Re: [Qemu-devel] [PATCH v5 0/5] Connect a PCIe host and graphics support to RISC-V
On Wed, 2018-10-10 at 12:53 -0700, Alistair wrote: > On 10/10/2018 11:47 AM, Stephen Bates wrote: > > > Strange. Is there any reason you need to use the e1000? The VirtIO > > > networking device works for me. > > > > As per above. The e1000 is there to test PCIe not networking. Unless I'm mistaken, e1000 is a conventional PCI device, with e1000e being the PCI Express equivalent. > Awe. My mistake. I thought that the VirtIO networking device was a PCIe > device for some reason. Most VirtIO devices, including virtio-net, show up as either conventional PCI or PCI Express based on the slot they're plugged into, so if you have -device virtio-net-pci,bus=pci.0 it will show up as a conventional PCI device but if you have -device pcie-root-port,id=pci.1,bus=pcie.0 \ -device virtio-net-pci,bus=pci.1 instead it will show up as a PCI Express device. -- Andrea Bolognani / Red Hat / Virtualization
Re: [Qemu-devel] [PATCH v2 4/7] scripts/qemu.py: set predefined machine type based on arch
On 10/10/18 11:42 PM, Eduardo Habkost wrote:
> On Wed, Oct 10, 2018 at 08:17:26PM -0400, Cleber Rosa wrote:
>>
>>
>> On 10/10/18 11:47 AM, Cleber Rosa wrote:
>>>
>>>
>>> On 10/10/18 10:28 AM, Eduardo Habkost wrote:
On Wed, Oct 10, 2018 at 10:15:15AM -0400, Cleber Rosa wrote:
>
>
> On 10/10/18 9:59 AM, Cleber Rosa wrote:
>>
>>
>> On 10/10/18 9:46 AM, Eduardo Habkost wrote:
>>> On Wed, Oct 10, 2018 at 08:35:38AM -0400, Cleber Rosa wrote:
On 10/10/18 7:00 AM, Philippe Mathieu-Daudé wrote:
> On 10/10/2018 01:26, Cleber Rosa wrote:
>> Some targets require a machine type to be set, as there's no default
>> (aarch64 is one example). To give a consistent interface to users of
>> this API, this changes set_machine() so that a predefined default can
>> be used, if one is not given. The approach used is exactly the same
>> with the console device type.
>>
>> Also, even when there's a default machine type, for some purposes,
>> testing included, it's better if outside code is explicit about the
>> machine type, instead of relying on whatever is set internally.
>>
>> Signed-off-by: Cleber Rosa
>> ---
>> scripts/qemu.py | 22 +-
>> 1 file changed, 21 insertions(+), 1 deletion(-)
>>
>> diff --git a/scripts/qemu.py b/scripts/qemu.py
>> index d9e24a0c1a..fca9b76990 100644
>> --- a/scripts/qemu.py
>> +++ b/scripts/qemu.py
>> @@ -36,6 +36,15 @@ CONSOLE_DEV_TYPES = {
>> r'^s390-ccw-virtio.*': 'sclpconsole',
>> }
>>
>> +#: Maps archictures to the preferred machine type
>> +MACHINE_TYPES = {
>> +r'^aarch64$': 'virt',
>> +r'^ppc$': 'g3beige',
>> +r'^ppc64$': 'pseries',
>> +r'^s390x$': 's390-ccw-virtio',
>> +r'^x86_64$': 'q35',
>
> Why choose Q35 rather than PC (the default)?
>
> I was wondering about how to generate variants/machines.json but this
> is
> definitively something we want to do via a QMP query.
>
> Eduardo what do you think?
>
It was motivated by Eduardo's initiative to make q35 the default
"across
the board". He can confirm and give more details.
>>>
>>> Making Q35 the default on applications using QEMU and libvirt is
>>> something I'd like to happen. But I think the simplest way to do
>>> that is to change the QEMU default. This way you won't need this
>>> table on qemu.py: you can just use the default provided by QEMU.
>>>
>>
>> The idea is to bring consistency on how we're calling
>> "qemu-system-$(ARCH)", and at the same time apply the "explicit is
>> better than implicit" rule.
>>
>> The most important fact is that some targets do not (currently) have
>> "the default provided by QEMU", aarch64 is one of them.
>>
>> - Cleber.
>>
>
> So I ended up not relaying the question properly: should we default
> (even if explicitly adding "-machine") to "pc"?
I think using the default machine-type (when QEMU has a default)
would be less surprising for users of the qemu.py API.
>>>
>>> OK, agreed.
>>>
Implicitly adding -machine when there's no default is also
surprising, but then it's a nice surprise: instead of crashing
you get a running VM.
Now, there are two other questions related to this:
If using 'pc' as default, should we always add -machine, or just
omit the machine-type name? I think we should omit it unless the
caller asked for a specific machine-type name (because it would
be less surprising for users of the API).
>>>
>>
>> Getting down to business, trying to apply those changes, I was faced
>> with a situation. Actually, the same situation I faced a few months
>> ago. Handling it was defered until it was *really* a blocker.
>> Basically the issue is: the set_console() method, which gives tests a
>> ready to use console, depends on knowing the machine type (see
>> CONSOLE_DEV_TYPES).
>>
>> As a case study, let's look at "boot_console_linux.py":
>> 1) it sets the machine type explicitly
>> 2) it has nothing to do with the specific machine type
>> 3) the setting of a machine type is boiler plate code to set a console
>> 4) the console is used on the test's real purpose: verifying the Linux
>> kernel booted
>>
>> Now, to be able to run the same test -- booting a Linux kernel -- on
>> *other target archs*, we need the same machinery. Even more important:
>> to have similar tests we'll need to either abstract those features or
>> duplicate them. This can be seen, at least in part, on the firmware
>> tests that Philippe sent to the list: they would also benefit from
>> having a console
[Qemu-devel] [PATCH v2 1/1] hw/arm/virt: provide a model property in the fdt
According to the "Devicetree Specification, Release v0.2" 'model' is a required property of the root node. Some software like the Debian flash-kernel package rely on this property to identify boards. The patch sets the model property to 'qemu,virt'. Signed-off-by: Heinrich Schuchardt --- v2 use the recommended format of the model property --- hw/arm/virt.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/arm/virt.c b/hw/arm/virt.c index 281ddcdf6e..abe366895a 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -200,6 +200,7 @@ static void create_fdt(VirtMachineState *vms) vms->fdt = fdt; /* Header */ +qemu_fdt_setprop_string(fdt, "/", "model", "qemu,virt"); qemu_fdt_setprop_string(fdt, "/", "compatible", "linux,dummy-virt"); qemu_fdt_setprop_cell(fdt, "/", "#address-cells", 0x2); qemu_fdt_setprop_cell(fdt, "/", "#size-cells", 0x2); -- 2.19.1
Re: [Qemu-devel] [PATCH v2 4/7] scripts/qemu.py: set predefined machine type based on arch
On Wed, Oct 10, 2018 at 08:17:26PM -0400, Cleber Rosa wrote:
>
>
> On 10/10/18 11:47 AM, Cleber Rosa wrote:
> >
> >
> > On 10/10/18 10:28 AM, Eduardo Habkost wrote:
> >> On Wed, Oct 10, 2018 at 10:15:15AM -0400, Cleber Rosa wrote:
> >>>
> >>>
> >>> On 10/10/18 9:59 AM, Cleber Rosa wrote:
>
>
> On 10/10/18 9:46 AM, Eduardo Habkost wrote:
> > On Wed, Oct 10, 2018 at 08:35:38AM -0400, Cleber Rosa wrote:
> >>
> >>
> >> On 10/10/18 7:00 AM, Philippe Mathieu-Daudé wrote:
> >>> On 10/10/2018 01:26, Cleber Rosa wrote:
> Some targets require a machine type to be set, as there's no default
> (aarch64 is one example). To give a consistent interface to users of
> this API, this changes set_machine() so that a predefined default can
> be used, if one is not given. The approach used is exactly the same
> with the console device type.
>
> Also, even when there's a default machine type, for some purposes,
> testing included, it's better if outside code is explicit about the
> machine type, instead of relying on whatever is set internally.
>
> Signed-off-by: Cleber Rosa
> ---
> scripts/qemu.py | 22 +-
> 1 file changed, 21 insertions(+), 1 deletion(-)
>
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index d9e24a0c1a..fca9b76990 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -36,6 +36,15 @@ CONSOLE_DEV_TYPES = {
> r'^s390-ccw-virtio.*': 'sclpconsole',
> }
>
> +#: Maps archictures to the preferred machine type
> +MACHINE_TYPES = {
> +r'^aarch64$': 'virt',
> +r'^ppc$': 'g3beige',
> +r'^ppc64$': 'pseries',
> +r'^s390x$': 's390-ccw-virtio',
> +r'^x86_64$': 'q35',
> >>>
> >>> Why choose Q35 rather than PC (the default)?
> >>>
> >>> I was wondering about how to generate variants/machines.json but this
> >>> is
> >>> definitively something we want to do via a QMP query.
> >>>
> >>> Eduardo what do you think?
> >>>
> >>
> >> It was motivated by Eduardo's initiative to make q35 the default
> >> "across
> >> the board". He can confirm and give more details.
> >
> > Making Q35 the default on applications using QEMU and libvirt is
> > something I'd like to happen. But I think the simplest way to do
> > that is to change the QEMU default. This way you won't need this
> > table on qemu.py: you can just use the default provided by QEMU.
> >
>
> The idea is to bring consistency on how we're calling
> "qemu-system-$(ARCH)", and at the same time apply the "explicit is
> better than implicit" rule.
>
> The most important fact is that some targets do not (currently) have
> "the default provided by QEMU", aarch64 is one of them.
>
> - Cleber.
>
> >>>
> >>> So I ended up not relaying the question properly: should we default
> >>> (even if explicitly adding "-machine") to "pc"?
> >>
> >> I think using the default machine-type (when QEMU has a default)
> >> would be less surprising for users of the qemu.py API.
> >>
> >
> > OK, agreed.
> >
> >> Implicitly adding -machine when there's no default is also
> >> surprising, but then it's a nice surprise: instead of crashing
> >> you get a running VM.
> >>
> >> Now, there are two other questions related to this:
> >>
> >> If using 'pc' as default, should we always add -machine, or just
> >> omit the machine-type name? I think we should omit it unless the
> >> caller asked for a specific machine-type name (because it would
> >> be less surprising for users of the API).
> >>
> >
>
> Getting down to business, trying to apply those changes, I was faced
> with a situation. Actually, the same situation I faced a few months
> ago. Handling it was defered until it was *really* a blocker.
> Basically the issue is: the set_console() method, which gives tests a
> ready to use console, depends on knowing the machine type (see
> CONSOLE_DEV_TYPES).
>
> As a case study, let's look at "boot_console_linux.py":
> 1) it sets the machine type explicitly
> 2) it has nothing to do with the specific machine type
> 3) the setting of a machine type is boiler plate code to set a console
> 4) the console is used on the test's real purpose: verifying the Linux
> kernel booted
>
> Now, to be able to run the same test -- booting a Linux kernel -- on
> *other target archs*, we need the same machinery. Even more important:
> to have similar tests we'll need to either abstract those features or
> duplicate them. This can be seen, at least in part, on the firmware
> tests that Philippe sent to the list: they would also benefit from
> having a console device ready to be used on the configured machine type[1]:
>
>
Re: [Qemu-devel] [Qemu-block] [PATCH v2] nvme: correct locking around completion
On Wed, 10/10 13:19, Paolo Bonzini wrote: > On 09/10/2018 21:37, John Snow wrote: > > > > > > On 08/14/2018 02:27 AM, Paolo Bonzini wrote: > >> nvme_poll_queues is already protected by q->lock, and > >> AIO callbacks are invoked outside the AioContext lock. > >> So remove the acquire/release pair in nvme_handle_event. > >> > >> Signed-off-by: Paolo Bonzini > >> --- > >> block/nvme.c | 2 -- > >> 1 file changed, 2 deletions(-) > >> > >> diff --git a/block/nvme.c b/block/nvme.c > >> index 6f71122bf5..42116907ed 100644 > >> --- a/block/nvme.c > >> +++ b/block/nvme.c > >> @@ -489,10 +489,8 @@ static void nvme_handle_event(EventNotifier *n) > >> BDRVNVMeState *s = container_of(n, BDRVNVMeState, irq_notifier); > >> > >> trace_nvme_handle_event(s); > >> -aio_context_acquire(s->aio_context); > >> event_notifier_test_and_clear(n); > >> nvme_poll_queues(s); > >> -aio_context_release(s->aio_context); > >> } > >> > >> static bool nvme_add_io_queue(BlockDriverState *bs, Error **errp) > >> > > > > This is over a month old (and seemingly didn't land); do we still want it? > > > > Yes, we do. > I'll send a pull request today. Thanks! Fam
Re: [Qemu-devel] [Qemu-block] [PATCH v2] nvme: correct locking around completion
On Wed, 10/10 13:19, Paolo Bonzini wrote: > On 09/10/2018 21:37, John Snow wrote: > > > > > > On 08/14/2018 02:27 AM, Paolo Bonzini wrote: > >> nvme_poll_queues is already protected by q->lock, and > >> AIO callbacks are invoked outside the AioContext lock. > >> So remove the acquire/release pair in nvme_handle_event. > >> > >> Signed-off-by: Paolo Bonzini > >> --- > >> block/nvme.c | 2 -- > >> 1 file changed, 2 deletions(-) > >> > >> diff --git a/block/nvme.c b/block/nvme.c > >> index 6f71122bf5..42116907ed 100644 > >> --- a/block/nvme.c > >> +++ b/block/nvme.c > >> @@ -489,10 +489,8 @@ static void nvme_handle_event(EventNotifier *n) > >> BDRVNVMeState *s = container_of(n, BDRVNVMeState, irq_notifier); > >> > >> trace_nvme_handle_event(s); > >> -aio_context_acquire(s->aio_context); > >> event_notifier_test_and_clear(n); > >> nvme_poll_queues(s); > >> -aio_context_release(s->aio_context); > >> } > >> > >> static bool nvme_add_io_queue(BlockDriverState *bs, Error **errp) > >> > > > > This is over a month old (and seemingly didn't land); do we still want it? > > > > Yes, we do. Queued, thanks! Fam
Re: [Qemu-devel] [PATCH v2 2/3] tests/vm: Do not abuse parallelism when KVM is not available
On Mon, 10/01 01:23, Philippe Mathieu-Daudé wrote:
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> v2: Add get_default_jobs (Fam suggestion)
> ---
> tests/vm/basevm.py | 13 ++---
> 1 file changed, 10 insertions(+), 3 deletions(-)
>
> diff --git a/tests/vm/basevm.py b/tests/vm/basevm.py
> index 5a5fa09752..fc203e9f53 100755
> --- a/tests/vm/basevm.py
> +++ b/tests/vm/basevm.py
> @@ -202,6 +202,13 @@ class BaseVM(object):
> return self._guest.qmp(*args, **kwargs)
>
> def parse_args(vm_name):
> +
> +def get_default_jobs():
> +if kvm_available():
> +return multiprocessing.cpu_count() / 2
> +else:
> +return 1
> +
> parser = optparse.OptionParser(
> description="VM test utility. Exit codes: "
> "0 = success, "
> @@ -214,7 +221,7 @@ def parse_args(vm_name):
>help="image file name")
> parser.add_option("--force", "-f", action="store_true",
>help="force build image even if image exists")
> -parser.add_option("--jobs", type=int,
> default=multiprocessing.cpu_count() / 2,
> +parser.add_option("--jobs", type=int, default=get_default_jobs(),
>help="number of virtual CPUs")
> parser.add_option("--verbose", "-V", action="store_true",
>help="Pass V=1 to builds within the guest")
> @@ -237,7 +244,7 @@ def main(vmcls):
> return 1
> logging.basicConfig(level=(logging.DEBUG if args.debug
> else logging.WARN))
> -vm = vmcls(debug=args.debug, vcpus=args.jobs)
> +vm = vmcls(debug=args.debug, vcpus=args.jobs if kvm_available() else
> 0)
What's wrong with just using args.jobs? It defaults to 1 if kvm_available()
returns false, so I don't think we need another condition here.
> if args.build_image:
> if os.path.exists(args.image) and not args.force:
> sys.stderr.writelines(["Image file exists: %s\n" %
> args.image,
> @@ -248,7 +255,7 @@ def main(vmcls):
> vm.add_source_dir(args.build_qemu)
> cmd = [vm.BUILD_SCRIPT.format(
> configure_opts = " ".join(argv),
> - jobs=args.jobs,
> + jobs=args.jobs if kvm_available() else 1,
Again, can't we just use args.jobs?
> verbose = "V=1" if args.verbose else "")]
> else:
> cmd = argv
> --
> 2.19.0
>
Fam
[Qemu-devel] [PATCH v2 12/12] hw/arm: versal: Add a virtual Xilinx Versal board
From: "Edgar E. Iglesias"
Add a virtual Xilinx Versal board.
This board is based on the Xilinx Versal SoC. The exact
details of what peripherals are attached to this board
will remain in control of QEMU. QEMU will generate an
FDT on the fly for Linux and other software to auto-discover
peripherals.
Signed-off-by: Edgar E. Iglesias
---
hw/arm/Makefile.objs | 2 +-
hw/arm/xlnx-versal-virt.c | 494 ++
2 files changed, 495 insertions(+), 1 deletion(-)
create mode 100644 hw/arm/xlnx-versal-virt.c
diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
index ec21d9bc1f..50c7b4a927 100644
--- a/hw/arm/Makefile.objs
+++ b/hw/arm/Makefile.objs
@@ -26,7 +26,7 @@ obj-$(CONFIG_ALLWINNER_A10) += allwinner-a10.o cubieboard.o
obj-$(CONFIG_RASPI) += bcm2835_peripherals.o bcm2836.o raspi.o
obj-$(CONFIG_STM32F205_SOC) += stm32f205_soc.o
obj-$(CONFIG_XLNX_ZYNQMP_ARM) += xlnx-zynqmp.o xlnx-zcu102.o
-obj-$(CONFIG_XLNX_VERSAL) += xlnx-versal.o
+obj-$(CONFIG_XLNX_VERSAL) += xlnx-versal.o xlnx-versal-virt.o
obj-$(CONFIG_FSL_IMX25) += fsl-imx25.o imx25_pdk.o
obj-$(CONFIG_FSL_IMX31) += fsl-imx31.o kzm.o
obj-$(CONFIG_FSL_IMX6) += fsl-imx6.o sabrelite.o
diff --git a/hw/arm/xlnx-versal-virt.c b/hw/arm/xlnx-versal-virt.c
new file mode 100644
index 00..1ae125b174
--- /dev/null
+++ b/hw/arm/xlnx-versal-virt.c
@@ -0,0 +1,494 @@
+/*
+ * Xilinx Versal Virtual board.
+ *
+ * Copyright (c) 2018 Xilinx Inc.
+ * Written by Edgar E. Iglesias
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 or
+ * (at your option) any later version.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+#include "sysemu/device_tree.h"
+#include "exec/address-spaces.h"
+#include "hw/boards.h"
+#include "hw/sysbus.h"
+#include "hw/arm/sysbus-fdt.h"
+#include "hw/arm/fdt.h"
+#include "cpu.h"
+#include "hw/arm/xlnx-versal.h"
+
+#define TYPE_XLNX_VERSAL_VIRT_MACHINE MACHINE_TYPE_NAME("xlnx-versal-virt")
+#define XLNX_VERSAL_VIRT_MACHINE(obj) \
+OBJECT_CHECK(VersalVirt, (obj), TYPE_XLNX_VERSAL_VIRT_MACHINE)
+
+typedef struct VersalVirt {
+MachineState parent_obj;
+
+Versal soc;
+MemoryRegion mr_ddr;
+
+void *fdt;
+int fdt_size;
+struct {
+uint32_t gic;
+uint32_t ethernet_phy[2];
+uint32_t clk_125Mhz;
+uint32_t clk_25Mhz;
+} phandle;
+struct arm_boot_info binfo;
+
+struct {
+bool secure;
+} cfg;
+} VersalVirt;
+
+static void fdt_create(VersalVirt *s)
+{
+MachineClass *mc = MACHINE_GET_CLASS(s);
+int i;
+
+s->fdt = create_device_tree(>fdt_size);
+if (!s->fdt) {
+error_report("create_device_tree() failed");
+exit(1);
+}
+
+/* Allocate all phandles. */
+s->phandle.gic = qemu_fdt_alloc_phandle(s->fdt);
+for (i = 0; i < ARRAY_SIZE(s->phandle.ethernet_phy); i++) {
+s->phandle.ethernet_phy[i] = qemu_fdt_alloc_phandle(s->fdt);
+}
+s->phandle.clk_25Mhz = qemu_fdt_alloc_phandle(s->fdt);
+s->phandle.clk_125Mhz = qemu_fdt_alloc_phandle(s->fdt);
+
+/* Create /chosen node for load_dtb. */
+qemu_fdt_add_subnode(s->fdt, "/chosen");
+
+/* Header */
+qemu_fdt_setprop_cell(s->fdt, "/", "interrupt-parent", s->phandle.gic);
+qemu_fdt_setprop_cell(s->fdt, "/", "#size-cells", 0x2);
+qemu_fdt_setprop_cell(s->fdt, "/", "#address-cells", 0x2);
+qemu_fdt_setprop_string(s->fdt, "/", "model", mc->desc);
+qemu_fdt_setprop_string(s->fdt, "/", "compatible", "xlnx-versal-virt");
+}
+
+static void fdt_add_clk_node(VersalVirt *s, const char *name,
+ unsigned int freq_hz, uint32_t phandle)
+{
+qemu_fdt_add_subnode(s->fdt, name);
+qemu_fdt_setprop_cell(s->fdt, name, "phandle", phandle);
+qemu_fdt_setprop_cell(s->fdt, name, "clock-frequency", freq_hz);
+qemu_fdt_setprop_cell(s->fdt, name, "#clock-cells", 0x0);
+qemu_fdt_setprop_string(s->fdt, name, "compatible", "fixed-clock");
+qemu_fdt_setprop(s->fdt, name, "u-boot,dm-pre-reloc", NULL, 0);
+}
+
+static void fdt_add_cpu_nodes(VersalVirt *s, uint32_t psci_conduit)
+{
+int i;
+
+qemu_fdt_add_subnode(s->fdt, "/cpus");
+qemu_fdt_setprop_cell(s->fdt, "/cpus", "#size-cells", 0x0);
+qemu_fdt_setprop_cell(s->fdt, "/cpus", "#address-cells", 1);
+
+for (i = XLNX_VERSAL_NR_ACPUS - 1; i >= 0; i--) {
+char *name = g_strdup_printf("/cpus/cpu@%d", i);
+ARMCPU *armcpu = ARM_CPU(qemu_get_cpu(i));
+
+qemu_fdt_add_subnode(s->fdt, name);
+qemu_fdt_setprop_cell(s->fdt, name, "reg", armcpu->mp_affinity);
+if (psci_conduit != QEMU_PSCI_CONDUIT_DISABLED) {
+qemu_fdt_setprop_string(s->fdt, name, "enable-method", "psci");
+}
+qemu_fdt_setprop_string(s->fdt, name, "device_type", "cpu");
+qemu_fdt_setprop_string(s->fdt, name, "compatible",
[Qemu-devel] [PATCH v2 11/12] hw/arm: versal: Add a model of Xilinx Versal SoC
From: "Edgar E. Iglesias"
Add a model of Xilinx Versal SoC.
Signed-off-by: Edgar E. Iglesias
---
default-configs/aarch64-softmmu.mak | 1 +
hw/arm/Makefile.objs| 1 +
hw/arm/xlnx-versal.c| 324
include/hw/arm/xlnx-versal.h| 122 +++
4 files changed, 448 insertions(+)
create mode 100644 hw/arm/xlnx-versal.c
create mode 100644 include/hw/arm/xlnx-versal.h
diff --git a/default-configs/aarch64-softmmu.mak
b/default-configs/aarch64-softmmu.mak
index 6f790f061a..4ea9add003 100644
--- a/default-configs/aarch64-softmmu.mak
+++ b/default-configs/aarch64-softmmu.mak
@@ -8,4 +8,5 @@ CONFIG_DDC=y
CONFIG_DPCD=y
CONFIG_XLNX_ZYNQMP=y
CONFIG_XLNX_ZYNQMP_ARM=y
+CONFIG_XLNX_VERSAL=y
CONFIG_ARM_SMMUV3=y
diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
index 5f88062c66..ec21d9bc1f 100644
--- a/hw/arm/Makefile.objs
+++ b/hw/arm/Makefile.objs
@@ -26,6 +26,7 @@ obj-$(CONFIG_ALLWINNER_A10) += allwinner-a10.o cubieboard.o
obj-$(CONFIG_RASPI) += bcm2835_peripherals.o bcm2836.o raspi.o
obj-$(CONFIG_STM32F205_SOC) += stm32f205_soc.o
obj-$(CONFIG_XLNX_ZYNQMP_ARM) += xlnx-zynqmp.o xlnx-zcu102.o
+obj-$(CONFIG_XLNX_VERSAL) += xlnx-versal.o
obj-$(CONFIG_FSL_IMX25) += fsl-imx25.o imx25_pdk.o
obj-$(CONFIG_FSL_IMX31) += fsl-imx31.o kzm.o
obj-$(CONFIG_FSL_IMX6) += fsl-imx6.o sabrelite.o
diff --git a/hw/arm/xlnx-versal.c b/hw/arm/xlnx-versal.c
new file mode 100644
index 00..f2145fd6a1
--- /dev/null
+++ b/hw/arm/xlnx-versal.c
@@ -0,0 +1,324 @@
+/*
+ * Xilinx Versal SoC model.
+ *
+ * Copyright (c) 2018 Xilinx Inc.
+ * Written by Edgar E. Iglesias
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 or
+ * (at your option) any later version.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu-common.h"
+#include "qemu/log.h"
+#include "hw/sysbus.h"
+#include "net/net.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/kvm.h"
+#include "hw/arm/arm.h"
+#include "kvm_arm.h"
+#include "hw/misc/unimp.h"
+#include "hw/intc/arm_gicv3_common.h"
+#include "hw/arm/xlnx-versal.h"
+
+#define XLNX_VERSAL_ACPU_TYPE ARM_CPU_TYPE_NAME("cortex-a72")
+#define GEM_REVISION0x40070106
+
+static void versal_create_apu_cpus(Versal *s, Error **errp)
+{
+int i;
+
+for (i = 0; i < ARRAY_SIZE(s->fpd.apu.cpu); i++) {
+Object *obj;
+char *name;
+
+obj = object_new(XLNX_VERSAL_ACPU_TYPE);
+if (!obj) {
+/* Secondary CPUs start in PSCI powered-down state */
+error_setg(errp, "Unable to create apu.cpu[%d] of type %s",
+ i, XLNX_VERSAL_ACPU_TYPE);
+return;
+}
+
+name = g_strdup_printf("apu-cpu[%d]", i);
+object_property_add_child(OBJECT(s), name, obj, _fatal);
+g_free(name);
+
+object_property_set_int(obj, s->cfg.psci_conduit,
+"psci-conduit", _abort);
+if (i) {
+object_property_set_bool(obj, true,
+ "start-powered-off", _abort);
+}
+
+object_property_set_int(obj, ARRAY_SIZE(s->fpd.apu.cpu),
+"core-count", _abort);
+object_property_set_link(obj, OBJECT(>fpd.apu.mr), "memory",
+ _abort);
+object_property_set_bool(obj, true, "realized", _fatal);
+s->fpd.apu.cpu[i] = ARM_CPU(obj);
+}
+}
+
+static void versal_create_apu_gic(Versal *s, qemu_irq *pic, Error **errp)
+{
+static const uint64_t addrs[] = {
+MM_GIC_APU_DIST_MAIN,
+MM_GIC_APU_REDIST_0
+};
+SysBusDevice *gicbusdev;
+DeviceState *gicdev;
+int nr_apu_cpus = ARRAY_SIZE(s->fpd.apu.cpu);
+int i;
+
+sysbus_init_child_obj(OBJECT(s), "apu-gic",
+ >fpd.apu.gic, sizeof(s->fpd.apu.gic),
+ gicv3_class_name());
+gicbusdev = SYS_BUS_DEVICE(>fpd.apu.gic);
+gicdev = DEVICE(>fpd.apu.gic);
+qdev_prop_set_uint32(gicdev, "revision", 3);
+qdev_prop_set_uint32(gicdev, "num-cpu", 2);
+qdev_prop_set_uint32(gicdev, "num-irq", XLNX_VERSAL_NR_IRQS + 32);
+qdev_prop_set_uint32(gicdev, "len-redist-region-count", 1);
+qdev_prop_set_uint32(gicdev, "redist-region-count[0]", 2);
+if (!kvm_irqchip_in_kernel()) {
+qdev_prop_set_bit(gicdev, "has-security-extensions", true);
+}
+
+object_property_set_bool(OBJECT(>fpd.apu.gic), true, "realized", errp);
+
+for (i = 0; i < ARRAY_SIZE(addrs); i++) {
+MemoryRegion *mr;
+
+mr = sysbus_mmio_get_region(gicbusdev, i);
+memory_region_add_subregion(>fpd.apu.mr, addrs[i], mr);
+}
+
+for (i = 0; i < nr_apu_cpus; i++) {
+DeviceState *cpudev = DEVICE(s->fpd.apu.cpu[i]);
+int ppibase = XLNX_VERSAL_NR_IRQS + i * GIC_INTERNAL + GIC_NR_SGIS;
+qemu_irq maint_irq;
+int
[Qemu-devel] [PATCH v2 07/12] net: cadence_gem: Implement support for 64bit descriptor addresses
From: "Edgar E. Iglesias"
Implement support for 64bit descriptor addresses.
Reviewed-by: Alistair Francis
Signed-off-by: Edgar E. Iglesias
---
hw/net/cadence_gem.c | 47
1 file changed, 39 insertions(+), 8 deletions(-)
diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c
index a40f136285..550225c15b 100644
--- a/hw/net/cadence_gem.c
+++ b/hw/net/cadence_gem.c
@@ -153,6 +153,9 @@
#define GEM_RECEIVE_Q1_PTR (0x0480 / 4)
#define GEM_RECEIVE_Q7_PTR (GEM_RECEIVE_Q1_PTR + 6)
+#define GEM_TBQPH (0x04C8 / 4)
+#define GEM_RBQPH (0x04D4 / 4)
+
#define GEM_INT_Q1_ENABLE (0x0600 / 4)
#define GEM_INT_Q7_ENABLE (GEM_INT_Q1_ENABLE + 6)
@@ -832,18 +835,42 @@ static int get_queue_from_screen(CadenceGEMState *s,
uint8_t *rxbuf_ptr,
return 0;
}
+static hwaddr gem_get_desc_addr(CadenceGEMState *s, bool tx, int q)
+{
+hwaddr desc_addr = 0;
+
+if (s->regs[GEM_DMACFG] & GEM_DMACFG_ADDR_64B) {
+desc_addr = s->regs[tx ? GEM_TBQPH : GEM_RBQPH];
+}
+desc_addr <<= 32;
+desc_addr |= tx ? s->tx_desc_addr[q] : s->rx_desc_addr[q];
+return desc_addr;
+}
+
+static hwaddr gem_get_tx_desc_addr(CadenceGEMState *s, int q)
+{
+return gem_get_desc_addr(s, true, q);
+}
+
+static hwaddr gem_get_rx_desc_addr(CadenceGEMState *s, int q)
+{
+return gem_get_desc_addr(s, false, q);
+}
+
static void gem_get_rx_desc(CadenceGEMState *s, int q)
{
-DB_PRINT("read descriptor 0x%x\n", (unsigned)s->rx_desc_addr[q]);
+hwaddr desc_addr = gem_get_rx_desc_addr(s, q);
+
+DB_PRINT("read descriptor 0x%" HWADDR_PRIx "\n", desc_addr);
+
/* read current descriptor */
-address_space_read(>dma_as, s->rx_desc_addr[q], MEMTXATTRS_UNSPECIFIED,
+address_space_read(>dma_as, desc_addr, MEMTXATTRS_UNSPECIFIED,
(uint8_t *)s->rx_desc[q],
sizeof(uint32_t) * gem_get_desc_len(s, true));
/* Descriptor owned by software ? */
if (rx_desc_get_ownership(s->rx_desc[q]) == 1) {
-DB_PRINT("descriptor 0x%x owned by sw.\n",
- (unsigned)s->rx_desc_addr[q]);
+DB_PRINT("descriptor 0x%" HWADDR_PRIx " owned by sw.\n", desc_addr);
s->regs[GEM_RXSTATUS] |= GEM_RXSTATUS_NOBUF;
s->regs[GEM_ISR] |= GEM_INT_RXUSED & ~(s->regs[GEM_IMR]);
/* Handle interrupt consequences */
@@ -947,6 +974,8 @@ static ssize_t gem_receive(NetClientState *nc, const
uint8_t *buf, size_t size)
q = get_queue_from_screen(s, rxbuf_ptr, rxbufsize);
while (bytes_to_copy) {
+hwaddr desc_addr;
+
/* Do nothing if receive is not enabled. */
if (!gem_can_receive(nc)) {
assert(!first_desc);
@@ -994,7 +1023,8 @@ static ssize_t gem_receive(NetClientState *nc, const
uint8_t *buf, size_t size)
}
/* Descriptor write-back. */
-address_space_write(>dma_as, s->rx_desc_addr[q],
+desc_addr = gem_get_rx_desc_addr(s, q);
+address_space_write(>dma_as, desc_addr,
MEMTXATTRS_UNSPECIFIED,
(uint8_t *)s->rx_desc[q],
sizeof(uint32_t) * gem_get_desc_len(s, true));
@@ -1098,7 +1128,7 @@ static void gem_transmit(CadenceGEMState *s)
for (q = s->num_priority_queues - 1; q >= 0; q--) {
/* read current descriptor */
-packet_desc_addr = s->tx_desc_addr[q];
+packet_desc_addr = gem_get_tx_desc_addr(s, q);
DB_PRINT("read descriptor 0x%" HWADDR_PRIx "\n", packet_desc_addr);
address_space_read(>dma_as, packet_desc_addr,
@@ -1144,16 +1174,17 @@ static void gem_transmit(CadenceGEMState *s)
/* Last descriptor for this packet; hand the whole thing off */
if (tx_desc_get_last(desc)) {
uint32_t desc_first[DESC_MAX_NUM_WORDS];
+hwaddr desc_addr = gem_get_tx_desc_addr(s, q);
/* Modify the 1st descriptor of this packet to be owned by
* the processor.
*/
-address_space_read(>dma_as, s->tx_desc_addr[q],
+address_space_read(>dma_as, desc_addr,
MEMTXATTRS_UNSPECIFIED,
(uint8_t *)desc_first,
sizeof(desc_first));
tx_desc_set_used(desc_first);
-address_space_write(>dma_as, s->tx_desc_addr[q],
+address_space_write(>dma_as, desc_addr,
MEMTXATTRS_UNSPECIFIED,
(uint8_t *)desc_first,
sizeof(desc_first));
--
2.17.1
Re: [Qemu-devel] [PATCH v9 0/6] monitor: enable OOB by default
On Wed, Oct 10, 2018 at 08:17:41PM -0500, Eric Blake wrote: > On 10/10/18 7:05 PM, Peter Xu wrote: > > > > other than the command line that is hanging: > > > > > > /home/eblake/qemu/x86_64-softmmu/qemu-system-x86_64 -S -no-user-config > > > -nodefaults -nographic -machine none,accel=kvm:tcg -qmp > > > unix:/var/lib/libvirt/qemu/capabilities.monitor.sock,server,nowait > > > -pidfile > > > /var/lib/libvirt/qemu/capabilities.pidfile -daemonize > > > > > > And I suspect it is the -daemonize that is causing the hang I'm seeing > > > when > > > run by libvirt. > > > > > > > > It's very possible the daemonize thing, actually Wolfgang Bumiller has > > posted patches to fix this up (it's not the problem of this series, > > but it just exposed this to libvirt by the series since it only > > happens when oob and daemonize are both enabled). The fixes are: > > > >[PATCH v2 0/2] delay monitor iothread creation > > > > Since it cannot be applied cleanly onto this series, I resolved the > > conflicts and pushed a tree here in case you wanna try with these two > > extra patches applied: > > > >https://github.com/xzpeter/qemu/tree/test-oob > > Technically, we should apply the patches in the opposite order (Wolfgang's > first, then yours), so that bisection does not land on a known-bad hang > situation. Agreed, that patch actually fixes bug of current master (current master could possibly hit the same issue when with x-oob=on and -daemonize), so should be applied earlier when proper. > > > > > Please feel free to test with libvirt again with that. > > > > Thanks for playing with the tree and further investigation! I will > > also mention this in the next version of cover letter (if there is one). > > Confirmed that libvirt no longer hung with Wolfgang's patches added in. Thanks! -- Peter Xu
[Qemu-devel] [PATCH v2 06/12] net: cadence_gem: Add support for selecting the DMA MemoryRegion
From: "Edgar E. Iglesias"
Add support for selecting the Memory Region that the GEM
will do DMA to.
Signed-off-by: Edgar E. Iglesias
---
hw/net/cadence_gem.c | 59 ++--
include/hw/net/cadence_gem.h | 2 ++
2 files changed, 39 insertions(+), 22 deletions(-)
diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c
index 759c1d71e0..a40f136285 100644
--- a/hw/net/cadence_gem.c
+++ b/hw/net/cadence_gem.c
@@ -28,6 +28,7 @@
#include "hw/net/cadence_gem.h"
#include "qapi/error.h"
#include "qemu/log.h"
+#include "sysemu/dma.h"
#include "net/checksum.h"
#ifdef CADENCE_GEM_ERR_DEBUG
@@ -835,9 +836,9 @@ static void gem_get_rx_desc(CadenceGEMState *s, int q)
{
DB_PRINT("read descriptor 0x%x\n", (unsigned)s->rx_desc_addr[q]);
/* read current descriptor */
-cpu_physical_memory_read(s->rx_desc_addr[q],
- (uint8_t *)s->rx_desc[q],
- sizeof(uint32_t) * gem_get_desc_len(s, true));
+address_space_read(>dma_as, s->rx_desc_addr[q], MEMTXATTRS_UNSPECIFIED,
+ (uint8_t *)s->rx_desc[q],
+ sizeof(uint32_t) * gem_get_desc_len(s, true));
/* Descriptor owned by software ? */
if (rx_desc_get_ownership(s->rx_desc[q]) == 1) {
@@ -956,10 +957,10 @@ static ssize_t gem_receive(NetClientState *nc, const
uint8_t *buf, size_t size)
rx_desc_get_buffer(s->rx_desc[q]));
/* Copy packet data to emulated DMA buffer */
-cpu_physical_memory_write(rx_desc_get_buffer(s, s->rx_desc[q]) +
+address_space_write(>dma_as, rx_desc_get_buffer(s, s->rx_desc[q]) +
rxbuf_offset,
- rxbuf_ptr,
- MIN(bytes_to_copy, rxbufsize));
+MEMTXATTRS_UNSPECIFIED, rxbuf_ptr,
+MIN(bytes_to_copy, rxbufsize));
rxbuf_ptr += MIN(bytes_to_copy, rxbufsize);
bytes_to_copy -= MIN(bytes_to_copy, rxbufsize);
@@ -993,9 +994,10 @@ static ssize_t gem_receive(NetClientState *nc, const
uint8_t *buf, size_t size)
}
/* Descriptor write-back. */
-cpu_physical_memory_write(s->rx_desc_addr[q],
- (uint8_t *)s->rx_desc[q],
- sizeof(uint32_t) * gem_get_desc_len(s,
true));
+address_space_write(>dma_as, s->rx_desc_addr[q],
+MEMTXATTRS_UNSPECIFIED,
+(uint8_t *)s->rx_desc[q],
+sizeof(uint32_t) * gem_get_desc_len(s, true));
/* Next descriptor */
if (rx_desc_get_wrap(s->rx_desc[q])) {
@@ -1099,9 +1101,9 @@ static void gem_transmit(CadenceGEMState *s)
packet_desc_addr = s->tx_desc_addr[q];
DB_PRINT("read descriptor 0x%" HWADDR_PRIx "\n", packet_desc_addr);
-cpu_physical_memory_read(packet_desc_addr,
- (uint8_t *)desc,
- sizeof(uint32_t) * gem_get_desc_len(s,
false));
+address_space_read(>dma_as, packet_desc_addr,
+ MEMTXATTRS_UNSPECIFIED, (uint8_t *)desc,
+ sizeof(uint32_t) * gem_get_desc_len(s, false));
/* Handle all descriptors owned by hardware */
while (tx_desc_get_used(desc) == 0) {
@@ -1133,8 +1135,9 @@ static void gem_transmit(CadenceGEMState *s)
/* Gather this fragment of the packet from "dma memory" to our
* contig buffer.
*/
-cpu_physical_memory_read(tx_desc_get_buffer(s, desc), p,
- tx_desc_get_length(desc));
+address_space_read(>dma_as, tx_desc_get_buffer(s, desc),
+ MEMTXATTRS_UNSPECIFIED,
+ p, tx_desc_get_length(desc));
p += tx_desc_get_length(desc);
total_bytes += tx_desc_get_length(desc);
@@ -1145,13 +1148,15 @@ static void gem_transmit(CadenceGEMState *s)
/* Modify the 1st descriptor of this packet to be owned by
* the processor.
*/
-cpu_physical_memory_read(s->tx_desc_addr[q],
- (uint8_t *)desc_first,
- sizeof(desc_first));
+address_space_read(>dma_as, s->tx_desc_addr[q],
+ MEMTXATTRS_UNSPECIFIED,
+ (uint8_t *)desc_first,
+ sizeof(desc_first));
tx_desc_set_used(desc_first);
-cpu_physical_memory_write(s->tx_desc_addr[q],
- (uint8_t *)desc_first,
- sizeof(desc_first));
+address_space_write(>dma_as,
[Qemu-devel] [PATCH v2 10/12] target/arm: Add the Cortex-A72
From: "Edgar E. Iglesias"
Add the ARM Cortex-A72.
Signed-off-by: Edgar E. Iglesias
---
target/arm/cpu64.c | 66 +++---
1 file changed, 63 insertions(+), 3 deletions(-)
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index db71504cb5..44fdf0f6fa 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -51,7 +51,7 @@ static uint64_t a57_a53_l2ctlr_read(CPUARMState *env, const
ARMCPRegInfo *ri)
}
#endif
-static const ARMCPRegInfo cortex_a57_a53_cp_reginfo[] = {
+static const ARMCPRegInfo cortex_a72_a57_a53_cp_reginfo[] = {
#ifndef CONFIG_USER_ONLY
{ .name = "L2CTLR_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 1, .crn = 11, .crm = 0, .opc2 = 2,
@@ -156,7 +156,7 @@ static void aarch64_a57_initfn(Object *obj)
cpu->gic_num_lrs = 4;
cpu->gic_vpribits = 5;
cpu->gic_vprebits = 5;
-define_arm_cp_regs(cpu, cortex_a57_a53_cp_reginfo);
+define_arm_cp_regs(cpu, cortex_a72_a57_a53_cp_reginfo);
}
static void aarch64_a53_initfn(Object *obj)
@@ -215,7 +215,66 @@ static void aarch64_a53_initfn(Object *obj)
cpu->gic_num_lrs = 4;
cpu->gic_vpribits = 5;
cpu->gic_vprebits = 5;
-define_arm_cp_regs(cpu, cortex_a57_a53_cp_reginfo);
+define_arm_cp_regs(cpu, cortex_a72_a57_a53_cp_reginfo);
+}
+
+static void aarch64_a72_initfn(Object *obj)
+{
+ARMCPU *cpu = ARM_CPU(obj);
+
+cpu->dtb_compatible = "arm,cortex-a72";
+set_feature(>env, ARM_FEATURE_V8);
+set_feature(>env, ARM_FEATURE_VFP4);
+set_feature(>env, ARM_FEATURE_NEON);
+set_feature(>env, ARM_FEATURE_GENERIC_TIMER);
+set_feature(>env, ARM_FEATURE_AARCH64);
+set_feature(>env, ARM_FEATURE_CBAR_RO);
+set_feature(>env, ARM_FEATURE_V8_AES);
+set_feature(>env, ARM_FEATURE_V8_SHA1);
+set_feature(>env, ARM_FEATURE_V8_SHA256);
+set_feature(>env, ARM_FEATURE_V8_PMULL);
+set_feature(>env, ARM_FEATURE_CRC);
+set_feature(>env, ARM_FEATURE_EL2);
+set_feature(>env, ARM_FEATURE_EL3);
+set_feature(>env, ARM_FEATURE_PMU);
+cpu->midr = 0x410fd083;
+cpu->revidr = 0x;
+cpu->reset_fpsid = 0x41034080;
+cpu->mvfr0 = 0x10110222;
+cpu->mvfr1 = 0x1211;
+cpu->mvfr2 = 0x0043;
+cpu->ctr = 0x8444c004;
+cpu->reset_sctlr = 0x00c50838;
+cpu->id_pfr0 = 0x0131;
+cpu->id_pfr1 = 0x00011011;
+cpu->id_dfr0 = 0x03010066;
+cpu->id_afr0 = 0x;
+cpu->id_mmfr0 = 0x10201105;
+cpu->id_mmfr1 = 0x4000;
+cpu->id_mmfr2 = 0x0126;
+cpu->id_mmfr3 = 0x02102211;
+cpu->id_isar0 = 0x02101110;
+cpu->id_isar1 = 0x13112111;
+cpu->id_isar2 = 0x21232042;
+cpu->id_isar3 = 0x01112131;
+cpu->id_isar4 = 0x00011142;
+cpu->id_isar5 = 0x00011121;
+cpu->id_aa64pfr0 = 0x;
+cpu->id_aa64dfr0 = 0x10305106;
+cpu->pmceid0 = 0x;
+cpu->pmceid1 = 0x;
+cpu->id_aa64isar0 = 0x00011120;
+cpu->id_aa64mmfr0 = 0x1124;
+cpu->dbgdidr = 0x3516d000;
+cpu->clidr = 0x0a200023;
+cpu->ccsidr[0] = 0x701fe00a; /* 32KB L1 dcache */
+cpu->ccsidr[1] = 0x201fe012; /* 48KB L1 icache */
+cpu->ccsidr[2] = 0x707fe07a; /* 1MB L2 cache */
+cpu->dcz_blocksize = 4; /* 64 bytes */
+cpu->gic_num_lrs = 4;
+cpu->gic_vpribits = 5;
+cpu->gic_vprebits = 5;
+define_arm_cp_regs(cpu, cortex_a72_a57_a53_cp_reginfo);
}
static void cpu_max_get_sve_vq(Object *obj, Visitor *v, const char *name,
@@ -293,6 +352,7 @@ typedef struct ARMCPUInfo {
static const ARMCPUInfo aarch64_cpus[] = {
{ .name = "cortex-a57", .initfn = aarch64_a57_initfn },
{ .name = "cortex-a53", .initfn = aarch64_a53_initfn },
+{ .name = "cortex-a72", .initfn = aarch64_a72_initfn },
{ .name = "max",.initfn = aarch64_max_initfn },
{ .name = NULL }
};
--
2.17.1
[Qemu-devel] [PATCH v2 00/12] arm: Add first models of Xilinx Versal SoC
From: "Edgar E. Iglesias" This patch series adds initial support for Xilinx's Versal SoC. Xilinx is introducing Versal, an adaptive compute acceleration platform (ACAP), built on 7nm FinFET process technology. Versal ACAPs combine Scalar Processing Engines, Adaptable Hardware Engines, and Intelligent Engines with leading-edge memory and interfacing technologies to deliver powerful heterogeneous acceleration for any application. The Versal AI Core series has five devices, offering 128 to 400 AI Engines. The series includes dual-core Arm Cortex-A72 application processors, dual-core Arm Cortex-R5 real-time processors, 256KB of on-chip memory with ECC, more than 1,900 DSP engines optimized for high-precision floating point with low latency. More info can be found here: https://www.xilinx.com/news/press/2018/xilinx-unveils-versal-the-first-in-a-new-category-of-platforms-delivering-rapid-innovation-with-software-programmability-and-scalable-ai-inference.html In QEMU we'd like to have a virtual developer board with the Versal SoC and a selected set of peripherals under the control of QEMU. We'd like to gradually extend this board as QEMU gains more support for Versal hardware components. QEMU will generate a device-tree describing only the components it supports and includes in the virtual dev board. Before adding Versal support, this series starts with a few fixes to the GEM that I ran into when running recent kernels on the Versal and ZynqMP models. I also noticed a problem with HVC insns not being enabled when using QEMU's PSCI implementation on CPU's with EL2 and EL3 enabled. This causes problems for Linux/KVM guests, also fixed in this series. Best regards, Edgar ChangeLog: v1 -> v2: * Spell out OCM as On Chip Memory * apperture -> aperture * Remove copy+pasted virt board comment * Remove VMSD for Versal SoC (with a comment on why it's not needed) * Embedd AddressSpace dma object in GEM * Remove debug left-overs in arm-powerctl * Enable PMU in Cortex-A72 * Rename cortex_a57_a53_cp_reginfo -> cortex_a72_a57_a53_cp_reginfo Edgar E. Iglesias (12): net: cadence_gem: Disable TSU feature bit net: cadence_gem: Announce availability of priority queues net: cadence_gem: Use uint32_t for 32bit descriptor words net: cadence_gem: Add macro with max number of descriptor words net: cadence_gem: Add support for extended descriptors net: cadence_gem: Add support for selecting the DMA MemoryRegion net: cadence_gem: Implement support for 64bit descriptor addresses net: cadence_gem: Announce 64bit addressing support target-arm: powerctl: Enable HVC when starting CPUs to EL2 target/arm: Add the Cortex-A72 hw/arm: versal: Add a model of Xilinx Versal SoC hw/arm: versal: Add a virtual Xilinx Versal board default-configs/aarch64-softmmu.mak | 1 + hw/arm/Makefile.objs| 1 + hw/arm/xlnx-versal-virt.c | 494 hw/arm/xlnx-versal.c| 324 ++ hw/net/cadence_gem.c| 192 --- include/hw/arm/xlnx-versal.h| 122 +++ include/hw/net/cadence_gem.h| 7 +- target/arm/arm-powerctl.c | 10 + target/arm/cpu64.c | 66 +++- 9 files changed, 1159 insertions(+), 58 deletions(-) create mode 100644 hw/arm/xlnx-versal-virt.c create mode 100644 hw/arm/xlnx-versal.c create mode 100644 include/hw/arm/xlnx-versal.h -- 2.17.1
[Qemu-devel] [PATCH v2 09/12] target-arm: powerctl: Enable HVC when starting CPUs to EL2
From: "Edgar E. Iglesias"
When QEMU provides the equivalent of the EL3 firmware, we
need to enable HVCs in scr_el3 when turning on CPUs that
target EL2.
Reviewed-by: Peter Maydell
Signed-off-by: Edgar E. Iglesias
---
target/arm/arm-powerctl.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/target/arm/arm-powerctl.c b/target/arm/arm-powerctl.c
index ce55eeb682..2b856930fb 100644
--- a/target/arm/arm-powerctl.c
+++ b/target/arm/arm-powerctl.c
@@ -103,6 +103,16 @@ static void arm_set_cpu_on_async_work(CPUState
*target_cpu_state,
} else {
/* Processor is not in secure mode */
target_cpu->env.cp15.scr_el3 |= SCR_NS;
+
+/*
+ * If QEMU is providing the equivalent of EL3 firmware, then we need
+ * to make sure a CPU targeting EL2 comes out of reset with a
+ * functional HVC insn.
+ */
+if (arm_feature(_cpu->env, ARM_FEATURE_EL3)
+&& info->target_el == 2) {
+target_cpu->env.cp15.scr_el3 |= SCR_HCE;
+}
}
/* We check if the started CPU is now at the correct level */
--
2.17.1
[Qemu-devel] [PATCH v2 02/12] net: cadence_gem: Announce availability of priority queues
From: "Edgar E. Iglesias"
Announce the availability of the various priority queues.
This fixes an issue where guest kernels would miss to
configure secondary queues due to inproper feature bits.
Reviewed-by: Alistair Francis
Signed-off-by: Edgar E. Iglesias
---
hw/net/cadence_gem.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c
index e560b7a142..901c173970 100644
--- a/hw/net/cadence_gem.c
+++ b/hw/net/cadence_gem.c
@@ -1213,6 +1213,7 @@ static void gem_reset(DeviceState *d)
int i;
CadenceGEMState *s = CADENCE_GEM(d);
const uint8_t *a;
+uint32_t queues_mask;
DB_PRINT("\n");
@@ -1229,7 +1230,10 @@ static void gem_reset(DeviceState *d)
s->regs[GEM_DESCONF] = 0x02500111;
s->regs[GEM_DESCONF2] = 0x2ab13fff;
s->regs[GEM_DESCONF5] = 0x002f2045;
-s->regs[GEM_DESCONF6] = 0x0200;
+s->regs[GEM_DESCONF6] = 0x0;
+
+queues_mask = MAKE_64BIT_MASK(1, s->num_priority_queues - 1);
+s->regs[GEM_DESCONF6] |= queues_mask;
/* Set MAC address */
a = >conf.macaddr.a[0];
--
2.17.1
[Qemu-devel] [PATCH v2 08/12] net: cadence_gem: Announce 64bit addressing support
From: "Edgar E. Iglesias" Announce 64bit addressing support. Reviewed-by: Alistair Francis Signed-off-by: Edgar E. Iglesias --- hw/net/cadence_gem.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c index 550225c15b..7f96de4aff 100644 --- a/hw/net/cadence_gem.c +++ b/hw/net/cadence_gem.c @@ -142,6 +142,7 @@ #define GEM_DESCONF4 (0x028C/4) #define GEM_DESCONF5 (0x0290/4) #define GEM_DESCONF6 (0x0294/4) +#define GEM_DESCONF6_64B_MASK (1U << 23) #define GEM_DESCONF7 (0x0298/4) #define GEM_INT_Q1_STATUS (0x0400 / 4) @@ -1300,7 +1301,7 @@ static void gem_reset(DeviceState *d) s->regs[GEM_DESCONF] = 0x02500111; s->regs[GEM_DESCONF2] = 0x2ab13fff; s->regs[GEM_DESCONF5] = 0x002f2045; -s->regs[GEM_DESCONF6] = 0x0; +s->regs[GEM_DESCONF6] = GEM_DESCONF6_64B_MASK; queues_mask = MAKE_64BIT_MASK(1, s->num_priority_queues - 1); s->regs[GEM_DESCONF6] |= queues_mask; -- 2.17.1
[Qemu-devel] [PATCH v2 04/12] net: cadence_gem: Add macro with max number of descriptor words
From: "Edgar E. Iglesias"
Add macro with max number of DMA descriptor words.
No functional change.
Reviewed-by: Alistair Francis
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Edgar E. Iglesias
---
hw/net/cadence_gem.c | 4 ++--
include/hw/net/cadence_gem.h | 5 -
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c
index 31f3fe0e81..4d769b0244 100644
--- a/hw/net/cadence_gem.c
+++ b/hw/net/cadence_gem.c
@@ -1042,7 +1042,7 @@ static void gem_transmit_updatestats(CadenceGEMState *s,
const uint8_t *packet,
*/
static void gem_transmit(CadenceGEMState *s)
{
-uint32_t desc[2];
+uint32_t desc[DESC_MAX_NUM_WORDS];
hwaddr packet_desc_addr;
uint8_t tx_packet[2048];
uint8_t *p;
@@ -1108,7 +1108,7 @@ static void gem_transmit(CadenceGEMState *s)
/* Last descriptor for this packet; hand the whole thing off */
if (tx_desc_get_last(desc)) {
-uint32_t desc_first[2];
+uint32_t desc_first[DESC_MAX_NUM_WORDS];
/* Modify the 1st descriptor of this packet to be owned by
* the processor.
diff --git a/include/hw/net/cadence_gem.h b/include/hw/net/cadence_gem.h
index 633d564dc3..b33ef6513b 100644
--- a/include/hw/net/cadence_gem.h
+++ b/include/hw/net/cadence_gem.h
@@ -32,6 +32,9 @@
#define CADENCE_GEM_MAXREG(0x0800 / 4) /* Last valid GEM address */
+/* Max number of words in a DMA descriptor. */
+#define DESC_MAX_NUM_WORDS 2
+
#define MAX_PRIORITY_QUEUES 8
#define MAX_TYPE1_SCREENERS 16
#define MAX_TYPE2_SCREENERS 16
@@ -74,7 +77,7 @@ typedef struct CadenceGEMState {
uint8_t can_rx_state; /* Debug only */
-uint32_t rx_desc[MAX_PRIORITY_QUEUES][2];
+uint32_t rx_desc[MAX_PRIORITY_QUEUES][DESC_MAX_NUM_WORDS];
bool sar_active[4];
} CadenceGEMState;
--
2.17.1
[Qemu-devel] [PATCH v2 05/12] net: cadence_gem: Add support for extended descriptors
From: "Edgar E. Iglesias"
Add support for extended descriptors with optional 64bit
addressing and timestamping. QEMU will not yet provide
timestamps (always leaving the valid timestamp bit as zero).
Reviewed-by: Alistair Francis
Signed-off-by: Edgar E. Iglesias
---
hw/net/cadence_gem.c | 69 ++--
include/hw/net/cadence_gem.h | 2 +-
2 files changed, 52 insertions(+), 19 deletions(-)
diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c
index 4d769b0244..759c1d71e0 100644
--- a/hw/net/cadence_gem.c
+++ b/hw/net/cadence_gem.c
@@ -207,6 +207,9 @@
#define GEM_NWCFG_BCAST_REJ0x0020 /* Reject broadcast packets */
#define GEM_NWCFG_PROMISC 0x0010 /* Accept all packets */
+#define GEM_DMACFG_ADDR_64B(1U << 30)
+#define GEM_DMACFG_TX_BD_EXT (1U << 29)
+#define GEM_DMACFG_RX_BD_EXT (1U << 28)
#define GEM_DMACFG_RBUFSZ_M0x00FF /* DMA RX Buffer Size mask */
#define GEM_DMACFG_RBUFSZ_S16 /* DMA RX Buffer Size shift */
#define GEM_DMACFG_RBUFSZ_MUL 64 /* DMA RX Buffer Size multiplier */
@@ -302,9 +305,14 @@
#define GEM_MODID_VALUE 0x00020118
-static inline unsigned tx_desc_get_buffer(uint32_t *desc)
+static inline uint64_t tx_desc_get_buffer(CadenceGEMState *s, uint32_t *desc)
{
-return desc[0];
+uint64_t ret = desc[0];
+
+if (s->regs[GEM_DMACFG] & GEM_DMACFG_ADDR_64B) {
+ret |= (uint64_t)desc[2] << 32;
+}
+return ret;
}
static inline unsigned tx_desc_get_used(uint32_t *desc)
@@ -347,9 +355,30 @@ static inline void print_gem_tx_desc(uint32_t *desc,
uint8_t queue)
DB_PRINT("length: %d\n", tx_desc_get_length(desc));
}
-static inline unsigned rx_desc_get_buffer(uint32_t *desc)
+static inline uint64_t rx_desc_get_buffer(CadenceGEMState *s, uint32_t *desc)
{
-return desc[0] & ~0x3UL;
+uint64_t ret = desc[0] & ~0x3UL;
+
+if (s->regs[GEM_DMACFG] & GEM_DMACFG_ADDR_64B) {
+ret |= (uint64_t)desc[2] << 32;
+}
+return ret;
+}
+
+static inline int gem_get_desc_len(CadenceGEMState *s, bool rx_n_tx)
+{
+int ret = 2;
+
+if (s->regs[GEM_DMACFG] & GEM_DMACFG_ADDR_64B) {
+ret += 2;
+}
+if (s->regs[GEM_DMACFG] & (rx_n_tx ? GEM_DMACFG_RX_BD_EXT
+ : GEM_DMACFG_TX_BD_EXT)) {
+ret += 2;
+}
+
+assert(ret <= DESC_MAX_NUM_WORDS);
+return ret;
}
static inline unsigned rx_desc_get_wrap(uint32_t *desc)
@@ -419,7 +448,7 @@ static void gem_init_register_masks(CadenceGEMState *s)
memset(>regs_ro[0], 0, sizeof(s->regs_ro));
s->regs_ro[GEM_NWCTRL] = 0xFFF8;
s->regs_ro[GEM_NWSTATUS] = 0x;
-s->regs_ro[GEM_DMACFG] = 0xFE00F000;
+s->regs_ro[GEM_DMACFG] = 0x8E00F000;
s->regs_ro[GEM_TXSTATUS] = 0xFE08;
s->regs_ro[GEM_RXQBASE] = 0x0003;
s->regs_ro[GEM_TXQBASE] = 0x0003;
@@ -807,7 +836,8 @@ static void gem_get_rx_desc(CadenceGEMState *s, int q)
DB_PRINT("read descriptor 0x%x\n", (unsigned)s->rx_desc_addr[q]);
/* read current descriptor */
cpu_physical_memory_read(s->rx_desc_addr[q],
- (uint8_t *)s->rx_desc[q], sizeof(s->rx_desc[q]));
+ (uint8_t *)s->rx_desc[q],
+ sizeof(uint32_t) * gem_get_desc_len(s, true));
/* Descriptor owned by software ? */
if (rx_desc_get_ownership(s->rx_desc[q]) == 1) {
@@ -926,9 +956,10 @@ static ssize_t gem_receive(NetClientState *nc, const
uint8_t *buf, size_t size)
rx_desc_get_buffer(s->rx_desc[q]));
/* Copy packet data to emulated DMA buffer */
-cpu_physical_memory_write(rx_desc_get_buffer(s->rx_desc[q]) +
- rxbuf_offset,
- rxbuf_ptr, MIN(bytes_to_copy, rxbufsize));
+cpu_physical_memory_write(rx_desc_get_buffer(s, s->rx_desc[q]) +
+ rxbuf_offset,
+ rxbuf_ptr,
+ MIN(bytes_to_copy, rxbufsize));
rxbuf_ptr += MIN(bytes_to_copy, rxbufsize);
bytes_to_copy -= MIN(bytes_to_copy, rxbufsize);
@@ -964,7 +995,7 @@ static ssize_t gem_receive(NetClientState *nc, const
uint8_t *buf, size_t size)
/* Descriptor write-back. */
cpu_physical_memory_write(s->rx_desc_addr[q],
(uint8_t *)s->rx_desc[q],
- sizeof(s->rx_desc[q]));
+ sizeof(uint32_t) * gem_get_desc_len(s,
true));
/* Next descriptor */
if (rx_desc_get_wrap(s->rx_desc[q])) {
@@ -972,7 +1003,7 @@ static ssize_t gem_receive(NetClientState *nc, const
uint8_t *buf, size_t size)
s->rx_desc_addr[q] = s->regs[GEM_RXQBASE];
} else {
DB_PRINT("incrementing RX descriptor list\n");
-
[Qemu-devel] [PATCH v2 01/12] net: cadence_gem: Disable TSU feature bit
From: "Edgar E. Iglesias" Disable the Timestamping Unit feature bit since QEMU does not yet support it. This allows guest SW to correctly probe for its existance. Reviewed-by: Alistair Francis Signed-off-by: Edgar E. Iglesias --- hw/net/cadence_gem.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c index 0fa4b0dc44..e560b7a142 100644 --- a/hw/net/cadence_gem.c +++ b/hw/net/cadence_gem.c @@ -1228,7 +1228,7 @@ static void gem_reset(DeviceState *d) s->regs[GEM_MODID] = s->revision; s->regs[GEM_DESCONF] = 0x02500111; s->regs[GEM_DESCONF2] = 0x2ab13fff; -s->regs[GEM_DESCONF5] = 0x002f2145; +s->regs[GEM_DESCONF5] = 0x002f2045; s->regs[GEM_DESCONF6] = 0x0200; /* Set MAC address */ -- 2.17.1
[Qemu-devel] [PATCH v2 03/12] net: cadence_gem: Use uint32_t for 32bit descriptor words
From: "Edgar E. Iglesias"
Use uint32_t instead of unsigned to describe 32bit descriptor words.
Reviewed-by: Alistair Francis
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Edgar E. Iglesias
---
hw/net/cadence_gem.c | 42 ++--
include/hw/net/cadence_gem.h | 2 +-
2 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c
index 901c173970..31f3fe0e81 100644
--- a/hw/net/cadence_gem.c
+++ b/hw/net/cadence_gem.c
@@ -302,42 +302,42 @@
#define GEM_MODID_VALUE 0x00020118
-static inline unsigned tx_desc_get_buffer(unsigned *desc)
+static inline unsigned tx_desc_get_buffer(uint32_t *desc)
{
return desc[0];
}
-static inline unsigned tx_desc_get_used(unsigned *desc)
+static inline unsigned tx_desc_get_used(uint32_t *desc)
{
return (desc[1] & DESC_1_USED) ? 1 : 0;
}
-static inline void tx_desc_set_used(unsigned *desc)
+static inline void tx_desc_set_used(uint32_t *desc)
{
desc[1] |= DESC_1_USED;
}
-static inline unsigned tx_desc_get_wrap(unsigned *desc)
+static inline unsigned tx_desc_get_wrap(uint32_t *desc)
{
return (desc[1] & DESC_1_TX_WRAP) ? 1 : 0;
}
-static inline unsigned tx_desc_get_last(unsigned *desc)
+static inline unsigned tx_desc_get_last(uint32_t *desc)
{
return (desc[1] & DESC_1_TX_LAST) ? 1 : 0;
}
-static inline void tx_desc_set_last(unsigned *desc)
+static inline void tx_desc_set_last(uint32_t *desc)
{
desc[1] |= DESC_1_TX_LAST;
}
-static inline unsigned tx_desc_get_length(unsigned *desc)
+static inline unsigned tx_desc_get_length(uint32_t *desc)
{
return desc[1] & DESC_1_LENGTH;
}
-static inline void print_gem_tx_desc(unsigned *desc, uint8_t queue)
+static inline void print_gem_tx_desc(uint32_t *desc, uint8_t queue)
{
DB_PRINT("TXDESC (queue %" PRId8 "):\n", queue);
DB_PRINT("bufaddr: 0x%08x\n", *desc);
@@ -347,58 +347,58 @@ static inline void print_gem_tx_desc(unsigned *desc,
uint8_t queue)
DB_PRINT("length: %d\n", tx_desc_get_length(desc));
}
-static inline unsigned rx_desc_get_buffer(unsigned *desc)
+static inline unsigned rx_desc_get_buffer(uint32_t *desc)
{
return desc[0] & ~0x3UL;
}
-static inline unsigned rx_desc_get_wrap(unsigned *desc)
+static inline unsigned rx_desc_get_wrap(uint32_t *desc)
{
return desc[0] & DESC_0_RX_WRAP ? 1 : 0;
}
-static inline unsigned rx_desc_get_ownership(unsigned *desc)
+static inline unsigned rx_desc_get_ownership(uint32_t *desc)
{
return desc[0] & DESC_0_RX_OWNERSHIP ? 1 : 0;
}
-static inline void rx_desc_set_ownership(unsigned *desc)
+static inline void rx_desc_set_ownership(uint32_t *desc)
{
desc[0] |= DESC_0_RX_OWNERSHIP;
}
-static inline void rx_desc_set_sof(unsigned *desc)
+static inline void rx_desc_set_sof(uint32_t *desc)
{
desc[1] |= DESC_1_RX_SOF;
}
-static inline void rx_desc_set_eof(unsigned *desc)
+static inline void rx_desc_set_eof(uint32_t *desc)
{
desc[1] |= DESC_1_RX_EOF;
}
-static inline void rx_desc_set_length(unsigned *desc, unsigned len)
+static inline void rx_desc_set_length(uint32_t *desc, unsigned len)
{
desc[1] &= ~DESC_1_LENGTH;
desc[1] |= len;
}
-static inline void rx_desc_set_broadcast(unsigned *desc)
+static inline void rx_desc_set_broadcast(uint32_t *desc)
{
desc[1] |= R_DESC_1_RX_BROADCAST;
}
-static inline void rx_desc_set_unicast_hash(unsigned *desc)
+static inline void rx_desc_set_unicast_hash(uint32_t *desc)
{
desc[1] |= R_DESC_1_RX_UNICAST_HASH;
}
-static inline void rx_desc_set_multicast_hash(unsigned *desc)
+static inline void rx_desc_set_multicast_hash(uint32_t *desc)
{
desc[1] |= R_DESC_1_RX_MULTICAST_HASH;
}
-static inline void rx_desc_set_sar(unsigned *desc, int sar_idx)
+static inline void rx_desc_set_sar(uint32_t *desc, int sar_idx)
{
desc[1] = deposit32(desc[1], R_DESC_1_RX_SAR_SHIFT, R_DESC_1_RX_SAR_LENGTH,
sar_idx);
@@ -1042,7 +1042,7 @@ static void gem_transmit_updatestats(CadenceGEMState *s,
const uint8_t *packet,
*/
static void gem_transmit(CadenceGEMState *s)
{
-unsigneddesc[2];
+uint32_t desc[2];
hwaddr packet_desc_addr;
uint8_t tx_packet[2048];
uint8_t *p;
@@ -1108,7 +1108,7 @@ static void gem_transmit(CadenceGEMState *s)
/* Last descriptor for this packet; hand the whole thing off */
if (tx_desc_get_last(desc)) {
-unsigneddesc_first[2];
+uint32_t desc_first[2];
/* Modify the 1st descriptor of this packet to be owned by
* the processor.
diff --git a/include/hw/net/cadence_gem.h b/include/hw/net/cadence_gem.h
index 35de622063..633d564dc3 100644
--- a/include/hw/net/cadence_gem.h
+++ b/include/hw/net/cadence_gem.h
@@ -74,7 +74,7 @@ typedef struct CadenceGEMState {
uint8_t can_rx_state; /* Debug only */
-unsigned rx_desc[MAX_PRIORITY_QUEUES][2];
+
Re: [Qemu-devel] [PATCH 1/1] i386: Add new model of Cascadelake-Server
> -Original Message-
> From: Eduardo Habkost [mailto:ehabk...@redhat.com]
> Sent: Thursday, October 11, 2018 4:35 AM
> To: Liu, Jingqi
> Cc: Xu, Tao3 ; pbonz...@redhat.com; r...@twiddle.net;
> qemu-devel@nongnu.org; Robert Hoo
> Subject: Re: [PATCH 1/1] i386: Add new model of Cascadelake-Server
>
> On Wed, Oct 10, 2018 at 01:49:56AM +, Liu, Jingqi wrote:
> > Hi Eduardo/Paolo,
> >
> > Do you have any comments about this patch ?
>
> Thanks for the reminder and sorry for the delay. I was waiting for MSR
> features
> to be merged before including this CPU model.
>
> But considering that it's taking a while until we sort out the details, I'll
> review
> this so it can be merged first if necessary.
Hi Eduardo,
Thanks for your feedback.
No problem. It's fine on your schedule.
Thanks
Jingqi
>
> >
> > Thanks
> > Jingqi
> >
> > > -Original Message-
> > > From: Xu, Tao3
> > > Sent: Wednesday, September 19, 2018 11:11 AM
> > > To: pbonz...@redhat.com; r...@twiddle.net; ehabk...@redhat.com
> > > Cc: qemu-devel@nongnu.org; Liu, Jingqi ; Xu,
> > > Tao3
> > > Subject: [PATCH 1/1] i386: Add new model of Cascadelake-Server
> > >
> > > New CPU models mostly inherit features from ancestor Skylake-Server,
> > > while addin new features: AVX512_VNNI, Intel PT.
> > > SSBD support for speculative execution side channel mitigations.
> > >
> > > Note:
> > >
> > > On Cascadelake, some capabilities (RDCL_NO, IBRS_ALL, RSBA,
> > > SKIP_L1DFL_VMENTRY and SSB_NO) are enumerated by MSR.
> > > These features rely on MSR based feature support patch.
> > > Will be added later after that patch's in.
> > > http://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg00074.htm
> > > l
> > >
> > > Signed-off-by: Tao Xu
> > > ---
> > > target/i386/cpu.c | 54
> > > +++
> > > 1 file changed, 54 insertions(+)
> > >
> > > diff --git a/target/i386/cpu.c b/target/i386/cpu.c index
> > > f24295e6e4..670898f32d 100644
> > > --- a/target/i386/cpu.c
> > > +++ b/target/i386/cpu.c
> > > @@ -2386,6 +2386,60 @@ static X86CPUDefinition builtin_x86_defs[] = {
> > > .xlevel = 0x8008,
> > > .model_id = "Intel Xeon Processor (Skylake, IBRS)",
> > > },
> > > +{
> > > +.name = "Cascadelake-Server",
> > > +.level = 0xd,
> > > +.vendor = CPUID_VENDOR_INTEL,
> > > +.family = 6,
> > > +.model = 85,
> > > +.stepping = 5,
> > > +.features[FEAT_1_EDX] =
> > > +CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
> CPUID_MMX |
> > > +CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
> > > CPUID_MCA |
> > > +CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8
> |
> > > +CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
> > > +CPUID_DE | CPUID_FP87,
> > > +.features[FEAT_1_ECX] =
> > > +CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
> > > +CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
> > > +CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
> > > +CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
> > > +CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA |
> > > CPUID_EXT_MOVBE |
> > > +CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
> > > +.features[FEAT_8000_0001_EDX] =
> > > +CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
> > > +CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
> > > +.features[FEAT_8000_0001_ECX] =
> > > +CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM |
> > > CPUID_EXT3_3DNOWPREFETCH,
> > > +.features[FEAT_7_0_EBX] =
> > > +CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
> > > +CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 |
> > > + CPUID_7_0_EBX_SMEP
> > > |
> > > +CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
> > > CPUID_7_0_EBX_INVPCID |
> > > +CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED |
> > > CPUID_7_0_EBX_ADX |
> > > +CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX |
> > > CPUID_7_0_EBX_CLWB |
> > > +CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
> > > +CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
> > > +CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT |
> > > +CPUID_7_0_EBX_INTEL_PT,
> > > +.features[FEAT_7_0_ECX] =
> > > +CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_OSPKE |
> > > +CPUID_7_0_ECX_AVX512VNNI,
> > > +.features[FEAT_7_0_EDX] =
> > > +CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
> > > +/* Missing: XSAVES (not supported by some Linux versions,
> > > +* including v4.1 to v4.12).
> > > +* KVM doesn't yet expose any XSAVES state save component,
> > > +* and the only one defined in Skylake (processor tracing)
> > > +* probably will block migration anyway.
> > > +
Re: [Qemu-devel] [PATCH v9 0/6] monitor: enable OOB by default
On 10/10/18 7:05 PM, Peter Xu wrote: other than the command line that is hanging: /home/eblake/qemu/x86_64-softmmu/qemu-system-x86_64 -S -no-user-config -nodefaults -nographic -machine none,accel=kvm:tcg -qmp unix:/var/lib/libvirt/qemu/capabilities.monitor.sock,server,nowait -pidfile /var/lib/libvirt/qemu/capabilities.pidfile -daemonize And I suspect it is the -daemonize that is causing the hang I'm seeing when run by libvirt. It's very possible the daemonize thing, actually Wolfgang Bumiller has posted patches to fix this up (it's not the problem of this series, but it just exposed this to libvirt by the series since it only happens when oob and daemonize are both enabled). The fixes are: [PATCH v2 0/2] delay monitor iothread creation Since it cannot be applied cleanly onto this series, I resolved the conflicts and pushed a tree here in case you wanna try with these two extra patches applied: https://github.com/xzpeter/qemu/tree/test-oob Technically, we should apply the patches in the opposite order (Wolfgang's first, then yours), so that bisection does not land on a known-bad hang situation. Please feel free to test with libvirt again with that. Thanks for playing with the tree and further investigation! I will also mention this in the next version of cover letter (if there is one). Confirmed that libvirt no longer hung with Wolfgang's patches added in. -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
Re: [Qemu-devel] [PATCH v4 01/11] qga-win: fix crashes when PCI info cannot be retrived
On 10/4/18 6:22 AM, Tomáš Golembiovský wrote: In the subject: s/retrived/retrieved/ The guest-get-fsinfo command collects also information about PCI controller where the disk is attached. When this fails for some reasons it tries to return just the partial information. However in certain cases the pointer to the structure was not initialized and was set to NULL. This breaks the serializer and leads to a crash of the guest agent. Signed-off-by: Tomáš Golembiovský --- qga/commands-win32.c | 27 ++- 1 file changed, 22 insertions(+), 5 deletions(-) -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
Re: [Qemu-devel] [PATCH 2/2] mailmap: Split 'prefered emails' from 'original git import' section
On 10/10/18 5:29 PM, Philippe Mathieu-Daudé wrote: In the subject: s/prefered/preferred/ Signed-off-by: Philippe Mathieu-Daudé --- .mailmap | 21 + 1 file changed, 13 insertions(+), 8 deletions(-) + +# This section is to track prefered (or last up to date) email for people and again +# that uses (or had use) various emails. that use (or have used) +# Example can be people changing from companies, or companies changing their +# name. Examples include people changing companies, or companies changing their name. +Aleksandar Markovic +Anthony Liguori Anthony Liguori +James Hogan +Paul Burton +Paul Burton +Paul Burton + + # Next, translate a few commits where mailman rewrote the From: line due # to strict SPF, although we prefer to avoid adding more entries like that. Ed Swierk Ed Swierk via Qemu-devel -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
Re: [Qemu-devel] [PATCH v2 4/7] scripts/qemu.py: set predefined machine type based on arch
On 10/10/18 11:47 AM, Cleber Rosa wrote:
>
>
> On 10/10/18 10:28 AM, Eduardo Habkost wrote:
>> On Wed, Oct 10, 2018 at 10:15:15AM -0400, Cleber Rosa wrote:
>>>
>>>
>>> On 10/10/18 9:59 AM, Cleber Rosa wrote:
On 10/10/18 9:46 AM, Eduardo Habkost wrote:
> On Wed, Oct 10, 2018 at 08:35:38AM -0400, Cleber Rosa wrote:
>>
>>
>> On 10/10/18 7:00 AM, Philippe Mathieu-Daudé wrote:
>>> On 10/10/2018 01:26, Cleber Rosa wrote:
Some targets require a machine type to be set, as there's no default
(aarch64 is one example). To give a consistent interface to users of
this API, this changes set_machine() so that a predefined default can
be used, if one is not given. The approach used is exactly the same
with the console device type.
Also, even when there's a default machine type, for some purposes,
testing included, it's better if outside code is explicit about the
machine type, instead of relying on whatever is set internally.
Signed-off-by: Cleber Rosa
---
scripts/qemu.py | 22 +-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/scripts/qemu.py b/scripts/qemu.py
index d9e24a0c1a..fca9b76990 100644
--- a/scripts/qemu.py
+++ b/scripts/qemu.py
@@ -36,6 +36,15 @@ CONSOLE_DEV_TYPES = {
r'^s390-ccw-virtio.*': 'sclpconsole',
}
+#: Maps archictures to the preferred machine type
+MACHINE_TYPES = {
+r'^aarch64$': 'virt',
+r'^ppc$': 'g3beige',
+r'^ppc64$': 'pseries',
+r'^s390x$': 's390-ccw-virtio',
+r'^x86_64$': 'q35',
>>>
>>> Why choose Q35 rather than PC (the default)?
>>>
>>> I was wondering about how to generate variants/machines.json but this is
>>> definitively something we want to do via a QMP query.
>>>
>>> Eduardo what do you think?
>>>
>>
>> It was motivated by Eduardo's initiative to make q35 the default "across
>> the board". He can confirm and give more details.
>
> Making Q35 the default on applications using QEMU and libvirt is
> something I'd like to happen. But I think the simplest way to do
> that is to change the QEMU default. This way you won't need this
> table on qemu.py: you can just use the default provided by QEMU.
>
The idea is to bring consistency on how we're calling
"qemu-system-$(ARCH)", and at the same time apply the "explicit is
better than implicit" rule.
The most important fact is that some targets do not (currently) have
"the default provided by QEMU", aarch64 is one of them.
- Cleber.
>>>
>>> So I ended up not relaying the question properly: should we default
>>> (even if explicitly adding "-machine") to "pc"?
>>
>> I think using the default machine-type (when QEMU has a default)
>> would be less surprising for users of the qemu.py API.
>>
>
> OK, agreed.
>
>> Implicitly adding -machine when there's no default is also
>> surprising, but then it's a nice surprise: instead of crashing
>> you get a running VM.
>>
>> Now, there are two other questions related to this:
>>
>> If using 'pc' as default, should we always add -machine, or just
>> omit the machine-type name? I think we should omit it unless the
>> caller asked for a specific machine-type name (because it would
>> be less surprising for users of the API).
>>
>
Getting down to business, trying to apply those changes, I was faced
with a situation. Actually, the same situation I faced a few months
ago. Handling it was defered until it was *really* a blocker.
Basically the issue is: the set_console() method, which gives tests a
ready to use console, depends on knowing the machine type (see
CONSOLE_DEV_TYPES).
As a case study, let's look at "boot_console_linux.py":
1) it sets the machine type explicitly
2) it has nothing to do with the specific machine type
3) the setting of a machine type is boiler plate code to set a console
4) the console is used on the test's real purpose: verifying the Linux
kernel booted
Now, to be able to run the same test -- booting a Linux kernel -- on
*other target archs*, we need the same machinery. Even more important:
to have similar tests we'll need to either abstract those features or
duplicate them. This can be seen, at least in part, on the firmware
tests that Philippe sent to the list: they would also benefit from
having a console device ready to be used on the configured machine type[1]:
Assuming that we want to provide this type of machinery for free (or as
close as that) to the acceptance/functional tests, we need some source
of "known good" configuration for the targets we aim to support.
Let's restrict the discussion to the issue at hand, machine types, while
keeping in mind that the same pattern
[Qemu-devel] [Bug 1797262] [NEW] qemu arm no longer able to boot RPI Kernels
Public bug reported: Since RPi Kernel 1.20170427, qemu is no longer able to emulate the Rasberry Pi, as the linux kernel is complaining about timing issues. Old kernel output - https://pastebin.com/wvkneNNF New kernel output - https://pastebin.com/QTwgCkV2 Note that the actual error is caused by the kernel being unable to get the timing source for the mmc (Line 160), which causes an unable-to- mount-root panic. There are other issues with the serial port returning an invalid speed, which displays a divide-by-zero error, which is PROBABLY a symptom of the same root cause. This is simple to replicate - The last working kernel is available here: https://github.com/raspberrypi/firmware/tree/1.20170405/boot Download kernel7 and the dtb, and try to boot with (for example) qemu-system-aarch64 -M raspi2 -kernel kernel7.img -dtb bcm2709-rpi-2-b.dtb -serial stdio -sd noobs.img -append "root=/dev/mmcblk0p2 init=/bin/bash" This works, and boots successfully. However, if you replace the kernel7.img and dtb with ones taken from https://github.com/raspberrypi/firmware/tree/1.20170427/boot it will NOT boot because of various clock timing issues (as in the second paste) ** Affects: qemu Importance: Undecided Status: New -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1797262 Title: qemu arm no longer able to boot RPI Kernels Status in QEMU: New Bug description: Since RPi Kernel 1.20170427, qemu is no longer able to emulate the Rasberry Pi, as the linux kernel is complaining about timing issues. Old kernel output - https://pastebin.com/wvkneNNF New kernel output - https://pastebin.com/QTwgCkV2 Note that the actual error is caused by the kernel being unable to get the timing source for the mmc (Line 160), which causes an unable-to- mount-root panic. There are other issues with the serial port returning an invalid speed, which displays a divide-by-zero error, which is PROBABLY a symptom of the same root cause. This is simple to replicate - The last working kernel is available here: https://github.com/raspberrypi/firmware/tree/1.20170405/boot Download kernel7 and the dtb, and try to boot with (for example) qemu-system-aarch64 -M raspi2 -kernel kernel7.img -dtb bcm2709-rpi-2-b.dtb -serial stdio -sd noobs.img -append "root=/dev/mmcblk0p2 init=/bin/bash" This works, and boots successfully. However, if you replace the kernel7.img and dtb with ones taken from https://github.com/raspberrypi/firmware/tree/1.20170427/boot it will NOT boot because of various clock timing issues (as in the second paste) To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1797262/+subscriptions
Re: [Qemu-devel] [PATCH v2 0/2] delay monitor iothread creation
On Fri, Sep 28, 2018 at 09:58:30AM +0200, Wolfgang Bumiller wrote: > The early monitor iothread creation conflicts with the -daemonize option > causing crashes at shutdown of a daemonized qemu instance. > These patches will delay the creation to when a monitor using it is > actually spawned. > > While the second patch depends on the first one, the first is a > consistency cleanup on its own, therefore split out. > > v2: > This version incorporates Markus Armbruster's requested change to > protect mon_iothread initialization by monitor_lock (and moves the > variable declaration to reflect this), and adds a comments about > monitor_init() expecting to be run in the main thread. > > Wolfgang Bumiller (2): > monitor: guard iothread access by mon->use_io_thread > monitor: delay monitor iothread creation Hi, Wolfgang, Do you have plan to repost this series? Regards, -- Peter Xu
Re: [Qemu-devel] [PATCH v4 01/11] qga-win: fix crashes when PCI info cannot be retrived
Quoting Tomáš Golembiovský (2018-10-04 06:22:28)
> The guest-get-fsinfo command collects also information about PCI
> controller where the disk is attached. When this fails for some reasons
> it tries to return just the partial information. However in certain
> cases the pointer to the structure was not initialized and was set to
> NULL. This breaks the serializer and leads to a crash of the guest agent.
>
> Signed-off-by: Tomáš Golembiovský
> ---
> qga/commands-win32.c | 27 ++-
> 1 file changed, 22 insertions(+), 5 deletions(-)
>
> diff --git a/qga/commands-win32.c b/qga/commands-win32.c
> index 98d9735389..9c959122d9 100644
> --- a/qga/commands-win32.c
> +++ b/qga/commands-win32.c
> @@ -633,15 +633,32 @@ static GuestDiskAddressList *build_guest_disk_info(char
> *guid, Error **errp)
> *
> https://technet.microsoft.com/en-us/library/ee851589(v=ws.10).aspx */
> if (DeviceIoControl(vol_h, IOCTL_SCSI_GET_ADDRESS, NULL, 0, scsi_ad,
> sizeof(SCSI_ADDRESS), , NULL)) {
> +Error *local_err = NULL;
> disk->unit = addr.Lun;
> disk->target = addr.TargetId;
> disk->bus = addr.PathId;
> -disk->pci_controller = get_pci_info(name, errp);
> +g_debug("unit=%lld target=%lld bus=%lld",
> +disk->unit, disk->target, disk->bus);
> +disk->pci_controller = get_pci_info(name, _err);
> +
> +if (local_err) {
> +g_debug("failed to get PCI controller info: %s",
> +error_get_pretty(local_err));
> +error_free(local_err);
> +} else if (disk->pci_controller != NULL) {
> +g_debug("pci: domain=%lld bus=%lld slot=%lld function=%lld",
> +disk->pci_controller->domain,
> +disk->pci_controller->bus,
> +disk->pci_controller->slot,
> +disk->pci_controller->function);
> +}
> }
> -/* We do not set error in this case, because we still have enough
> - * information about volume. */
> -} else {
> - disk->pci_controller = NULL;
> +}
> +/* We do not set error in case pci_controller is NULL, because we still
> + * have enough information about volume. */
> +if (disk->pci_controller == NULL) {
> +g_debug("no PCI controller info");
> +disk->pci_controller = g_malloc0(sizeof(GuestPCIAddress));
Initializing to 0 would be wrong. I pointed out a patch from Sameeh in
v3 that initializes to -1. I'd recommend either picking up his patch,
or perhaps the schema change. But if we do go to the extent of a
non-backward-compatible schema change, I think we should also consider
just deprecating the current GuestDiskAddress list completely:
{ 'struct': 'GuestDiskAddress',
'data': {'pci-controller': 'GuestPCIAddress',
'bus-type': 'GuestDiskBusType',
'bus': 'int', 'target': 'int', 'unit': 'int'} }
and defining something more modular. Some these there don't make a lot
of sense, like how GuestDiskBusType varies between scsi, ide, usb, etc,
but we still have the same bus/target/unit fields. I think each bus type
should have it's own addressing units associated with it. The original
code made use of the fact that IDE/SATA/SCSI/SAS/etc could all be
retrieved via IOCTL_SCSI_GET_ADDRESS with those units but making sense
of them is sort of Windows magic that isn't good from an API perspective
and then there's all the other bus types where those units may or may
not be sensible. And on POSIX you basically have to look at the code
to figure out where each unit is/isn't being plucked from...
So for now I'd recommend just hard-setting the PCI fields to -1 like
in Sameeh's patch, and I'll do some testing and send a follow-up patch
to do the same for bus-type if that seems needed. We can explore better
options after 3.1.
> }
>
> list = g_malloc0(sizeof(*list));
> --
> 2.19.0
>
Re: [Qemu-devel] [PATCH v4 02/11] qga-win: handle NULL values
Quoting Tomáš Golembiovský (2018-10-04 06:22:29)
> Handle returned NULLs properly to:
> - avoid crashes in serialization.
> - properly report errors to the caller
>
> Signed-off-by: Tomáš Golembiovský
> ---
> qga/commands-win32.c | 9 -
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/qga/commands-win32.c b/qga/commands-win32.c
> index 9c959122d9..49fc747298 100644
> --- a/qga/commands-win32.c
> +++ b/qga/commands-win32.c
> @@ -735,6 +735,12 @@ static GuestFilesystemInfo *build_guest_fsinfo(char
> *guid, Error **errp)
> }
> fs->type = g_strdup(fs_name);
> fs->disk = build_guest_disk_info(guid, errp);
> +if (fs->disk == NULL) {
> +g_free(fs);
> +fs = NULL;
> +goto free;
> +}
> +
The QAPI schema defines fs->disk to be a list. In the current upstream
code (where CONFIG_NTDDSCSI is unset) we always set fs->disk to NULL
and that just results in an empty list, which works and doesn't violate
the schema, so I don't understand why that's needed here.
> free:
> g_free(mnt_point);
> return fs;
> @@ -755,7 +761,7 @@ GuestFilesystemInfoList *qmp_guest_get_fsinfo(Error
> **errp)
> do {
> GuestFilesystemInfo *info = build_guest_fsinfo(guid, errp);
> if (info == NULL) {
> -continue;
> +goto out;
> }
This fails the whole guest_get_fsinfo command for any case where we
can't retrieve the 'disk' list for a particular volume. I would consider
that a regression in functionality.
Can you confirm this is for fixing the current code? Or is it just
something you need for something later in this series? If the latter,
I suspect this is the wrong place to address it.
> new = g_malloc(sizeof(*ret));
> new->value = info;
> @@ -767,6 +773,7 @@ GuestFilesystemInfoList *qmp_guest_get_fsinfo(Error
> **errp)
> error_setg_win32(errp, GetLastError(), "failed to find next volume");
> }
>
> +out:
> FindVolumeClose(vol_h);
> return ret;
> }
> --
> 2.19.0
>
Re: [Qemu-devel] [PATCH v9 0/6] monitor: enable OOB by default
On Wed, Oct 10, 2018 at 03:27:34PM -0500, Eric Blake wrote: > On 10/10/18 2:26 PM, Eric Blake wrote: > > > > > On the other hand, when I'm trying to use a qemu binary with these > > patches applied, libvirt is hanging when trying to probe the > > capabilities of the binary, waiting for a response to > > "qmp_capabilities". I'll try and bisect which patch is causing the > > problem, and figure out why it is happening for libvirt and not running > > by hand (perhaps is it a tty vs. Unix socket thing?) > > Bisect didn't help much; it landed on: > > monitor: remove "x-oob", turn oob on by default > > as the cause of libvirt hanging. I didn't have time to investigate further, > other than the command line that is hanging: > > /home/eblake/qemu/x86_64-softmmu/qemu-system-x86_64 -S -no-user-config > -nodefaults -nographic -machine none,accel=kvm:tcg -qmp > unix:/var/lib/libvirt/qemu/capabilities.monitor.sock,server,nowait -pidfile > /var/lib/libvirt/qemu/capabilities.pidfile -daemonize > > And I suspect it is the -daemonize that is causing the hang I'm seeing when > run by libvirt. > > > Based-on: <20180828191048.29806-1-arm...@redhat.com> > > Based-on: <2018090716.1675-1-arm...@redhat.com> > > > > (this series is based on Markus's monitor-next tree) > > > Am I missing any prerequisite patches? Markus' monitor-next tree is > currently a subset of git master (merge efd1d522). Sorry for the confusion. I should have removed these lines from the old cover letter. It's very possible the daemonize thing, actually Wolfgang Bumiller has posted patches to fix this up (it's not the problem of this series, but it just exposed this to libvirt by the series since it only happens when oob and daemonize are both enabled). The fixes are: [PATCH v2 0/2] delay monitor iothread creation Since it cannot be applied cleanly onto this series, I resolved the conflicts and pushed a tree here in case you wanna try with these two extra patches applied: https://github.com/xzpeter/qemu/tree/test-oob Please feel free to test with libvirt again with that. Thanks for playing with the tree and further investigation! I will also mention this in the next version of cover letter (if there is one). Regards, -- Peter Xu
Re: [Qemu-devel] [PATCH] oslib-posix: Use MAP_STACK in qemu_alloc_stack() on OpenBSD
On 10/9/2018 11:04 AM, Kamil Rytarowski wrote:
On 09.10.2018 16:12, Peter Maydell wrote:
On 9 October 2018 at 14:52, Kamil Rytarowski wrote:
On 07.10.2018 17:37, Brad Smith wrote:
Use MAP_STACK in qemu_alloc_stack() on OpenBSD.
Added to -current and will be in our soon to be 6.4 release.
MAP_STACK Indicate that the mapping is used as a stack. This
flag must be used in combination with MAP_ANON and
MAP_PRIVATE.
Implement MAP_STACK option for mmap(). Synchronous faults (pagefault and
syscall) confirm the stack register points at MAP_STACK memory, otherwise
SIGSEGV is delivered. sigaltstack() and pthread_attr_setstack() are modified
to create a MAP_STACK sub-region which satisfies alignment requirements.
Observe that MAP_STACK can only be set/cleared by mmap(), which zeroes the
contents of the region -- there is no mprotect() equivalent operation, so
there is no MAP_STACK-adding gadget.
Signed-off-by: Brad Smith
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index fbd0dc8c57..51e9a012c2 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -611,7 +611,11 @@ void *qemu_alloc_stack(size_t *sz)
*sz += pagesz;
ptr = mmap(NULL, *sz, PROT_READ | PROT_WRITE,
- MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+ MAP_PRIVATE | MAP_ANONYMOUS
+#ifdef MAP_STACK
+ | MAP_STACK
+#endif
+ , -1, 0);
if (ptr == MAP_FAILED) {
perror("failed to allocate memory for stack");
abort();
Can we handle it differently, storing MAP_* flags in a variable:
int flags = MAP_PRIVATE | MAP_ANONYMOUS;
#ifdef MAP_STACK
flags |= MAP_STACK;
#endif
ptr = mmap(NULL, *sz, PROT_READ | PROT_WRITE, flags, -1, 0);
This way it will look nicer as we won't ifdef the middle of a function call.
The other nice way to handle that is to have osdep.h do
#ifndef MAP_STACK
#define MAP_STACK 0
#endif
and then you can just unconditionally use MAP_STACK in your
expression for the mmap flags.
I assume that this is a cleaner solution.
I note that Linux also defines a MAP_STACK, about which the
manpage says:
MAP_STACK (since Linux 2.6.27)
Allocate the mapping at an address suitable for a
process or thread stack.
This flag is currently a no-op, but is used in the
glibc threading imple‐
mentation so that if some architectures require special
treatment for stack
allocations, support can later be transparently
implemented for glibc.
So this patch would be opting Linux QEMU builds into whatever that
potential future behaviour change is. That sounds I guess like
it's more likely to be the right thing than the wrong thing,
but it would be useful if some Linux expert could confirm...
thanks
-- PMM
There is a similar description on NetBSD:
MAP_STACK
Allocate a memory segment that can be used
either for a process or thread stack. This
currently has no effect, but its use is
reserved for architectures that might require
special treatment of that address space.
Unimplemented.
Apparently OpenBSD started to overload it for some hardening.
And from FreeBSD...
MAP_STACK MAP_STACK implies MAP_ANON, and /offset/ of 0. The/fd/
argument must be -1 and /prot/ must include at least
PROT_READ and PROT_WRITE.
This option creates a memory region that grows to at
most/len/ bytes in size, starting from the stack
top
and growing down. The stack top is the starting
address returned by the call, plus/len/ bytes. The
bottom of the stack at maximum growth is the starting
address returned by the call.
Stacks created with MAP_STACK automatically grow.
Guards prevent inadvertent use of the regions into
which those stacks can grow without requiring mapping
the whole stack in advance.
[Qemu-devel] [PATCH v5 08/10] linux-user/strace: Let print_sockaddr() have a 'last' argument
If the format is not the syscall last argument, a comma is append.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Laurent Vivier
---
linux-user/strace.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 5435d01569..14ec5f9f23 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -67,7 +67,7 @@ UNUSED static void print_timeval(abi_ulong, int);
UNUSED static void print_timezone(abi_ulong, int);
UNUSED static void print_number(abi_long, int);
UNUSED static void print_signal(abi_ulong, int);
-UNUSED static void print_sockaddr(abi_ulong addr, abi_long addrlen);
+UNUSED static void print_sockaddr(abi_ulong addr, abi_long addrlen, int);
UNUSED static void print_socket_domain(int domain);
UNUSED static void print_socket_type(int type);
UNUSED static void print_socket_protocol(int domain, int type, int protocol);
@@ -336,7 +336,7 @@ static void print_siginfo(const target_siginfo_t *tinfo)
}
static void
-print_sockaddr(abi_ulong addr, abi_long addrlen)
+print_sockaddr(abi_ulong addr, abi_long addrlen, int last)
{
struct target_sockaddr *sa;
int i;
@@ -418,7 +418,7 @@ print_sockaddr(abi_ulong addr, abi_long addrlen)
} else {
print_raw_param("0x"TARGET_ABI_FMT_lx, addr, 0);
}
-gemu_log(", "TARGET_ABI_FMT_ld, addrlen);
+gemu_log(", "TARGET_ABI_FMT_ld"%s", addrlen, get_comma(last));
}
static void
@@ -1666,7 +1666,7 @@ static void do_print_sockaddr(const char *name, abi_long
arg1)
gemu_log("%s(", name);
print_sockfd(sockfd, 0);
-print_sockaddr(addr, addrlen);
+print_sockaddr(addr, addrlen, 0);
gemu_log(")");
}
@@ -1736,7 +1736,7 @@ static void do_print_msgaddr(const char *name, abi_long
arg1)
print_buf(msg, len, 0);
print_raw_param(TARGET_ABI_FMT_ld, len, 0);
print_flags(msg_flags, flags, 0);
-print_sockaddr(addr, addrlen);
+print_sockaddr(addr, addrlen, 0);
gemu_log(")");
}
--
2.19.1
[Qemu-devel] [PATCH v5 06/10] linux-user/strace: Dump AF_NETLINK sockaddr content
Signed-off-by: Philippe Mathieu-Daudé
Tested-By: Guido Günther
---
linux-user/strace.c | 37 +
1 file changed, 37 insertions(+)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index ca2cd75993..425c06d169 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -8,6 +8,7 @@
#include
#include
#include
+#include
#include
#include "qemu.h"
@@ -398,6 +399,12 @@ print_sockaddr(abi_ulong addr, abi_long addrlen)
gemu_log("}");
break;
}
+case AF_NETLINK: {
+struct target_sockaddr_nl *nl = (struct target_sockaddr_nl *)sa;
+gemu_log("{nl_family=AF_NETLINK,nl_pid=%u,nl_groups=%u}",
+ nl->nl_pid, nl->nl_groups);
+break;
+}
default:
gemu_log("{sa_family=%d, sa_data={", sa->sa_family);
for (i = 0; i < 13; i++) {
@@ -424,6 +431,9 @@ print_socket_domain(int domain)
case PF_INET:
gemu_log("PF_INET");
break;
+case PF_NETLINK:
+gemu_log("PF_NETLINK");
+break;
case PF_PACKET:
gemu_log("PF_PACKET");
break;
@@ -473,6 +483,33 @@ print_socket_protocol(int domain, int type, int protocol)
return;
}
+if (domain == PF_NETLINK) {
+switch (protocol) {
+case NETLINK_ROUTE:
+gemu_log("NETLINK_ROUTE");
+break;
+case NETLINK_AUDIT:
+gemu_log("NETLINK_AUDIT");
+break;
+case NETLINK_NETFILTER:
+gemu_log("NETLINK_NETFILTER");
+break;
+case NETLINK_KOBJECT_UEVENT:
+gemu_log("NETLINK_KOBJECT_UEVENT");
+break;
+case NETLINK_RDMA:
+gemu_log("NETLINK_RDMA");
+break;
+case NETLINK_CRYPTO:
+gemu_log("NETLINK_CRYPTO");
+break;
+default:
+gemu_log("%d", protocol);
+break;
+}
+return;
+}
+
switch (protocol) {
case IPPROTO_IP:
gemu_log("IPPROTO_IP");
--
2.19.1
[Qemu-devel] [PATCH v5 05/10] linux-user/syscall: Introduce target_sockaddr_nl
Signed-off-by: Philippe Mathieu-Daudé
Tested-By: Guido Günther
---
linux-user/syscall_defs.h | 7 +++
linux-user/syscall.c | 6 --
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 18d434d6dc..8ddeec1bae 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -152,6 +152,13 @@ struct target_sockaddr_un {
uint8_t sun_path[108];
};
+struct target_sockaddr_nl {
+uint16_t nl_family; /* AF_NETLINK */
+uint16_t __pad;
+uint32_t nl_pid;
+uint32_t nl_groups;
+};
+
struct target_in_addr {
uint32_t s_addr; /* big endian */
};
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index ea503381aa..e9cadfd748 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -1447,8 +1447,10 @@ static inline abi_long host_to_target_sockaddr(abi_ulong
target_addr,
sizeof(target_saddr->sa_family)) {
target_saddr->sa_family = tswap16(addr->sa_family);
}
-if (addr->sa_family == AF_NETLINK && len >= sizeof(struct sockaddr_nl)) {
-struct sockaddr_nl *target_nl = (struct sockaddr_nl *)target_saddr;
+if (addr->sa_family == AF_NETLINK &&
+len >= sizeof(struct target_sockaddr_nl)) {
+struct target_sockaddr_nl *target_nl =
+ (struct target_sockaddr_nl *)target_saddr;
target_nl->nl_pid = tswap32(target_nl->nl_pid);
target_nl->nl_groups = tswap32(target_nl->nl_groups);
} else if (addr->sa_family == AF_PACKET) {
--
2.19.1
[Qemu-devel] [PATCH v5 02/10] linux-user/strace: Display invalid pointer in print_timeval()
Suggested-by: Laurent Vivier
Signed-off-by: Philippe Mathieu-Daudé
---
linux-user/strace.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 33f4a506a2..c95557bf83 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -1173,8 +1173,10 @@ print_timeval(abi_ulong tv_addr, int last)
struct target_timeval *tv;
tv = lock_user(VERIFY_READ, tv_addr, sizeof(*tv), 1);
-if (!tv)
+if (!tv) {
+print_pointer(tv_addr, last);
return;
+}
gemu_log("{" TARGET_ABI_FMT_ld "," TARGET_ABI_FMT_ld "}%s",
tswapal(tv->tv_sec), tswapal(tv->tv_usec), get_comma(last));
unlock_user(tv, tv_addr, 0);
--
2.19.1
[Qemu-devel] [PATCH v5 04/10] linux-user/strace: Improve settimeofday()
Signed-off-by: Philippe Mathieu-Daudé
Tested-By: Guido Günther
Reviewed-by: Laurent Vivier
---
linux-user/strace.c| 13 +
linux-user/strace.list | 2 +-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 10ae22263c..ca2cd75993 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -1502,6 +1502,19 @@ print_futimesat(const struct syscallname *name,
}
#endif
+#ifdef TARGET_NR_settimeofday
+static void
+print_settimeofday(const struct syscallname *name,
+abi_long arg0, abi_long arg1, abi_long arg2,
+abi_long arg3, abi_long arg4, abi_long arg5)
+{
+print_syscall_prologue(name);
+print_timeval(arg0, 0);
+print_timezone(arg1, 1);
+print_syscall_epilogue(name);
+}
+#endif
+
#ifdef TARGET_NR_link
static void
print_link(const struct syscallname *name,
diff --git a/linux-user/strace.list b/linux-user/strace.list
index ff8bb19f5f..31093c3371 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -1345,7 +1345,7 @@
{ TARGET_NR_set_tid_address, "set_tid_address" , NULL, NULL, NULL },
#endif
#ifdef TARGET_NR_settimeofday
-{ TARGET_NR_settimeofday, "settimeofday" , NULL, NULL, NULL },
+{ TARGET_NR_settimeofday, "settimeofday" , NULL, print_settimeofday, NULL },
#endif
#ifdef TARGET_NR_setuid
{ TARGET_NR_setuid, "setuid" , NULL, NULL, NULL },
--
2.19.1
[Qemu-devel] [PATCH v5 01/10] linux-user/syscall: Verify recvfrom(addr) is user-writable
Signed-off-by: Philippe Mathieu-Daudé
Tested-By: Guido Günther
Reviewed-by: Laurent Vivier
---
linux-user/syscall.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index ae3c0dfef7..ea503381aa 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -2968,6 +2968,11 @@ static abi_long do_recvfrom(int fd, abi_ulong msg,
size_t len, int flags,
ret = -TARGET_EINVAL;
goto fail;
}
+if (!access_ok(VERIFY_WRITE, target_addr, addrlen)) {
+ret = -TARGET_EFAULT;
+goto fail;
+}
+
addr = alloca(addrlen);
ret = get_errno(safe_recvfrom(fd, host_msg, len, flags,
addr, ));
--
2.19.1
[Qemu-devel] [PATCH v5 00/10] linux-user: strace improvements
Hi Laurent, Few patches I'v been writting while trying to figure out this issue: http://lists.nongnu.org/archive/html/qemu-arm/2018-01/msg00514.html As usual with linux-user files, this series will trigger some checkpatch benign warnings. Regards, Phil. Since v4: - rebased on master (no change) Since v3: - addressed Laurent comments - added print_sockfd() - removed the print_sockaddr_ptr() patch, also the two getsockname()/recvfrom() patches for after 3.0. Since v2: - display invalid pointer in print_timeval() and print_timezone() - do not display gettimeofday() arguments Since v1: - addressed Laurent comments - added 'last' argument to print_sockaddr() - reordered series, so patches already correct can get applied directly - dropped "linux-user/syscall: simplify recvfrom()" for now v1: http://lists.nongnu.org/archive/html/qemu-devel/2018-01/msg05855.html v2: http://lists.nongnu.org/archive/html/qemu-devel/2018-06/msg08216.html v3: http://lists.nongnu.org/archive/html/qemu-devel/2018-07/msg00411.html $ git backport-diff [] : patches are identical [] : number of functional differences between upstream/downstream patch [down] : patch is downstream-only The flags [FC] indicate (F)unctional and (C)ontextual differences, respectively 001/12:[] [--] 'linux-user/syscall: Verify recvfrom(addr) is user-writable' 002/12:[] [--] 'linux-user/strace: Improve capget()/capset() output' 003/12:[0002] [FC] 'linux-user/strace: Display invalid pointer in print_timeval()' 004/12:[0002] [FC] 'linux-user/strace: Add print_timezone()' 005/12:[] [--] 'linux-user/strace: Improve settimeofday()' 006/12:[down] 'linux-user/syscall: Introduce target_sockaddr_nl' 007/12:[0018] [FC] 'linux-user/strace: Dump AF_NETLINK sockaddr content' 008/12:[] [--] 'linux-user/strace: Improve recvmsg() output' 009/12:[down] 'linux-user/strace: Add print_sockfd()' 010/12:[0004] [FC] 'linux-user/strace: Let print_sockaddr() have a 'last' argument' 011/12:[0004] [FC] 'linux-user/strace: Improve bind() output' 012/12:[0004] [FC] 'linux-user/strace: improve sendto() output' Philippe Mathieu-Daudé (10): linux-user/syscall: Verify recvfrom(addr) is user-writable linux-user/strace: Display invalid pointer in print_timeval() linux-user/strace: Add print_timezone() linux-user/strace: Improve settimeofday() linux-user/syscall: Introduce target_sockaddr_nl linux-user/strace: Dump AF_NETLINK sockaddr content linux-user/strace: Add print_sockfd() linux-user/strace: Let print_sockaddr() have a 'last' argument linux-user/strace: Improve bind() output linux-user/strace: improve sendto() output linux-user/syscall_defs.h | 7 ++ linux-user/strace.c | 133 ++ linux-user/syscall.c | 11 +++- linux-user/strace.list| 6 +- 4 files changed, 139 insertions(+), 18 deletions(-) -- 2.19.1
[Qemu-devel] [PATCH v5 03/10] linux-user/strace: Add print_timezone()
Suggested-by: Laurent Vivier
Signed-off-by: Philippe Mathieu-Daudé
---
linux-user/strace.c | 21 +
1 file changed, 21 insertions(+)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index c95557bf83..10ae22263c 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -63,6 +63,7 @@ UNUSED static void print_string(abi_long, int);
UNUSED static void print_buf(abi_long addr, abi_long len, int last);
UNUSED static void print_raw_param(const char *, abi_long, int);
UNUSED static void print_timeval(abi_ulong, int);
+UNUSED static void print_timezone(abi_ulong, int);
UNUSED static void print_number(abi_long, int);
UNUSED static void print_signal(abi_ulong, int);
UNUSED static void print_sockaddr(abi_ulong addr, abi_long addrlen);
@@ -1184,6 +1185,26 @@ print_timeval(abi_ulong tv_addr, int last)
gemu_log("NULL%s", get_comma(last));
}
+static void
+print_timezone(abi_ulong tz_addr, int last)
+{
+if (tz_addr) {
+struct target_timezone *tz;
+
+tz = lock_user(VERIFY_READ, tz_addr, sizeof(*tz), 1);
+if (!tz) {
+print_pointer(tz_addr, last);
+return;
+}
+gemu_log("{" TARGET_ABI_FMT_ld "," TARGET_ABI_FMT_ld "}%s",
+ tswapal(tz->tz_minuteswest), tswapal(tz->tz_dsttime),
+ get_comma(last));
+unlock_user(tz, tz_addr, 0);
+} else {
+gemu_log("NULL%s", get_comma(last));
+}
+}
+
#undef UNUSED
#ifdef TARGET_NR_accept
--
2.19.1
[Qemu-devel] [PATCH v5 07/10] linux-user/strace: Add print_sockfd()
Extract common print_sockfd() from various socket related syscalls.
Signed-off-by: Philippe Mathieu-Daudé
---
linux-user/strace.c | 19 ---
1 file changed, 12 insertions(+), 7 deletions(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 425c06d169..5435d01569 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -1651,6 +1651,11 @@ static void do_print_socket(const char *name, abi_long
arg1)
gemu_log(")");
}
+static void print_sockfd(abi_long sockfd, int last)
+{
+print_raw_param(TARGET_ABI_FMT_ld, sockfd, last);
+}
+
static void do_print_sockaddr(const char *name, abi_long arg1)
{
abi_ulong sockfd, addr, addrlen;
@@ -1660,7 +1665,7 @@ static void do_print_sockaddr(const char *name, abi_long
arg1)
get_user_ualx(addrlen, arg1, 2);
gemu_log("%s(", name);
-print_raw_param(TARGET_ABI_FMT_ld, sockfd, 0);
+print_sockfd(sockfd, 0);
print_sockaddr(addr, addrlen);
gemu_log(")");
}
@@ -1673,7 +1678,7 @@ static void do_print_listen(const char *name, abi_long
arg1)
get_user_ualx(backlog, arg1, 1);
gemu_log("%s(", name);
-print_raw_param(TARGET_ABI_FMT_ld, sockfd, 0);
+print_sockfd(sockfd, 0);
print_raw_param(TARGET_ABI_FMT_ld, backlog, 1);
gemu_log(")");
}
@@ -1708,7 +1713,7 @@ static void do_print_sendrecv(const char *name, abi_long
arg1)
get_user_ualx(flags, arg1, 3);
gemu_log("%s(", name);
-print_raw_param(TARGET_ABI_FMT_ld, sockfd, 0);
+print_sockfd(sockfd, 0);
print_buf(msg, len, 0);
print_raw_param(TARGET_ABI_FMT_ld, len, 0);
print_flags(msg_flags, flags, 1);
@@ -1727,7 +1732,7 @@ static void do_print_msgaddr(const char *name, abi_long
arg1)
get_user_ualx(addrlen, arg1, 5);
gemu_log("%s(", name);
-print_raw_param(TARGET_ABI_FMT_ld, sockfd, 0);
+print_sockfd(sockfd, 0);
print_buf(msg, len, 0);
print_raw_param(TARGET_ABI_FMT_ld, len, 0);
print_flags(msg_flags, flags, 0);
@@ -1743,7 +1748,7 @@ static void do_print_shutdown(const char *name, abi_long
arg1)
get_user_ualx(how, arg1, 1);
gemu_log("shutdown(");
-print_raw_param(TARGET_ABI_FMT_ld, sockfd, 0);
+print_sockfd(sockfd, 0);
switch (how) {
case SHUT_RD:
gemu_log("SHUT_RD");
@@ -1770,7 +1775,7 @@ static void do_print_msg(const char *name, abi_long arg1)
get_user_ualx(flags, arg1, 2);
gemu_log("%s(", name);
-print_raw_param(TARGET_ABI_FMT_ld, sockfd, 0);
+print_sockfd(sockfd, 0);
print_pointer(msg, 0);
print_flags(msg_flags, flags, 1);
gemu_log(")");
@@ -1787,7 +1792,7 @@ static void do_print_sockopt(const char *name, abi_long
arg1)
get_user_ualx(optlen, arg1, 4);
gemu_log("%s(", name);
-print_raw_param(TARGET_ABI_FMT_ld, sockfd, 0);
+print_sockfd(sockfd, 0);
switch (level) {
case SOL_TCP:
gemu_log("SOL_TCP,");
--
2.19.1
[Qemu-devel] [PATCH 1/2] mailmap: Fix Reimar Döffinger name
This probably happened when interpreting the utf8 name as latin1. Fixes dbbaaff6867 and f4e94dfefb6. Signed-off-by: Philippe Mathieu-Daudé --- .mailmap | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.mailmap b/.mailmap index 2c2b9b1205..6f2ff22a45 100644 --- a/.mailmap +++ b/.mailmap @@ -33,5 +33,6 @@ Justin Terry (VM) Justin Terry (VM) via Qemu-devel +Reimar Döffinger -- 2.19.1
[Qemu-devel] [PATCH 2/2] mailmap: Split 'prefered emails' from 'original git import' section
Signed-off-by: Philippe Mathieu-Daudé --- .mailmap | 21 + 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/.mailmap b/.mailmap index 6f2ff22a45..8475adf799 100644 --- a/.mailmap +++ b/.mailmap @@ -4,26 +4,31 @@ # into proper addresses so that they are counted properly by git shortlog. Andrzej Zaborowski balrog Anthony Liguori aliguori -Anthony Liguori Anthony Liguori Aurelien Jarno aurel32 Blue Swirl blueswir1 Edgar E. Iglesias edgar_igl Fabrice Bellard bellard -James Hogan Jocelyn Mayer j_mayer Paul Brook pbrook -Aleksandar Markovic -Aleksandar Markovic -Paul Burton -Paul Burton -Paul Burton Thiemo Seufer ths malc malc - # There is also a: #(no author) <(no author)@c046a42c-6fe2-441c-8c8c-71466251a162> # for the cvs2svn initialization commit e63c3dc74bf. + +# This section is to track prefered (or last up to date) email for people +# that uses (or had use) various emails. +# Example can be people changing from companies, or companies changing their +# name. +Aleksandar Markovic +Anthony Liguori Anthony Liguori +James Hogan +Paul Burton +Paul Burton +Paul Burton + + # Next, translate a few commits where mailman rewrote the From: line due # to strict SPF, although we prefer to avoid adding more entries like that. Ed Swierk Ed Swierk via Qemu-devel -- 2.19.1
[Qemu-devel] [PATCH 0/2] mailmap: Sort and clean an utf8 encoding issue
Hi, This amazing series sort a bit the mailmap sections, then fix Reimar Döffinger name from 2 missed commits. Regards, Phil. Philippe Mathieu-Daudé (2): mailmap: Fix Reimar Döffinger name mailmap: Split 'prefered emails' from 'original git import' section .mailmap | 24 +++- 1 file changed, 15 insertions(+), 9 deletions(-) -- 2.19.1
Re: [Qemu-devel] [Qemu-block] [PATCH v3] python: Use io.StringIO
On 10/10/2018 23:31, Philippe Mathieu-Daudé wrote:
> Both Python 2.7 and 3 support the same io.StringIO to
> handle unicode strings.
>
> Use the common form to use indistinctly Python 2.7 or 3.
>
> http://python-future.org/compatible_idioms.html#stringio
>
> This fixes running tests on the Fedora Docker image,
> which uses Python3 since 356dc290f:
>
> $ make docker-test-block@fedora
> [...]
> 045 [failed, exit status 1] - output mismatch (see 045.out.bad)
> --- /tmp/qemu-test/src/tests/qemu-iotests/045.out 2018-07-17
> 16:56:18.0 +
> +++ /tmp/qemu-test/build/tests/qemu-iotests/045.out.bad 2018-07-17
> 17:19:22.448409007 +
> @@ -1,5 +1,6 @@
> -...
> ---
> -Ran 11 tests
> -
> -OK
> +Traceback (most recent call last):
> + File "045", line 178, in
> +iotests.main(supported_fmts=['raw'])
> + File "/tmp/qemu-test/src/tests/qemu-iotests/iotests.py", line 682, in
> main
> +import StringIO
> +ModuleNotFoundError: No module named 'StringIO'
> 132 [failed, exit status 1] - output mismatch (see 132.out.bad)
> 152 [failed, exit status 1] - output mismatch (see 152.out.bad)
>
> Failures: 045 132 152
>
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> tests/qemu-iotests/iotests.py | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/tests/qemu-iotests/iotests.py b/tests/qemu-iotests/iotests.py
> index 4e67fbbe96..cd9be1bd9c 100644
> --- a/tests/qemu-iotests/iotests.py
> +++ b/tests/qemu-iotests/iotests.py
> @@ -679,13 +679,13 @@ def main(supported_fmts=[], supported_oses=['linux'],
> supported_cache_modes=[],
>
> # We need to filter out the time taken from the output so that
> qemu-iotest
> # can reliably diff the results against master output.
> -import StringIO
> +from io import StringIO
> if debug:
> output = sys.stdout
> verbosity = 2
> sys.argv.remove('-d')
> else:
> -output = StringIO.StringIO()
> +output = StringIO()
>
> logging.basicConfig(level=(logging.DEBUG if debug else logging.WARN))
>
>
Reviewed-by: Paolo Bonzini
[Qemu-devel] [PATCH 1/3] hw/pci-bridge/xio3130: Remove unused functions
Introduced in 48ebf2f90f8 and faf1e708d5b, these functions
were never used. Remove them.
Signed-off-by: Philippe Mathieu-Daudé
---
hw/pci-bridge/xio3130_downstream.h | 11 ---
hw/pci-bridge/xio3130_upstream.h | 10 --
hw/pci-bridge/xio3130_downstream.c | 28 +---
hw/pci-bridge/xio3130_upstream.c | 24 +---
4 files changed, 2 insertions(+), 71 deletions(-)
delete mode 100644 hw/pci-bridge/xio3130_downstream.h
delete mode 100644 hw/pci-bridge/xio3130_upstream.h
diff --git a/hw/pci-bridge/xio3130_downstream.h
b/hw/pci-bridge/xio3130_downstream.h
deleted file mode 100644
index 8426d9ffa6..00
--- a/hw/pci-bridge/xio3130_downstream.h
+++ /dev/null
@@ -1,11 +0,0 @@
-#ifndef QEMU_XIO3130_DOWNSTREAM_H
-#define QEMU_XIO3130_DOWNSTREAM_H
-
-#include "hw/pci/pcie_port.h"
-
-PCIESlot *xio3130_downstream_init(PCIBus *bus, int devfn, bool multifunction,
- const char *bus_name, pci_map_irq_fn map_irq,
- uint8_t port, uint8_t chassis,
- uint16_t slot);
-
-#endif /* QEMU_XIO3130_DOWNSTREAM_H */
diff --git a/hw/pci-bridge/xio3130_upstream.h b/hw/pci-bridge/xio3130_upstream.h
deleted file mode 100644
index d0ab7577e2..00
--- a/hw/pci-bridge/xio3130_upstream.h
+++ /dev/null
@@ -1,10 +0,0 @@
-#ifndef QEMU_XIO3130_UPSTREAM_H
-#define QEMU_XIO3130_UPSTREAM_H
-
-#include "hw/pci/pcie_port.h"
-
-PCIEPort *xio3130_upstream_init(PCIBus *bus, int devfn, bool multifunction,
-const char *bus_name, pci_map_irq_fn map_irq,
-uint8_t port);
-
-#endif /* QEMU_XIO3130_UPSTREAM_H */
diff --git a/hw/pci-bridge/xio3130_downstream.c
b/hw/pci-bridge/xio3130_downstream.c
index b202657954..467bbabe4c 100644
--- a/hw/pci-bridge/xio3130_downstream.c
+++ b/hw/pci-bridge/xio3130_downstream.c
@@ -23,7 +23,7 @@
#include "hw/pci/pci_ids.h"
#include "hw/pci/msi.h"
#include "hw/pci/pcie.h"
-#include "xio3130_downstream.h"
+#include "hw/pci/pcie_port.h"
#include "qapi/error.h"
#define PCI_DEVICE_ID_TI_XIO3130D 0x8233 /* downstream port */
@@ -127,32 +127,6 @@ static void xio3130_downstream_exitfn(PCIDevice *d)
pci_bridge_exitfn(d);
}
-PCIESlot *xio3130_downstream_init(PCIBus *bus, int devfn, bool multifunction,
- const char *bus_name, pci_map_irq_fn map_irq,
- uint8_t port, uint8_t chassis,
- uint16_t slot)
-{
-PCIDevice *d;
-PCIBridge *br;
-DeviceState *qdev;
-
-d = pci_create_multifunction(bus, devfn, multifunction,
- "xio3130-downstream");
-if (!d) {
-return NULL;
-}
-br = PCI_BRIDGE(d);
-
-qdev = DEVICE(d);
-pci_bridge_map_irq(br, bus_name, map_irq);
-qdev_prop_set_uint8(qdev, "port", port);
-qdev_prop_set_uint8(qdev, "chassis", chassis);
-qdev_prop_set_uint16(qdev, "slot", slot);
-qdev_init_nofail(qdev);
-
-return PCIE_SLOT(d);
-}
-
static Property xio3130_downstream_props[] = {
DEFINE_PROP_BIT(COMPAT_PROP_PCP, PCIDevice, cap_present,
QEMU_PCIE_SLTCAP_PCP_BITNR, true),
diff --git a/hw/pci-bridge/xio3130_upstream.c b/hw/pci-bridge/xio3130_upstream.c
index bca2f9a5ea..b524908cf1 100644
--- a/hw/pci-bridge/xio3130_upstream.c
+++ b/hw/pci-bridge/xio3130_upstream.c
@@ -23,7 +23,7 @@
#include "hw/pci/pci_ids.h"
#include "hw/pci/msi.h"
#include "hw/pci/pcie.h"
-#include "xio3130_upstream.h"
+#include "hw/pci/pcie_port.h"
#define PCI_DEVICE_ID_TI_XIO3130U 0x8232 /* upstream port */
#define XIO3130_REVISION0x2
@@ -108,28 +108,6 @@ static void xio3130_upstream_exitfn(PCIDevice *d)
pci_bridge_exitfn(d);
}
-PCIEPort *xio3130_upstream_init(PCIBus *bus, int devfn, bool multifunction,
- const char *bus_name, pci_map_irq_fn map_irq,
- uint8_t port)
-{
-PCIDevice *d;
-PCIBridge *br;
-DeviceState *qdev;
-
-d = pci_create_multifunction(bus, devfn, multifunction, "x3130-upstream");
-if (!d) {
-return NULL;
-}
-br = PCI_BRIDGE(d);
-
-qdev = DEVICE(d);
-pci_bridge_map_irq(br, bus_name, map_irq);
-qdev_prop_set_uint8(qdev, "port", port);
-qdev_init_nofail(qdev);
-
-return PCIE_PORT(d);
-}
-
static const VMStateDescription vmstate_xio3130_upstream = {
.name = "xio3130-express-upstream-port",
.priority = MIG_PRI_PCI_BUS,
--
2.19.1
[Qemu-devel] [PATCH 3/3] hw/pci: Add missing include
Noted while refactoring: CC mips-softmmu/hw/mips/gt64xxx_pci.o In file included from include/hw/pci-host/gt64xxx.h:2, from hw/mips/gt64xxx_pci.c:30: include/hw/pci/pci_bus.h:23:5: error: unknown type name ‘PCIIOMMUFunc’ PCIIOMMUFunc iommu_fn; ^~~~ include/hw/pci/pci_bus.h:27:5: error: unknown type name ‘pci_set_irq_fn’ pci_set_irq_fn set_irq; ^~ include/hw/pci/pci_bus.h:28:5: error: unknown type name ‘pci_map_irq_fn’ pci_map_irq_fn map_irq; ^~ include/hw/pci/pci_bus.h:29:5: error: unknown type name ‘pci_route_irq_fn’ pci_route_irq_fn route_intx_to_irq; ^~~~ include/hw/pci/pci_bus.h:31:24: error: ‘PCI_SLOT_MAX’ undeclared here (not in a function) PCIDevice *devices[PCI_SLOT_MAX * PCI_FUNC_MAX]; ^~~~ include/hw/pci/pci_bus.h:31:39: error: ‘PCI_FUNC_MAX’ undeclared here (not in a function) PCIDevice *devices[PCI_SLOT_MAX * PCI_FUNC_MAX]; ^~~~ make[1]: *** [rules.mak:69: hw/mips/gt64xxx_pci.o] Error 1 make: *** [Makefile:482: subdir-mips-softmmu] Error 2 Signed-off-by: Philippe Mathieu-Daudé --- include/hw/pci/pci_bus.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/hw/pci/pci_bus.h b/include/hw/pci/pci_bus.h index b7da8f555b..dfb75752cb 100644 --- a/include/hw/pci/pci_bus.h +++ b/include/hw/pci/pci_bus.h @@ -1,6 +1,8 @@ #ifndef QEMU_PCI_BUS_H #define QEMU_PCI_BUS_H +#include "hw/pci/pci.h" + /* * PCI Bus datastructures. * -- 2.19.1
[Qemu-devel] [PATCH 2/3] hw/pci-bridge/ioh3420: Remove unuseful header
Signed-off-by: Philippe Mathieu-Daudé --- hw/pci-bridge/ioh3420.h | 6 -- hw/pci-bridge/ioh3420.c | 2 +- 2 files changed, 1 insertion(+), 7 deletions(-) delete mode 100644 hw/pci-bridge/ioh3420.h diff --git a/hw/pci-bridge/ioh3420.h b/hw/pci-bridge/ioh3420.h deleted file mode 100644 index ea423cb991..00 --- a/hw/pci-bridge/ioh3420.h +++ /dev/null @@ -1,6 +0,0 @@ -#ifndef QEMU_IOH3420_H -#define QEMU_IOH3420_H - -#include "hw/pci/pcie_port.h" - -#endif /* QEMU_IOH3420_H */ diff --git a/hw/pci-bridge/ioh3420.c b/hw/pci-bridge/ioh3420.c index a451d74ee6..81f2de6f07 100644 --- a/hw/pci-bridge/ioh3420.c +++ b/hw/pci-bridge/ioh3420.c @@ -24,7 +24,7 @@ #include "hw/pci/pci_ids.h" #include "hw/pci/msi.h" #include "hw/pci/pcie.h" -#include "ioh3420.h" +#include "hw/pci/pcie_port.h" #define PCI_DEVICE_ID_IOH_EPORT 0x3420 /* D0:F0 express mode */ #define PCI_DEVICE_ID_IOH_REV 0x2 -- 2.19.1
[Qemu-devel] [PATCH 0/3] pci: Add missing include and remove unuseful code
Hi Michael, these are obvious cleanups patches. I might ressurect David's old series later: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05277.html Regards, Phil. Philippe Mathieu-Daudé (3): hw/pci-bridge/xio3130: Remove unused functions hw/pci-bridge/ioh3420: Remove unuseful header hw/pci: Add missing include hw/pci-bridge/ioh3420.h| 6 -- hw/pci-bridge/xio3130_downstream.h | 11 --- hw/pci-bridge/xio3130_upstream.h | 10 -- include/hw/pci/pci_bus.h | 2 ++ hw/pci-bridge/ioh3420.c| 2 +- hw/pci-bridge/xio3130_downstream.c | 28 +--- hw/pci-bridge/xio3130_upstream.c | 24 +--- 7 files changed, 5 insertions(+), 78 deletions(-) delete mode 100644 hw/pci-bridge/ioh3420.h delete mode 100644 hw/pci-bridge/xio3130_downstream.h delete mode 100644 hw/pci-bridge/xio3130_upstream.h -- 2.19.1
[Qemu-devel] [PATCH v3] python: Use io.StringIO
Both Python 2.7 and 3 support the same io.StringIO to
handle unicode strings.
Use the common form to use indistinctly Python 2.7 or 3.
http://python-future.org/compatible_idioms.html#stringio
This fixes running tests on the Fedora Docker image,
which uses Python3 since 356dc290f:
$ make docker-test-block@fedora
[...]
045 [failed, exit status 1] - output mismatch (see 045.out.bad)
--- /tmp/qemu-test/src/tests/qemu-iotests/045.out 2018-07-17
16:56:18.0 +
+++ /tmp/qemu-test/build/tests/qemu-iotests/045.out.bad 2018-07-17
17:19:22.448409007 +
@@ -1,5 +1,6 @@
-...
---
-Ran 11 tests
-
-OK
+Traceback (most recent call last):
+ File "045", line 178, in
+iotests.main(supported_fmts=['raw'])
+ File "/tmp/qemu-test/src/tests/qemu-iotests/iotests.py", line 682, in main
+import StringIO
+ModuleNotFoundError: No module named 'StringIO'
132 [failed, exit status 1] - output mismatch (see 132.out.bad)
152 [failed, exit status 1] - output mismatch (see 152.out.bad)
Failures: 045 132 152
Signed-off-by: Philippe Mathieu-Daudé
---
tests/qemu-iotests/iotests.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tests/qemu-iotests/iotests.py b/tests/qemu-iotests/iotests.py
index 4e67fbbe96..cd9be1bd9c 100644
--- a/tests/qemu-iotests/iotests.py
+++ b/tests/qemu-iotests/iotests.py
@@ -679,13 +679,13 @@ def main(supported_fmts=[], supported_oses=['linux'],
supported_cache_modes=[],
# We need to filter out the time taken from the output so that qemu-iotest
# can reliably diff the results against master output.
-import StringIO
+from io import StringIO
if debug:
output = sys.stdout
verbosity = 2
sys.argv.remove('-d')
else:
-output = StringIO.StringIO()
+output = StringIO()
logging.basicConfig(level=(logging.DEBUG if debug else logging.WARN))
--
2.19.1
Re: [Qemu-devel] [PATCH v2 0/3] tests/vm: Improvements when KVM is not available
Ping? On 10/1/18 1:23 AM, Philippe Mathieu-Daudé wrote: > Hi Fam, > > Since v1: > http://lists.nongnu.org/archive/html/qemu-devel/2018-07/msg03411.html > - rebased on master > - added get_default_jobs (Fam) > - dropped 'When using TCG, wait longer for a VM to start' > > Few patches I added while testing the VM tests without KVM access. > I doubt many people want to suffer using TCG for VM testing, but > it was handy to debug/support aarch64 VM tests. > > Also this could be a useful TCG stress test...? > > Regards, > > Phil. > > Philippe Mathieu-Daudé (3): > tests/vm: Extract the kvm_available() handy function > tests/vm: Do not abuse parallelism when KVM is not available > tests/vm: Display remaining seconds to wait for a VM to start > > tests/vm/basevm.py | 25 - > 1 file changed, 20 insertions(+), 5 deletions(-) >
Re: [Qemu-devel] [PATCH v3 4/4] MAINTAINERS: Voluntary to review hobbyist MIPS contributions
Eric corrected s/Voluntary/Volunteer/ in the subject line. On 9/30/18 11:47 PM, Philippe Mathieu-Daudé wrote: > Signed-off-by: Philippe Mathieu-Daudé > --- > MAINTAINERS | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/MAINTAINERS b/MAINTAINERS > index ce7c351afa..2708745bf7 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -188,6 +188,7 @@ F: disas/microblaze.c > MIPS > M: Aurelien Jarno > M: Aleksandar Markovic > +R: Philippe Mathieu-Daudé > S: Maintained > F: target/mips/ > F: hw/mips/ > @@ -1948,6 +1949,7 @@ F: disas/i386.c > > MIPS target > M: Aurelien Jarno > +R: Philippe Mathieu-Daudé > S: Maintained > F: tcg/mips/ > F: disas/mips.c >
Re: [Qemu-devel] [PATCH v3 0/4] mips: Increase the insn_flags holder size and clean mips-defs.h
Ping? On 9/30/18 11:47 PM, Philippe Mathieu-Daudé wrote: > After noticing Fredrik patch [1] clashes with an ongoing work, I shared my > concerns after the current limitations of CPUMIPSState::insn_flags, having > 1 bit left to store more 'Chip specific instructions'. > > Since v2: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg04064.html > > - rebased on upstream/master (previous was based on Fredrik's R5900)> > Since v1: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg00933.html > > - update "int insn_flags;" in target/mips/translate.c::DisasContext > - cleaned the 'insn_flags' namespace per Aleksandar suggestion > - drop cpu defs used once > - add my email in MAINTAINERS:MIPS to help me catch patches to review > > Regards, > > Phil. > > [1] http://lists.nongnu.org/archive/html/qemu-devel/2018-07/msg01978.html > [2] http://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg00901.html > > Philippe Mathieu-Daudé (4): > target/mips: Increase the 'supported instructions' flags holder size > target/mips: Remove definitions that are only used once > target/mips: Clean the 'insn_flags' namespace > MAINTAINERS: Voluntary to review hobbyist MIPS contributions > > target/mips/cpu.h| 2 +- > target/mips/internal.h | 2 +- > target/mips/mips-defs.h | 89 ++-- > target/mips/translate.c | 6 +-- > target/mips/translate_init.inc.c | 6 +-- > MAINTAINERS | 2 + > 6 files changed, 61 insertions(+), 46 deletions(-) >
Re: [Qemu-devel] [PATCH] machine: fix a typo
On Wed, Oct 10, 2018 at 09:10:25AM -0700, Li Qiang wrote: > Cc: qemu-triv...@nongnu.org > Signed-off-by: Li Qiang Queued, thanks. -- Eduardo
[Qemu-devel] [PATCH v6 10/14] target/arm: Finish implementation of PM[X]EVCNTR and PM[X]EVTYPER
Add arrays to hold the registers, the definitions themselves, access
functions, and logic to reset counters when PMCR.P is set. Update
filtering code to support counters other than PMCCNTR. Support migration
with raw read/write functions.
Signed-off-by: Aaron Lindsay
Signed-off-by: Aaron Lindsay
---
target/arm/cpu.h| 3 +
target/arm/helper.c | 296 +---
2 files changed, 282 insertions(+), 17 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index cc026f0b75..f4317f87c9 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -482,6 +482,9 @@ typedef struct CPUARMState {
* pmccntr_op_finish.
*/
uint64_t c15_ccnt_delta;
+uint64_t c14_pmevcntr[31];
+uint64_t c14_pmevcntr_delta[31];
+uint64_t c14_pmevtyper[31];
uint64_t pmccfiltr_el0; /* Performance Monitor Filter Register */
uint64_t vpidr_el2; /* Virtualization Processor ID Register */
uint64_t vmpidr_el2; /* Virtualization Multiprocessor ID Register */
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 375b6dcda5..f0798f7a8c 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -946,6 +946,7 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
#define PMCRDP 0x10
#define PMCRD 0x8
#define PMCRC 0x4
+#define PMCRP 0x2
#define PMCRE 0x1
#define PMXEVTYPER_P 0x8000
@@ -1018,6 +1019,17 @@ uint64_t get_pmceid(CPUARMState *env)
return pmceid;
}
+/*
+ * Check at runtime whether a PMU event is supported for the current machine
+ */
+static bool event_supported(uint16_t number)
+{
+if (number > MAX_EVENT_ID) {
+return false;
+}
+return supported_event_map[number] != UNSUPPORTED_EVENT;
+}
+
static CPAccessResult pmreg_access(CPUARMState *env, const ARMCPRegInfo *ri,
bool isread)
{
@@ -1137,9 +1149,11 @@ static inline bool pmu_counter_enabled(CPUARMState *env,
uint8_t counter)
prohibited = env->cp15.c9_pmcr & PMCRDP;
}
-/* TODO Remove assert, set filter to correct PMEVTYPER */
-assert(counter == 31);
-filter = env->cp15.pmccfiltr_el0;
+if (counter == 31) {
+filter = env->cp15.pmccfiltr_el0;
+} else {
+filter = env->cp15.c14_pmevtyper[counter];
+}
p = filter & PMXEVTYPER_P;
u = filter & PMXEVTYPER_U;
@@ -1159,6 +1173,17 @@ static inline bool pmu_counter_enabled(CPUARMState *env,
uint8_t counter)
filtered = m != p;
}
+if (counter != 31) {
+/*
+ * If not checking PMCCNTR, ensure the counter is setup to an event we
+ * support
+ */
+uint16_t event = filter & PMXEVTYPER_EVTCOUNT;
+if (!event_supported(event)) {
+return false;
+}
+}
+
return enabled && !prohibited && !filtered;
}
@@ -1205,14 +1230,47 @@ void pmccntr_op_finish(CPUARMState *env)
}
}
+static void pmevcntr_op_start(CPUARMState *env, uint8_t counter)
+{
+
+uint16_t event = env->cp15.c14_pmevtyper[counter] & PMXEVTYPER_EVTCOUNT;
+uint64_t count = 0;
+if (event_supported(event)) {
+uint16_t event_idx = supported_event_map[event];
+count = pm_events[event_idx].get_count(env);
+}
+
+if (pmu_counter_enabled(env, counter)) {
+env->cp15.c14_pmevcntr[counter] =
+count - env->cp15.c14_pmevcntr_delta[counter];
+}
+env->cp15.c14_pmevcntr_delta[counter] = count;
+}
+
+static void pmevcntr_op_finish(CPUARMState *env, uint8_t counter)
+{
+if (pmu_counter_enabled(env, counter)) {
+env->cp15.c14_pmevcntr_delta[counter] -=
+env->cp15.c14_pmevcntr[counter];
+}
+}
+
void pmu_op_start(CPUARMState *env)
{
+unsigned int i;
pmccntr_op_start(env);
+for (i = 0; i < pmu_num_counters(env); i++) {
+pmevcntr_op_start(env, i);
+}
}
void pmu_op_finish(CPUARMState *env)
{
+unsigned int i;
pmccntr_op_finish(env);
+for (i = 0; i < pmu_num_counters(env); i++) {
+pmevcntr_op_finish(env, i);
+}
}
void pmu_pre_el_change(ARMCPU *cpu, void *ignored)
@@ -1235,6 +1293,13 @@ static void pmcr_write(CPUARMState *env, const
ARMCPRegInfo *ri,
env->cp15.c15_ccnt = 0;
}
+if (value & PMCRP) {
+unsigned int i;
+for (i = 0; i < pmu_num_counters(env); i++) {
+env->cp15.c14_pmevcntr[i] = 0;
+}
+}
+
/* only the DP, X, D and E bits are writable */
env->cp15.c9_pmcr &= ~0x39;
env->cp15.c9_pmcr |= (value & 0x39);
@@ -1288,6 +1353,14 @@ void pmccntr_op_finish(CPUARMState *env)
{
}
+void pmevcntr_op_start(CPUARMState *env, uint8_t i)
+{
+}
+
+void pmevcntr_op_finish(CPUARMState *env, uint8_t i)
+{
+}
+
void pmu_op_start(CPUARMState *env)
{
}
@@ -1358,30 +1431,174 @@ static void pmovsset_write(CPUARMState *env, const
ARMCPRegInfo *ri,
env->cp15.c9_pmovsr |= value;
}
-static void
[Qemu-devel] [PATCH v6 12/14] target/arm: PMU: Set PMCR.N to 4
This both advertises that we support four counters and enables them
because the pmu_num_counters() reads this value from PMCR.
Signed-off-by: Aaron Lindsay
---
target/arm/helper.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index d6501de1ba..89ceb34cb9 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1706,7 +1706,7 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.access = PL1_W, .type = ARM_CP_NOP },
/* Performance monitors are implementation defined in v7,
* but with an ARM recommended set of registers, which we
- * follow (although we don't actually implement any counters)
+ * follow.
*
* Performance registers fall into three categories:
* (a) always UNDEF in PL0, RW in PL1 (PMINTENSET, PMINTENCLR)
@@ -5412,8 +5412,8 @@ void register_cp_regs_for_features(ARMCPU *cpu)
}
if (arm_feature(env, ARM_FEATURE_V7)) {
/* v7 performance monitor control register: same implementor
- * field as main ID register, and we implement only the cycle
- * count register.
+ * field as main ID register, and we implement four counters in
+ * addition to the cycle count register.
*/
unsigned int i, pmcrn = 4;
ARMCPRegInfo pmcr = {
@@ -5430,7 +5430,7 @@ void register_cp_regs_for_features(ARMCPU *cpu)
.access = PL0_RW, .accessfn = pmreg_access,
.type = ARM_CP_IO,
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmcr),
-.resetvalue = cpu->midr & 0xff00,
+.resetvalue = (cpu->midr & 0xff00) | (pmcrn << PMCRN_SHIFT),
.writefn = pmcr_write, .raw_writefn = raw_write,
};
define_one_arm_cp_reg(cpu, );
--
2.19.1
[Qemu-devel] [PATCH v6 14/14] target/arm: Send interrupts on PMU counter overflow
Setup a QEMUTimer to get a callback when we expect counters to next
overflow and trigger an interrupt at that time.
Signed-off-by: Aaron Lindsay
---
target/arm/cpu.c| 11
target/arm/cpu.h| 7 +++
target/arm/helper.c | 126 +---
3 files changed, 138 insertions(+), 6 deletions(-)
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 7f39f25f51..c89c7c776c 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -764,6 +764,12 @@ static void arm_cpu_finalizefn(Object *obj)
QLIST_REMOVE(hook, node);
g_free(hook);
}
+#ifndef CONFIG_USER_ONLY
+if (arm_feature(>env, ARM_FEATURE_PMU)) {
+timer_deinit(cpu->pmu_timer);
+timer_free(cpu->pmu_timer);
+}
+#endif
}
static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
@@ -958,6 +964,11 @@ static void arm_cpu_realizefn(DeviceState *dev, Error
**errp)
arm_register_pre_el_change_hook(cpu, _pre_el_change, 0);
arm_register_el_change_hook(cpu, _post_el_change, 0);
}
+
+#ifndef CONFIG_USER_ONLY
+cpu->pmu_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, arm_pmu_timer_cb,
+cpu);
+#endif
} else {
cpu->pmceid0 = 0x;
cpu->pmceid1 = 0x;
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index f4317f87c9..a27481658c 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -721,6 +721,8 @@ struct ARMCPU {
/* Timers used by the generic (architected) timer */
QEMUTimer *gt_timer[NUM_GTIMERS];
+/* Timer used by the PMU */
+QEMUTimer *pmu_timer;
/* GPIO outputs for generic timer */
qemu_irq gt_timer_outputs[NUM_GTIMERS];
/* GPIO output for GICv3 maintenance interrupt signal */
@@ -972,6 +974,11 @@ void pmccntr_op_finish(CPUARMState *env);
void pmu_op_start(CPUARMState *env);
void pmu_op_finish(CPUARMState *env);
+/**
+ * Called when a PMU counter is due to overflow
+ */
+void arm_pmu_timer_cb(void *opaque);
+
/**
* Functions to register as EL change hooks for PMU mode filtering
*/
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 6c2a899009..9699e43f0c 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -944,6 +944,7 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
/* Definitions for the PMU registers */
#define PMCRN_MASK 0xf800
#define PMCRN_SHIFT 11
+#define PMCRLC 0x40
#define PMCRDP 0x10
#define PMCRD 0x8
#define PMCRC 0x4
@@ -963,6 +964,8 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
PMXEVTYPER_M | PMXEVTYPER_MT | \
PMXEVTYPER_EVTCOUNT)
+#define PMEVCNTR_OVERFLOW_MASK ((uint64_t)1 << 31)
+
#define PMCCFILTR 0xf800
#define PMCCFILTR_M PMXEVTYPER_M
#define PMCCFILTR_EL0 (PMCCFILTR | PMCCFILTR_M)
@@ -987,6 +990,11 @@ typedef struct pm_event {
* counters hold a difference from the return value from this function
*/
uint64_t (*get_count)(CPUARMState *);
+/* Return how many nanoseconds it will take (at a minimum) for count events
+ * to occur. A negative value indicates the counter will never overflow, or
+ * that the counter has otherwise arranged for the overflow bit to be set
+ * and the PMU interrupt to be raised on overflow. */
+int64_t (*ns_per_count)(uint64_t);
} pm_event;
static bool event_always_supported(CPUARMState *env)
@@ -1003,6 +1011,11 @@ static uint64_t swinc_get_count(CPUARMState *env)
return 0;
}
+static int64_t swinc_ns_per(uint64_t ignored)
+{
+return -1;
+}
+
/*
* Return the underlying cycle count for the PMU cycle counters. If we're in
* usermode, simply return 0.
@@ -1018,6 +1031,11 @@ static uint64_t cycles_get_count(CPUARMState *env)
}
#ifndef CONFIG_USER_ONLY
+static int64_t cycles_ns_per(uint64_t cycles)
+{
+return (ARM_CPU_FREQ / NANOSECONDS_PER_SECOND) * cycles;
+}
+
static bool instructions_supported(CPUARMState *env)
{
return use_icount == 1 /* Precise instruction counting */;
@@ -1027,21 +1045,29 @@ static uint64_t instructions_get_count(CPUARMState *env)
{
return (uint64_t)cpu_get_icount_raw();
}
+
+static int64_t instructions_ns_per(uint64_t icount)
+{
+return cpu_icount_to_ns((int64_t)icount);
+}
#endif
static const pm_event pm_events[] = {
{ .number = 0x000, /* SW_INCR */
.supported = event_always_supported,
.get_count = swinc_get_count,
+ .ns_per_count = swinc_ns_per,
},
#ifndef CONFIG_USER_ONLY
{ .number = 0x008, /* INST_RETIRED, Instruction architecturally executed */
.supported = instructions_supported,
.get_count = instructions_get_count,
+ .ns_per_count = instructions_ns_per,
},
{ .number = 0x011, /* CPU_CYCLES, Cycle */
.supported = event_always_supported,
.get_count = cycles_get_count,
+ .ns_per_count = cycles_ns_per,
}
#endif
};
@@ -1240,6 +1266,13 @@ static inline bool
[Qemu-devel] [PATCH v6 13/14] target/arm: Implement PMSWINC
Signed-off-by: Aaron Lindsay
---
target/arm/helper.c | 39 +--
1 file changed, 37 insertions(+), 2 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 89ceb34cb9..6c2a899009 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -994,6 +994,15 @@ static bool event_always_supported(CPUARMState *env)
return true;
}
+static uint64_t swinc_get_count(CPUARMState *env)
+{
+/*
+ * SW_INCR events are written directly to the pmevcntr's by writes to
+ * PMSWINC, so there is no underlying count maintained by the PMU itself
+ */
+return 0;
+}
+
/*
* Return the underlying cycle count for the PMU cycle counters. If we're in
* usermode, simply return 0.
@@ -1021,6 +1030,10 @@ static uint64_t instructions_get_count(CPUARMState *env)
#endif
static const pm_event pm_events[] = {
+{ .number = 0x000, /* SW_INCR */
+ .supported = event_always_supported,
+ .get_count = swinc_get_count,
+},
#ifndef CONFIG_USER_ONLY
{ .number = 0x008, /* INST_RETIRED, Instruction architecturally executed */
.supported = instructions_supported,
@@ -1345,6 +1358,24 @@ static void pmcr_write(CPUARMState *env, const
ARMCPRegInfo *ri,
pmu_op_finish(env);
}
+static void pmswinc_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+unsigned int i;
+for (i = 0; i < pmu_num_counters(env); i++) {
+/* Increment a counter's count iff: */
+if ((value & (1 << i)) && /* counter's bit is set */
+/* counter is enabled and not filtered */
+pmu_counter_enabled(env, i) &&
+/* counter is SW_INCR */
+(env->cp15.c14_pmevtyper[i] & PMXEVTYPER_EVTCOUNT) == 0x0) {
+pmevcntr_op_start(env, i);
+env->cp15.c14_pmevcntr[i]++;
+pmevcntr_op_finish(env, i);
+}
+}
+}
+
static uint64_t pmccntr_read(CPUARMState *env, const ARMCPRegInfo *ri)
{
uint64_t ret;
@@ -1751,9 +1782,13 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmovsr),
.writefn = pmovsr_write,
.raw_writefn = raw_write },
-/* Unimplemented so WI. */
{ .name = "PMSWINC", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 4,
- .access = PL0_W, .accessfn = pmreg_access_swinc, .type = ARM_CP_NOP },
+ .access = PL0_W, .accessfn = pmreg_access_swinc, .type = ARM_CP_NO_RAW,
+ .writefn = pmswinc_write },
+{ .name = "PMSWINC_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 4,
+ .access = PL0_W, .accessfn = pmreg_access_swinc, .type = ARM_CP_NO_RAW,
+ .writefn = pmswinc_write },
{ .name = "PMSELR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 5,
.access = PL0_RW, .type = ARM_CP_ALIAS,
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmselr),
--
2.19.1
[Qemu-devel] [PATCH v6 03/14] migration: Add post_save function to VMStateDescription
In some cases it may be helpful to modify state before saving it for
migration, and then modify the state back after it has been saved. The
existing pre_save function provides half of this functionality. This
patch adds a post_save function to provide the second half.
Signed-off-by: Aaron Lindsay
---
docs/devel/migration.rst| 9 +++--
include/migration/vmstate.h | 1 +
migration/vmstate.c | 10 +-
3 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/docs/devel/migration.rst b/docs/devel/migration.rst
index 687570754d..2a2533c9b3 100644
--- a/docs/devel/migration.rst
+++ b/docs/devel/migration.rst
@@ -419,8 +419,13 @@ The functions to do that are inside a vmstate definition,
and are called:
This function is called before we save the state of one device.
-Example: You can look at hpet.c, that uses the three function to
-massage the state that is transferred.
+- ``void (*post_save)(void *opaque);``
+
+ This function is called after we save the state of one device
+ (even upon failure, unless the call to pre_save returned and error).
+
+Example: You can look at hpet.c, that uses the first three functions
+to massage the state that is transferred.
The ``VMSTATE_WITH_TMP`` macro may be useful when the migration
data doesn't match the stored device data well; it allows an
diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h
index 2b501d0466..f6053b94e4 100644
--- a/include/migration/vmstate.h
+++ b/include/migration/vmstate.h
@@ -185,6 +185,7 @@ struct VMStateDescription {
int (*pre_load)(void *opaque);
int (*post_load)(void *opaque, int version_id);
int (*pre_save)(void *opaque);
+void (*post_save)(void *opaque);
bool (*needed)(void *opaque);
VMStateField *fields;
const VMStateDescription **subsections;
diff --git a/migration/vmstate.c b/migration/vmstate.c
index 0bc240a317..9afc9298f3 100644
--- a/migration/vmstate.c
+++ b/migration/vmstate.c
@@ -387,6 +387,9 @@ int vmstate_save_state_v(QEMUFile *f, const
VMStateDescription *vmsd,
if (ret) {
error_report("Save of field %s/%s failed",
vmsd->name, field->name);
+if (vmsd->post_save) {
+vmsd->post_save(opaque);
+}
return ret;
}
@@ -412,7 +415,12 @@ int vmstate_save_state_v(QEMUFile *f, const
VMStateDescription *vmsd,
json_end_array(vmdesc);
}
-return vmstate_subsection_save(f, vmsd, opaque, vmdesc);
+ret = vmstate_subsection_save(f, vmsd, opaque, vmdesc);
+
+if (vmsd->post_save) {
+vmsd->post_save(opaque);
+}
+return ret;
}
static const VMStateDescription *
--
2.19.1
[Qemu-devel] [PATCH v6 06/14] target/arm: Filter cycle counter based on PMCCFILTR_EL0
The pmu_counter_enabled and pmu_op_start/finish functions are generic
(as opposed to PMCCNTR-specific) to allow for the implementation of
other events.
Signed-off-by: Aaron Lindsay
Reviewed-by: Peter Maydell
---
target/arm/cpu.c | 3 ++
target/arm/cpu.h | 22 +++-
target/arm/helper.c | 118 +++
target/arm/machine.c | 8 +--
4 files changed, 137 insertions(+), 14 deletions(-)
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index b5e61cc177..f69addb961 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -948,6 +948,9 @@ static void arm_cpu_realizefn(DeviceState *dev, Error
**errp)
if (!cpu->has_pmu) {
unset_feature(env, ARM_FEATURE_PMU);
cpu->id_aa64dfr0 &= ~0xf00;
+} else if (!kvm_enabled()) {
+arm_register_pre_el_change_hook(cpu, _pre_el_change, 0);
+arm_register_el_change_hook(cpu, _post_el_change, 0);
}
if (!arm_feature(env, ARM_FEATURE_EL2)) {
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index fdf672ca22..d9cd8dd92c 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -957,6 +957,24 @@ int cpu_arm_signal_handler(int host_signum, void *pinfo,
void pmccntr_op_start(CPUARMState *env);
void pmccntr_op_finish(CPUARMState *env);
+/**
+ * pmu_op_start/finish
+ * @env: CPUARMState
+ *
+ * Convert all PMU counters between their delta form (the typical mode when
+ * they are enabled) and the guest-visible values. These two calls must
+ * surround any action which might affect the counters, and the return value
+ * from pmu_op_start must be supplied as the second argument to pmu_op_finish.
+ */
+void pmu_op_start(CPUARMState *env);
+void pmu_op_finish(CPUARMState *env);
+
+/**
+ * Functions to register as EL change hooks for PMU mode filtering
+ */
+void pmu_pre_el_change(ARMCPU *cpu, void *ignored);
+void pmu_post_el_change(ARMCPU *cpu, void *ignored);
+
/* SCTLR bit meanings. Several bits have been reused in newer
* versions of the architecture; in that case we define constants
* for both old and new bit meanings. Code which tests against those
@@ -1018,7 +1036,8 @@ void pmccntr_op_finish(CPUARMState *env);
#define MDCR_EPMAD(1U << 21)
#define MDCR_EDAD (1U << 20)
-#define MDCR_SPME (1U << 17)
+#define MDCR_SPME (1U << 17) /* MDCR_EL3 */
+#define MDCR_HPMD (1U << 17) /* MDCR_EL2 */
#define MDCR_SDD (1U << 16)
#define MDCR_SPD (3U << 14)
#define MDCR_TDRA (1U << 11)
@@ -1028,6 +1047,7 @@ void pmccntr_op_finish(CPUARMState *env);
#define MDCR_HPME (1U << 7)
#define MDCR_TPM (1U << 6)
#define MDCR_TPMCR(1U << 5)
+#define MDCR_HPMN (0x1fU)
/* Not all of the MDCR_EL3 bits are present in the 32-bit SDCR */
#define SDCR_VALID_MASK (MDCR_EPMAD | MDCR_EDAD | MDCR_SPME | MDCR_SPD)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 91e4e4170b..52bd13fdde 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -943,10 +943,24 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
/* Definitions for the PMU registers */
#define PMCRN_MASK 0xf800
#define PMCRN_SHIFT 11
+#define PMCRDP 0x10
#define PMCRD 0x8
#define PMCRC 0x4
#define PMCRE 0x1
+#define PMXEVTYPER_P 0x8000
+#define PMXEVTYPER_U 0x4000
+#define PMXEVTYPER_NSK0x2000
+#define PMXEVTYPER_NSU0x1000
+#define PMXEVTYPER_NSH0x0800
+#define PMXEVTYPER_M 0x0400
+#define PMXEVTYPER_MT 0x0200
+#define PMXEVTYPER_EVTCOUNT 0x
+#define PMXEVTYPER_MASK (PMXEVTYPER_P | PMXEVTYPER_U | PMXEVTYPER_NSK | \
+ PMXEVTYPER_NSU | PMXEVTYPER_NSH | \
+ PMXEVTYPER_M | PMXEVTYPER_MT | \
+ PMXEVTYPER_EVTCOUNT)
+
static inline uint32_t pmu_num_counters(CPUARMState *env)
{
return (env->cp15.c9_pmcr & PMCRN_MASK) >> PMCRN_SHIFT;
@@ -1042,16 +1056,66 @@ static CPAccessResult pmreg_access_ccntr(CPUARMState
*env,
return pmreg_access(env, ri, isread);
}
-static inline bool arm_ccnt_enabled(CPUARMState *env)
+/* Returns true if the counter (pass 31 for PMCCNTR) should count events using
+ * the current EL, security state, and register configuration.
+ */
+static inline bool pmu_counter_enabled(CPUARMState *env, uint8_t counter)
{
-/* This does not support checking PMCCFILTR_EL0 register */
+uint64_t filter;
+bool e, p, u, nsk, nsu, nsh, m;
+bool enabled, prohibited, filtered;
+bool secure = arm_is_secure(env);
+int el = arm_current_el(env);
+uint8_t hpmn = env->cp15.mdcr_el2 & MDCR_HPMN;
-if (!(env->cp15.c9_pmcr & PMCRE) || !(env->cp15.c9_pmcnten & (1 << 31))) {
-return false;
+if (!arm_feature(env, ARM_FEATURE_EL2) ||
+(counter < hpmn || counter == 31)) {
+e = env->cp15.c9_pmcr & PMCRE;
+} else {
+e = env->cp15.mdcr_el2 & MDCR_HPME;
}
+enabled = e && (env->cp15.c9_pmcnten & (1 <<
[Qemu-devel] [PATCH v6 05/14] target/arm: Reorganize PMCCNTR accesses
pmccntr_read and pmccntr_write contained duplicate code that was already
being handled by pmccntr_sync. Consolidate the duplicated code into two
functions: pmccntr_op_start and pmccntr_op_finish. Add a companion to
c15_ccnt in CPUARMState so that we can simultaneously save both the
architectural register value and the last underlying cycle count - this
ensures time isn't lost and will also allow us to access the 'old'
architectural register value in order to detect overflows in later
patches.
Signed-off-by: Aaron Lindsay
---
target/arm/cpu.h | 26
target/arm/helper.c | 96 +++-
target/arm/machine.c | 8 ++--
3 files changed, 73 insertions(+), 57 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 3a2aff1192..fdf672ca22 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -468,10 +468,20 @@ typedef struct CPUARMState {
uint64_t oslsr_el1; /* OS Lock Status */
uint64_t mdcr_el2;
uint64_t mdcr_el3;
-/* If the counter is enabled, this stores the last time the counter
- * was reset. Otherwise it stores the counter value
+/* Stores the architectural value of the counter *the last time it was
+ * updated* by pmccntr_op_start. Accesses should always be surrounded
+ * by pmccntr_op_start/pmccntr_op_finish to guarantee the latest
+ * architecturally-correct value is being read/set.
*/
uint64_t c15_ccnt;
+/* Stores the delta between the architectural value and the underlying
+ * cycle count during normal operation. It is used to update c15_ccnt
+ * to be the correct architectural value before accesses. During
+ * accesses, c15_ccnt_delta contains the underlying count being used
+ * for the access, after which it reverts to the delta value in
+ * pmccntr_op_finish.
+ */
+uint64_t c15_ccnt_delta;
uint64_t pmccfiltr_el0; /* Performance Monitor Filter Register */
uint64_t vpidr_el2; /* Virtualization Processor ID Register */
uint64_t vmpidr_el2; /* Virtualization Multiprocessor ID Register */
@@ -937,15 +947,15 @@ int cpu_arm_signal_handler(int host_signum, void *pinfo,
void *puc);
/**
- * pmccntr_sync
+ * pmccntr_op_start/finish
* @env: CPUARMState
*
- * Synchronises the counter in the PMCCNTR. This must always be called twice,
- * once before any action that might affect the timer and again afterwards.
- * The function is used to swap the state of the register if required.
- * This only happens when not in user mode (!CONFIG_USER_ONLY)
+ * Convert the counter in the PMCCNTR between its delta form (the typical mode
+ * when it's enabled) and the guest-visible value. These two calls must always
+ * surround any action which might affect the counter.
*/
-void pmccntr_sync(CPUARMState *env);
+void pmccntr_op_start(CPUARMState *env);
+void pmccntr_op_finish(CPUARMState *env);
/* SCTLR bit meanings. Several bits have been reused in newer
* versions of the architecture; in that case we define constants
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 12c53e54e9..91e4e4170b 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1052,28 +1052,53 @@ static inline bool arm_ccnt_enabled(CPUARMState *env)
return true;
}
-
-void pmccntr_sync(CPUARMState *env)
+/*
+ * Ensure c15_ccnt is the guest-visible count so that operations such as
+ * enabling/disabling the counter or filtering, modifying the count itself,
+ * etc. can be done logically. This is essentially a no-op if the counter is
+ * not enabled at the time of the call.
+ */
+void pmccntr_op_start(CPUARMState *env)
{
-uint64_t temp_ticks;
-
-temp_ticks = muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
+uint64_t cycles = 0;
+cycles = muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
ARM_CPU_FREQ, NANOSECONDS_PER_SECOND);
-if (env->cp15.c9_pmcr & PMCRD) {
-/* Increment once every 64 processor clock cycles */
-temp_ticks /= 64;
+if (arm_ccnt_enabled(env)) {
+uint64_t eff_cycles = cycles;
+if (env->cp15.c9_pmcr & PMCRD) {
+/* Increment once every 64 processor clock cycles */
+eff_cycles /= 64;
+}
+
+env->cp15.c15_ccnt = eff_cycles - env->cp15.c15_ccnt_delta;
}
+env->cp15.c15_ccnt_delta = cycles;
+}
+/*
+ * If PMCCNTR is enabled, recalculate the delta between the clock and the
+ * guest-visible count. A call to pmccntr_op_finish should follow every call to
+ * pmccntr_op_start.
+ */
+void pmccntr_op_finish(CPUARMState *env)
+{
if (arm_ccnt_enabled(env)) {
-env->cp15.c15_ccnt = temp_ticks - env->cp15.c15_ccnt;
+uint64_t prev_cycles = env->cp15.c15_ccnt_delta;
+
+if (env->cp15.c9_pmcr & PMCRD) {
+/* Increment once every 64 processor clock cycles */
+prev_cycles /=
[Qemu-devel] [PATCH v6 02/14] target/arm: Mask PMOVSR writes based on supported counters
This is an amendment to my earlier patch:
commit 7ece99b17e832065236c07a158dfac62619ef99b
Author: Aaron Lindsay
Date: Thu Apr 26 11:04:39 2018 +0100
target/arm: Mask PMU register writes based on PMCR_EL0.N
Signed-off-by: Aaron Lindsay
---
target/arm/helper.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 52c76b7444..8ca4d30797 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1179,6 +1179,7 @@ static void pmcntenclr_write(CPUARMState *env, const
ARMCPRegInfo *ri,
static void pmovsr_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
+value &= pmu_counter_mask(env);
env->cp15.c9_pmovsr &= ~value;
}
--
2.19.1
[Qemu-devel] [PATCH v6 07/14] target/arm: Allow AArch32 access for PMCCFILTR
Signed-off-by: Aaron Lindsay
Reviewed-by: Peter Maydell
---
target/arm/helper.c | 27 ++-
1 file changed, 26 insertions(+), 1 deletion(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 52bd13fdde..e804caaced 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -961,6 +961,10 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
PMXEVTYPER_M | PMXEVTYPER_MT | \
PMXEVTYPER_EVTCOUNT)
+#define PMCCFILTR 0xf800
+#define PMCCFILTR_M PMXEVTYPER_M
+#define PMCCFILTR_EL0 (PMCCFILTR | PMCCFILTR_M)
+
static inline uint32_t pmu_num_counters(CPUARMState *env)
{
return (env->cp15.c9_pmcr & PMCRN_MASK) >> PMCRN_SHIFT;
@@ -1264,10 +1268,26 @@ static void pmccfiltr_write(CPUARMState *env, const
ARMCPRegInfo *ri,
uint64_t value)
{
pmccntr_op_start(env);
-env->cp15.pmccfiltr_el0 = value & 0xfc00;
+env->cp15.pmccfiltr_el0 = value & PMCCFILTR_EL0;
+pmccntr_op_finish(env);
+}
+
+static void pmccfiltr_write_a32(CPUARMState *env, const ARMCPRegInfo *ri,
+uint64_t value)
+{
+pmccntr_op_start(env);
+/* M is not accessible from AArch32 */
+env->cp15.pmccfiltr_el0 = (env->cp15.pmccfiltr_el0 & PMCCFILTR_M) |
+(value & PMCCFILTR);
pmccntr_op_finish(env);
}
+static uint64_t pmccfiltr_read_a32(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+/* M is not visible in AArch32 */
+return env->cp15.pmccfiltr_el0 & PMCCFILTR;
+}
+
static void pmcntenset_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
@@ -1489,6 +1509,11 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.readfn = pmccntr_read, .writefn = pmccntr_write,
.raw_readfn = raw_read, .raw_writefn = raw_write, },
#endif
+{ .name = "PMCCFILTR", .cp = 15, .opc1 = 0, .crn = 14, .crm = 15, .opc2 =
7,
+ .writefn = pmccfiltr_write_a32, .readfn = pmccfiltr_read_a32,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .resetvalue = 0, },
{ .name = "PMCCFILTR_EL0", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 3, .crn = 14, .crm = 15, .opc2 = 7,
.writefn = pmccfiltr_write, .raw_writefn = raw_write,
--
2.19.1
[Qemu-devel] [PATCH v6 11/14] target/arm: PMU: Add instruction and cycle events
The instruction event is only enabled when icount is used, cycles are
always supported. Always defining get_cycle_count (but altering its
behavior depending on CONFIG_USER_ONLY) allows us to remove some
CONFIG_USER_ONLY #defines throughout the rest of the code.
Signed-off-by: Aaron Lindsay
Reviewed-by: Peter Maydell
---
target/arm/helper.c | 90 ++---
1 file changed, 44 insertions(+), 46 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index f0798f7a8c..d6501de1ba 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -15,6 +15,7 @@
#include "arm_ldst.h"
#include /* For crc32 */
#include "exec/semihost.h"
+#include "sysemu/cpus.h"
#include "sysemu/kvm.h"
#include "fpu/softfloat.h"
#include "qemu/range.h"
@@ -988,9 +989,50 @@ typedef struct pm_event {
uint64_t (*get_count)(CPUARMState *);
} pm_event;
+static bool event_always_supported(CPUARMState *env)
+{
+return true;
+}
+
+/*
+ * Return the underlying cycle count for the PMU cycle counters. If we're in
+ * usermode, simply return 0.
+ */
+static uint64_t cycles_get_count(CPUARMState *env)
+{
+#ifndef CONFIG_USER_ONLY
+return muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
+ ARM_CPU_FREQ, NANOSECONDS_PER_SECOND);
+#else
+return 0;
+#endif
+}
+
+#ifndef CONFIG_USER_ONLY
+static bool instructions_supported(CPUARMState *env)
+{
+return use_icount == 1 /* Precise instruction counting */;
+}
+
+static uint64_t instructions_get_count(CPUARMState *env)
+{
+return (uint64_t)cpu_get_icount_raw();
+}
+#endif
+
static const pm_event pm_events[] = {
+#ifndef CONFIG_USER_ONLY
+{ .number = 0x008, /* INST_RETIRED, Instruction architecturally executed */
+ .supported = instructions_supported,
+ .get_count = instructions_get_count,
+},
+{ .number = 0x011, /* CPU_CYCLES, Cycle */
+ .supported = event_always_supported,
+ .get_count = cycles_get_count,
+}
+#endif
};
-#define MAX_EVENT_ID 0x0
+#define MAX_EVENT_ID 0x11
#define UNSUPPORTED_EVENT UINT16_MAX
static uint16_t supported_event_map[MAX_EVENT_ID + 1];
@@ -1083,8 +1125,6 @@ static CPAccessResult pmreg_access_swinc(CPUARMState *env,
return pmreg_access(env, ri, isread);
}
-#ifndef CONFIG_USER_ONLY
-
static CPAccessResult pmreg_access_selr(CPUARMState *env,
const ARMCPRegInfo *ri,
bool isread)
@@ -1195,9 +1235,7 @@ static inline bool pmu_counter_enabled(CPUARMState *env,
uint8_t counter)
*/
void pmccntr_op_start(CPUARMState *env)
{
-uint64_t cycles = 0;
-cycles = muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
- ARM_CPU_FREQ, NANOSECONDS_PER_SECOND);
+uint64_t cycles = cycles_get_count(env);
if (pmu_counter_enabled(env, 31)) {
uint64_t eff_cycles = cycles;
@@ -1343,42 +1381,6 @@ static void pmccntr_write32(CPUARMState *env, const
ARMCPRegInfo *ri,
pmccntr_write(env, ri, deposit64(cur_val, 0, 32, value));
}
-#else /* CONFIG_USER_ONLY */
-
-void pmccntr_op_start(CPUARMState *env)
-{
-}
-
-void pmccntr_op_finish(CPUARMState *env)
-{
-}
-
-void pmevcntr_op_start(CPUARMState *env, uint8_t i)
-{
-}
-
-void pmevcntr_op_finish(CPUARMState *env, uint8_t i)
-{
-}
-
-void pmu_op_start(CPUARMState *env)
-{
-}
-
-void pmu_op_finish(CPUARMState *env)
-{
-}
-
-void pmu_pre_el_change(ARMCPU *cpu, void *ignored)
-{
-}
-
-void pmu_post_el_change(ARMCPU *cpu, void *ignored)
-{
-}
-
-#endif
-
static void pmccfiltr_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
@@ -1752,7 +1754,6 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
/* Unimplemented so WI. */
{ .name = "PMSWINC", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 4,
.access = PL0_W, .accessfn = pmreg_access_swinc, .type = ARM_CP_NOP },
-#ifndef CONFIG_USER_ONLY
{ .name = "PMSELR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 5,
.access = PL0_RW, .type = ARM_CP_ALIAS,
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmselr),
@@ -1774,7 +1775,6 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.fieldoffset = offsetof(CPUARMState, cp15.c15_ccnt),
.readfn = pmccntr_read, .writefn = pmccntr_write,
.raw_readfn = raw_read, .raw_writefn = raw_write, },
-#endif
{ .name = "PMCCFILTR", .cp = 15, .opc1 = 0, .crn = 14, .crm = 15, .opc2 =
7,
.writefn = pmccfiltr_write_a32, .readfn = pmccfiltr_read_a32,
.access = PL0_RW, .accessfn = pmreg_access,
@@ -5416,7 +5416,6 @@ void register_cp_regs_for_features(ARMCPU *cpu)
* count register.
*/
unsigned int i, pmcrn = 4;
-#ifndef CONFIG_USER_ONLY
ARMCPRegInfo pmcr = {
.name = "PMCR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 =
0,
.access = PL0_RW,
@@ -5473,7 +5472,6 @@ void register_cp_regs_for_features(ARMCPU *cpu)
[Qemu-devel] [PATCH v6 09/14] target/arm: Add array for supported PMU events, generate PMCEID[01]
This commit doesn't add any supported events, but provides the framework
for adding them. We store the pm_event structs in a simple array, and
provide the mapping from the event numbers to array indexes in the
supported_event_map array. Because the value of PMCEID[01] depends upon
which events are supported at runtime, generate it dynamically.
Signed-off-by: Aaron Lindsay
---
target/arm/cpu.c| 20 +---
target/arm/cpu.h| 10 ++
target/arm/cpu64.c | 2 --
target/arm/helper.c | 42 ++
4 files changed, 65 insertions(+), 9 deletions(-)
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index f69addb961..7f39f25f51 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -948,9 +948,19 @@ static void arm_cpu_realizefn(DeviceState *dev, Error
**errp)
if (!cpu->has_pmu) {
unset_feature(env, ARM_FEATURE_PMU);
cpu->id_aa64dfr0 &= ~0xf00;
-} else if (!kvm_enabled()) {
-arm_register_pre_el_change_hook(cpu, _pre_el_change, 0);
-arm_register_el_change_hook(cpu, _post_el_change, 0);
+}
+if (arm_feature(env, ARM_FEATURE_PMU)) {
+uint64_t pmceid = get_pmceid(>env);
+cpu->pmceid0 = pmceid & 0x;
+cpu->pmceid1 = (pmceid >> 32) & 0x;
+
+if (!kvm_enabled()) {
+arm_register_pre_el_change_hook(cpu, _pre_el_change, 0);
+arm_register_el_change_hook(cpu, _post_el_change, 0);
+}
+} else {
+cpu->pmceid0 = 0x;
+cpu->pmceid1 = 0x;
}
if (!arm_feature(env, ARM_FEATURE_EL2)) {
@@ -1583,8 +1593,6 @@ static void cortex_a7_initfn(Object *obj)
cpu->id_pfr0 = 0x1131;
cpu->id_pfr1 = 0x00011011;
cpu->id_dfr0 = 0x02010555;
-cpu->pmceid0 = 0x;
-cpu->pmceid1 = 0x;
cpu->id_afr0 = 0x;
cpu->id_mmfr0 = 0x10101105;
cpu->id_mmfr1 = 0x4000;
@@ -1626,8 +1634,6 @@ static void cortex_a15_initfn(Object *obj)
cpu->id_pfr0 = 0x1131;
cpu->id_pfr1 = 0x00011011;
cpu->id_dfr0 = 0x02010555;
-cpu->pmceid0 = 0x000;
-cpu->pmceid1 = 0x;
cpu->id_afr0 = 0x;
cpu->id_mmfr0 = 0x10201105;
cpu->id_mmfr1 = 0x2000;
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index d9cd8dd92c..cc026f0b75 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -975,6 +975,16 @@ void pmu_op_finish(CPUARMState *env);
void pmu_pre_el_change(ARMCPU *cpu, void *ignored);
void pmu_post_el_change(ARMCPU *cpu, void *ignored);
+/*
+ * get_pmceid
+ * @env: CPUARMState
+ *
+ * Return the PMCEID[01] register values corresponding to the counters which
+ * are supported given the current configuration (0 is low 32, 1 is high 32
+ * bits)
+ */
+uint64_t get_pmceid(CPUARMState *env);
+
/* SCTLR bit meanings. Several bits have been reused in newer
* versions of the architecture; in that case we define constants
* for both old and new bit meanings. Code which tests against those
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index db71504cb5..440d874c17 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -143,8 +143,6 @@ static void aarch64_a57_initfn(Object *obj)
cpu->id_isar6 = 0;
cpu->id_aa64pfr0 = 0x;
cpu->id_aa64dfr0 = 0x10305106;
-cpu->pmceid0 = 0x;
-cpu->pmceid1 = 0x;
cpu->id_aa64isar0 = 0x00011120;
cpu->id_aa64mmfr0 = 0x1124;
cpu->dbgdidr = 0x3516d000;
diff --git a/target/arm/helper.c b/target/arm/helper.c
index f3c00c3db0..375b6dcda5 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -976,6 +976,48 @@ static inline uint64_t pmu_counter_mask(CPUARMState *env)
return (1 << 31) | ((1 << pmu_num_counters(env)) - 1);
}
+typedef struct pm_event {
+uint16_t number; /* PMEVTYPER.evtCount is 16 bits wide */
+/* If the event is supported on this CPU (used to generate PMCEID[01]) */
+bool (*supported)(CPUARMState *);
+/*
+ * Retrieve the current count of the underlying event. The programmed
+ * counters hold a difference from the return value from this function
+ */
+uint64_t (*get_count)(CPUARMState *);
+} pm_event;
+
+static const pm_event pm_events[] = {
+};
+#define MAX_EVENT_ID 0x0
+#define UNSUPPORTED_EVENT UINT16_MAX
+static uint16_t supported_event_map[MAX_EVENT_ID + 1];
+
+/*
+ * Called upon initialization to build PMCEID0 (low 32 bits) and PMCEID1 (high
+ * 32). We also use it to build a map of ARM event numbers to indices in
+ * our pm_events array.
+ */
+uint64_t get_pmceid(CPUARMState *env)
+{
+uint64_t pmceid = 0;
+unsigned int i;
+
+for (i = 0; i <= MAX_EVENT_ID; i++) {
+supported_event_map[i] = UNSUPPORTED_EVENT;
+}
+
+for (i = 0; i < ARRAY_SIZE(pm_events); i++) {
+const pm_event *cnt = _events[i];
+assert(cnt->number <= MAX_EVENT_ID);
+if (cnt->supported(env)) {
+pmceid |= (1 << cnt->number);
+
[Qemu-devel] [PATCH v6 01/14] target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO
I previously fixed this for PMINTENSET_EL1, but missed these.
Signed-off-by: Aaron Lindsay
Signed-off-by: Aaron Lindsay
---
target/arm/helper.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index c83f7c1109..52c76b7444 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1423,12 +1423,14 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.writefn = pmintenset_write, .raw_writefn = raw_write,
.resetvalue = 0x0 },
{ .name = "PMINTENCLR", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 =
2,
- .access = PL1_RW, .accessfn = access_tpm, .type = ARM_CP_ALIAS,
+ .access = PL1_RW, .accessfn = access_tpm,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
.fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
.writefn = pmintenclr_write, },
{ .name = "PMINTENCLR_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 2,
- .access = PL1_RW, .accessfn = access_tpm, .type = ARM_CP_ALIAS,
+ .access = PL1_RW, .accessfn = access_tpm,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
.fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
.writefn = pmintenclr_write },
{ .name = "CCSIDR", .state = ARM_CP_STATE_BOTH,
--
2.19.1
[Qemu-devel] [PATCH v6 08/14] target/arm: Implement PMOVSSET
Add an array for PMOVSSET so we only define it for v7ve+ platforms
Signed-off-by: Aaron Lindsay
---
target/arm/helper.c | 28
1 file changed, 28 insertions(+)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index e804caaced..f3c00c3db0 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1309,6 +1309,13 @@ static void pmovsr_write(CPUARMState *env, const
ARMCPRegInfo *ri,
env->cp15.c9_pmovsr &= ~value;
}
+static void pmovsset_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+value &= pmu_counter_mask(env);
+env->cp15.c9_pmovsr |= value;
+}
+
static void pmxevtyper_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
@@ -1662,6 +1669,24 @@ static const ARMCPRegInfo v7mp_cp_reginfo[] = {
REGINFO_SENTINEL
};
+static const ARMCPRegInfo pmovsset_cp_reginfo[] = {
+/* PMOVSSET is not implemented in v7 before v7ve */
+{ .name = "PMOVSSET", .cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 3,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .type = ARM_CP_ALIAS,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmovsr),
+ .writefn = pmovsset_write,
+ .raw_writefn = raw_write },
+{ .name = "PMOVSSET_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 14, .opc2 = 3,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .type = ARM_CP_ALIAS,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pmovsr),
+ .writefn = pmovsset_write,
+ .raw_writefn = raw_write },
+REGINFO_SENTINEL
+};
+
static void teecr_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
@@ -5116,6 +5141,9 @@ void register_cp_regs_for_features(ARMCPU *cpu)
!arm_feature(env, ARM_FEATURE_PMSA)) {
define_arm_cp_regs(cpu, v7mp_cp_reginfo);
}
+if (arm_feature(env, ARM_FEATURE_V7VE)) {
+define_arm_cp_regs(cpu, pmovsset_cp_reginfo);
+}
if (arm_feature(env, ARM_FEATURE_V7)) {
/* v7 performance monitor control register: same implementor
* field as main ID register, and we implement only the cycle
--
2.19.1
[Qemu-devel] [PATCH v6 04/14] target/arm: Swap PMU values before/after migrations
Because of the PMU's design, many register accesses have side effects
which are inter-related, meaning that the normal method of saving CP
registers can result in inconsistent state. These side-effects are
largely handled in *op_start and *op_finish functions which can be
called globally once before and after the state is saved/restored. By
doing this and adding raw read/write functions for the affected
registers, we avoid such inconsistencies.
Signed-off-by: Aaron Lindsay
---
target/arm/helper.c | 6 --
target/arm/machine.c | 19 +++
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 8ca4d30797..12c53e54e9 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1379,11 +1379,13 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 0,
.access = PL0_RW, .accessfn = pmreg_access_ccntr,
.type = ARM_CP_IO,
- .readfn = pmccntr_read, .writefn = pmccntr_write, },
+ .fieldoffset = offsetof(CPUARMState, cp15.c15_ccnt),
+ .readfn = pmccntr_read, .writefn = pmccntr_write,
+ .raw_readfn = raw_read, .raw_writefn = raw_write, },
#endif
{ .name = "PMCCFILTR_EL0", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 3, .crn = 14, .crm = 15, .opc2 = 7,
- .writefn = pmccfiltr_write,
+ .writefn = pmccfiltr_write, .raw_writefn = raw_write,
.access = PL0_RW, .accessfn = pmreg_access,
.type = ARM_CP_IO,
.fieldoffset = offsetof(CPUARMState, cp15.pmccfiltr_el0),
diff --git a/target/arm/machine.c b/target/arm/machine.c
index ff4ec22bf7..8139b25be5 100644
--- a/target/arm/machine.c
+++ b/target/arm/machine.c
@@ -584,6 +584,8 @@ static int cpu_pre_save(void *opaque)
{
ARMCPU *cpu = opaque;
+pmccntr_sync(>env);
+
if (kvm_enabled()) {
if (!write_kvmstate_to_list(cpu)) {
/* This should never fail */
@@ -605,6 +607,19 @@ static int cpu_pre_save(void *opaque)
return 0;
}
+static void cpu_post_save(void *opaque)
+{
+ARMCPU *cpu = opaque;
+pmccntr_sync(>env);
+}
+
+static int cpu_pre_load(void *opaque)
+{
+ARMCPU *cpu = opaque;
+pmccntr_sync(>env);
+return 0;
+}
+
static int cpu_post_load(void *opaque, int version_id)
{
ARMCPU *cpu = opaque;
@@ -652,6 +667,8 @@ static int cpu_post_load(void *opaque, int version_id)
hw_breakpoint_update_all(cpu);
hw_watchpoint_update_all(cpu);
+pmccntr_sync(>env);
+
return 0;
}
@@ -660,6 +677,8 @@ const VMStateDescription vmstate_arm_cpu = {
.version_id = 22,
.minimum_version_id = 22,
.pre_save = cpu_pre_save,
+.post_save = cpu_post_save,
+.pre_load = cpu_pre_load,
.post_load = cpu_post_load,
.fields = (VMStateField[]) {
VMSTATE_UINT32_ARRAY(env.regs, ARMCPU, 16),
--
2.19.1
[Qemu-devel] [PATCH v6 00/14] More fully implement ARM PMUv3
The ARM PMU implementation currently contains a basic cycle counter, but it is often useful to gather counts of other events, filter them based on execution mode, and/or be notified on counter overflow. These patches flesh out the implementations of various PMU registers including PM[X]EVCNTR and PM[X]EVTYPER, add a struct definition to represent arbitrary counter types, implement mode filtering, send interrupts on counter overflow, and add instruction, cycle, and software increment events. Since v5 [1] I have: * Taken a first pass at addressing migration * Restructured the list of supported events, and ensured they're all initialized * Fixed aliasing for PMOVSSET * Added ARM_CP_IO for PMINTENCLR and PMINTENCLR_EL1 * Addressed a few non-code issues (comment style, patch staging, spelling, etc.) [1] - https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg06830.html Aaron Lindsay (14): target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO target/arm: Mask PMOVSR writes based on supported counters migration: Add post_save function to VMStateDescription target/arm: Swap PMU values before/after migrations target/arm: Reorganize PMCCNTR accesses target/arm: Filter cycle counter based on PMCCFILTR_EL0 target/arm: Allow AArch32 access for PMCCFILTR target/arm: Implement PMOVSSET target/arm: Add array for supported PMU events, generate PMCEID[01] target/arm: Finish implementation of PM[X]EVCNTR and PM[X]EVTYPER target/arm: PMU: Add instruction and cycle events target/arm: PMU: Set PMCR.N to 4 target/arm: Implement PMSWINC target/arm: Send interrupts on PMU counter overflow docs/devel/migration.rst| 9 +- include/migration/vmstate.h | 1 + migration/vmstate.c | 10 +- target/arm/cpu.c| 28 +- target/arm/cpu.h| 68 +++- target/arm/cpu64.c | 2 - target/arm/helper.c | 781 target/arm/machine.c| 19 + 8 files changed, 817 insertions(+), 101 deletions(-) -- 2.19.1
Re: [Qemu-devel] [PATCH 1/1] i386: Add new model of Cascadelake-Server
On Wed, Oct 10, 2018 at 01:49:56AM +, Liu, Jingqi wrote:
> Hi Eduardo/Paolo,
>
> Do you have any comments about this patch ?
Thanks for the reminder and sorry for the delay. I was waiting
for MSR features to be merged before including this CPU model.
But considering that it's taking a while until we sort out the
details, I'll review this so it can be merged first if necessary.
>
> Thanks
> Jingqi
>
> > -Original Message-
> > From: Xu, Tao3
> > Sent: Wednesday, September 19, 2018 11:11 AM
> > To: pbonz...@redhat.com; r...@twiddle.net; ehabk...@redhat.com
> > Cc: qemu-devel@nongnu.org; Liu, Jingqi ; Xu, Tao3
> >
> > Subject: [PATCH 1/1] i386: Add new model of Cascadelake-Server
> >
> > New CPU models mostly inherit features from ancestor Skylake-Server, while
> > addin new features: AVX512_VNNI, Intel PT.
> > SSBD support for speculative execution
> > side channel mitigations.
> >
> > Note:
> >
> > On Cascadelake, some capabilities (RDCL_NO, IBRS_ALL, RSBA,
> > SKIP_L1DFL_VMENTRY and SSB_NO) are enumerated by MSR.
> > These features rely on MSR based feature support patch.
> > Will be added later after that patch's in.
> > http://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg00074.html
> >
> > Signed-off-by: Tao Xu
> > ---
> > target/i386/cpu.c | 54
> > +++
> > 1 file changed, 54 insertions(+)
> >
> > diff --git a/target/i386/cpu.c b/target/i386/cpu.c index
> > f24295e6e4..670898f32d 100644
> > --- a/target/i386/cpu.c
> > +++ b/target/i386/cpu.c
> > @@ -2386,6 +2386,60 @@ static X86CPUDefinition builtin_x86_defs[] = {
> > .xlevel = 0x8008,
> > .model_id = "Intel Xeon Processor (Skylake, IBRS)",
> > },
> > +{
> > +.name = "Cascadelake-Server",
> > +.level = 0xd,
> > +.vendor = CPUID_VENDOR_INTEL,
> > +.family = 6,
> > +.model = 85,
> > +.stepping = 5,
> > +.features[FEAT_1_EDX] =
> > +CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
> > +CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
> > CPUID_MCA |
> > +CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
> > +CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
> > +CPUID_DE | CPUID_FP87,
> > +.features[FEAT_1_ECX] =
> > +CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
> > +CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
> > +CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
> > +CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
> > +CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA |
> > CPUID_EXT_MOVBE |
> > +CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
> > +.features[FEAT_8000_0001_EDX] =
> > +CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
> > +CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
> > +.features[FEAT_8000_0001_ECX] =
> > +CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM |
> > CPUID_EXT3_3DNOWPREFETCH,
> > +.features[FEAT_7_0_EBX] =
> > +CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
> > +CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP
> > |
> > +CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
> > CPUID_7_0_EBX_INVPCID |
> > +CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED |
> > CPUID_7_0_EBX_ADX |
> > +CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX |
> > CPUID_7_0_EBX_CLWB |
> > +CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
> > +CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
> > +CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT |
> > +CPUID_7_0_EBX_INTEL_PT,
> > +.features[FEAT_7_0_ECX] =
> > +CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_OSPKE |
> > +CPUID_7_0_ECX_AVX512VNNI,
> > +.features[FEAT_7_0_EDX] =
> > +CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
> > +/* Missing: XSAVES (not supported by some Linux versions,
> > +* including v4.1 to v4.12).
> > +* KVM doesn't yet expose any XSAVES state save component,
> > +* and the only one defined in Skylake (processor tracing)
> > +* probably will block migration anyway.
> > +*/
> > +.features[FEAT_XSAVE] =
> > +CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
> > +CPUID_XSAVE_XGETBV1,
> > +.features[FEAT_6_EAX] =
> > +CPUID_6_EAX_ARAT,
> > +.xlevel = 0x8008,
> > +.model_id = "Intel Xeon Processor (Cascadelake)",
> > +},
> > {
> > .name = "Icelake-Client",
> > .level = 0xd,
> > --
> > 2.17.1
>
--
Eduardo
Re: [Qemu-devel] [PATCH v9 0/6] monitor: enable OOB by default
On 10/10/18 2:26 PM, Eric Blake wrote: On the other hand, when I'm trying to use a qemu binary with these patches applied, libvirt is hanging when trying to probe the capabilities of the binary, waiting for a response to "qmp_capabilities". I'll try and bisect which patch is causing the problem, and figure out why it is happening for libvirt and not running by hand (perhaps is it a tty vs. Unix socket thing?) Bisect didn't help much; it landed on: monitor: remove "x-oob", turn oob on by default as the cause of libvirt hanging. I didn't have time to investigate further, other than the command line that is hanging: /home/eblake/qemu/x86_64-softmmu/qemu-system-x86_64 -S -no-user-config -nodefaults -nographic -machine none,accel=kvm:tcg -qmp unix:/var/lib/libvirt/qemu/capabilities.monitor.sock,server,nowait -pidfile /var/lib/libvirt/qemu/capabilities.pidfile -daemonize And I suspect it is the -daemonize that is causing the hang I'm seeing when run by libvirt. Based-on: <20180828191048.29806-1-arm...@redhat.com> Based-on: <2018090716.1675-1-arm...@redhat.com> (this series is based on Markus's monitor-next tree) Am I missing any prerequisite patches? Markus' monitor-next tree is currently a subset of git master (merge efd1d522). -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
Re: [Qemu-devel] [PATCH 26/31] tpm: Clean up error reporting in tpm_init_tpmdev()
On 10/8/18 1:31 PM, Markus Armbruster wrote: Calling error_report() in a function that takes an Error ** argument is suspicious. tpm_init_tpmdev() does that, and then fails without setting an error. Its caller main(), via tpm_init() and qemu_opts_foreach(), is fine with it, but clean it up anyway. Cc: Stefan Berger Signed-off-by: Markus Armbruster Reviewed-by: Stefan Berger
Re: [Qemu-devel] [PATCH v1 4/5] RISC-V: Add missing free for plic_hart_config
On Mon, 08 Oct 2018 11:25:45 PDT (-0700), alistair.fran...@wdc.com wrote: From: Michael Clark Cc: Palmer Dabbelt Cc: Sagar Karandikar Cc: Bastian Koppelmann Cc: Alistair Francis Signed-off-by: Michael Clark Reviewed-by: Alistair Francis --- hw/riscv/virt.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c index 005169eabc..6bd723dc3a 100644 --- a/hw/riscv/virt.c +++ b/hw/riscv/virt.c @@ -385,6 +385,8 @@ static void riscv_virt_board_init(MachineState *machine) serial_mm_init(system_memory, memmap[VIRT_UART0].base, 0, qdev_get_gpio_in(DEVICE(s->plic), UART0_IRQ), 399193, serial_hd(0), DEVICE_LITTLE_ENDIAN); + +g_free(plic_hart_config); } static void riscv_virt_board_machine_init(MachineClass *mc) -- 2.17.1 Reviewed-by: Palmer Dabbelt
Re: [Qemu-devel] [PATCH v1 2/5] RISC-V: Move non-ops from op_helper to cpu_helper
On Mon, 08 Oct 2018 11:25:27 PDT (-0700), alistair.fran...@wdc.com wrote:
From: Michael Clark
This patch makes op_helper.c contain only instruction
operation helpers used by translate.c and moves any
unrelated cpu helpers into cpu_helper.c. No logic is
changed by this patch.
Cc: Sagar Karandikar
Cc: Bastian Koppelmann
Cc: Palmer Dabbelt
Cc: Alistair Francis
Signed-off-by: Michael Clark
Reviewed-by: Alistair Francis
---
target/riscv/Makefile.objs | 2 +-
target/riscv/{helper.c => cpu_helper.c} | 35 -
target/riscv/op_helper.c| 34
3 files changed, 35 insertions(+), 36 deletions(-)
rename target/riscv/{helper.c => cpu_helper.c} (95%)
Reviewed-by: Palmer Dabbelt
diff --git a/target/riscv/Makefile.objs b/target/riscv/Makefile.objs
index abd0a7cde3..fcc5d34c1f 100644
--- a/target/riscv/Makefile.objs
+++ b/target/riscv/Makefile.objs
@@ -1 +1 @@
-obj-y += translate.o op_helper.o helper.o cpu.o fpu_helper.o gdbstub.o pmp.o
+obj-y += translate.o op_helper.o cpu_helper.o cpu.o fpu_helper.o gdbstub.o
pmp.o
diff --git a/target/riscv/helper.c b/target/riscv/cpu_helper.c
similarity index 95%
rename from target/riscv/helper.c
rename to target/riscv/cpu_helper.c
index 63b3386b76..86f9f4730c 100644
--- a/target/riscv/helper.c
+++ b/target/riscv/cpu_helper.c
@@ -1,5 +1,5 @@
/*
- * RISC-V emulation helpers for qemu.
+ * RISC-V CPU helpers for qemu.
*
* Copyright (c) 2016-2017 Sagar Karandikar, sag...@eecs.berkeley.edu
* Copyright (c) 2017-2018 SiFive, Inc.
@@ -72,6 +72,39 @@ bool riscv_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
#if !defined(CONFIG_USER_ONLY)
+/* iothread_mutex must be held */
+uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value)
+{
+CPURISCVState *env = >env;
+uint32_t old, new, cmp = atomic_read(>mip);
+
+do {
+old = cmp;
+new = (old & ~mask) | (value & mask);
+cmp = atomic_cmpxchg(>mip, old, new);
+} while (old != cmp);
+
+if (new && !old) {
+cpu_interrupt(CPU(cpu), CPU_INTERRUPT_HARD);
+} else if (!new && old) {
+cpu_reset_interrupt(CPU(cpu), CPU_INTERRUPT_HARD);
+}
+
+return old;
+}
+
+void riscv_set_mode(CPURISCVState *env, target_ulong newpriv)
+{
+if (newpriv > PRV_M) {
+g_assert_not_reached();
+}
+if (newpriv == PRV_H) {
+newpriv = PRV_U;
+}
+/* tlb_flush is unnecessary as mode is contained in mmu_idx */
+env->priv = newpriv;
+}
+
/* get_physical_address - get the physical address for this virtual address
*
* Do a page table walk to obtain the physical address corresponding to a
diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c
index d0883d329b..495390ab1c 100644
--- a/target/riscv/op_helper.c
+++ b/target/riscv/op_helper.c
@@ -654,39 +654,6 @@ target_ulong helper_csrrc(CPURISCVState *env, target_ulong
src,
#ifndef CONFIG_USER_ONLY
-/* iothread_mutex must be held */
-uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value)
-{
-CPURISCVState *env = >env;
-uint32_t old, new, cmp = atomic_read(>mip);
-
-do {
-old = cmp;
-new = (old & ~mask) | (value & mask);
-cmp = atomic_cmpxchg(>mip, old, new);
-} while (old != cmp);
-
-if (new && !old) {
-cpu_interrupt(CPU(cpu), CPU_INTERRUPT_HARD);
-} else if (!new && old) {
-cpu_reset_interrupt(CPU(cpu), CPU_INTERRUPT_HARD);
-}
-
-return old;
-}
-
-void riscv_set_mode(CPURISCVState *env, target_ulong newpriv)
-{
-if (newpriv > PRV_M) {
-g_assert_not_reached();
-}
-if (newpriv == PRV_H) {
-newpriv = PRV_U;
-}
-/* tlb_flush is unnecessary as mode is contained in mmu_idx */
-env->priv = newpriv;
-}
-
target_ulong helper_sret(CPURISCVState *env, target_ulong cpu_pc_deb)
{
if (!(env->priv >= PRV_S)) {
@@ -737,7 +704,6 @@ target_ulong helper_mret(CPURISCVState *env, target_ulong
cpu_pc_deb)
return retpc;
}
-
void helper_wfi(CPURISCVState *env)
{
CPUState *cs = CPU(riscv_env_get_cpu(env));
--
2.17.1
Re: [Qemu-devel] [PATCH v1 5/5] RISC-V: Don't add NULL bootargs to device-tree
On Mon, 08 Oct 2018 11:25:56 PDT (-0700), alistair.fran...@wdc.com wrote:
From: Michael Clark
Cc: Palmer Dabbelt
Cc: Alistair Francis
Signed-off-by: Michael Clark
Reviewed-by: Alistair Francis
---
hw/riscv/sifive_u.c | 4 +++-
hw/riscv/spike.c| 6 --
hw/riscv/virt.c | 4 +++-
3 files changed, 10 insertions(+), 4 deletions(-)
Reviewed-by: Palmer Dabbelt
diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
index 862f8ff5f7..ef07df2442 100644
--- a/hw/riscv/sifive_u.c
+++ b/hw/riscv/sifive_u.c
@@ -230,7 +230,9 @@ static void create_fdt(SiFiveUState *s, const struct
MemmapEntry *memmap,
qemu_fdt_add_subnode(fdt, "/chosen");
qemu_fdt_setprop_string(fdt, "/chosen", "stdout-path", nodename);
-qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
+if (cmdline) {
+qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
+}
g_free(nodename);
}
diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c
index be5ef85e81..8a712ed490 100644
--- a/hw/riscv/spike.c
+++ b/hw/riscv/spike.c
@@ -156,8 +156,10 @@ static void create_fdt(SpikeState *s, const struct
MemmapEntry *memmap,
g_free(cells);
g_free(nodename);
-qemu_fdt_add_subnode(fdt, "/chosen");
-qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
+if (cmdline) {
+qemu_fdt_add_subnode(fdt, "/chosen");
+qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
+}
}
static void spike_v1_10_0_board_init(MachineState *machine)
diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
index 6bd723dc3a..4a137a503c 100644
--- a/hw/riscv/virt.c
+++ b/hw/riscv/virt.c
@@ -254,7 +254,9 @@ static void *create_fdt(RISCVVirtState *s, const struct
MemmapEntry *memmap,
qemu_fdt_add_subnode(fdt, "/chosen");
qemu_fdt_setprop_string(fdt, "/chosen", "stdout-path", nodename);
-qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
+if (cmdline) {
+qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
+}
g_free(nodename);
return fdt;
--
2.17.1
Re: [Qemu-devel] [PATCH v1 3/5] RISC-V: Update CSR and interrupt definitions
On Mon, 08 Oct 2018 11:25:36 PDT (-0700), alistair.fran...@wdc.com wrote:
From: Michael Clark
* Add user-mode CSR defininitions.
* Reorder CSR definitions to match the specification.
* Change H mode interrupt comment to 'reserved'.
* Remove unused X_COP interrupt.
* Add user-mode interrupts.
* Remove erroneous until comments on machine mode interrupts.
* Move together paging mode and page table bit definitions.
* Move together interrupt and exception cause definitions.
Cc: Sagar Karandikar
Cc: Bastian Koppelmann
Cc: Palmer Dabbelt
Cc: Alistair Francis
Signed-off-by: Michael Clark
Reviewed-by: Alistair Francis
---
target/riscv/cpu.c | 6 +-
target/riscv/cpu_bits.h | 683 +--
target/riscv/op_helper.c | 2 +-
3 files changed, 370 insertions(+), 321 deletions(-)
Reviewed-by: Palmer Dabbelt
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index d630e8fd6c..a025a0a3ba 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -74,8 +74,10 @@ const char * const riscv_intr_names[] = {
"s_external",
"h_external",
"m_external",
-"coprocessor",
-"host"
+"reserved",
+"reserved",
+"reserved",
+"reserved"
};
typedef struct RISCVCPUInfo {
diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h
index 12b4757088..5439f4719e 100644
--- a/target/riscv/cpu_bits.h
+++ b/target/riscv/cpu_bits.h
@@ -6,242 +6,283 @@
(((target_ulong)(val) * ((mask) & ~((mask) << 1))) & \
(target_ulong)(mask)))
-#define PGSHIFT 12
-
-#define FSR_RD_SHIFT 5
-#define FSR_RD (0x7 << FSR_RD_SHIFT)
-
-#define FPEXC_NX 0x01
-#define FPEXC_UF 0x02
-#define FPEXC_OF 0x04
-#define FPEXC_DZ 0x08
-#define FPEXC_NV 0x10
-
-#define FSR_AEXC_SHIFT 0
-#define FSR_NVA (FPEXC_NV << FSR_AEXC_SHIFT)
-#define FSR_OFA (FPEXC_OF << FSR_AEXC_SHIFT)
-#define FSR_UFA (FPEXC_UF << FSR_AEXC_SHIFT)
-#define FSR_DZA (FPEXC_DZ << FSR_AEXC_SHIFT)
-#define FSR_NXA (FPEXC_NX << FSR_AEXC_SHIFT)
-#define FSR_AEXC (FSR_NVA | FSR_OFA | FSR_UFA | FSR_DZA | FSR_NXA)
-
-/* CSR numbers */
-#define CSR_FFLAGS 0x1
-#define CSR_FRM 0x2
-#define CSR_FCSR 0x3
-#define CSR_CYCLE 0xc00
-#define CSR_TIME 0xc01
-#define CSR_INSTRET 0xc02
-#define CSR_HPMCOUNTER3 0xc03
-#define CSR_HPMCOUNTER4 0xc04
-#define CSR_HPMCOUNTER5 0xc05
-#define CSR_HPMCOUNTER6 0xc06
-#define CSR_HPMCOUNTER7 0xc07
-#define CSR_HPMCOUNTER8 0xc08
-#define CSR_HPMCOUNTER9 0xc09
-#define CSR_HPMCOUNTER10 0xc0a
-#define CSR_HPMCOUNTER11 0xc0b
-#define CSR_HPMCOUNTER12 0xc0c
-#define CSR_HPMCOUNTER13 0xc0d
-#define CSR_HPMCOUNTER14 0xc0e
-#define CSR_HPMCOUNTER15 0xc0f
-#define CSR_HPMCOUNTER16 0xc10
-#define CSR_HPMCOUNTER17 0xc11
-#define CSR_HPMCOUNTER18 0xc12
-#define CSR_HPMCOUNTER19 0xc13
-#define CSR_HPMCOUNTER20 0xc14
-#define CSR_HPMCOUNTER21 0xc15
-#define CSR_HPMCOUNTER22 0xc16
-#define CSR_HPMCOUNTER23 0xc17
-#define CSR_HPMCOUNTER24 0xc18
-#define CSR_HPMCOUNTER25 0xc19
-#define CSR_HPMCOUNTER26 0xc1a
-#define CSR_HPMCOUNTER27 0xc1b
-#define CSR_HPMCOUNTER28 0xc1c
-#define CSR_HPMCOUNTER29 0xc1d
-#define CSR_HPMCOUNTER30 0xc1e
-#define CSR_HPMCOUNTER31 0xc1f
-#define CSR_SSTATUS 0x100
-#define CSR_SIE 0x104
-#define CSR_STVEC 0x105
-#define CSR_SCOUNTEREN 0x106
-#define CSR_SSCRATCH 0x140
-#define CSR_SEPC 0x141
-#define CSR_SCAUSE 0x142
-#define CSR_SBADADDR 0x143
-#define CSR_SIP 0x144
-#define CSR_SPTBR 0x180
-#define CSR_SATP 0x180
-#define CSR_MSTATUS 0x300
-#define CSR_MISA 0x301
-#define CSR_MEDELEG 0x302
-#define CSR_MIDELEG 0x303
-#define CSR_MIE 0x304
-#define CSR_MTVEC 0x305
-#define CSR_MCOUNTEREN 0x306
-#define CSR_MSCRATCH 0x340
-#define CSR_MEPC 0x341
-#define CSR_MCAUSE 0x342
-#define CSR_MBADADDR 0x343
-#define CSR_MIP 0x344
-#define CSR_PMPCFG0 0x3a0
-#define CSR_PMPCFG1 0x3a1
-#define CSR_PMPCFG2 0x3a2
-#define CSR_PMPCFG3 0x3a3
-#define CSR_PMPADDR0 0x3b0
-#define CSR_PMPADDR1 0x3b1
-#define CSR_PMPADDR2 0x3b2
-#define CSR_PMPADDR3 0x3b3
-#define CSR_PMPADDR4 0x3b4
-#define CSR_PMPADDR5 0x3b5
-#define CSR_PMPADDR6 0x3b6
-#define CSR_PMPADDR7 0x3b7
-#define CSR_PMPADDR8 0x3b8
-#define CSR_PMPADDR9 0x3b9
-#define CSR_PMPADDR10 0x3ba
-#define CSR_PMPADDR11 0x3bb
-#define CSR_PMPADDR12 0x3bc
-#define CSR_PMPADDR13 0x3bd
-#define CSR_PMPADDR14 0x3be
-#define CSR_PMPADDR15 0x3bf
-#define CSR_TSELECT 0x7a0
-#define CSR_TDATA1 0x7a1
-#define CSR_TDATA2 0x7a2
-#define CSR_TDATA3 0x7a3
-#define CSR_DCSR 0x7b0
-#define CSR_DPC 0x7b1
-#define CSR_DSCRATCH 0x7b2
-#define CSR_MCYCLE 0xb00
-#define CSR_MINSTRET 0xb02
-#define CSR_MHPMCOUNTER3 0xb03
-#define CSR_MHPMCOUNTER4 0xb04
-#define CSR_MHPMCOUNTER5 0xb05
-#define CSR_MHPMCOUNTER6 0xb06
-#define CSR_MHPMCOUNTER7 0xb07
-#define CSR_MHPMCOUNTER8 0xb08
-#define CSR_MHPMCOUNTER9 0xb09
-#define CSR_MHPMCOUNTER10 0xb0a
-#define CSR_MHPMCOUNTER11 0xb0b
-#define CSR_MHPMCOUNTER12 0xb0c
-#define CSR_MHPMCOUNTER13 0xb0d
-#define CSR_MHPMCOUNTER14 0xb0e
-#define CSR_MHPMCOUNTER15 0xb0f
-#define
Re: [Qemu-devel] [PATCH v1 1/5] RISC-V: Allow setting and clearing multiple irqs
On Mon, 08 Oct 2018 11:25:17 PDT (-0700), alistair.fran...@wdc.com wrote:
From: Michael Clark
Change the API of riscv_set_local_interrupt to take a
write mask and value to allow setting and clearing of
multiple local interrupts atomically in a single call.
Rename the new function to riscv_cpu_update_mip.
Cc: Sagar Karandikar
Cc: Bastian Koppelmann
Cc: Palmer Dabbelt
Cc: Alistair Francis
Signed-off-by: Michael Clark
Reviewed-by: Alistair Francis
---
hw/riscv/sifive_clint.c | 8
hw/riscv/sifive_plic.c | 4 ++--
target/riscv/cpu.h | 22 +-
target/riscv/op_helper.c | 24 +++-
4 files changed, 34 insertions(+), 24 deletions(-)
Reviewed-by: Palmer Dabbelt
diff --git a/hw/riscv/sifive_clint.c b/hw/riscv/sifive_clint.c
index 7cc606e065..0d2fd52487 100644
--- a/hw/riscv/sifive_clint.c
+++ b/hw/riscv/sifive_clint.c
@@ -47,12 +47,12 @@ static void sifive_clint_write_timecmp(RISCVCPU *cpu,
uint64_t value)
if (cpu->env.timecmp <= rtc_r) {
/* if we're setting an MTIMECMP value in the "past",
immediately raise the timer interrupt */
-riscv_set_local_interrupt(cpu, MIP_MTIP, 1);
+riscv_cpu_update_mip(cpu, MIP_MTIP, BOOL_TO_MASK(1));
return;
}
/* otherwise, set up the future timer interrupt */
-riscv_set_local_interrupt(cpu, MIP_MTIP, 0);
+riscv_cpu_update_mip(cpu, MIP_MTIP, BOOL_TO_MASK(0));
diff = cpu->env.timecmp - rtc_r;
/* back to ns (note args switched in muldiv64) */
next = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
@@ -67,7 +67,7 @@ static void sifive_clint_write_timecmp(RISCVCPU *cpu,
uint64_t value)
static void sifive_clint_timer_cb(void *opaque)
{
RISCVCPU *cpu = opaque;
-riscv_set_local_interrupt(cpu, MIP_MTIP, 1);
+riscv_cpu_update_mip(cpu, MIP_MTIP, BOOL_TO_MASK(1));
}
/* CPU wants to read rtc or timecmp register */
@@ -132,7 +132,7 @@ static void sifive_clint_write(void *opaque, hwaddr addr,
uint64_t value,
if (!env) {
error_report("clint: invalid timecmp hartid: %zu", hartid);
} else if ((addr & 0x3) == 0) {
-riscv_set_local_interrupt(RISCV_CPU(cpu), MIP_MSIP, value != 0);
+riscv_cpu_update_mip(RISCV_CPU(cpu), MIP_MSIP,
BOOL_TO_MASK(value));
} else {
error_report("clint: invalid sip write: %08x", (uint32_t)addr);
}
diff --git a/hw/riscv/sifive_plic.c b/hw/riscv/sifive_plic.c
index f635e6ff67..9cf9a1f986 100644
--- a/hw/riscv/sifive_plic.c
+++ b/hw/riscv/sifive_plic.c
@@ -142,10 +142,10 @@ static void sifive_plic_update(SiFivePLICState *plic)
int level = sifive_plic_irqs_pending(plic, addrid);
switch (mode) {
case PLICMode_M:
-riscv_set_local_interrupt(RISCV_CPU(cpu), MIP_MEIP, level);
+riscv_cpu_update_mip(RISCV_CPU(cpu), MIP_MEIP,
BOOL_TO_MASK(level));
break;
case PLICMode_S:
-riscv_set_local_interrupt(RISCV_CPU(cpu), MIP_SEIP, level);
+riscv_cpu_update_mip(RISCV_CPU(cpu), MIP_SEIP,
BOOL_TO_MASK(level));
break;
default:
break;
diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index d4f36295f0..4ee09b9cff 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv/cpu.h
@@ -126,13 +126,18 @@ struct CPURISCVState {
target_ulong mhartid;
target_ulong mstatus;
+
/*
* CAUTION! Unlike the rest of this struct, mip is accessed asynchonously
- * by I/O threads and other vCPUs, so hold the iothread mutex before
- * operating on it. CPU_INTERRUPT_HARD should be in effect iff this is
- * non-zero. Use riscv_cpu_set_local_interrupt.
+ * by I/O threads. It should be read with atomic_read. It should be updated
+ * using riscv_cpu_update_mip with the iothread mutex held. The iothread
+ * mutex must be held because mip must be consistent with the CPU inturrept
+ * state. riscv_cpu_update_mip calls cpu_interrupt or cpu_reset_interrupt
+ * wuth the invariant that CPU_INTERRUPT_HARD is set iff mip is non-zero.
+ * mip is 32-bits to allow atomic_read on 32-bit hosts.
*/
-uint32_t mip;/* allow atomic_read for >= 32-bit hosts */
+uint32_t mip;
+
target_ulong mie;
target_ulong mideleg;
@@ -247,7 +252,6 @@ void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr,
uintptr_t retaddr);
int riscv_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size,
int rw, int mmu_idx);
-
char *riscv_isa_string(RISCVCPU *cpu);
void riscv_cpu_list(FILE *f, fprintf_function cpu_fprintf);
@@ -255,6 +259,10 @@ void riscv_cpu_list(FILE *f, fprintf_function cpu_fprintf);
#define cpu_list riscv_cpu_list
#define cpu_mmu_index riscv_cpu_mmu_index
+#ifndef CONFIG_USER_ONLY
+uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value);
+#define BOOL_TO_MASK(x) (-!!(x))
Re: [Qemu-devel] [PATCH v5 0/5] Connect a PCIe host and graphics support to RISC-V
On 10/10/2018 12:01 PM, Stephen Bates wrote: I added e1000 and e1000e support to my kernel and changed the QEMU command to: So using -device e1000e rather than -device e1000 seems to work. I am not sure why -device e1000 causes a kernel panic. The MSI-X message is interesting and may be related to why NVMe interrupts are not reaching the OS in the guest? Great! I'm glad that it works. So it looks like PCIe is working but with some limitations in the interrupts (as seen here and with the NVMe). Unless anyone has any objections I still think it makes sense to merge the current patches as that works for a variety of PCIe devices. We can continue to look into the interrupt issues after that. Do you want to add a Tested-by tag Stephen? Alistair [0.216000] e1000: Intel(R) PRO/1000 Network Driver - version 7.3.21-k8-NAPI [0.216000] e1000: Copyright (c) 1999-2006 Intel Corporation. [0.216000] e1000e: Intel(R) PRO/1000 Network Driver - 3.2.6-k [0.216000] e1000e: Copyright(c) 1999 - 2015 Intel Corporation. [0.22] e1000e :00:01.0: assign IRQ: got 1 [0.22] e1000e :00:01.0: enabling device ( -> 0002) [0.22] e1000e :00:01.0: enabling bus mastering [0.22] e1000e :00:01.0: Interrupt Throttling Rate (ints/sec) set to dynamic conservative mode [0.22] e1000e :00:01.0 :00:01.0 (uninitialized): Failed to initialize MSI-X interrupts. Falling back to MSI interrupts. [0.22] e1000e :00:01.0 :00:01.0 (uninitialized): Failed to initialize MSI interrupts. Falling back to legacy interrupts. [0.348000] e1000e :00:01.0 eth0: (PCI Express:2.5GT/s:Width x1) 52:54:00:12:34:56 [0.356000] e1000e :00:01.0 eth0: Intel(R) PRO/1000 Network Connection [0.356000] e1000e :00:01.0 eth0: MAC: 3, PHY: 8, PBA No: 00-000 root@libertas:~# lspci -vvv 00:00.0 Host bridge: Red Hat, Inc. QEMU PCIe Host bridge Subsystem: Red Hat, Inc QEMU PCIe Host bridge Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- [disabled] Region 3: Memory at 4008 (32-bit, non-prefetchable) [size=16K] [virtual] Expansion ROM at 4000 [disabled] [size=256K] Capabilities: [c8] Power Management version 2 Flags: PMEClk- DSI+ D1- D2- AuxCurrent=0mA PME(D0-,D1-,D2-,D3hot-,D3cold-) Status: D0 NoSoftRst- PME-Enable- DSel=0 DScale=0 PME- Capabilities: [e0] Express (v1) Root Complex Integrated Endpoint, MSI 00 DevCap: MaxPayload 128 bytes, PhantFunc 0 ExtTag- RBE+ DevCtl: Report errors: Correctable- Non-Fatal- Fatal- Unsupported- RlxdOrd- ExtTag- PhantFunc- AuxPwr- NoSnoop- MaxPayload 128 bytes, MaxReadReq 128 bytes DevSta: CorrErr- UncorrErr- FatalErr- UnsuppReq- AuxPwr- TransPend- Capabilities: [100 v2] Advanced Error Reporting UESta: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq- ACSViol- UEMsk: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq- ACSViol- UESvrt: DLP+ SDES+ TLP- FCP+ CmpltTO- CmpltAbrt- UnxCmplt- RxOF+ MalfTLP+ ECRC- UnsupReq- ACSViol- CESta: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr- CEMsk: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr+ AERCap: First Error Pointer: 00, GenCap+ CGenEn- ChkCap+ ChkEn- Capabilities: [140 v1] Device Serial Number 52-54-00-ff-ff-12-34-56 Kernel driver in use: e1000e
Re: [Qemu-devel] [PATCH v2 4/7] scripts/qemu.py: set predefined machine type based on arch
On 10/10/18 2:07 PM, Peter Maydell wrote: > On 10 October 2018 at 18:52, Cleber Rosa wrote: >> >> >> On 10/10/18 12:23 PM, Peter Maydell wrote: >>> On 10 October 2018 at 16:47, Cleber Rosa wrote: To make sure we're on the same page, we're still going to have default machine types, based on the arch, for those targets that don't provide one (aarch64 is one example). Right? >>> >>> Does it make sense to define a default? The reason arm >>> doesn't specify a default machine type is because you >>> can't just run any old guest on any old machine type. >>> You need to know "this guest image will run on machine >>> type X", and run it on machine type X. This is like >>> knowing you need to run a test on x86 PC and not >>> on PPC spapr. >>> >> >> While requiring tests to specify every single aspect of the environment >> that will be used may be OK for low level unit tests, it puts a lot of >> burden on higher level tests (which is supposed to be the vast majority >> under tests/acceptance). >> >> From a test writer perspective, working on these higher level tests, it >> may want to make sure that feature "X", unrelated to the target arch, >> machine type, etc, "just works". You man want to look at the "vnc.py" >> test for a real world example. > > OK, if it doesn't have a dependency on machine at all, it > should state that somehow. > >> Eduardo has suggested that "make check-acceptance" runs all (possible) >> tests on all target archs by default. > > Yeah; or we have some mechanism for trimming down the > matrix of what we run. But I think it's better coverage > if we have 3 tests ABC that don't depend on machine > and 3 machines XYZ to run AX BY CZ than AX BX CX by > specifying X as an arbitrary "default". > > It looks like the 'vnc' test is just testing QEMU functionality, > not anything that involves interacting with the guest or > machine model? There's a good argument that that only really > needs to be run once, not once per architecture. > > You might also want to consider the "none" machine, which exists > for bits of test infrastructure that aren't actually trying to > run guests. > >>> Would it make more sense for each test to specify >>> which machine types it can work on? >>> >> >> I think it does, but I believe in the black list approach, instead of >> the white list. >> >> The reason for that is that I believe that majority of the tests under >> "tests/acceptance" can be made to work on every target (which would be >> the default). So far, I've made sure tests behave correctly on the 5 >> arches included in the "archs.json" file in this series (x86_64, ppc64, >> ppc, aarch64, s390x). >> >> To give a full disclosure, "boot_linux.py" (boots a linux kernel) is >> x86_64 specific, and CANCELS when asked to be run on other archs. But, >> on the work I've done top of these series, it already works with ppc64 >> and aarch64. Also, "boot_linux.py" sent in another series, (which boots >> a full linux guest) is also being adapted to work on most of the target >> archs. > > Right, "boot Linux" is machine specific. The kernel/disk > /etc that boots on aarch64 virt is probably not going to boot > on the 64-bit xilinx board; and on 32-bit arm you definitely > are going to want a different kernel in some places. This > is likely to be true of most tests that actually try to run > code in the guest. > Agreed. > We should aim to test the machines we care about (regardless > of what architectures they are), rather than thinking about it > in terms of "testing architectures X, Y, Z", I think. > To me it's clear that: 1) I lack a complete understanding of what "we care about" 2) It's easier to start with something, and tweak it to taste And TBH, I fully agree with Philippe in the sense that difference developer/maintainer roles will require a different test "profile". > I think you're going to need at least some whitelist functionality; > otherwise half the tests are going to break every time we add > a new machine (and "add every new machine to the blacklist for > half the tests" doesn't scale very well). > The whitelist approach is in effect, it's the reason I sent a "archs.json" file, not with machine types, but with the archs that I've tested with. So, I'm going to push forward this series (a v3) with the same simplified approach, that is, `make check-acceptance` will still run the tests on a single target. Then, once that is settled, we can decide on: 1) `make check-acceptance` becomes "run on all target args/machine types" and `make check-acceptance-$(ARCH)-$(MACHINE)` is introduced. 2) `make check-acceptance-all` is introduced. To me it's clear that there's a huge continuation to this discussion, and that we should bite one piece at a time. Thoughts? Regards! - Cleber. > thanks > -- PMM >
Re: [Qemu-devel] [PATCH v5 0/5] Connect a PCIe host and graphics support to RISC-V
On 10/10/2018 11:47 AM, Stephen Bates wrote: Why do you need two networking options? I don't need the e1000 for networking. The e1000 option is there to test the PCIe since it implements a PCIe model of the e1000 NIC. Basically it's another test path for your PCIe patches and was used for testing when PCIe support to the arm virt model [1]. Strange. Is there any reason you need to use the e1000? The VirtIO networking device works for me. As per above. The e1000 is there to test PCIe not networking. Awe. My mistake. I thought that the VirtIO networking device was a PCIe device for some reason. Alistair Stephen [1] https://github.com/qemu/qemu/commit/4ab29b8214cc4b54e0c1a8270b610a340311470e
Re: [Qemu-devel] [PATCH v9 0/6] monitor: enable OOB by default
On 10/10/18 11:26 AM, Eric Blake wrote:
On 10/9/18 1:27 AM, Peter Xu wrote:
Based-on: <20180828191048.29806-1-arm...@redhat.com>
Based-on: <2018090716.1675-1-arm...@redhat.com>
(this series is based on Markus's monitor-next tree)
v9:
- add r-bs
- release the qmp queue lock before resume [Marc-Andre]
I haven't reviewed closely, but did want to report that I tested that
with your patches applied, there is no way to trigger OOB of the initial
capability handshake (good). It's a bit odd that the initial error
(input member unexpected) is different from the later error (does not
support OOB), but not a show-stopper, so I don't think you need to worry
about it:
{"QMP": {"version": {"qemu": {"micro": 50, "minor": 0, "major": 3},
"package": "v3.0.0-1150-g7d932cd3d53"}, "capabilities": ["oob"]}}
{"exec-oob":"qmp_capabilities","arguments":{"enable":["oob"]}}
{"error": {"class": "GenericError", "desc": "QMP input member 'exec-oob'
is unexpected"}}
{"execute":"qmp_capabilities","arguments":{"enable":["oob"]}}
{"return": {}}
{"exec-oob":"qmp_capabilities"}
{"error": {"class": "GenericError", "desc": "The command
qmp_capabilities does not support OOB"}}
On the other hand, when I'm trying to use a qemu binary with these
patches applied, libvirt is hanging when trying to probe the
capabilities of the binary, waiting for a response to
"qmp_capabilities". I'll try and bisect which patch is causing the
problem, and figure out why it is happening for libvirt and not running
by hand (perhaps is it a tty vs. Unix socket thing?)
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
Re: [Qemu-devel] [PATCH v1 4/5] RISC-V: Add missing free for plic_hart_config
On 08/10/2018 20:25, Alistair Francis wrote: > From: Michael Clark > > Cc: Palmer Dabbelt > Cc: Sagar Karandikar > Cc: Bastian Koppelmann > Cc: Alistair Francis > Signed-off-by: Michael Clark > Reviewed-by: Alistair Francis Reviewed-by: Philippe Mathieu-Daudé > --- > hw/riscv/virt.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c > index 005169eabc..6bd723dc3a 100644 > --- a/hw/riscv/virt.c > +++ b/hw/riscv/virt.c > @@ -385,6 +385,8 @@ static void riscv_virt_board_init(MachineState *machine) > serial_mm_init(system_memory, memmap[VIRT_UART0].base, > 0, qdev_get_gpio_in(DEVICE(s->plic), UART0_IRQ), 399193, > serial_hd(0), DEVICE_LITTLE_ENDIAN); > + > +g_free(plic_hart_config); > } > > static void riscv_virt_board_machine_init(MachineClass *mc) >
Re: [Qemu-devel] [PATCH v1 2/5] RISC-V: Move non-ops from op_helper to cpu_helper
On 08/10/2018 20:25, Alistair Francis wrote:
> From: Michael Clark
>
> This patch makes op_helper.c contain only instruction
> operation helpers used by translate.c and moves any
> unrelated cpu helpers into cpu_helper.c. No logic is
> changed by this patch.
>
> Cc: Sagar Karandikar
> Cc: Bastian Koppelmann
> Cc: Palmer Dabbelt
> Cc: Alistair Francis
> Signed-off-by: Michael Clark
> Reviewed-by: Alistair Francis
Reviewed-by: Philippe Mathieu-Daudé
> ---
> target/riscv/Makefile.objs | 2 +-
> target/riscv/{helper.c => cpu_helper.c} | 35 -
> target/riscv/op_helper.c| 34
> 3 files changed, 35 insertions(+), 36 deletions(-)
> rename target/riscv/{helper.c => cpu_helper.c} (95%)
>
> diff --git a/target/riscv/Makefile.objs b/target/riscv/Makefile.objs
> index abd0a7cde3..fcc5d34c1f 100644
> --- a/target/riscv/Makefile.objs
> +++ b/target/riscv/Makefile.objs
> @@ -1 +1 @@
> -obj-y += translate.o op_helper.o helper.o cpu.o fpu_helper.o gdbstub.o pmp.o
> +obj-y += translate.o op_helper.o cpu_helper.o cpu.o fpu_helper.o gdbstub.o
> pmp.o
> diff --git a/target/riscv/helper.c b/target/riscv/cpu_helper.c
> similarity index 95%
> rename from target/riscv/helper.c
> rename to target/riscv/cpu_helper.c
> index 63b3386b76..86f9f4730c 100644
> --- a/target/riscv/helper.c
> +++ b/target/riscv/cpu_helper.c
> @@ -1,5 +1,5 @@
> /*
> - * RISC-V emulation helpers for qemu.
> + * RISC-V CPU helpers for qemu.
> *
> * Copyright (c) 2016-2017 Sagar Karandikar, sag...@eecs.berkeley.edu
> * Copyright (c) 2017-2018 SiFive, Inc.
> @@ -72,6 +72,39 @@ bool riscv_cpu_exec_interrupt(CPUState *cs, int
> interrupt_request)
>
> #if !defined(CONFIG_USER_ONLY)
>
> +/* iothread_mutex must be held */
> +uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value)
> +{
> +CPURISCVState *env = >env;
> +uint32_t old, new, cmp = atomic_read(>mip);
> +
> +do {
> +old = cmp;
> +new = (old & ~mask) | (value & mask);
> +cmp = atomic_cmpxchg(>mip, old, new);
> +} while (old != cmp);
> +
> +if (new && !old) {
> +cpu_interrupt(CPU(cpu), CPU_INTERRUPT_HARD);
> +} else if (!new && old) {
> +cpu_reset_interrupt(CPU(cpu), CPU_INTERRUPT_HARD);
> +}
> +
> +return old;
> +}
> +
> +void riscv_set_mode(CPURISCVState *env, target_ulong newpriv)
> +{
> +if (newpriv > PRV_M) {
> +g_assert_not_reached();
> +}
> +if (newpriv == PRV_H) {
> +newpriv = PRV_U;
> +}
> +/* tlb_flush is unnecessary as mode is contained in mmu_idx */
> +env->priv = newpriv;
> +}
> +
> /* get_physical_address - get the physical address for this virtual address
> *
> * Do a page table walk to obtain the physical address corresponding to a
> diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c
> index d0883d329b..495390ab1c 100644
> --- a/target/riscv/op_helper.c
> +++ b/target/riscv/op_helper.c
> @@ -654,39 +654,6 @@ target_ulong helper_csrrc(CPURISCVState *env,
> target_ulong src,
>
> #ifndef CONFIG_USER_ONLY
>
> -/* iothread_mutex must be held */
> -uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value)
> -{
> -CPURISCVState *env = >env;
> -uint32_t old, new, cmp = atomic_read(>mip);
> -
> -do {
> -old = cmp;
> -new = (old & ~mask) | (value & mask);
> -cmp = atomic_cmpxchg(>mip, old, new);
> -} while (old != cmp);
> -
> -if (new && !old) {
> -cpu_interrupt(CPU(cpu), CPU_INTERRUPT_HARD);
> -} else if (!new && old) {
> -cpu_reset_interrupt(CPU(cpu), CPU_INTERRUPT_HARD);
> -}
> -
> -return old;
> -}
> -
> -void riscv_set_mode(CPURISCVState *env, target_ulong newpriv)
> -{
> -if (newpriv > PRV_M) {
> -g_assert_not_reached();
> -}
> -if (newpriv == PRV_H) {
> -newpriv = PRV_U;
> -}
> -/* tlb_flush is unnecessary as mode is contained in mmu_idx */
> -env->priv = newpriv;
> -}
> -
> target_ulong helper_sret(CPURISCVState *env, target_ulong cpu_pc_deb)
> {
> if (!(env->priv >= PRV_S)) {
> @@ -737,7 +704,6 @@ target_ulong helper_mret(CPURISCVState *env, target_ulong
> cpu_pc_deb)
> return retpc;
> }
>
> -
> void helper_wfi(CPURISCVState *env)
> {
> CPUState *cs = CPU(riscv_env_get_cpu(env));
>
Re: [Qemu-devel] [PATCH v1 5/5] RISC-V: Don't add NULL bootargs to device-tree
On 08/10/2018 20:25, Alistair Francis wrote:
> From: Michael Clark
>
> Cc: Palmer Dabbelt
> Cc: Alistair Francis
> Signed-off-by: Michael Clark
> Reviewed-by: Alistair Francis
Reviewed-by: Philippe Mathieu-Daudé
> ---
> hw/riscv/sifive_u.c | 4 +++-
> hw/riscv/spike.c| 6 --
> hw/riscv/virt.c | 4 +++-
> 3 files changed, 10 insertions(+), 4 deletions(-)
>
> diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
> index 862f8ff5f7..ef07df2442 100644
> --- a/hw/riscv/sifive_u.c
> +++ b/hw/riscv/sifive_u.c
> @@ -230,7 +230,9 @@ static void create_fdt(SiFiveUState *s, const struct
> MemmapEntry *memmap,
>
> qemu_fdt_add_subnode(fdt, "/chosen");
> qemu_fdt_setprop_string(fdt, "/chosen", "stdout-path", nodename);
> -qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
> +if (cmdline) {
> +qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
> +}
> g_free(nodename);
> }
>
> diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c
> index be5ef85e81..8a712ed490 100644
> --- a/hw/riscv/spike.c
> +++ b/hw/riscv/spike.c
> @@ -156,8 +156,10 @@ static void create_fdt(SpikeState *s, const struct
> MemmapEntry *memmap,
> g_free(cells);
> g_free(nodename);
>
> -qemu_fdt_add_subnode(fdt, "/chosen");
> -qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
> +if (cmdline) {
> +qemu_fdt_add_subnode(fdt, "/chosen");
> +qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
> +}
> }
>
> static void spike_v1_10_0_board_init(MachineState *machine)
> diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
> index 6bd723dc3a..4a137a503c 100644
> --- a/hw/riscv/virt.c
> +++ b/hw/riscv/virt.c
> @@ -254,7 +254,9 @@ static void *create_fdt(RISCVVirtState *s, const struct
> MemmapEntry *memmap,
>
> qemu_fdt_add_subnode(fdt, "/chosen");
> qemu_fdt_setprop_string(fdt, "/chosen", "stdout-path", nodename);
> -qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
> +if (cmdline) {
> +qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
> +}
> g_free(nodename);
>
> return fdt;
>
Re: [Qemu-devel] [RFC 2/2] vhost-user: Fix userfaultfd leak
* Ilya Maximets (i.maxim...@samsung.com) wrote:
> 'fd' received from the vhost side is never freed.
> Also, everything (including 'postcopy_listen' state) should be
> cleaned up on vhost cleanup.
>
> Fixes: 46343570c06e ("vhost+postcopy: Wire up POSTCOPY_END notify")
> Fixes: f82c11165ffa ("vhost+postcopy: Register shared ufd with postcopy")
> Cc: qemu-sta...@nongnu.org
> Signed-off-by: Ilya Maximets
Thanks,
Reviewed-by: Dr. David Alan Gilbert
> ---
> hw/virtio/vhost-user.c | 7 +++
> 1 file changed, 7 insertions(+)
>
> diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
> index c442daa562..e09bed0e4a 100644
> --- a/hw/virtio/vhost-user.c
> +++ b/hw/virtio/vhost-user.c
> @@ -1280,6 +1280,7 @@ static int vhost_user_postcopy_end(struct vhost_dev
> *dev, Error **errp)
> return ret;
> }
> postcopy_unregister_shared_ufd(>postcopy_fd);
> +close(u->postcopy_fd.fd);
> u->postcopy_fd.handler = NULL;
>
> trace_vhost_user_postcopy_end_exit();
> @@ -1419,6 +1420,12 @@ static int vhost_user_backend_cleanup(struct vhost_dev
> *dev)
> postcopy_remove_notifier(>postcopy_notifier);
> u->postcopy_notifier.notify = NULL;
> }
> +u->postcopy_listen = false;
> +if (u->postcopy_fd.handler) {
> +postcopy_unregister_shared_ufd(>postcopy_fd);
> +close(u->postcopy_fd.fd);
> +u->postcopy_fd.handler = NULL;
> +}
> if (u->slave_fd >= 0) {
> qemu_set_fd_handler(u->slave_fd, NULL, NULL, NULL);
> close(u->slave_fd);
> --
> 2.17.1
>
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
Re: [Qemu-devel] [PATCH] memory: move MemoryRegion::size cleanup to memory_region_finalize()
On 10/10/18 20:56, Paolo Bonzini wrote: > On 09/10/2018 19:09, Laszlo Ersek wrote: >>>memory_region_size() != 0 >>> and therefore it's ok to access it in >>>file_backend_unparent() >>> if (memory_region_size() != 0) >>> memory_region_get_ram_ptr() >>> >>> which happens when object_add fails and unparents failed backend making >>> file_backend_unparent() access invalid memory region. >> >> I think it makes sense to zero out the size even if unparenting >> would, in itself, prevent the above crash. Because, in >> host_memory_backend_mr_inited(), we have: >> >> /* >> * NOTE: We forbid zero-length memory backend, so here zero means >> * "we haven't inited the backend memory region yet". >> */ >> >> I'm unsure how general that invariant is, but it can't hurt to honor >> it everywhere. (Especially if we can do the zeroing in one common >> place.) > > Yeah, that's the part that I'm not sure about. If we do it in finalize, > no one should be able to observe that we are zeroing it; finalize runs > just before the object is g_free-d. I agree with Igor that it's nicer > to leave the object in good state, but the right place to zero is > exactly where the first patch placed it, i.e. where the error is > detected and the initialization of memory_region_init is unwound. OK. Thanks Laszlo
Re: [Qemu-devel] [RFC 1/2] migration: Stop postcopy fault thread before notifying
* Ilya Maximets (i.maxim...@samsung.com) wrote:
> POSTCOPY_NOTIFY_INBOUND_END handlers will remove userfault fds
> from the postcopy_remote_fds array which could be still in
> use by the fault thread. Let's stop the thread before
> notification to avoid possible accessing wrong memory.
OK I think; since this is already in the cleanup we shouldn't
be getting faults anyway at that point.
Reviewed-by: Dr. David Alan Gilbert
> Fixes: 46343570c06e ("vhost+postcopy: Wire up POSTCOPY_END notify")
> Cc: qemu-sta...@nongnu.org
> Signed-off-by: Ilya Maximets
> ---
> migration/postcopy-ram.c | 11 ++-
> 1 file changed, 6 insertions(+), 5 deletions(-)
>
> diff --git a/migration/postcopy-ram.c b/migration/postcopy-ram.c
> index 853d8b32ca..e5c02a32c5 100644
> --- a/migration/postcopy-ram.c
> +++ b/migration/postcopy-ram.c
> @@ -533,6 +533,12 @@ int postcopy_ram_incoming_cleanup(MigrationIncomingState
> *mis)
> if (mis->have_fault_thread) {
> Error *local_err = NULL;
>
> +/* Let the fault thread quit */
> +atomic_set(>fault_thread_quit, 1);
> +postcopy_fault_thread_notify(mis);
> +trace_postcopy_ram_incoming_cleanup_join();
> +qemu_thread_join(>fault_thread);
> +
> if (postcopy_notify(POSTCOPY_NOTIFY_INBOUND_END, _err)) {
> error_report_err(local_err);
> return -1;
> @@ -541,11 +547,6 @@ int postcopy_ram_incoming_cleanup(MigrationIncomingState
> *mis)
> if (qemu_ram_foreach_migratable_block(cleanup_range, mis)) {
> return -1;
> }
> -/* Let the fault thread quit */
> -atomic_set(>fault_thread_quit, 1);
> -postcopy_fault_thread_notify(mis);
> -trace_postcopy_ram_incoming_cleanup_join();
> -qemu_thread_join(>fault_thread);
>
> trace_postcopy_ram_incoming_cleanup_closeuf();
> close(mis->userfault_fd);
> --
> 2.17.1
>
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
Re: [Qemu-devel] [PATCH v5 0/5] Connect a PCIe host and graphics support to RISC-V
> I added e1000 and e1000e support to my kernel and changed the QEMU command to: So using -device e1000e rather than -device e1000 seems to work. I am not sure why -device e1000 causes a kernel panic. The MSI-X message is interesting and may be related to why NVMe interrupts are not reaching the OS in the guest? [0.216000] e1000: Intel(R) PRO/1000 Network Driver - version 7.3.21-k8-NAPI [0.216000] e1000: Copyright (c) 1999-2006 Intel Corporation. [0.216000] e1000e: Intel(R) PRO/1000 Network Driver - 3.2.6-k [0.216000] e1000e: Copyright(c) 1999 - 2015 Intel Corporation. [0.22] e1000e :00:01.0: assign IRQ: got 1 [0.22] e1000e :00:01.0: enabling device ( -> 0002) [0.22] e1000e :00:01.0: enabling bus mastering [0.22] e1000e :00:01.0: Interrupt Throttling Rate (ints/sec) set to dynamic conservative mode [0.22] e1000e :00:01.0 :00:01.0 (uninitialized): Failed to initialize MSI-X interrupts. Falling back to MSI interrupts. [0.22] e1000e :00:01.0 :00:01.0 (uninitialized): Failed to initialize MSI interrupts. Falling back to legacy interrupts. [0.348000] e1000e :00:01.0 eth0: (PCI Express:2.5GT/s:Width x1) 52:54:00:12:34:56 [0.356000] e1000e :00:01.0 eth0: Intel(R) PRO/1000 Network Connection [0.356000] e1000e :00:01.0 eth0: MAC: 3, PHY: 8, PBA No: 00-000 root@libertas:~# lspci -vvv 00:00.0 Host bridge: Red Hat, Inc. QEMU PCIe Host bridge Subsystem: Red Hat, Inc QEMU PCIe Host bridge Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- [disabled] Region 3: Memory at 4008 (32-bit, non-prefetchable) [size=16K] [virtual] Expansion ROM at 4000 [disabled] [size=256K] Capabilities: [c8] Power Management version 2 Flags: PMEClk- DSI+ D1- D2- AuxCurrent=0mA PME(D0-,D1-,D2-,D3hot-,D3cold-) Status: D0 NoSoftRst- PME-Enable- DSel=0 DScale=0 PME- Capabilities: [e0] Express (v1) Root Complex Integrated Endpoint, MSI 00 DevCap: MaxPayload 128 bytes, PhantFunc 0 ExtTag- RBE+ DevCtl: Report errors: Correctable- Non-Fatal- Fatal- Unsupported- RlxdOrd- ExtTag- PhantFunc- AuxPwr- NoSnoop- MaxPayload 128 bytes, MaxReadReq 128 bytes DevSta: CorrErr- UncorrErr- FatalErr- UnsuppReq- AuxPwr- TransPend- Capabilities: [100 v2] Advanced Error Reporting UESta: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq- ACSViol- UEMsk: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq- ACSViol- UESvrt: DLP+ SDES+ TLP- FCP+ CmpltTO- CmpltAbrt- UnxCmplt- RxOF+ MalfTLP+ ECRC- UnsupReq- ACSViol- CESta: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr- CEMsk: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr+ AERCap: First Error Pointer: 00, GenCap+ CGenEn- ChkCap+ ChkEn- Capabilities: [140 v1] Device Serial Number 52-54-00-ff-ff-12-34-56 Kernel driver in use: e1000e
Re: [Qemu-devel] [PATCH] memory: move MemoryRegion::size cleanup to memory_region_finalize()
On 09/10/2018 19:09, Laszlo Ersek wrote: >>memory_region_size() != 0 >> and therefore it's ok to access it in >>file_backend_unparent() >> if (memory_region_size() != 0) >> memory_region_get_ram_ptr() >> >> which happens when object_add fails and unparents failed backend making >> file_backend_unparent() access invalid memory region. > > I think it makes sense to zero out the size even if unparenting > would, in itself, prevent the above crash. Because, in > host_memory_backend_mr_inited(), we have: > > /* > * NOTE: We forbid zero-length memory backend, so here zero means > * "we haven't inited the backend memory region yet". > */ > > I'm unsure how general that invariant is, but it can't hurt to honor > it everywhere. (Especially if we can do the zeroing in one common > place.) Yeah, that's the part that I'm not sure about. If we do it in finalize, no one should be able to observe that we are zeroing it; finalize runs just before the object is g_free-d. I agree with Igor that it's nicer to leave the object in good state, but the right place to zero is exactly where the first patch placed it, i.e. where the error is detected and the initialization of memory_region_init is unwound. Paolo
[Qemu-devel] [PATCH 1/1] hw/arm/virt: provide a model property in the fdt
Device trees in the Linux kernel generally provide a model property. Some software like the Debian flash-kernel package rely on this property to identify boards. The patch sets the model property for the virt boards to 'QEMU virt'. Signed-off-by: Heinrich Schuchardt --- hw/arm/virt.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/arm/virt.c b/hw/arm/virt.c index 281ddcdf6e..abe366895a 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -200,6 +200,7 @@ static void create_fdt(VirtMachineState *vms) vms->fdt = fdt; /* Header */ +qemu_fdt_setprop_string(fdt, "/", "model", "QEMU virt"); qemu_fdt_setprop_string(fdt, "/", "compatible", "linux,dummy-virt"); qemu_fdt_setprop_cell(fdt, "/", "#address-cells", 0x2); qemu_fdt_setprop_cell(fdt, "/", "#size-cells", 0x2); -- 2.19.1
Re: [Qemu-devel] [PATCH v5 0/5] Connect a PCIe host and graphics support to RISC-V
>Why do you need two networking options? I don't need the e1000 for networking. The e1000 option is there to test the PCIe since it implements a PCIe model of the e1000 NIC. Basically it's another test path for your PCIe patches and was used for testing when PCIe support to the arm virt model [1]. >Strange. Is there any reason you need to use the e1000? The VirtIO >networking device works for me. As per above. The e1000 is there to test PCIe not networking. Stephen [1] https://github.com/qemu/qemu/commit/4ab29b8214cc4b54e0c1a8270b610a340311470e
Re: [Qemu-devel] [PATCH v1 0/5] Misc RISC-V patches
On Wed, 10 Oct 2018 11:10:07 PDT (-0700), peter.mayd...@linaro.org wrote: On 10 October 2018 at 18:49, Palmer Dabbelt wrote: we should really get the ball rolling on our big patch backlog. Yes, please do. Softfreeze is not all that far away and I would strongly prefer not to get an enormous sized pull request at the last minute. The ideal pattern is that code changes come in at a steady rate across the whole of the 'open' part of the development cycle. Ya, sorry, we've been a bit out of it. If I understand correctly, the soft freeze is the 30th? If so it's really time to get started, and it looks like Michael is busy so I'll have to go figure this out.
Re: [Qemu-devel] [PATCH v11 0/6] s390x: vfio-ap: guest dedicated crypto adapters
On 10/10/2018 07:03 PM, Tony Krowiak wrote: > This patch series is the QEMU counterpart to the KVM/kernel support for > guest dedicated crypto adapters. The KVM/kernel model is built on the > VFIO mediated device framework and provides the infrastructure for > granting exclusive guest access to crypto devices installed on the linux > host. This patch series introduces a new QEMU command line option, QEMU > object model and CPU model features to exploit the KVM/kernel model. > > See the detailed specifications for AP virtualization provided by this > patch set in docs/vfio-ap.txt for a more complete discussion of the > design introduced by this patch series. > > v10 => v11 Change log: Series seems to work fine. Christian > = > * Replaced DO_UPCAST macros in ap.c > * Initializing GError in vfio_ap_get_group() function (BUG) > * Updated s390 maintainers with new files in MAINTAINERS > * Fixed memory leak in vfio_ap_get_group() function > > v9 => v10 Change log: > > * Removed KVM_S390_VM_CPU_FEAT_AP feature from kvm.h > * Moved check for KVM_S390_VM_CRYPTO_ENABLE_APIE from patch 2/6 to patch > 3/6 > * Removed vfio from all function names in ap-bridge.c > * Removed unused macros and structure from ap-bridge.h > * Removed unused macros from ap-device.h > > v8 => v9 Change log: > === > * Removed all references to VFIO in AP bridge and bus > * Expose AP feature only if the KVM_S390_VM_CRYPTO_ENABLE_APIE VM attribute > is exposed by KVM - i.e., if AP instructions are available on the linux > host. > * Enable AP interpretation only if AP feature is switched on; no need to > disable because it is disabled by default. > > v7 => v8 Change log: > === > * Enable SIE interpretation AP instructions if the CPU model feature for > AP instructions is turned on for the guest. > > v6 => v7 Change log; > === > * Changed email address for Signed-off-by > > v5 => v6 Change log: > === > * Added reset handling fo vfio-ap device > * Added a bridge/bus to AP device object model - thanks to Halil Pasic > > v4 => v5 Change log: > === > * Added MAINTAINERS entries for VFIO AP > * Added explanation for why we are only supporting zEC12 and newer CPU > models. > * Changed CPU model feature qci=on|off to apqci=on|off > * Misc. minor changes > > v3 => v4 Change log: > === > * Made vfio-ap device unpluggable for now
Re: [Qemu-devel] [PATCH v1 0/5] Misc RISC-V patches
On 10/10/2018 11:10 AM, Peter Maydell wrote: On 10 October 2018 at 18:49, Palmer Dabbelt wrote: we should really get the ball rolling on our big patch backlog. Yes, please do. Softfreeze is not all that far away and I would strongly prefer not to get an enormous sized pull request at the last minute. The ideal pattern is that code changes come in at a steady rate across the whole of the 'open' part of the development cycle. Understandable. I'll send a PR in the next few days. I'm hoping I can bundle it with my PCIe patches which are just waiting on some discussion. Alistair thanks -- PMM
Re: [Qemu-devel] [PATCH v1 0/5] Misc RISC-V patches
On 10 October 2018 at 18:49, Palmer Dabbelt wrote: > we should really > get the ball rolling on our big patch backlog. Yes, please do. Softfreeze is not all that far away and I would strongly prefer not to get an enormous sized pull request at the last minute. The ideal pattern is that code changes come in at a steady rate across the whole of the 'open' part of the development cycle. thanks -- PMM
Re: [Qemu-devel] [PATCH v2 4/7] scripts/qemu.py: set predefined machine type based on arch
On 10/10/18 12:08 PM, Philippe Mathieu-Daudé wrote:
> On 10/10/2018 17:58, Cleber Rosa wrote:
>>
>>
>> On 10/10/18 11:26 AM, Philippe Mathieu-Daudé wrote:
>>> On 10/10/2018 16:28, Eduardo Habkost wrote:
On Wed, Oct 10, 2018 at 10:15:15AM -0400, Cleber Rosa wrote:
>
>
> On 10/10/18 9:59 AM, Cleber Rosa wrote:
>>
>>
>> On 10/10/18 9:46 AM, Eduardo Habkost wrote:
>>> On Wed, Oct 10, 2018 at 08:35:38AM -0400, Cleber Rosa wrote:
On 10/10/18 7:00 AM, Philippe Mathieu-Daudé wrote:
> On 10/10/2018 01:26, Cleber Rosa wrote:
>> Some targets require a machine type to be set, as there's no default
>> (aarch64 is one example). To give a consistent interface to users of
>> this API, this changes set_machine() so that a predefined default can
>> be used, if one is not given. The approach used is exactly the same
>> with the console device type.
>>
>> Also, even when there's a default machine type, for some purposes,
>> testing included, it's better if outside code is explicit about the
>> machine type, instead of relying on whatever is set internally.
>>
>> Signed-off-by: Cleber Rosa
>> ---
>> scripts/qemu.py | 22 +-
>> 1 file changed, 21 insertions(+), 1 deletion(-)
>>
>> diff --git a/scripts/qemu.py b/scripts/qemu.py
>> index d9e24a0c1a..fca9b76990 100644
>> --- a/scripts/qemu.py
>> +++ b/scripts/qemu.py
>> @@ -36,6 +36,15 @@ CONSOLE_DEV_TYPES = {
>> r'^s390-ccw-virtio.*': 'sclpconsole',
>> }
>>
>> +#: Maps archictures to the preferred machine type
>> +MACHINE_TYPES = {
>> +r'^aarch64$': 'virt',
>> +r'^ppc$': 'g3beige',
>> +r'^ppc64$': 'pseries',
>> +r'^s390x$': 's390-ccw-virtio',
>> +r'^x86_64$': 'q35',
>
> Why choose Q35 rather than PC (the default)?
>
> I was wondering about how to generate variants/machines.json but this
> is
> definitively something we want to do via a QMP query.
>
> Eduardo what do you think?
>
It was motivated by Eduardo's initiative to make q35 the default
"across
the board". He can confirm and give more details.
>>>
>>> Making Q35 the default on applications using QEMU and libvirt is
>>> something I'd like to happen. But I think the simplest way to do
>>> that is to change the QEMU default. This way you won't need this
>>> table on qemu.py: you can just use the default provided by QEMU.
>>>
>>
>> The idea is to bring consistency on how we're calling
>> "qemu-system-$(ARCH)", and at the same time apply the "explicit is
>> better than implicit" rule.
>>
>> The most important fact is that some targets do not (currently) have
>> "the default provided by QEMU", aarch64 is one of them.
>>
>> - Cleber.
>>
>
> So I ended up not relaying the question properly: should we default
> (even if explicitly adding "-machine") to "pc"?
I think using the default machine-type (when QEMU has a default)
would be less surprising for users of the qemu.py API.
Implicitly adding -machine when there's no default is also
surprising, but then it's a nice surprise: instead of crashing
you get a running VM.
Now, there are two other questions related to this:
If using 'pc' as default, should we always add -machine, or just
omit the machine-type name? I think we should omit it unless the
caller asked for a specific machine-type name (because it would
be less surprising for users of the API).
>>>
>>> I agree with that.
>>>
>>
>> OK!
>>
About our default testing configuration for acceptance tests:
should acceptance tests run against PC by default? Should it
test Q35? Should we test both PC and Q35? I'm not sure what's
the answer, but I think these decisions shouldn't affect the
qemu.py API at all.
>>>
>>> If I'm going to submit contributions to some subsystem, I'd like to run
>>> all the tests that cover this subsystem, previous to annoy the maintainer.
>>>
>>> For example if a series target the "X86 Machines" subsystem, then I'd
>>> expect the JSON variant to test both PC and Q35.
>>>
>>
>> I agree, and we'll get there, but I'd rather do it in small steps.
>
> Sure.
>
>>
>> The reason is that we want every single FAIL/ERROR on the acceptance
>> tests to really flag a regression, so we need careful execution and
>> validation prior to increasing the "test matrix".
>>
>> At the same time, we need to be careful to not grow the default
>> acceptance tests execution to a point that people won't run it. I've
>> just heard similar feedback regarding Avocado-VT, that has *too many*
Re: [Qemu-devel] [PATCH v2 4/7] scripts/qemu.py: set predefined machine type based on arch
On 10 October 2018 at 18:52, Cleber Rosa wrote: > > > On 10/10/18 12:23 PM, Peter Maydell wrote: >> On 10 October 2018 at 16:47, Cleber Rosa wrote: >>> To make sure we're on the same page, we're still going to have default >>> machine types, based on the arch, for those targets that don't provide >>> one (aarch64 is one example). Right? >> >> Does it make sense to define a default? The reason arm >> doesn't specify a default machine type is because you >> can't just run any old guest on any old machine type. >> You need to know "this guest image will run on machine >> type X", and run it on machine type X. This is like >> knowing you need to run a test on x86 PC and not >> on PPC spapr. >> > > While requiring tests to specify every single aspect of the environment > that will be used may be OK for low level unit tests, it puts a lot of > burden on higher level tests (which is supposed to be the vast majority > under tests/acceptance). > > From a test writer perspective, working on these higher level tests, it > may want to make sure that feature "X", unrelated to the target arch, > machine type, etc, "just works". You man want to look at the "vnc.py" > test for a real world example. OK, if it doesn't have a dependency on machine at all, it should state that somehow. > Eduardo has suggested that "make check-acceptance" runs all (possible) > tests on all target archs by default. Yeah; or we have some mechanism for trimming down the matrix of what we run. But I think it's better coverage if we have 3 tests ABC that don't depend on machine and 3 machines XYZ to run AX BY CZ than AX BX CX by specifying X as an arbitrary "default". It looks like the 'vnc' test is just testing QEMU functionality, not anything that involves interacting with the guest or machine model? There's a good argument that that only really needs to be run once, not once per architecture. You might also want to consider the "none" machine, which exists for bits of test infrastructure that aren't actually trying to run guests. >> Would it make more sense for each test to specify >> which machine types it can work on? >> > > I think it does, but I believe in the black list approach, instead of > the white list. > > The reason for that is that I believe that majority of the tests under > "tests/acceptance" can be made to work on every target (which would be > the default). So far, I've made sure tests behave correctly on the 5 > arches included in the "archs.json" file in this series (x86_64, ppc64, > ppc, aarch64, s390x). > > To give a full disclosure, "boot_linux.py" (boots a linux kernel) is > x86_64 specific, and CANCELS when asked to be run on other archs. But, > on the work I've done top of these series, it already works with ppc64 > and aarch64. Also, "boot_linux.py" sent in another series, (which boots > a full linux guest) is also being adapted to work on most of the target > archs. Right, "boot Linux" is machine specific. The kernel/disk /etc that boots on aarch64 virt is probably not going to boot on the 64-bit xilinx board; and on 32-bit arm you definitely are going to want a different kernel in some places. This is likely to be true of most tests that actually try to run code in the guest. We should aim to test the machines we care about (regardless of what architectures they are), rather than thinking about it in terms of "testing architectures X, Y, Z", I think. I think you're going to need at least some whitelist functionality; otherwise half the tests are going to break every time we add a new machine (and "add every new machine to the blacklist for half the tests" doesn't scale very well). thanks -- PMM
[Qemu-devel] [Bug 1795527] Re: Malformed audio and video output stuttering after upgrade to QEMU 3.0
OK, so in that case you'll need to do a git bisect to figure out what the first change was that broke it. If 3.0 is at one end and is bad, pick the last known good version (on the problem that you can reliably repeat) and do the bisect between them - if we're lucky we'll land on something obviously audio, windows or timing related. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1795527 Title: Malformed audio and video output stuttering after upgrade to QEMU 3.0 Status in QEMU: New Bug description: My host is an x86_64 Arch Linux OS with a recompiled 4.18.10 hardened kernel, running a few KVM guests with varying OSes and configurations managed through a Libvirt stack. Among these guests I have two Windows 10 VMs with VGA passthrough and PulseAudio-backed virtual audio devices. After upgrading to QEMU 3.0.0, both of the Win10 guests started showing corrupted audio output in the form of unnatural reproduction speed and occasional but consistently misplaced audio fragments originating from what seems to be a circular buffer wrapping over itself (misbehaviour detected by starting some games with known OSTs and dialogues: soundtracks sound accelerated and past dialogue lines start replaying middle-sentence until the next line starts playing). In addition, the video output of the malfunctioning VMs regularly stutters roughly twice a second for a fraction of a second (sync'ed with the suspected buffer wrapping and especially pronounced during not-pre-rendered cutscenes), toghether with mouse freezes that look like actual input misses more than simple lack of screen refreshes. The issue was succesfully reproduced without the managing stack, directly with the following command line, on the most capable Windows guest: QEMU_AUDIO_DRV=pa QEMU_PA_SERVER=127.0.0.1 /usr/bin/qemu-system-x86_64 -name guest=win10_gms,debug-threads=on \ -machine pc-i440fx-3.0,accel=kvm,usb=off,vmport=off,dump-guest-core=off \ -cpu host,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,hv_vendor_id=123456789abc,kvm=off \ -drive file=/usr/share/ovmf/x64/OVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on \ -drive file=/var/lib/libvirt/qemu/nvram/win10_gms_VARS.fd,if=pflash,format=raw,unit=1 \ -m 5120 \ -realtime mlock=off \ -smp 3,sockets=1,cores=3,threads=1 \ -uuid 39b56ee2-6bae-4009-9108-7be26d5d63ac \ -display none \ -no-user-config \ -nodefaults \ -rtc base=localtime,driftfix=slew \ -global kvm-pit.lost_tick_policy=delay \ -no-hpet \ -no-shutdown \ -global PIIX4_PM.disable_s3=1 \ -global PIIX4_PM.disable_s4=1 \ -boot strict=on \ -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x4.0x7 \ -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x4 \ -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x4.0x1 \ -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x4.0x2 \ -device ahci,id=sata0,bus=pci.0,addr=0x9 \ -drive file=/dev/vms/win10_gaming,format=raw,if=none,id=drive-virtio-disk0,cache=none,aio=native \ -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x5,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1,write-cache=on \ -drive file=/dev/sr0,format=raw,if=none,id=drive-sata0-0-0,media=cdrom,readonly=on \ -device ide-cd,bus=sata0.0,drive=drive-sata0-0-0,id=sata0-0-0 \ -device intel-hda,id=sound0,bus=pci.0,addr=0x3 \ -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 \ -device usb-host,hostbus=2,hostaddr=3,id=hostdev0,bus=usb.0,port=1 \ -device vfio-pci,host=01:00.0,id=hostdev1,bus=pci.0,addr=0x6 \ -device vfio-pci,host=01:00.1,id=hostdev2,bus=pci.0,addr=0x7 \ -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on By "purposedly misconfiguring" the codepaths and replacing "pc-i440fx-3.0" with "pc-i440fx-2.11" (basically
Re: [Qemu-devel] [PATCH v5 0/5] Connect a PCIe host and graphics support to RISC-V
On 10/10/2018 10:32 AM, Stephen Bates wrote:
I plan to also try with a e1000 network interface model tomorrow and see how
that behaves
Please do :)
I added e1000 and e1000e support to my kernel and changed the QEMU command to:
$QEMU -nographic \
-machine virt \
-smp 1 -m 8G \
-append "console=hvc0 ro root=/dev/vda nvme.admin_timeout=1" \
-kernel $KERNEL \
-drive file=${ROOTFS},format=raw,id=hd0 \
-device virtio-blk-device,drive=hd0 \
-device virtio-net-device,netdev=net0 \
-netdev user,id=net0 \
-device e1000,netdev=net1 \
-netdev user,id=net1
Why do you need two networking options?
And the kernel ooops:
[0.224000] e1000: Intel(R) PRO/1000 Network Driver - version 7.3.21-k8-NAPI
[0.224000] e1000: Copyright (c) 1999-2006 Intel Corporation.
[0.224000] e1000 :00:01.0: enabling device ( -> 0002)
[0.244000] Unable to handle kernel NULL pointer dereference at virtual
address
[0.244000] Oops [#1]
[0.244000] Modules linked in:
[0.244000] CPU: 0 PID: 1 Comm: swapper/0 Not tainted
4.19.0-rc6-eideticom-riscv-00038-gc2b45b2fe26a-dirty #41
[0.244000] sepc: ffd20040cc18 ra : ffd20040e912 sp :
ffd3f7a77b60
[0.244000] gp : ffd2007e5960 tp : ffd3f7ac t0 :
ffd3f754b4c0
[0.244000] t1 : t2 : 03af s0 :
ffd3f7a77b70
[0.244000] s1 : ffd3f7554b20 a0 : ffd3f7554b20 a1 :
[0.244000] a2 : a3 : 0001 a4 :
0002
[0.244000] a5 : 0002 a6 : eac0c6e6 a7 :
[0.244000] s2 : 04140240 s3 : s4 :
ffd3f7554f08
[0.244000] s5 : ffd3f7554000 s6 : ffd2007e7794 s7 :
ffd3f7555000
[0.244000] s8 : ffd3f75546c0 s9 : ffd3f7554b20 s10:
1000
[0.244000] s11: t3 : ffd20078e918 t4 :
ffd20078e920
[0.244000] t5 : 0007 t6 : 0006
[0.244000] sstatus: 0120 sbadaddr: scause:
000f
[0.252000] ---[ end trace 371f7702831e633b ]---
Strange. Is there any reason you need to use the e1000? The VirtIO
networking device works for me.
Alistair
Re: [Qemu-devel] [PATCH v5 0/5] Connect a PCIe host and graphics support to RISC-V
On 10/10/2018 05:26 AM, Andrea Bolognani wrote: On Thu, 2018-10-04 at 20:06 +, Alistair Francis wrote: Alistair Francis (5): hw/riscv/virt: Increase the number of interrupts hw/riscv/virt: Connect the gpex PCIe riscv: Enable VGA and PCIE_VGA hw/riscv/sifive_u: Connect the Xilinx PCIe hw/riscv/virt: Connect a VirtIO net PCIe device default-configs/riscv32-softmmu.mak | 10 +++- default-configs/riscv64-softmmu.mak | 10 +++- hw/riscv/sifive_u.c | 64 + hw/riscv/virt.c | 72 + include/hw/riscv/sifive_u.h | 4 +- include/hw/riscv/virt.h | 6 ++- 6 files changed, 161 insertions(+), 5 deletions(-) I gave v4 a try a few weeks ago because I wanted to see what would be needed to wire this up on the libvirt side. Turns out, not much really :) Great! I still have a couple of questions that hopefully you'll be able to answer: * what should libvirt look for to figure out whether or not a RISC-V guest will have PCI support? For aarch64 we look for the presence of the 'gpex-pcihost' device, but of course that won't work for RISC-V so we need something else; I'm not sure what you mean here. Why can we not do the same thing with RISC-V? * I have succesfully started a RISC-V guest with virtio-pci devices attached but, while they show up in 'info qtree' and friends, the guest OS itself doesn't seem to recognize any of them - not even pcie.0! I'm using the guest images listed at [1] and following the corresponding instructions, but I think the BBL build (config at [2]) is missing some feature... Any ideas what we would need to add there? I use this monolithic config: https://github.com/alistair23/meta-riscv/blob/7a950aa705b439b5ec19bb6f094930888335ba7b/recipes-kernel/linux/files/freedom-u540/defconfig It has way too much enabled, but I think if you copy the PCIe part that should be enough. My colleague Atish has Fedora booting on real hardware with the MicroSemi PCIe support. You can also see his config here: https://github.com/westerndigitalcorporation/RISC-V-Linux/blob/master/riscv-linux-conf/config_fedora_success_4.19_demo_sep11 Obviously on top of that you will need to enable the VirtIO support as that doesn't exist in the hardware. Alistair If you can help with these I'll give the patches another spin and gladly provide my Tested-by :) [1] https://fedoraproject.org/wiki/Architectures/RISC-V/Installing [2] https://github.com/rwmjones/fedora-riscv-kernel/blob/master/config
