4.5 (qemu.git is currently pointing to v1.4.4).  As 
I'm not the maintainer of the dtc submodule, I don't know the preferred 
submodule update procedure; it may mean that you have to wait for 
upstream dtc to release v1.4.6 before qemu.git can be updated to point 
to a dtc version that includes your commit.


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH 2/2] qemu: add linkspeed and duplex setting to virtio-net

[Jason Baron via Qemu-devel]

On 12/20/2017 09:33 AM, Yan Vugenfirer wrote:
> 
>> On 20 Dec 2017, at 16:31, Michael S. Tsirkin  wrote:
>>
>> On Tue, Dec 19, 2017 at 11:52:39AM -0500, Jason Baron wrote:
>>>
>>>
>>> On 12/19/2017 04:19 AM, Yan Vugenfirer wrote:

> On 18 Dec 2017, at 18:04, Jason Baron via Qemu-devel
> > wrote:
>
>
>
> On 12/18/2017 06:34 AM, Yan Vugenfirer wrote:
>>
>>> On 14 Dec 2017, at 21:33, Jason Baron via Qemu-devel
>>> > wrote:
>>>
>>> Although they can be currently set in linux via 'ethtool -s', this
>>> requires
>>> guest changes, and thus it would be nice to extend this
>>> functionality such
>>> that it can be configured automatically from the host (as other network
>>> do).
>>>
>>> Linkspeed and duplex settings can be set as:
>>> '-device virtio-net,speed=1,duplex=full'
>>>
>>> where speed is [-1...INT_MAX], and duplex is ["half"|"full"].
>>>
>>> Signed-off-by: Jason Baron >> >
>>> Cc: "Michael S. Tsirkin" >
>>> Cc: Jason Wang >
>>> ---
>>> hw/net/virtio-net.c | 29
>>> +
>>> include/hw/virtio/virtio-net.h  |  3 +++
>>> include/standard-headers/linux/virtio_net.h |  4 
>>> 3 files changed, 36 insertions(+)
>>>
>>> diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
>>> index 38674b0..d63e790 100644
>>> --- a/hw/net/virtio-net.c
>>> +++ b/hw/net/virtio-net.c
>>> @@ -40,6 +40,12 @@
>>> #define VIRTIO_NET_RX_QUEUE_MIN_SIZE VIRTIO_NET_RX_QUEUE_DEFAULT_SIZE
>>> #define VIRTIO_NET_TX_QUEUE_MIN_SIZE VIRTIO_NET_TX_QUEUE_DEFAULT_SIZE
>>>
>>> +/* duplex and speed defines */
>>> +#define DUPLEX_UNKNOWN  0xff
>>> +#define DUPLEX_HALF 0x00
>>> +#define DUPLEX_FULL 0x01
>>> +#define SPEED_UNKNOWN   -1
>>> +
>>> /*
>>> * Calculate the number of bytes up to and including the given 'field' of
>>> * 'container'.
>>> @@ -61,6 +67,8 @@ static VirtIOFeature feature_sizes[] = {
>>> .end = endof(struct virtio_net_config, max_virtqueue_pairs)},
>>>{.flags = 1 << VIRTIO_NET_F_MTU,
>>> .end = endof(struct virtio_net_config, mtu)},
>>> +{.flags = 1 << VIRTIO_NET_F_SPEED_DUPLEX,
>>> + .end = endof(struct virtio_net_config, duplex)},
>>>{}
>>> };
>>>
>>> @@ -88,6 +96,8 @@ static void virtio_net_get_config(VirtIODevice
>>> *vdev, uint8_t *config)
>>>virtio_stw_p(vdev, , n->status);
>>>virtio_stw_p(vdev, _virtqueue_pairs, n->max_queues);
>>>virtio_stw_p(vdev, , n->net_conf.mtu);
>>> +virtio_stl_p(vdev, , n->net_conf.speed);
>>> +netcfg.duplex = n->net_conf.duplex;
>>>memcpy(netcfg.mac, n->mac, ETH_ALEN);
>>>memcpy(config, , n->config_size);
>>> }
>>> @@ -1941,6 +1951,23 @@ static void
>>> virtio_net_device_realize(DeviceState *dev, Error **errp)
>>>n->host_features |= (0x1 << VIRTIO_NET_F_MTU);
>>>}
>>>
>>> +n->host_features |= (0x1 << VIRTIO_NET_F_SPEED_DUPLEX);
>>> +if (n->net_conf.duplex_str) {
>>> +if (strncmp(n->net_conf.duplex_str, "half", 5) == 0) {
>>> +n->net_conf.duplex = DUPLEX_HALF;
>>> +} else if (strncmp(n->net_conf.duplex_str, "full", 5) == 0) {
>>> +n->net_conf.duplex = DUPLEX_FULL;
>>> +} else {
>>> +error_setg(errp, "'duplex' must be 'half' or 'full'");
>>> +}
>>> +} else {
>>> +n->net_conf.duplex = DUPLEX_UNKNOWN;
>>> +}
>>> +if (n->net_conf.speed < SPEED_UNKNOWN) {
>>> +error_setg(errp, "'speed' must be between -1
>>> (SPEED_UNKOWN) and "
>>> +   "INT_MAX");
>>> +}
>>> +
>>>virtio_net_set_config_size(n, n->host_features);
>>>virtio_init(vdev, "virtio-net", VIRTIO_ID_NET, n->config_size);
>>>
>>> @@ -2160,6 +2187,8 @@ static Property virtio_net_properties[] = {
>>>DEFINE_PROP_UINT16("host_mtu", VirtIONet, net_conf.mtu, 0),
>>>DEFINE_PROP_BOOL("x-mtu-bypass-backend", VirtIONet,
>>> mtu_bypass_backend,
>>> true),
>>> +DEFINE_PROP_INT32("speed", VirtIONet, net_conf.speed,
>>> SPEED_UNKNOWN),
>>
>> From Windows guest perspective I prefer to have some reasonable
>> default (10G for example). 
>
>
> hmmm, I didn't want to change/set the default here in case it broke
> something, but I'm ok setting it to some 'reasonable' value - (10G and
> duplex?), if the consensus is that that would be 

[Qemu-devel] [PULL 4/5] target/m68k: fix set_cc_op()

[Laurent Vivier]

The first call of set_cc_op() in a new translation sequence
is done with old_op set to CC_OP_DYNAMIC (-1).

This will do an out of bound access to the array cc_op_live[].

We fix that by adding an entry in cc_op_live[] for CC_OP_DYNAMIC.

Reported-by: Thomas Huth 
Signed-off-by: Laurent Vivier 
Reviewed-by: Paolo Bonzini 
Reviewed-by: Richard Henderson 
Message-Id: <20171221160558.14151-1-laur...@vivier.eu>
---
 target/m68k/cpu.h   | 2 +-
 target/m68k/translate.c | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index afae5f68ac..5d03764eab 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -182,7 +182,7 @@ void cpu_m68k_set_fpcr(CPUM68KState *env, uint32_t val);
  */
 typedef enum {
 /* Translator only -- use env->cc_op.  */
-CC_OP_DYNAMIC = -1,
+CC_OP_DYNAMIC,
 
 /* Each flag bit computed into cc_[xcnvz].  */
 CC_OP_FLAGS,
diff --git a/target/m68k/translate.c b/target/m68k/translate.c
index dfb2d5dad2..bbda7399ec 100644
--- a/target/m68k/translate.c
+++ b/target/m68k/translate.c
@@ -202,6 +202,7 @@ typedef void (*disas_proc)(CPUM68KState *env, DisasContext 
*s, uint16_t insn);
 #endif
 
 static const uint8_t cc_op_live[CC_OP_NB] = {
+[CC_OP_DYNAMIC] = CCF_C | CCF_V | CCF_Z | CCF_N | CCF_X,
 [CC_OP_FLAGS] = CCF_C | CCF_V | CCF_Z | CCF_N | CCF_X,
 [CC_OP_ADDB ... CC_OP_ADDL] = CCF_X | CCF_N | CCF_V,
 [CC_OP_SUBB ... CC_OP_SUBL] = CCF_X | CCF_N | CCF_V,
-- 
2.14.3

[Qemu-devel] [PULL 3/5] target/m68k: add monitor.c

[Laurent Vivier]

This allows to use registers content in the monitor.

Example:

 BEFORE:
  (qemu) print $d0
  unknown register

 AFTER:
  (qemu) print $d0
  0
  (qemu) print $sr
  0x2000
  (qemu) x/10i $pc
  0x40010a2a:  movew %sr,%d0
  0x40010a2c:  oril #1792,%d0
  0x40010a32:  movew %d0,%sr
  0x40010a34:  movel %a0@,%d0
  0x40010a36:  btst #3,%d0
  0x40010a3a:  beqs 0x40010a26
  0x40010a3c:  movew %sr,%d0
  0x40010a3e:  andil #63743,%d0
  0x40010a44:  movew %d0,%sr
  0x40010a46:  rts

Signed-off-by: Laurent Vivier 
Reviewed-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Reviewed-by: Thomas Huth 
Message-Id: <20171221083057.17942-1-laur...@vivier.eu>
---
 target/m68k/Makefile.objs |  1 +
 target/m68k/monitor.c | 39 +++
 2 files changed, 40 insertions(+)
 create mode 100644 target/m68k/monitor.c

diff --git a/target/m68k/Makefile.objs b/target/m68k/Makefile.objs
index 39141ab93d..d143f20270 100644
--- a/target/m68k/Makefile.objs
+++ b/target/m68k/Makefile.objs
@@ -1,3 +1,4 @@
 obj-y += m68k-semi.o
 obj-y += translate.o op_helper.o helper.o cpu.o fpu_helper.o
 obj-y += gdbstub.o
+obj-$(CONFIG_SOFTMMU) += monitor.o
diff --git a/target/m68k/monitor.c b/target/m68k/monitor.c
new file mode 100644
index 00..5605323a81
--- /dev/null
+++ b/target/m68k/monitor.c
@@ -0,0 +1,39 @@
+/*
+ * QEMU monitor for m68k
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later.  See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "cpu.h"
+#include "monitor/hmp-target.h"
+
+static const MonitorDef monitor_defs[] = {
+{ "d0", offsetof(CPUM68KState, dregs[0]) },
+{ "d1", offsetof(CPUM68KState, dregs[1]) },
+{ "d2", offsetof(CPUM68KState, dregs[2]) },
+{ "d3", offsetof(CPUM68KState, dregs[3]) },
+{ "d4", offsetof(CPUM68KState, dregs[4]) },
+{ "d5", offsetof(CPUM68KState, dregs[5]) },
+{ "d6", offsetof(CPUM68KState, dregs[6]) },
+{ "d7", offsetof(CPUM68KState, dregs[7]) },
+{ "a0", offsetof(CPUM68KState, aregs[0]) },
+{ "a1", offsetof(CPUM68KState, aregs[1]) },
+{ "a2", offsetof(CPUM68KState, aregs[2]) },
+{ "a3", offsetof(CPUM68KState, aregs[3]) },
+{ "a4", offsetof(CPUM68KState, aregs[4]) },
+{ "a5", offsetof(CPUM68KState, aregs[5]) },
+{ "a6", offsetof(CPUM68KState, aregs[6]) },
+{ "a7", offsetof(CPUM68KState, aregs[7]) },
+{ "pc", offsetof(CPUM68KState, pc) },
+{ "sr", offsetof(CPUM68KState, sr) },
+{ "ssp", offsetof(CPUM68KState, sp[0]) },
+{ "usp", offsetof(CPUM68KState, sp[1]) },
+{ NULL },
+};
+
+const MonitorDef *target_monitor_defs(void)
+{
+return monitor_defs;
+}
-- 
2.14.3

[Qemu-devel] [PULL 1/5] Split adb.c into adb.c, adb-mouse.c and adb-kbd.c

[Laurent Vivier]

It makes the code clearer to separate the bus implementation
from the devices one.

Replace ADB_DPRINTF() with trace events (and adding new ones in adb-kbd.c).
Some minor changes to make checkpatch.pl happy.

Signed-off-by: Laurent Vivier 
Reviewed-by: Philippe Mathieu-Daudé 
Reviewed-by: Mark Cave-Ayland 
Message-Id: <20171220121406.24056-1-laur...@vivier.eu>
---
 hw/input/Makefile.objs  |   2 +-
 hw/input/adb-internal.h |  49 
 hw/input/adb-kbd.c  | 400 +++
 hw/input/adb-mouse.c| 254 
 hw/input/adb.c  | 622 +---
 hw/input/trace-events   |   8 +
 6 files changed, 714 insertions(+), 621 deletions(-)
 create mode 100644 hw/input/adb-internal.h
 create mode 100644 hw/input/adb-kbd.c
 create mode 100644 hw/input/adb-mouse.c

diff --git a/hw/input/Makefile.objs b/hw/input/Makefile.objs
index 636f794b6b..77e53e6883 100644
--- a/hw/input/Makefile.objs
+++ b/hw/input/Makefile.objs
@@ -1,4 +1,4 @@
-common-obj-$(CONFIG_ADB) += adb.o
+common-obj-$(CONFIG_ADB) += adb.o adb-mouse.o adb-kbd.o
 common-obj-y += hid.o
 common-obj-$(CONFIG_LM832X) += lm832x.o
 common-obj-$(CONFIG_PCKBD) += pckbd.o
diff --git a/hw/input/adb-internal.h b/hw/input/adb-internal.h
new file mode 100644
index 00..2a779b8a0a
--- /dev/null
+++ b/hw/input/adb-internal.h
@@ -0,0 +1,49 @@
+/*
+ * QEMU ADB support
+ *
+ * Copyright (c) 2004 Fabrice Bellard
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+/* ADB commands */
+
+#define ADB_BUSRESET0x00
+#define ADB_FLUSH   0x01
+#define ADB_WRITEREG0x08
+#define ADB_READREG 0x0c
+
+/* ADB device commands */
+
+#define ADB_CMD_SELF_TEST   0xff
+#define ADB_CMD_CHANGE_ID   0xfe
+#define ADB_CMD_CHANGE_ID_AND_ACT   0xfd
+#define ADB_CMD_CHANGE_ID_AND_ENABLE0x00
+
+/* ADB default device IDs (upper 4 bits of ADB command byte) */
+
+#define ADB_DEVID_DONGLE  1
+#define ADB_DEVID_KEYBOARD2
+#define ADB_DEVID_MOUSE   3
+#define ADB_DEVID_TABLET  4
+#define ADB_DEVID_MODEM   5
+#define ADB_DEVID_MISC7
+
+extern const VMStateDescription vmstate_adb_device;
+
diff --git a/hw/input/adb-kbd.c b/hw/input/adb-kbd.c
new file mode 100644
index 00..354f56e41e
--- /dev/null
+++ b/hw/input/adb-kbd.c
@@ -0,0 +1,400 @@
+/*
+ * QEMU ADB keyboard support
+ *
+ * Copyright (c) 2004 Fabrice Bellard
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#include "qemu/osdep.h"
+#include "hw/input/adb.h"
+#include "ui/input.h"
+#include "hw/input/adb-keys.h"
+#include "sysemu/sysemu.h"
+#include "adb-internal.h"
+#include "trace.h"
+
+#define ADB_KEYBOARD(obj) OBJECT_CHECK(KBDState, (obj), TYPE_ADB_KEYBOARD)
+
+typedef struct KBDState {
+/*< private >*/
+ADBDevice 

[Qemu-devel] [PULL 0/5] M68k for 2.12 patches

[Laurent Vivier]

The following changes since commit 23bafd75cd979ad3a21af10273c5a0c5d67d068b:

  Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging 
(2017-12-21 16:34:23 +)

are available in the Git repository at:

  git://github.com/vivier/qemu-m68k.git tags/m68k-for-2.12-pull-request

for you to fetch changes up to 598a29f3606c4c7042a1ca3f1116663d0a60867c:

  tests/boot-serial-test: Add support for the mcf5208evb board (2017-12-21 
20:13:18 +0100)





Laurent Vivier (4):
  Split adb.c into adb.c, adb-mouse.c and adb-kbd.c
  target/m68k: remove unused variable gen_throws_exception
  target/m68k: add monitor.c
  target/m68k: fix set_cc_op()

Thomas Huth (1):
  tests/boot-serial-test: Add support for the mcf5208evb board

 hw/input/Makefile.objs|   2 +-
 hw/input/adb-internal.h   |  49 
 hw/input/adb-kbd.c| 400 +
 hw/input/adb-mouse.c  | 254 +++
 hw/input/adb.c| 622 +-
 hw/input/trace-events |   8 +
 target/m68k/Makefile.objs |   1 +
 target/m68k/cpu.h |   2 +-
 target/m68k/monitor.c |  39 +++
 target/m68k/translate.c   |  11 +-
 tests/Makefile.include|   2 +
 tests/boot-serial-test.c  |  10 +
 12 files changed, 768 insertions(+), 632 deletions(-)
 create mode 100644 hw/input/adb-internal.h
 create mode 100644 hw/input/adb-kbd.c
 create mode 100644 hw/input/adb-mouse.c
 create mode 100644 target/m68k/monitor.c

-- 
2.14.3

[Qemu-devel] [PULL 5/5] tests/boot-serial-test: Add support for the mcf5208evb board

[Laurent Vivier]

From: Thomas Huth 

We can output a character quite easily here with some few lines of
assembly that we provide as a mini-kernel for this board.

Signed-off-by: Thomas Huth 
Message-Id: <1512031988-32490-4-git-send-email-th...@redhat.com>
[lv: add boot-serial-test in check-qtest-m68k]
Signed-off-by: Laurent Vivier 
---
 tests/Makefile.include   |  2 ++
 tests/boot-serial-test.c | 10 ++
 2 files changed, 12 insertions(+)

diff --git a/tests/Makefile.include b/tests/Makefile.include
index f8e20d9f5d..77f8183117 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -297,6 +297,8 @@ gcov-files-x86_64-y = $(subst 
i386-softmmu/,x86_64-softmmu/,$(gcov-files-i386-y)
 
 check-qtest-alpha-y = tests/boot-serial-test$(EXESUF)
 
+check-qtest-m68k-y = tests/boot-serial-test$(EXESUF)
+
 check-qtest-mips-y = tests/endianness-test$(EXESUF)
 
 check-qtest-mips64-y = tests/endianness-test$(EXESUF)
diff --git a/tests/boot-serial-test.c b/tests/boot-serial-test.c
index d99726919e..dd3828c49b 100644
--- a/tests/boot-serial-test.c
+++ b/tests/boot-serial-test.c
@@ -16,6 +16,14 @@
 #include "qemu/osdep.h"
 #include "libqtest.h"
 
+static const uint8_t kernel_mcf5208[] = {
+0x41, 0xf9, 0xfc, 0x06, 0x00, 0x00, /* lea 0xfc06,%a0 */
+0x10, 0x3c, 0x00, 0x54, /* move.b #'T',%d0 */
+0x11, 0x7c, 0x00, 0x04, 0x00, 0x08, /* move.b #4,8(%a0) Enable TX 
*/
+0x11, 0x40, 0x00, 0x0c, /* move.b %d0,12(%a0)   Print 'T' 
*/
+0x60, 0xfa  /* bra.s  loop */
+};
+
 typedef struct testdef {
 const char *arch;   /* Target architecture */
 const char *machine;/* Name of the machine */
@@ -41,6 +49,8 @@ static testdef_t tests[] = {
 { "x86_64", "q35", "-device sga", "SGABIOS" },
 { "s390x", "s390-ccw-virtio",
   "-nodefaults -device sclpconsole,chardev=serial0", "virtio device" },
+{ "m68k", "mcf5208evb", "", "TT", sizeof(kernel_mcf5208), kernel_mcf5208 },
+
 { NULL }
 };
 
-- 
2.14.3

[Qemu-devel] [PULL 2/5] target/m68k: remove unused variable gen_throws_exception

[Laurent Vivier]

It has been introduced by e6e5906b6e ("ColdFire target."),
but the content is never used.

Signed-off-by: Laurent Vivier 
Reviewed-by: Philippe Mathieu-Daudé 
Reviewed-by: Thomas Huth 
Message-Id: <20171220130815.20708-1-laur...@vivier.eu>
---
 target/m68k/translate.c | 10 --
 1 file changed, 10 deletions(-)

diff --git a/target/m68k/translate.c b/target/m68k/translate.c
index b60909222c..dfb2d5dad2 100644
--- a/target/m68k/translate.c
+++ b/target/m68k/translate.c
@@ -181,11 +181,6 @@ static void do_writebacks(DisasContext *s)
 #define IS_USER(s) s->user
 #endif
 
-/* XXX: move that elsewhere */
-/* ??? Fix exceptions.  */
-static void *gen_throws_exception;
-#define gen_last_qop NULL
-
 typedef void (*disas_proc)(CPUM68KState *env, DisasContext *s, uint16_t insn);
 
 #ifdef DEBUG_DISPATCH
@@ -310,7 +305,6 @@ static inline TCGv gen_load(DisasContext * s, int opsize, 
TCGv addr, int sign)
 default:
 g_assert_not_reached();
 }
-gen_throws_exception = gen_last_qop;
 return tmp;
 }
 
@@ -331,7 +325,6 @@ static inline void gen_store(DisasContext *s, int opsize, 
TCGv addr, TCGv val)
 default:
 g_assert_not_reached();
 }
-gen_throws_exception = gen_last_qop;
 }
 
 typedef enum {
@@ -1001,7 +994,6 @@ static void gen_load_fp(DisasContext *s, int opsize, TCGv 
addr, TCGv_ptr fp)
 }
 tcg_temp_free(tmp);
 tcg_temp_free_i64(t64);
-gen_throws_exception = gen_last_qop;
 }
 
 static void gen_store_fp(DisasContext *s, int opsize, TCGv addr, TCGv_ptr fp)
@@ -1056,7 +1048,6 @@ static void gen_store_fp(DisasContext *s, int opsize, 
TCGv addr, TCGv_ptr fp)
 }
 tcg_temp_free(tmp);
 tcg_temp_free_i64(t64);
-gen_throws_exception = gen_last_qop;
 }
 
 static void gen_ldst_fp(DisasContext *s, int opsize, TCGv addr,
@@ -5561,7 +5552,6 @@ void gen_intermediate_code(CPUState *cs, TranslationBlock 
*tb)
 gen_tb_start(tb);
 do {
 pc_offset = dc->pc - pc_start;
-gen_throws_exception = NULL;
 tcg_gen_insn_start(dc->pc, dc->cc_op);
 num_insns++;
 
-- 
2.14.3