Re: [PATCH 1/2] vhost-user: add VHOST_USER_RESET_DEVICE to reset devices

2019-12-12 Thread Raphael Norwitz
On Wed, Nov 06, 2019 at 06:36:01AM -0500, Michael S. Tsirkin wrote:
> 
> On Tue, Oct 29, 2019 at 05:38:02PM -0400, Raphael Norwitz wrote:
> > Add a VHOST_USER_RESET_DEVICE message which will reset the vhost user
> > backend. Disabling all rings, and resetting all internal state, ready
> > for the backend to be reinitialized.
> > 
> > A backend has to report it supports this features with the
> > VHOST_USER_PROTOCOL_F_RESET_DEVICE protocol feature bit. If it does
> > so, the new message is used instead of sending a RESET_OWNER which has
> > had inconsistent implementations.
> > 
> > Signed-off-by: David Vrabel 
> > Signed-off-by: Raphael Norwitz 

Ping on this. 

> 
> Looks ok, pls ping me after the release to apply this.
> > ---
> >  docs/interop/vhost-user.rst | 15 +++
> >  hw/virtio/vhost-user.c  |  8 +++-
> >  2 files changed, 22 insertions(+), 1 deletion(-)
> > 
> > diff --git a/docs/interop/vhost-user.rst b/docs/interop/vhost-user.rst
> > index 7827b71..d213d4a 100644
> > --- a/docs/interop/vhost-user.rst
> > +++ b/docs/interop/vhost-user.rst
> > @@ -785,6 +785,7 @@ Protocol features
> >#define VHOST_USER_PROTOCOL_F_SLAVE_SEND_FD  10
> >#define VHOST_USER_PROTOCOL_F_HOST_NOTIFIER  11
> >#define VHOST_USER_PROTOCOL_F_INFLIGHT_SHMFD 12
> > +  #define VHOST_USER_PROTOCOL_F_RESET_DEVICE   13
> >  
> >  Master message types
> >  
> > @@ -1190,6 +1191,20 @@ Master message types
> >ancillary data. The GPU protocol is used to inform the master of
> >rendering state and updates. See vhost-user-gpu.rst for details.
> >  
> > +``VHOST_USER_RESET_DEVICE``
> > +  :id: 34
> > +  :equivalent ioctl: N/A
> > +  :master payload: N/A
> > +  :slave payload: N/A
> > +
> > +  Ask the vhost user backend to disable all rings and reset all
> > +  internal device state to the initial state, ready to be
> > +  reinitialized. The backend retains ownership of the device
> > +  throughout the reset operation.
> > +
> > +  Only valid if the ``VHOST_USER_PROTOCOL_F_RESET_DEVICE`` protocol
> > +  feature is set by the backend.
> > +
> >  Slave message types
> >  ---
> >  
> > diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
> > index 02a9b25..d27a10f 100644
> > --- a/hw/virtio/vhost-user.c
> > +++ b/hw/virtio/vhost-user.c
> > @@ -58,6 +58,7 @@ enum VhostUserProtocolFeature {
> >  VHOST_USER_PROTOCOL_F_SLAVE_SEND_FD = 10,
> >  VHOST_USER_PROTOCOL_F_HOST_NOTIFIER = 11,
> >  VHOST_USER_PROTOCOL_F_INFLIGHT_SHMFD = 12,
> > +VHOST_USER_PROTOCOL_F_RESET_DEVICE = 13,
> >  VHOST_USER_PROTOCOL_F_MAX
> >  };
> >  
> > @@ -98,6 +99,7 @@ typedef enum VhostUserRequest {
> >  VHOST_USER_GET_INFLIGHT_FD = 31,
> >  VHOST_USER_SET_INFLIGHT_FD = 32,
> >  VHOST_USER_GPU_SET_SOCKET = 33,
> > +VHOST_USER_RESET_DEVICE = 34,
> >  VHOST_USER_MAX
> >  } VhostUserRequest;
> >  
> > @@ -890,10 +892,14 @@ static int vhost_user_set_owner(struct vhost_dev *dev)
> >  static int vhost_user_reset_device(struct vhost_dev *dev)
> >  {
> >  VhostUserMsg msg = {
> > -.hdr.request = VHOST_USER_RESET_OWNER,
> >  .hdr.flags = VHOST_USER_VERSION,
> >  };
> >  
> > +msg.hdr.request = virtio_has_feature(dev->protocol_features,
> > + 
> > VHOST_USER_PROTOCOL_F_RESET_DEVICE)
> > +? VHOST_USER_RESET_DEVICE
> > +: VHOST_USER_RESET_OWNER;
> > +
> >  if (vhost_user_write(dev, &msg, NULL, 0) < 0) {
> >  return -1;
> >  }
> > -- 
> > 1.8.3.1
> 
> 



Re: [PATCH v2 0/2] hw/arm: ast2600: Wire up eMMC controller

2019-12-12 Thread Andrew Jeffery



On Fri, 13 Dec 2019, at 18:03, Cédric Le Goater wrote:
> On 13/12/2019 05:28, Andrew Jeffery wrote:
> > Hello,
> > 
> > The AST2600 has an additional SDHCI intended for use as an eMMC boot source.
> > These two patches rework the existing ASPEED SDHCI model to accommodate the
> > single-slot nature of the eMMC controller and wire it into the AST2600 SoC.
> > 
> > v2 contains some minor refactorings in response to issues pointed out by
> > Cedric.
>  
> 
> I think these patches are based on mainline. I fixed them locally on 
> my aspeed 5.0 branch and I plan to send them along with other aspeed 
> changes in the 5.0 timeframe.  

Yeah, they're based on Peter's tree. I'll base future patches on yours.

Andrew



Re: [PATCH v2 0/2] hw/arm: ast2600: Wire up eMMC controller

2019-12-12 Thread Cédric Le Goater
On 13/12/2019 05:28, Andrew Jeffery wrote:
> Hello,
> 
> The AST2600 has an additional SDHCI intended for use as an eMMC boot source.
> These two patches rework the existing ASPEED SDHCI model to accommodate the
> single-slot nature of the eMMC controller and wire it into the AST2600 SoC.
> 
> v2 contains some minor refactorings in response to issues pointed out by
> Cedric.
 

I think these patches are based on mainline. I fixed them locally on 
my aspeed 5.0 branch and I plan to send them along with other aspeed 
changes in the 5.0 timeframe.  

Thanks,

C. 

> 
> v1 can be found here:
> 
> https://patchwork.ozlabs.org/cover/1206845/
> 
> Please review!
> 
> Andrew
> 
> Andrew Jeffery (2):
>   hw/sd: Configure number of slots exposed by the ASPEED SDHCI model
>   hw/arm: ast2600: Wire up the eMMC controller
> 
>  hw/arm/aspeed.c  | 27 +--
>  hw/arm/aspeed_ast2600.c  | 23 +++
>  hw/arm/aspeed_soc.c  |  2 ++
>  hw/sd/aspeed_sdhci.c | 11 +--
>  include/hw/arm/aspeed_soc.h  |  2 ++
>  include/hw/sd/aspeed_sdhci.h |  1 +
>  6 files changed, 54 insertions(+), 12 deletions(-)
> 
> base-commit: 6a4ef4e5d1084ce41fafa7d470a644b0fd3d9317
> 




[PING]Re: [PATCH v0 2/2] block: allow to set 'drive' property on a realized block device

2019-12-12 Thread Denis Plotnikov


On 18.11.2019 13:50, Denis Plotnikov wrote:
>
>
> On 10.11.2019 22:08, Denis Plotnikov wrote:
>>
>> On 10.11.2019 22:03, Denis Plotnikov wrote:
>>> This allows to change (replace) the file on a block device and is 
>>> useful
>>> to workaround exclusive file access restrictions, e.g. to implement VM
>>> migration with a shared disk stored on some storage with the exclusive
>>> file opening model: a destination VM is started waiting for incomming
>>> migration with a fake image drive, and later, on the last migration
>>> phase, the fake image file is replaced with the real one.
>>>
>>> Signed-off-by: Denis Plotnikov 
>>> ---
>>>   hw/core/qdev-properties-system.c | 89 
>>> +++-
>>>   1 file changed, 77 insertions(+), 12 deletions(-)
>>>
>>> diff --git a/hw/core/qdev-properties-system.c 
>>> b/hw/core/qdev-properties-system.c
>>> index c534590dcd..aaab1370a4 100644
>>> --- a/hw/core/qdev-properties-system.c
>>> +++ b/hw/core/qdev-properties-system.c
>>> @@ -79,8 +79,55 @@ static void set_pointer(Object *obj, Visitor *v, 
>>> Property *prop,
>>>     /* --- drive --- */
>>>   -static void do_parse_drive(DeviceState *dev, const char *str, 
>>> void **ptr,
>>> -   const char *propname, bool iothread, 
>>> Error **errp)
>>> +static void do_parse_drive_realized(DeviceState *dev, const char *str,
>>> +    void **ptr, const char *propname,
>>> +    bool iothread, Error **errp)
>>> +{
>>> +    BlockBackend *blk = *ptr;
>>> +    BlockDriverState *bs = bdrv_lookup_bs(NULL, str, NULL);
>>> +    int ret;
>>> +    bool blk_created = false;
>>> +
>>> +    if (!bs) {
>>> +    error_setg(errp, "Can't find blockdev '%s'", str);
>>> +    return;
>>> +    }
>>> +
>>> +    if (!blk) {
>>> +    AioContext *ctx = iothread ? bdrv_get_aio_context(bs) :
>>> + qemu_get_aio_context();
>>> +    blk = blk_new(ctx, BLK_PERM_ALL, BLK_PERM_ALL);
>>> +    blk_created = true;
>>
>> Actually, I have concerns about situation where blk=null.
>>
>> Is there any case when scsi-hd (or others) doesn't have a blk 
>> assigned and it's legal?
>>
>>> +    } else {
>>> +    if (blk_bs(blk)) {
>>> +    blk_remove_bs(blk);
>>> +    }
>>> +    }
>>> +
>>> +    ret = blk_insert_bs(blk, bs, errp);
>>> +
>>> +    if (!ret && blk_created) {
>>> +    if (blk_attach_dev(blk, dev) < 0) {
>>> +    /*
>>> + * Shouldn't be any errors here since we just created
>>> + * the new blk because the device doesn't have any.
>>> + * Leave the message here in case blk_attach_dev is 
>>> changed
>>> + */
>>> + error_setg(errp, "Can't attach drive '%s' to device 
>>> '%s'",
>>> +    str, object_get_typename(OBJECT(dev)));
>>> +    } else {
>>> +    *ptr = blk;
>>> +    }
>>> +    }
> Another problem here, is that the "size" of the device dev may not 
> match after setting a drive.
> So, we should update it after the drive setting.
> It was found, that it could be done by calling 
> BlockDevOps.bdrv_parent_cb_resize.
>
> But I have some concerns about doing it so. In the case of virtio scsi 
> disk we have the following callstack
>
>     bdrv_parent_cb_resize calls() ->
>     scsi_device_report_change(dev, SENSE_CODE(CAPACITY_CHANGED)) ->
>             virtio_scsi_change ->
>     virtio_scsi_push_event(s, dev, 
> VIRTIO_SCSI_T_PARAM_CHANGE,
>                             sense.asc | 
> (sense.ascq << 8));
>
>
> virtio_scsi_change  pushes the event to the guest to make the guest 
> ask for size refreshing.
> If I'm not mistaken, here we can get a race condition when some 
> another request is processed with an unchanged
> size and then the size changing request is processed.
>
> I didn't find a better way to update device size so any comments are 
> welcome.
>
> Thanks!
>
> Denis
>>> +
>>> +    if (blk_created) {
>>> +    blk_unref(blk);
>>> +    }
>>> +}
>>> +
>>> +static void do_parse_drive_unrealized(DeviceState *dev, const char 
>>> *str,
>>> +  void **ptr, const char 
>>> *propname,
>>> +  bool iothread, Error **errp)
>>>   {
>>>   BlockBackend *blk;
>>>   bool blk_created = false;
>>> @@ -137,18 +184,34 @@ fail:
>>>   }
>>>   }
>>>   -static void parse_drive(DeviceState *dev, const char *str, void 
>>> **ptr,
>>> -    const char *propname, Error **errp)
>>> -{
>>> -    do_parse_drive(dev, str, ptr, propname, false, errp);
>>> -}
>>> -
>>> -static void parse_drive_iothread(DeviceState *dev, const char *str, 
>>> void **ptr,
>>> +static void parse_drive_realized(DeviceState *dev, const char *str, 
>>> void **ptr,
>>>    const char *propname, Error **errp)
>>>   {
>>> -    do_parse_drive(dev, str, ptr, propna

Re: [PATCH v2 2/2] hw/arm: ast2600: Wire up the eMMC controller

2019-12-12 Thread Cédric Le Goater
On 13/12/2019 05:28, Andrew Jeffery wrote:
> Initialise another SDHCI model instance for the AST2600's eMMC
> controller and use the SDHCI's num_slots value introduced previously to
> determine whether we should create an SD card instance for the new slot.
> 
> Signed-off-by: Andrew Jeffery 

Reviewed-by: Cédric Le Goater 

> ---
> 
> v2:
> * Extract instantiation of SD cards to helper function
> 
>  hw/arm/aspeed.c | 25 -
>  hw/arm/aspeed_ast2600.c | 21 +
>  include/hw/arm/aspeed_soc.h |  2 ++
>  3 files changed, 39 insertions(+), 9 deletions(-)
> 
> diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c
> index 862549b1f3a9..87baac0ea46c 100644
> --- a/hw/arm/aspeed.c
> +++ b/hw/arm/aspeed.c
> @@ -167,6 +167,18 @@ static void aspeed_board_init_flashes(AspeedSMCState *s, 
> const char *flashtype,
>  }
>  }
>  
> +static void sdhci_attach_drive(SDHCIState *sdhci, DriveInfo *dinfo)
> +{
> +BlockBackend *blk;
> +DeviceState *card;
> +
> +blk = dinfo ? blk_by_legacy_dinfo(dinfo) : NULL;
> +card = qdev_create(qdev_get_child_bus(DEVICE(sdhci), "sd-bus"),
> +   TYPE_SD_CARD);
> +qdev_prop_set_drive(card, "drive", blk, &error_fatal);
> +object_property_set_bool(OBJECT(card), true, "realized", 
> &error_fatal);
> +}
> +
>  static void aspeed_board_init(MachineState *machine,
>const AspeedBoardConfig *cfg)
>  {
> @@ -260,16 +272,11 @@ static void aspeed_board_init(MachineState *machine,
>  }
>  
>  for (i = 0; i < bmc->soc.sdhci.num_slots; i++) {
> -SDHCIState *sdhci = &bmc->soc.sdhci.slots[i];
> -DriveInfo *dinfo = drive_get_next(IF_SD);
> -BlockBackend *blk;
> -DeviceState *card;
> +sdhci_attach_drive(&bmc->soc.sdhci.slots[i], drive_get_next(IF_SD));
> +}
>  
> -blk = dinfo ? blk_by_legacy_dinfo(dinfo) : NULL;
> -card = qdev_create(qdev_get_child_bus(DEVICE(sdhci), "sd-bus"),
> -   TYPE_SD_CARD);
> -qdev_prop_set_drive(card, "drive", blk, &error_fatal);
> -object_property_set_bool(OBJECT(card), true, "realized", 
> &error_fatal);
> +if (bmc->soc.emmc.num_slots) {
> +sdhci_attach_drive(&bmc->soc.emmc.slots[0], drive_get_next(IF_SD));
>  }
>  
>  arm_load_kernel(ARM_CPU(first_cpu), machine, &aspeed_board_binfo);
> diff --git a/hw/arm/aspeed_ast2600.c b/hw/arm/aspeed_ast2600.c
> index 931ee5aae183..723c8196c8a5 100644
> --- a/hw/arm/aspeed_ast2600.c
> +++ b/hw/arm/aspeed_ast2600.c
> @@ -46,6 +46,7 @@ static const hwaddr aspeed_soc_ast2600_memmap[] = {
>  [ASPEED_ADC]   = 0x1E6E9000,
>  [ASPEED_VIDEO] = 0x1E70,
>  [ASPEED_SDHCI] = 0x1E74,
> +[ASPEED_EMMC]  = 0x1E75,
>  [ASPEED_GPIO]  = 0x1E78,
>  [ASPEED_GPIO_1_8V] = 0x1E780800,
>  [ASPEED_RTC]   = 0x1E781000,
> @@ -64,6 +65,7 @@ static const hwaddr aspeed_soc_ast2600_memmap[] = {
>  
>  #define ASPEED_SOC_AST2600_MAX_IRQ 128
>  
> +/* Shared Peripheral Interrupt values below are offset by -32 from datasheet 
> */
>  static const int aspeed_soc_ast2600_irqmap[] = {
>  [ASPEED_UART1] = 47,
>  [ASPEED_UART2] = 48,
> @@ -77,6 +79,7 @@ static const int aspeed_soc_ast2600_irqmap[] = {
>  [ASPEED_ADC]   = 78,
>  [ASPEED_XDMA]  = 6,
>  [ASPEED_SDHCI] = 43,
> +[ASPEED_EMMC]  = 15,
>  [ASPEED_GPIO]  = 40,
>  [ASPEED_GPIO_1_8V] = 11,
>  [ASPEED_RTC]   = 13,
> @@ -215,6 +218,14 @@ static void aspeed_soc_ast2600_init(Object *obj)
>  sysbus_init_child_obj(obj, "sdhci[*]", OBJECT(&s->sdhci.slots[i]),
>sizeof(s->sdhci.slots[i]), TYPE_SYSBUS_SDHCI);
>  }
> +
> +sysbus_init_child_obj(obj, "emmc", OBJECT(&s->emmc), sizeof(s->emmc),
> +  TYPE_ASPEED_SDHCI);
> +
> +object_property_set_int(OBJECT(&s->emmc), 1, "num-slots", &error_abort);
> +
> +sysbus_init_child_obj(obj, "emmc[*]", OBJECT(&s->emmc.slots[0]),
> +sizeof(s->emmc.slots[0]), TYPE_SYSBUS_SDHCI);
>  }
>  
>  /*
> @@ -487,6 +498,16 @@ static void aspeed_soc_ast2600_realize(DeviceState *dev, 
> Error **errp)
>  sc->memmap[ASPEED_SDHCI]);
>  sysbus_connect_irq(SYS_BUS_DEVICE(&s->sdhci), 0,
> aspeed_soc_get_irq(s, ASPEED_SDHCI));
> +
> +/* eMMC */
> +object_property_set_bool(OBJECT(&s->emmc), true, "realized", &err);
> +if (err) {
> +error_propagate(errp, err);
> +return;
> +}
> +sysbus_mmio_map(SYS_BUS_DEVICE(&s->emmc), 0, sc->memmap[ASPEED_EMMC]);
> +sysbus_connect_irq(SYS_BUS_DEVICE(&s->emmc), 0,
> +   aspeed_soc_get_irq(s, ASPEED_EMMC));
>  }
>  
>  static void aspeed_soc_ast2600_class_init(ObjectClass *oc, void *data)
> diff --git a/include/hw/arm/aspeed_soc.h b/include/hw/arm/aspeed_soc.h
> index 495c08be1b84..911

Re: [PATCH v2 1/2] hw/sd: Configure number of slots exposed by the ASPEED SDHCI model

2019-12-12 Thread Cédric Le Goater
On 13/12/2019 05:28, Andrew Jeffery wrote:
> The AST2600 includes a second cut-down version of the SD/MMC controller
> found in the AST2500, named the eMMC controller. It's cut down in the
> sense that it only supports one slot rather than two, but it brings the
> total number of slots supported by the AST2600 to three.
> 
> The existing code assumed that the SD controller always provided two
> slots. Rework the SDHCI object to expose the number of slots as a
> property to be set by the SoC configuration.
> 
> Signed-off-by: Andrew Jeffery 
> Reviewed-by: Philippe Mathieu-Daudé 

Reviewed-by: Cédric Le Goater 

> ---
>  hw/arm/aspeed.c  |  2 +-
>  hw/arm/aspeed_ast2600.c  |  2 ++
>  hw/arm/aspeed_soc.c  |  2 ++
>  hw/sd/aspeed_sdhci.c | 11 +--
>  include/hw/sd/aspeed_sdhci.h |  1 +
>  5 files changed, 15 insertions(+), 3 deletions(-)
> 
> diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c
> index 028191ff36fc..862549b1f3a9 100644
> --- a/hw/arm/aspeed.c
> +++ b/hw/arm/aspeed.c
> @@ -259,7 +259,7 @@ static void aspeed_board_init(MachineState *machine,
>  cfg->i2c_init(bmc);
>  }
>  
> -for (i = 0; i < ARRAY_SIZE(bmc->soc.sdhci.slots); i++) {
> +for (i = 0; i < bmc->soc.sdhci.num_slots; i++) {
>  SDHCIState *sdhci = &bmc->soc.sdhci.slots[i];
>  DriveInfo *dinfo = drive_get_next(IF_SD);
>  BlockBackend *blk;
> diff --git a/hw/arm/aspeed_ast2600.c b/hw/arm/aspeed_ast2600.c
> index 931887ac681f..931ee5aae183 100644
> --- a/hw/arm/aspeed_ast2600.c
> +++ b/hw/arm/aspeed_ast2600.c
> @@ -208,6 +208,8 @@ static void aspeed_soc_ast2600_init(Object *obj)
>  sysbus_init_child_obj(obj, "sdc", OBJECT(&s->sdhci), sizeof(s->sdhci),
>TYPE_ASPEED_SDHCI);
>  
> +object_property_set_int(OBJECT(&s->sdhci), 2, "num-slots", &error_abort);
> +
>  /* Init sd card slot class here so that they're under the correct parent 
> */
>  for (i = 0; i < ASPEED_SDHCI_NUM_SLOTS; ++i) {
>  sysbus_init_child_obj(obj, "sdhci[*]", OBJECT(&s->sdhci.slots[i]),
> diff --git a/hw/arm/aspeed_soc.c b/hw/arm/aspeed_soc.c
> index f4fe243458fd..c39a42f914d4 100644
> --- a/hw/arm/aspeed_soc.c
> +++ b/hw/arm/aspeed_soc.c
> @@ -215,6 +215,8 @@ static void aspeed_soc_init(Object *obj)
>  sysbus_init_child_obj(obj, "sdc", OBJECT(&s->sdhci), sizeof(s->sdhci),
>TYPE_ASPEED_SDHCI);
>  
> +object_property_set_int(OBJECT(&s->sdhci), 2, "num-slots", &error_abort);
> +
>  /* Init sd card slot class here so that they're under the correct parent 
> */
>  for (i = 0; i < ASPEED_SDHCI_NUM_SLOTS; ++i) {
>  sysbus_init_child_obj(obj, "sdhci[*]", OBJECT(&s->sdhci.slots[i]),
> diff --git a/hw/sd/aspeed_sdhci.c b/hw/sd/aspeed_sdhci.c
> index cff3eb7dd21e..939d1510dedb 100644
> --- a/hw/sd/aspeed_sdhci.c
> +++ b/hw/sd/aspeed_sdhci.c
> @@ -13,6 +13,7 @@
>  #include "qapi/error.h"
>  #include "hw/irq.h"
>  #include "migration/vmstate.h"
> +#include "hw/qdev-properties.h"
>  
>  #define ASPEED_SDHCI_INFO0x00
>  #define  ASPEED_SDHCI_INFO_RESET 0x0003
> @@ -120,14 +121,14 @@ static void aspeed_sdhci_realize(DeviceState *dev, 
> Error **errp)
>  
>  /* Create input irqs for the slots */
>  qdev_init_gpio_in_named_with_opaque(DEVICE(sbd), aspeed_sdhci_set_irq,
> -sdhci, NULL, ASPEED_SDHCI_NUM_SLOTS);
> +sdhci, NULL, sdhci->num_slots);
>  
>  sysbus_init_irq(sbd, &sdhci->irq);
>  memory_region_init_io(&sdhci->iomem, OBJECT(sdhci), &aspeed_sdhci_ops,
>sdhci, TYPE_ASPEED_SDHCI, 0x1000);
>  sysbus_init_mmio(sbd, &sdhci->iomem);
>  
> -for (int i = 0; i < ASPEED_SDHCI_NUM_SLOTS; ++i) {
> +for (int i = 0; i < sdhci->num_slots; ++i) {
>  Object *sdhci_slot = OBJECT(&sdhci->slots[i]);
>  SysBusDevice *sbd_slot = SYS_BUS_DEVICE(&sdhci->slots[i]);
>  
> @@ -174,6 +175,11 @@ static const VMStateDescription vmstate_aspeed_sdhci = {
>  },
>  };
>  
> +static Property aspeed_sdhci_properties[] = {
> +DEFINE_PROP_UINT8("num-slots", AspeedSDHCIState, num_slots, 0),
> +DEFINE_PROP_END_OF_LIST(),
> +};
> +
>  static void aspeed_sdhci_class_init(ObjectClass *classp, void *data)
>  {
>  DeviceClass *dc = DEVICE_CLASS(classp);
> @@ -181,6 +187,7 @@ static void aspeed_sdhci_class_init(ObjectClass *classp, 
> void *data)
>  dc->realize = aspeed_sdhci_realize;
>  dc->reset = aspeed_sdhci_reset;
>  dc->vmsd = &vmstate_aspeed_sdhci;
> +dc->props = aspeed_sdhci_properties;
>  }
>  
>  static TypeInfo aspeed_sdhci_info = {
> diff --git a/include/hw/sd/aspeed_sdhci.h b/include/hw/sd/aspeed_sdhci.h
> index dfdab4379021..dffbb46946b9 100644
> --- a/include/hw/sd/aspeed_sdhci.h
> +++ b/include/hw/sd/aspeed_sdhci.h
> @@ -24,6 +24,7 @@ typedef struct AspeedSDHCIState {
>  SysBusDevice parent;
>  
>  SDHCIState slots[ASPEED_SDHCI

Re: virtio capabilities

2019-12-12 Thread Michael S. Tsirkin
On Fri, Dec 13, 2019 at 05:05:05PM +1100, Alexey Kardashevskiy wrote:
> Hi!
> 
> I am having an issue with capabilities (hopefully the chunk formatting
> won't break).
> 
> The problem is that when virtio_pci_find_capability() reads
> pci_find_capability(dev, PCI_CAP_ID_VNDR), 0 is returned; if repeated,
> it returns a valid number (0x84). Timing seems to matter. pci_cfg_read
> trace shows that that first time read does not reach QEMU but others do
> reach QEMU and return what is expected.
> 
> How to debug this, any quick ideas?
> The config space is not a MMIO BAR
> or KVM memory slot or anything like this, right? :) Thanks,

Depends on the platform.

E.g. on x86, when using cf8/cfc pair, if guest doesn't
have a lock around programming the pair of registers,
then one access can conflict with another one.

When using express it's MMIO so shouldn't be a problem.

> 
> [3.489492] ___K___ (0) virtio_pci_modern_probe 642
> [3.489697] ___K___ (0) virtio_pci_find_capability 492: FIND a cap
> [3.490070] ___K___ (0) virtio_pci_find_capability 494: cap is at 0
> [3.490335] ___K___ (0) virtio_pci_find_capability 492: FIND a cap
> 10909@1576216763.643271:pci_cfg_read virtio-net-pci 00:0 @0x6 -> 0x10
> 10909@1576216763.643431:pci_cfg_read virtio-net-pci 00:0 @0x34 -> 0x98
> 10909@1576216763.643591:pci_cfg_read virtio-net-pci 00:0 @0x98 -> 0x8411
> 10909@1576216763.643747:pci_cfg_read virtio-net-pci 00:0 @0x84 -> 0x7009
> [3.491264] ___K___ (0) virtio_pci_find_capability 494: cap is at 132
> 10909@1576216763.644140:pci_cfg_read virtio-net-pci 00:0 @0x87 -> 0x5
> 10909@1576216763.644287:pci_cfg_read virtio-net-pci 00:0 @0x88 -> 0x0
> [3.491803] ___K___ (0) virtio_pci_find_capability 506: 5 0
> 10909@1576216763.644632:pci_cfg_read virtio-net-pci 00:0 @0x85 -> 0x70
> 10909@1576216763.644786:pci_cfg_read virtio-net-pci 00:0 @0x70 -> 0x6009
> 10909@1576216763.644942:pci_cfg_read virtio-net-pci 00:0 @0x73 -> 0x2
> 10909@1576216763.645092:pci_cfg_read virtio-net-pci 00:0 @0x74 -> 0x4
> [3.492607] ___K___ (0) virtio_pci_find_capability 506: 2 4
> 
> 
> 
> 
> 
> diff --git a/drivers/virtio/virtio_pci_modern.c
> b/drivers/virtio/virtio_pci_modern.c
> index 7abcc50838b8..85b2a7ce96e9 100644
> --- a/drivers/virtio/virtio_pci_modern.c
> +++ b/drivers/virtio/virtio_pci_modern.c
> @@ -486,9 +486,14 @@ static const struct virtio_config_ops
> virtio_pci_config_ops = {
>  static inline int virtio_pci_find_capability(struct pci_dev *dev, u8
> cfg_type,
>  u32 ioresource_types, int
> *bars)
>  {
> -   int pos;
> +   int pos = 0;// = pci_find_capability(dev, PCI_CAP_ID_VNDR);
> 
> -   for (pos = pci_find_capability(dev, PCI_CAP_ID_VNDR);
> +   while (!pos) {
> +   pr_err("___K___ (%u) %s %u: FIND a cap\n",
> smp_processor_id(), __func__, __LINE__);
> +   pos = pci_find_capability(dev, PCI_CAP_ID_VNDR);
> +   pr_err("___K___ (%u) %s %u: cap is at %d\n",
> smp_processor_id(), __func__, __LINE__, pos);
> +   }
> +   for (;
>  pos > 0;
>  pos = pci_find_next_capability(dev, pos, PCI_CAP_ID_VNDR)) {
> u8 type, bar;
> 
> 
> -- 
> Alexey




Re:[Qemu-devel] [PATCH v2] vhost-vsock: report QMP event whensetrunning

2019-12-12 Thread ning.bo9
> This can be done efficiently as follows:
> 1. kata-runtime listens on a vsock port
> 2. kata-agent-port=PORT is added to the kernel command-line options
> 3. kata-agent parses the port number and connects to the host
> 
> This eliminates the reconnection attempts.

There will be an additional problem if do this:
Who decides which port the `runtime` should listen?

Consider the worst case: 
The ports selected by two `runtime` running in parallel always conflict, 
and this case is unavoidable, even if we can reduce the possibility of 
conflicts through algorithms.
Because we don't have a daemon that can allocate unique port to `runtime`.


> Userspace APIs to avoid the 2 second wait already exist:
> 
> 1. The SO_VM_SOCKETS_CONNECT_TIMEOUT socket option controls the connect
>timeout for this socket.

Yes, it has the same effect

> 2. Non-blocking connect allows the userspace process to do other things
>while a connection attempt is being made.

I don't think the `tunime` has anything to do except wait for the response from 
the `agent` at that moment



Now let me sort out the currently known methods:
1. `runtime` does not connect until it receives the qmp event reported by qemu 
when the `agent` opens the vsock device.
- The method looks inappropriate now.
2. adding a special case for vhost_vsock.ko.
- Also inappropriate.
3. connect to `runtime` from `agent`.
- `runtime` may not be able to choose the right port.
4. Use `SO_VM_SOCKETS_CONNECT_TIMEOUT` option.
- The effect is similar to method 2, no need to modify the kernel module 
code.

I have an additional question:
If useing method 4, when `runtime` calls connect use NONBLOCK option with very 
short timeout in an infinite loop, the kernel maybe frequently creates timers. 
Is there any other side effects?

signature.asc
Description: Binary data


Re: [RFC PATCH v2 1/5] hw: add compat machines for 5.0

2019-12-12 Thread Andrew Jones
On Thu, Dec 12, 2019 at 04:24:19PM -0300, Eduardo Habkost wrote:
> On Thu, Dec 12, 2019 at 06:33:16PM +0100, Andrew Jones wrote:
> > Add 5.0 machine types for arm/i440fx/q35/s390x/spapr.
> > 
> > Signed-off-by: Andrew Jones 
> > 
> > ---
> > 
> > Hi Eduardo,
> > 
> > If we need to do something special for i440fx and q35, as
> > 9aec2e52ce9d ("hw: add compat machines for 4.2") implies, then
> > I'll need guidance as to what.
> 
> Keeping default_cpu_version==1 in pc-*-5.0 (like you did) is
> correct.
> 
> However, you might want to use Cornelia's patch (which is
> probably already queued in the s390 tree) instead:
> https://patchew.org/QEMU/20191112104811.30323-1-coh...@redhat.com
>

Drat. I did search the mailing list for a posting from someone else first,
but I made the mistake of searching subjects for 'machine type' rather
than 'compat machines'. Certainly we should use Cornelia's. Mine is
just noise.

Thank you reviewers, and sorry for the duplicated effort.

drew




virtio capabilities

2019-12-12 Thread Alexey Kardashevskiy
Hi!

I am having an issue with capabilities (hopefully the chunk formatting
won't break).

The problem is that when virtio_pci_find_capability() reads
pci_find_capability(dev, PCI_CAP_ID_VNDR), 0 is returned; if repeated,
it returns a valid number (0x84). Timing seems to matter. pci_cfg_read
trace shows that that first time read does not reach QEMU but others do
reach QEMU and return what is expected.

How to debug this, any quick ideas? The config space is not a MMIO BAR
or KVM memory slot or anything like this, right? :) Thanks,


[3.489492] ___K___ (0) virtio_pci_modern_probe 642
[3.489697] ___K___ (0) virtio_pci_find_capability 492: FIND a cap
[3.490070] ___K___ (0) virtio_pci_find_capability 494: cap is at 0
[3.490335] ___K___ (0) virtio_pci_find_capability 492: FIND a cap
10909@1576216763.643271:pci_cfg_read virtio-net-pci 00:0 @0x6 -> 0x10
10909@1576216763.643431:pci_cfg_read virtio-net-pci 00:0 @0x34 -> 0x98
10909@1576216763.643591:pci_cfg_read virtio-net-pci 00:0 @0x98 -> 0x8411
10909@1576216763.643747:pci_cfg_read virtio-net-pci 00:0 @0x84 -> 0x7009
[3.491264] ___K___ (0) virtio_pci_find_capability 494: cap is at 132
10909@1576216763.644140:pci_cfg_read virtio-net-pci 00:0 @0x87 -> 0x5
10909@1576216763.644287:pci_cfg_read virtio-net-pci 00:0 @0x88 -> 0x0
[3.491803] ___K___ (0) virtio_pci_find_capability 506: 5 0
10909@1576216763.644632:pci_cfg_read virtio-net-pci 00:0 @0x85 -> 0x70
10909@1576216763.644786:pci_cfg_read virtio-net-pci 00:0 @0x70 -> 0x6009
10909@1576216763.644942:pci_cfg_read virtio-net-pci 00:0 @0x73 -> 0x2
10909@1576216763.645092:pci_cfg_read virtio-net-pci 00:0 @0x74 -> 0x4
[3.492607] ___K___ (0) virtio_pci_find_capability 506: 2 4





diff --git a/drivers/virtio/virtio_pci_modern.c
b/drivers/virtio/virtio_pci_modern.c
index 7abcc50838b8..85b2a7ce96e9 100644
--- a/drivers/virtio/virtio_pci_modern.c
+++ b/drivers/virtio/virtio_pci_modern.c
@@ -486,9 +486,14 @@ static const struct virtio_config_ops
virtio_pci_config_ops = {
 static inline int virtio_pci_find_capability(struct pci_dev *dev, u8
cfg_type,
 u32 ioresource_types, int
*bars)
 {
-   int pos;
+   int pos = 0;// = pci_find_capability(dev, PCI_CAP_ID_VNDR);

-   for (pos = pci_find_capability(dev, PCI_CAP_ID_VNDR);
+   while (!pos) {
+   pr_err("___K___ (%u) %s %u: FIND a cap\n",
smp_processor_id(), __func__, __LINE__);
+   pos = pci_find_capability(dev, PCI_CAP_ID_VNDR);
+   pr_err("___K___ (%u) %s %u: cap is at %d\n",
smp_processor_id(), __func__, __LINE__, pos);
+   }
+   for (;
 pos > 0;
 pos = pci_find_next_capability(dev, pos, PCI_CAP_ID_VNDR)) {
u8 type, bar;


-- 
Alexey



[PATCH v3 4/4] ast2600: Configure CNTFRQ at 1125MHz

2019-12-12 Thread Andrew Jeffery
This matches the configuration set by u-boot on the AST2600.

Signed-off-by: Andrew Jeffery 
Reviewed-by: Richard Henderson 
Reviewed-by: Cédric Le Goater 
Reviewed-by: Philippe Mathieu-Daudé 
---
 hw/arm/aspeed_ast2600.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/arm/aspeed_ast2600.c b/hw/arm/aspeed_ast2600.c
index 931887ac681f..5aecc3b3caec 100644
--- a/hw/arm/aspeed_ast2600.c
+++ b/hw/arm/aspeed_ast2600.c
@@ -259,6 +259,9 @@ static void aspeed_soc_ast2600_realize(DeviceState *dev, 
Error **errp)
 object_property_set_int(OBJECT(&s->cpu[i]), aspeed_calc_affinity(i),
 "mp-affinity", &error_abort);
 
+object_property_set_int(OBJECT(&s->cpu[i]), 112500, "cntfrq",
+&error_abort);
+
 /*
  * TODO: the secondary CPUs are started and a boot helper
  * is needed when using -kernel
-- 
git-series 0.9.1



Re: [PATCH v2 ppc-for-5.0 2/2] ppc/spapr: Support reboot of secure pseries guest

2019-12-12 Thread David Gibson

65;5803;1cOn Fri, Dec 13, 2019 at 09:34:38AM +0530, Bharata B Rao wrote:
> On Thu, Dec 12, 2019 at 01:27:23PM +0100, Greg Kurz wrote:
> > > diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> > > index f11422fc41..25e1a3446e 100644
> > > --- a/hw/ppc/spapr.c
> > > +++ b/hw/ppc/spapr.c
> > > @@ -1597,6 +1597,21 @@ static void spapr_machine_reset(MachineState 
> > > *machine)
> > >  void *fdt;
> > >  int rc;
> > >  
> > > +/*
> > > + * KVM_PPC_SVM_OFF ioctl can fail for secure guests, check and
> > > + * exit in that case. However check for -ENOTTY explicitly
> > > + * to ensure that we don't terminate normal guests that are
> > > + * running on kernels which don't support this ioctl.
> > > + *
> > > + * Also, this ioctl returns 0 for normal guests on kernels where
> > > + * this ioctl is supported.
> > > + */
> > > +rc = kvmppc_svm_off();
> > > +if (rc && rc != -ENOTTY) {
> > 
> > This ioctl can also return -EINVAL if the ultravisor actually failed to move
> > the guest back to non-secure mode or -EBUSY if a vCPU is still running. I
> > agree that the former deserve the VM to be terminated. What about the 
> > latter ?
> > Can this happen and if yes, why ? Should we try again as suggested by 
> > Alexey ?
> > Could this reveal a bug in QEMU, in which case we should maybe abort ?
> 
> We are in machine reset path, so all vcpus are already paused. So we don't
> expect any vcpus to be running to handle -EBUSY here. Neither do I see any
> sane recovery path from here.

Right.  Because this path should only happen in the case of qemu (or
kernel) error, abort() would also be appropriate.  However, it's not
worth making that a separate case from the other fatal errors.

> 
> As Alexey mentioned earlier, may be we can just stop the VM?
> Do vm_stop() with RUN_STATE_PAUSED or some such reason?
> 
> Regards,
> Bharata.
> 

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature


Re: [PATCH v2 ppc-for-5.0 2/2] ppc/spapr: Support reboot of secure pseries guest

2019-12-12 Thread David Gibson
On Thu, Dec 12, 2019 at 08:34:57AM +0100, Cédric Le Goater wrote:
> Hello Bharata,
> 
> 
> On 12/12/2019 06:50, Bharata B Rao wrote:
> > A pseries guest can be run as a secure guest on Ultravisor-enabled
> > POWER platforms. When such a secure guest is reset, we need to
> > release/reset a few resources both on ultravisor and hypervisor side.
> > This is achieved by invoking this new ioctl KVM_PPC_SVM_OFF from the
> > machine reset path.
> > 
> > As part of this ioctl, the secure guest is essentially transitioned
> > back to normal mode so that it can reboot like a regular guest and
> > become secure again.
> > 
> > This ioctl has no effect when invoked for a normal guest. If this ioctl
> > fails for a secure guest, the guest is terminated.
> 
> This looks OK. 
> 
> > Signed-off-by: Bharata B Rao 
> > ---
> >  hw/ppc/spapr.c   | 15 +++
> >  target/ppc/kvm.c |  7 +++
> >  target/ppc/kvm_ppc.h |  6 ++
> >  3 files changed, 28 insertions(+)
> > 
> > diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> > index f11422fc41..25e1a3446e 100644
> > --- a/hw/ppc/spapr.c
> > +++ b/hw/ppc/spapr.c
> > @@ -1597,6 +1597,21 @@ static void spapr_machine_reset(MachineState 
> > *machine)
> >  void *fdt;
> >  int rc;
> >  
> > +/*
> > + * KVM_PPC_SVM_OFF ioctl can fail for secure guests, check and
> > + * exit in that case. However check for -ENOTTY explicitly
> > + * to ensure that we don't terminate normal guests that are
> > + * running on kernels which don't support this ioctl.
> > + *
> > + * Also, this ioctl returns 0 for normal guests on kernels where
> > + * this ioctl is supported.
> > + */
> > +rc = kvmppc_svm_off();
> > +if (rc && rc != -ENOTTY) {
> 
> I would put these low level tests under kvmppc_svm_off().
> 
> > +error_report("Reset of secure guest failed, exiting...");
> > +exit(EXIT_FAILURE);
> 
> The exit() could probably go under kvmppc_svm_off() also.

TBH, I don't think these details matter all that much.

But if I had to pick a preferred option here it would be:

int kvmppc_svm_off(Error **errp)

Which would set the errp with error_setg_errno() except in the case of
ENOTTY.  spapr_machine_reset() would call it with &error_fatal.  That
puts the analysis of whether the error is expected into
kvmppc_svm_off() - which is best equipped to know that, but the choice
of what to do about it (fail fatally) in the reset caller.

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature


[PATCH v3 3/4] target/arm: Prepare generic timer for per-platform CNTFRQ

2019-12-12 Thread Andrew Jeffery
The ASPEED AST2600 clocks the generic timer at the rate of HPLL. On
recent firmwares this is at 1125MHz, which is considerably quicker than
the assumed 62.5MHz of the current generic timer implementation. The
delta between the value as read from CNTFRQ and the true rate of the
underlying QEMUTimer leads to sticky behaviour in AST2600 guests.

Add a feature-gated property exposing CNTFRQ for ARM CPUs providing the
generic timer. This allows platforms to configure CNTFRQ (and the
associated QEMUTimer) to the appropriate frequency prior to starting the
guest.

As the platform can now determine the rate of CNTFRQ we're exposed to
limitations of QEMUTimer that didn't previously materialise: In the
course of emulation we need to arbitrarily and accurately convert
between guest ticks and time, but we're constrained by QEMUTimer's use
of an integer scaling factor. The effect is QEMUTimer cannot exactly
capture the period of frequencies that do not cleanly divide
NANOSECONDS_PER_SECOND for scaling ticks to time. As such, provide an
equally inaccurate scaling factor for scaling time to ticks so at least
a self-consistent inverse relationship holds.

Signed-off-by: Andrew Jeffery 
Reviewed-by: Richard Henderson 
---
v3:
* Relocate comment as a consequence of uninlining gt_cntfrq_period_ns() in 2/4.
Philippe - I haven't moved it to the previous patch based on my reasoning on
the list. I'm not sure whether you're satisfied by that, so I haven't added
your Reviewed-by tag.

 target/arm/cpu.c| 61 ++
 target/arm/helper.c |  9 ++-
 2 files changed, 59 insertions(+), 11 deletions(-)

diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index cd0dbe005d9f..7b21eb544eae 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -974,10 +974,12 @@ static void arm_cpu_initfn(Object *obj)
 if (tcg_enabled()) {
 cpu->psci_version = 2; /* TCG implements PSCI 0.2 */
 }
-
-cpu->gt_cntfrq_hz = NANOSECONDS_PER_SECOND / GTIMER_SCALE;
 }
 
+static Property arm_cpu_gt_cntfrq_property =
+DEFINE_PROP_UINT64("cntfrq", ARMCPU, gt_cntfrq_hz,
+   NANOSECONDS_PER_SECOND / GTIMER_SCALE);
+
 static Property arm_cpu_reset_cbar_property =
 DEFINE_PROP_UINT64("reset-cbar", ARMCPU, reset_cbar, 0);
 
@@ -1059,6 +1061,24 @@ static void arm_set_init_svtor(Object *obj, Visitor *v, 
const char *name,
 
 unsigned int gt_cntfrq_period_ns(ARMCPU *cpu)
 {
+/*
+ * The exact approach to calculating guest ticks is:
+ *
+ * muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), cpu->gt_cntfrq_hz,
+ *  NANOSECONDS_PER_SECOND);
+ *
+ * We don't do that. Rather we intentionally use integer division
+ * truncation below and in the caller for the conversion of host monotonic
+ * time to guest ticks to provide the exact inverse for the semantics of
+ * the QEMUTimer scale factor. QEMUTimer's scale facter is an integer, so
+ * it loses precision when representing frequencies where
+ * `(NANOSECONDS_PER_SECOND % cpu->gt_cntfrq) > 0` holds. Failing to
+ * provide an exact inverse leads to scheduling timers with negative
+ * periods, which in turn leads to sticky behaviour in the guest.
+ *
+ * Finally, CNTFRQ is effectively capped at 1GHz to ensure our scale factor
+ * cannot become zero.
+ */
 return NANOSECONDS_PER_SECOND > cpu->gt_cntfrq_hz ?
   NANOSECONDS_PER_SECOND / cpu->gt_cntfrq_hz : 1;
 }
@@ -1180,6 +1200,11 @@ void arm_cpu_post_init(Object *obj)
 
 qdev_property_add_static(DEVICE(obj), &arm_cpu_cfgend_property,
  &error_abort);
+
+if (arm_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER)) {
+qdev_property_add_static(DEVICE(cpu), &arm_cpu_gt_cntfrq_property,
+ &error_abort);
+}
 }
 
 static void arm_cpu_finalizefn(Object *obj)
@@ -1259,14 +1284,30 @@ static void arm_cpu_realizefn(DeviceState *dev, Error 
**errp)
 }
 }
 
-cpu->gt_timer[GTIMER_PHYS] = timer_new(QEMU_CLOCK_VIRTUAL, GTIMER_SCALE,
-   arm_gt_ptimer_cb, cpu);
-cpu->gt_timer[GTIMER_VIRT] = timer_new(QEMU_CLOCK_VIRTUAL, GTIMER_SCALE,
-   arm_gt_vtimer_cb, cpu);
-cpu->gt_timer[GTIMER_HYP] = timer_new(QEMU_CLOCK_VIRTUAL, GTIMER_SCALE,
-  arm_gt_htimer_cb, cpu);
-cpu->gt_timer[GTIMER_SEC] = timer_new(QEMU_CLOCK_VIRTUAL, GTIMER_SCALE,
-  arm_gt_stimer_cb, cpu);
+
+{
+uint64_t scale;
+
+if (arm_feature(env, ARM_FEATURE_GENERIC_TIMER)) {
+if (!cpu->gt_cntfrq_hz) {
+error_setg(errp, "Invalid CNTFRQ: %"PRId64"Hz",
+   cpu->gt_cntfrq_hz);
+return;
+}
+scale = gt_cntfrq_period_ns(cpu);
+} else {
+scale = GTIMER_SCALE;
+   

[PATCH v3 1/4] target/arm: Remove redundant scaling of nexttick

2019-12-12 Thread Andrew Jeffery
The corner-case codepath was adjusting nexttick such that overflow
wouldn't occur when timer_mod() scaled the value back up. Remove a use
of GTIMER_SCALE and avoid unnecessary operations by calling
timer_mod_ns() directly.

Signed-off-by: Andrew Jeffery 
Reviewed-by: Richard Henderson 
Reviewed-by: Cédric Le Goater 
---
 target/arm/helper.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index a089fb5a6909..65c4441a3896 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -2446,9 +2446,10 @@ static void gt_recalc_timer(ARMCPU *cpu, int timeridx)
  * timer expires we will reset the timer for any remaining period.
  */
 if (nexttick > INT64_MAX / GTIMER_SCALE) {
-nexttick = INT64_MAX / GTIMER_SCALE;
+timer_mod_ns(cpu->gt_timer[timeridx], INT64_MAX);
+} else {
+timer_mod(cpu->gt_timer[timeridx], nexttick);
 }
-timer_mod(cpu->gt_timer[timeridx], nexttick);
 trace_arm_gt_recalc(timeridx, irqstate, nexttick);
 } else {
 /* Timer disabled: ISTATUS and timer output always clear */
-- 
git-series 0.9.1



[PATCH v3 0/4] Expose GT CNTFRQ as a CPU property to support AST2600

2019-12-12 Thread Andrew Jeffery
Hello,

This is a v3 of the belated follow-up from a few of my earlier attempts to fix
up the ARM generic timer for correct behaviour on the ASPEED AST2600 SoC. The
AST2600 clocks the generic timer at the rate of HPLL, which is configured to
1125MHz.  This is significantly quicker than the currently hard-coded generic
timer rate of 62.5MHz and so we see "sticky" behaviour in the guest.

v2 can be found here:

https://patchwork.ozlabs.org/cover/1203474/

Changes since v2:

* Address some minor review comments from Philippe and add tags

Changes since v1:

* Fix a user mode build failure from partial renaming of gt_cntfrq_period_ns()
* Add tags from Cedric and Richard

Please review.

Andrew

Andrew Jeffery (4):
  target/arm: Remove redundant scaling of nexttick
  target/arm: Abstract the generic timer frequency
  target/arm: Prepare generic timer for per-platform CNTFRQ
  ast2600: Configure CNTFRQ at 1125MHz

 hw/arm/aspeed_ast2600.c |  3 ++-
 target/arm/cpu.c| 65 --
 target/arm/cpu.h|  5 +++-
 target/arm/helper.c | 24 
 4 files changed, 83 insertions(+), 14 deletions(-)

base-commit: 04c9c81b8fa2ee33f59a26265700fae6fc646062
-- 
git-series 0.9.1



[PATCH v3 2/4] target/arm: Abstract the generic timer frequency

2019-12-12 Thread Andrew Jeffery
Prepare for SoCs such as the ASPEED AST2600 whose firmware configures
CNTFRQ to values significantly larger than the static 62.5MHz value
currently derived from GTIMER_SCALE. As the OS potentially derives its
timer periods from the CNTFRQ value the lack of support for running
QEMUTimers at the appropriate rate leads to sticky behaviour in the
guest.

Substitute the GTIMER_SCALE constant with use of a helper to derive the
period from gt_cntfrq_hz stored in struct ARMCPU. Initially set
gt_cntfrq_hz to the frequency associated with GTIMER_SCALE so current
behaviour is maintained.

Signed-off-by: Andrew Jeffery 
Reviewed-by: Richard Henderson 
Reviewed-by: Philippe Mathieu-Daudé 
---

v3:
* Uninline gt_cntfrq_period_ns()
* Rename gt_cntfrq to gt_cntfrq_hz

 target/arm/cpu.c|  8 
 target/arm/cpu.h|  5 +
 target/arm/helper.c | 10 +++---
 3 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 7a4ac9339bf9..cd0dbe005d9f 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -974,6 +974,8 @@ static void arm_cpu_initfn(Object *obj)
 if (tcg_enabled()) {
 cpu->psci_version = 2; /* TCG implements PSCI 0.2 */
 }
+
+cpu->gt_cntfrq_hz = NANOSECONDS_PER_SECOND / GTIMER_SCALE;
 }
 
 static Property arm_cpu_reset_cbar_property =
@@ -1055,6 +1057,12 @@ static void arm_set_init_svtor(Object *obj, Visitor *v, 
const char *name,
 visit_type_uint32(v, name, &cpu->init_svtor, errp);
 }
 
+unsigned int gt_cntfrq_period_ns(ARMCPU *cpu)
+{
+return NANOSECONDS_PER_SECOND > cpu->gt_cntfrq_hz ?
+  NANOSECONDS_PER_SECOND / cpu->gt_cntfrq_hz : 1;
+}
+
 void arm_cpu_post_init(Object *obj)
 {
 ARMCPU *cpu = ARM_CPU(obj);
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 83a809d4bac4..ff17ec0df545 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -932,8 +932,13 @@ struct ARMCPU {
  */
 DECLARE_BITMAP(sve_vq_map, ARM_MAX_VQ);
 DECLARE_BITMAP(sve_vq_init, ARM_MAX_VQ);
+
+/* Generic timer counter frequency, in Hz */
+uint64_t gt_cntfrq_hz;
 };
 
+unsigned int gt_cntfrq_period_ns(ARMCPU *cpu);
+
 void arm_cpu_post_init(Object *obj);
 
 uint64_t arm_cpu_mp_affinity(int idx, uint8_t clustersz);
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 65c4441a3896..2622a9a8d02f 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -2409,7 +2409,9 @@ static CPAccessResult gt_stimer_access(CPUARMState *env,
 
 static uint64_t gt_get_countervalue(CPUARMState *env)
 {
-return qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / GTIMER_SCALE;
+ARMCPU *cpu = env_archcpu(env);
+
+return qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / gt_cntfrq_period_ns(cpu);
 }
 
 static void gt_recalc_timer(ARMCPU *cpu, int timeridx)
@@ -2445,7 +2447,7 @@ static void gt_recalc_timer(ARMCPU *cpu, int timeridx)
  * set the timer for as far in the future as possible. When the
  * timer expires we will reset the timer for any remaining period.
  */
-if (nexttick > INT64_MAX / GTIMER_SCALE) {
+if (nexttick > INT64_MAX / gt_cntfrq_period_ns(cpu)) {
 timer_mod_ns(cpu->gt_timer[timeridx], INT64_MAX);
 } else {
 timer_mod(cpu->gt_timer[timeridx], nexttick);
@@ -2874,11 +2876,13 @@ static const ARMCPRegInfo generic_timer_cp_reginfo[] = {
 
 static uint64_t gt_virt_cnt_read(CPUARMState *env, const ARMCPRegInfo *ri)
 {
+ARMCPU *cpu = env_archcpu(env);
+
 /* Currently we have no support for QEMUTimer in linux-user so we
  * can't call gt_get_countervalue(env), instead we directly
  * call the lower level functions.
  */
-return cpu_get_clock() / GTIMER_SCALE;
+return cpu_get_clock() / gt_cntfrq_period_ns(cpu);
 }
 
 static const ARMCPRegInfo generic_timer_cp_reginfo[] = {
-- 
git-series 0.9.1



Re: [PATCH v5 1/5] tpm_spapr: Support TPM for ppc64 using CRQ based interface

2019-12-12 Thread David Gibson
On Thu, Dec 12, 2019 at 03:24:26PM -0500, Stefan Berger wrote:
> Implement support for TPM on ppc64 by implementing the vTPM CRQ interface
> as a frontend. It can use the tpm_emulator driver backend with the external
> swtpm.
> 
> The Linux vTPM driver for ppc64 works with this emulation.
> 
> This TPM emulator also handles the TPM 2 case.
> 
> Signed-off-by: Stefan Berger 
> Reviewed-by: David Gibson 
> 
> diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig
> index 4c8ee87d67..66a570aac1 100644
> --- a/hw/tpm/Kconfig
> +++ b/hw/tpm/Kconfig
> @@ -22,3 +22,9 @@ config TPM_EMULATOR
>  bool
>  default y
>  depends on TPMDEV
> +
> +config TPM_SPAPR
> +bool
> +default n
> +select TPMDEV
> +depends on PSERIES
> diff --git a/hw/tpm/Makefile.objs b/hw/tpm/Makefile.objs
> index de0b85d02a..85eb99ae05 100644
> --- a/hw/tpm/Makefile.objs
> +++ b/hw/tpm/Makefile.objs
> @@ -4,3 +4,4 @@ common-obj-$(CONFIG_TPM_TIS) += tpm_tis.o
>  common-obj-$(CONFIG_TPM_CRB) += tpm_crb.o
>  common-obj-$(CONFIG_TPM_PASSTHROUGH) += tpm_passthrough.o
>  common-obj-$(CONFIG_TPM_EMULATOR) += tpm_emulator.o
> +obj-$(CONFIG_TPM_SPAPR) += tpm_spapr.o
> diff --git a/hw/tpm/tpm_spapr.c b/hw/tpm/tpm_spapr.c
> new file mode 100644
> index 00..c4a67e2403
> --- /dev/null
> +++ b/hw/tpm/tpm_spapr.c
> @@ -0,0 +1,405 @@
> +/*
> + * QEMU PowerPC pSeries Logical Partition (aka sPAPR) hardware System 
> Emulator
> + *
> + * PAPR Virtual TPM
> + *
> + * Copyright (c) 2015, 2017 IBM Corporation.
> + *
> + * Authors:
> + *Stefan Berger 
> + *
> + * This code is licensed under the GPL version 2 or later. See the
> + * COPYING file in the top-level directory.
> + *
> + */
> +
> +#include "qemu/osdep.h"
> +#include "qemu/error-report.h"
> +#include "qapi/error.h"
> +#include "hw/qdev-properties.h"
> +#include "migration/vmstate.h"
> +
> +#include "sysemu/tpm_backend.h"
> +#include "tpm_int.h"
> +#include "tpm_util.h"
> +
> +#include "hw/ppc/spapr.h"
> +#include "hw/ppc/spapr_vio.h"
> +#include "trace.h"
> +
> +#define DEBUG_SPAPR 0
> +
> +#define VIO_SPAPR_VTPM(obj) \
> + OBJECT_CHECK(SPAPRvTPMState, (obj), TYPE_TPM_SPAPR)
> +
> +typedef struct VioCRQ {

How does this structure relate to the existing SpaprVioCrq?

Also we're now avoiding exceptions to StudlyCaps, because it causes
more confusion even if it is to match other capitalization
conventions.  So, I'd suggest 'VioCrq', 'TpmSpaprCrq' etc.

> +uint8_t valid;  /* 0x80: cmd; 0xc0: init crq */
> +/* 0x81-0x83: CRQ message response */
> +uint8_t msg;/* see below */
> +uint16_t len;   /* len of TPM request; len of TPM response */
> +uint32_t data;  /* rtce_dma_handle when sending TPM request */
> +uint64_t reserved;
> +} VioCRQ;
> +
> +typedef union TPMSpaprCRQ {
> +VioCRQ s;
> +uint8_t raw[sizeof(VioCRQ)];
> +} TPMSpaprCRQ;

A union just to get raw bytes seems a really weird thing to do (as
opposed to just casting to (char *))

> +
> +#define SPAPR_VTPM_VALID_INIT_CRQ_COMMAND  0xC0
> +#define SPAPR_VTPM_VALID_COMMAND   0x80
> +#define SPAPR_VTPM_MSG_RESULT  0x80
> +
> +/* msg types for valid = SPAPR_VTPM_VALID_INIT_CRQ */
> +#define SPAPR_VTPM_INIT_CRQ_RESULT   0x1
> +#define SPAPR_VTPM_INIT_CRQ_COMPLETE_RESULT  0x2
> +
> +/* msg types for valid = SPAPR_VTPM_VALID_CMD */
> +#define SPAPR_VTPM_GET_VERSION   0x1
> +#define SPAPR_VTPM_TPM_COMMAND   0x2
> +#define SPAPR_VTPM_GET_RTCE_BUFFER_SIZE  0x3
> +#define SPAPR_VTPM_PREPARE_TO_SUSPEND0x4
> +
> +/* response error messages */
> +#define SPAPR_VTPM_VTPM_ERROR0xff
> +
> +/* error codes */
> +#define SPAPR_VTPM_ERR_COPY_IN_FAILED0x3
> +#define SPAPR_VTPM_ERR_COPY_OUT_FAILED   0x4
> +
> +#define MAX_BUFFER_SIZE TARGET_PAGE_SIZE
> +
> +typedef struct {
> +SpaprVioDevice vdev;
> +
> +TPMSpaprCRQ crq; /* track single TPM command */
> +
> +uint8_t state;
> +#define SPAPR_VTPM_STATE_NONE 0
> +#define SPAPR_VTPM_STATE_EXECUTION1
> +#define SPAPR_VTPM_STATE_COMPLETION   2

I see this field written, but never read.  What's up with that?

> +
> +unsigned char buffer[MAX_BUFFER_SIZE];
> +
> +TPMBackendCmd cmd;
> +
> +TPMBackend *be_driver;
> +TPMVersion be_tpm_version;
> +
> +size_t be_buffer_size;
> +} SPAPRvTPMState;

SpaprVtpmState

Or just SpaprTpmState, since we use just "tpm spapr" rather than
"vtpm" in plenty of other places.

> +
> +static void tpm_spapr_show_buffer(const unsigned char *buffer,
> +  size_t buffer_size, const char *string)
> +{
> +size_t len, i;
> +char *line_buffer, *p;
> +
> +len = MIN(tpm_cmd_get_size(buffer), buffer_size);
> +
> +/*
> + * allocate enough room for 3 chars per buffer entry plus a
> + * newline after every 16 chars and a final null terminator.
> + */
> +line_buffer = g_malloc(len * 3 + (len / 16) + 1);

You can use g_strdup_printf() / g_string_app

Re: [RFC PATCH v2 1/5] hw: add compat machines for 5.0

2019-12-12 Thread David Gibson
On Thu, Dec 12, 2019 at 06:33:16PM +0100, Andrew Jones wrote:
> Add 5.0 machine types for arm/i440fx/q35/s390x/spapr.
> 
> Signed-off-by: Andrew Jones 

ppc parts
Acked-by: David Gibson 

> 
> ---
> 
> Hi Eduardo,
> 
> If we need to do something special for i440fx and q35, as
> 9aec2e52ce9d ("hw: add compat machines for 4.2") implies, then
> I'll need guidance as to what.
> ---
>  hw/arm/virt.c  |  9 -
>  hw/core/machine.c  |  3 +++
>  hw/i386/pc.c   |  3 +++
>  hw/i386/pc_piix.c  | 14 +-
>  hw/i386/pc_q35.c   | 13 -
>  hw/ppc/spapr.c | 15 +--
>  hw/s390x/s390-virtio-ccw.c | 15 ++-
>  include/hw/boards.h|  3 +++
>  include/hw/i386/pc.h   |  3 +++
>  9 files changed, 72 insertions(+), 6 deletions(-)
> 
> diff --git a/hw/arm/virt.c b/hw/arm/virt.c
> index d4bedc260712..cb7041e9677a 100644
> --- a/hw/arm/virt.c
> +++ b/hw/arm/virt.c
> @@ -2147,10 +2147,17 @@ static void machvirt_machine_init(void)
>  }
>  type_init(machvirt_machine_init);
>  
> +static void virt_machine_5_0_options(MachineClass *mc)
> +{
> +}
> +DEFINE_VIRT_MACHINE_AS_LATEST(5, 0)
> +
>  static void virt_machine_4_2_options(MachineClass *mc)
>  {
> +virt_machine_5_0_options(mc);
> +compat_props_add(mc->compat_props, hw_compat_4_2, hw_compat_4_2_len);
>  }
> -DEFINE_VIRT_MACHINE_AS_LATEST(4, 2)
> +DEFINE_VIRT_MACHINE(4, 2)
>  
>  static void virt_machine_4_1_options(MachineClass *mc)
>  {
> diff --git a/hw/core/machine.c b/hw/core/machine.c
> index 1689ad3bf8af..21fe2d974817 100644
> --- a/hw/core/machine.c
> +++ b/hw/core/machine.c
> @@ -27,6 +27,9 @@
>  #include "hw/pci/pci.h"
>  #include "hw/mem/nvdimm.h"
>  
> +GlobalProperty hw_compat_4_2[] = {};
> +const size_t hw_compat_4_2_len = G_N_ELEMENTS(hw_compat_4_2);
> +
>  GlobalProperty hw_compat_4_1[] = {
>  { "virtio-pci", "x-pcie-flr-init", "off" },
>  };
> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> index ac08e6360437..58867f987d88 100644
> --- a/hw/i386/pc.c
> +++ b/hw/i386/pc.c
> @@ -103,6 +103,9 @@
>  
>  struct hpet_fw_config hpet_cfg = {.count = UINT8_MAX};
>  
> +GlobalProperty pc_compat_4_2[] = {};
> +const size_t pc_compat_4_2_len = G_N_ELEMENTS(pc_compat_4_2);
> +
>  GlobalProperty pc_compat_4_1[] = {};
>  const size_t pc_compat_4_1_len = G_N_ELEMENTS(pc_compat_4_1);
>  
> diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
> index 1bd70d1abbc4..aa2c6147a7ea 100644
> --- a/hw/i386/pc_piix.c
> +++ b/hw/i386/pc_piix.c
> @@ -424,7 +424,7 @@ static void pc_i440fx_machine_options(MachineClass *m)
>  machine_class_allow_dynamic_sysbus_dev(m, TYPE_RAMFB_DEVICE);
>  }
>  
> -static void pc_i440fx_4_2_machine_options(MachineClass *m)
> +static void pc_i440fx_5_0_machine_options(MachineClass *m)
>  {
>  PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
>  pc_i440fx_machine_options(m);
> @@ -433,6 +433,18 @@ static void pc_i440fx_4_2_machine_options(MachineClass 
> *m)
>  pcmc->default_cpu_version = 1;
>  }
>  
> +DEFINE_I440FX_MACHINE(v5_0, "pc-i440fx-5.0", NULL,
> +  pc_i440fx_5_0_machine_options)
> +
> +static void pc_i440fx_4_2_machine_options(MachineClass *m)
> +{
> +pc_i440fx_5_0_machine_options(m);
> +m->alias = NULL;
> +m->is_default = 0;
> +compat_props_add(m->compat_props, hw_compat_4_2, hw_compat_4_2_len);
> +compat_props_add(m->compat_props, pc_compat_4_2, pc_compat_4_2_len);
> +}
> +
>  DEFINE_I440FX_MACHINE(v4_2, "pc-i440fx-4.2", NULL,
>pc_i440fx_4_2_machine_options);
>  
> diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
> index 385e5cffb167..ddd485d608c0 100644
> --- a/hw/i386/pc_q35.c
> +++ b/hw/i386/pc_q35.c
> @@ -348,7 +348,7 @@ static void pc_q35_machine_options(MachineClass *m)
>  m->max_cpus = 288;
>  }
>  
> -static void pc_q35_4_2_machine_options(MachineClass *m)
> +static void pc_q35_5_0_machine_options(MachineClass *m)
>  {
>  PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
>  pc_q35_machine_options(m);
> @@ -356,6 +356,17 @@ static void pc_q35_4_2_machine_options(MachineClass *m)
>  pcmc->default_cpu_version = 1;
>  }
>  
> +DEFINE_Q35_MACHINE(v5_0, "pc-q35-5.0", NULL,
> +   pc_q35_5_0_machine_options);
> +
> +static void pc_q35_4_2_machine_options(MachineClass *m)
> +{
> +pc_q35_5_0_machine_options(m);
> +m->alias = NULL;
> +compat_props_add(m->compat_props, hw_compat_4_2, hw_compat_4_2_len);
> +compat_props_add(m->compat_props, pc_compat_4_2, pc_compat_4_2_len);
> +}
> +
>  DEFINE_Q35_MACHINE(v4_2, "pc-q35-4.2", NULL,
> pc_q35_4_2_machine_options);
>  
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index e076f6023c73..3ae7db156303 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -4491,15 +4491,26 @@ static const TypeInfo spapr_machine_info = {
>  }\
>  type_init(spapr_machine_register_##suffix)
>  
> +/*
> + * 

Re: [PATCH v5 3/5] tpm_spapr: Support suspend and resume

2019-12-12 Thread David Gibson
On Thu, Dec 12, 2019 at 03:24:28PM -0500, Stefan Berger wrote:
> Extend the tpm_spapr frontend with VM suspend and resume support.
> 
> Signed-off-by: Stefan Berger 
> 
> diff --git a/hw/tpm/tpm_spapr.c b/hw/tpm/tpm_spapr.c
> index c4a67e2403..8f5a142bd4 100644
> --- a/hw/tpm/tpm_spapr.c
> +++ b/hw/tpm/tpm_spapr.c
> @@ -87,6 +87,8 @@ typedef struct {
>  TPMVersion be_tpm_version;
>  
>  size_t be_buffer_size;
> +
> +bool deliver_response; /* whether to deliver response after VM resume */
>  } SPAPRvTPMState;
>  
>  static void tpm_spapr_show_buffer(const unsigned char *buffer,
> @@ -256,6 +258,12 @@ static void tpm_spapr_request_completed(TPMIf *ti, int 
> ret)
>  uint32_t len;
>  int rc;
>  
> +if (runstate_check(RUN_STATE_FINISH_MIGRATE)) {

I'm trying to figure out the circumstances in which
request_completed() would get called before post_load on the
destination.

> +/* defer delivery of response until .post_load */
> +s->deliver_response |= true;

|= is a bitwise OR which is not what you want, although it will
*probably* work in practice.  Better to just use
s->deliver_response = true;

> +return;
> +}
> +
>  s->state = SPAPR_VTPM_STATE_COMPLETION;
>  
>  /* a max. of be_buffer_size bytes can be transported */
> @@ -316,6 +324,7 @@ static void tpm_spapr_reset(SpaprVioDevice *dev)
>  SPAPRvTPMState *s = VIO_SPAPR_VTPM(dev);
>  
>  s->state = SPAPR_VTPM_STATE_NONE;
> +s->deliver_response = false;
>  
>  s->be_tpm_version = tpm_backend_get_tpm_version(s->be_driver);
>  tpm_spapr_update_deviceclass(dev);
> @@ -339,9 +348,53 @@ static enum TPMVersion tpm_spapr_get_version(TPMIf *ti)
>  return tpm_backend_get_tpm_version(s->be_driver);
>  }
>  
> +/* persistent state handling */
> +
> +static int tpm_spapr_pre_save(void *opaque)
> +{
> +SPAPRvTPMState *s = opaque;
> +
> +s->deliver_response |= tpm_backend_finish_sync(s->be_driver);

Same problem here.

> +trace_tpm_spapr_pre_save(s->deliver_response);
> +/*
> + * we cannot deliver the results to the VM since DMA would touch VM 
> memory
> + */
> +
> +return 0;
> +}
> +
> +static int tpm_spapr_post_load(void *opaque, int version_id)
> +{
> +SPAPRvTPMState *s = opaque;
> +
> +if (s->deliver_response) {
> +trace_tpm_spapr_post_load();
> +/* deliver the results to the VM via DMA */
> +tpm_spapr_request_completed(TPM_IF(s), 0);
> +s->deliver_response = false;
> +}
> +
> +return 0;
> +}
> +
>  static const VMStateDescription vmstate_spapr_vtpm = {
>  .name = "tpm-spapr",
> -.unmigratable = 1,
> +.version_id = 1,
> +.minimum_version_id = 0,
> +.minimum_version_id_old = 0,
> +.pre_save = tpm_spapr_pre_save,
> +.post_load = tpm_spapr_post_load,
> +.fields = (VMStateField[]) {
> +VMSTATE_SPAPR_VIO(vdev, SPAPRvTPMState),
> +
> +VMSTATE_UINT8(state, SPAPRvTPMState),
> +VMSTATE_BUFFER(buffer, SPAPRvTPMState),

Transferring the whole 4kiB buffer unconditionally when it mostly
won't have anything useful in it doesn't seem like a great idea.

> +/* remember DMA address */
> +VMSTATE_UINT32(crq.s.data, SPAPRvTPMState),
> +VMSTATE_BOOL(deliver_response, SPAPRvTPMState),
> +VMSTATE_END_OF_LIST(),
> +}
>  };
>  
>  static Property tpm_spapr_properties[] = {
> diff --git a/hw/tpm/trace-events b/hw/tpm/trace-events
> index 6278a39618..d109661b96 100644
> --- a/hw/tpm/trace-events
> +++ b/hw/tpm/trace-events
> @@ -67,3 +67,5 @@ tpm_spapr_do_crq_get_version(uint32_t version) "response: 
> version %u"
>  tpm_spapr_do_crq_prepare_to_suspend(void) "response: preparing to suspend"
>  tpm_spapr_do_crq_unknown_msg_type(uint8_t type) "Unknown message type 0x%02x"
>  tpm_spapr_do_crq_unknown_crq(uint8_t raw1, uint8_t raw2) "unknown CRQ 0x%02x 
> 0x%02x ..."
> +tpm_spapr_pre_save(bool v) "TPM response to deliver after resume: %d"
> +tpm_spapr_post_load(void) "Delivering TPM response after resume"

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature


[PATCH v2 0/2] hw/arm: ast2600: Wire up eMMC controller

2019-12-12 Thread Andrew Jeffery
Hello,

The AST2600 has an additional SDHCI intended for use as an eMMC boot source.
These two patches rework the existing ASPEED SDHCI model to accommodate the
single-slot nature of the eMMC controller and wire it into the AST2600 SoC.

v2 contains some minor refactorings in response to issues pointed out by
Cedric.

v1 can be found here:

https://patchwork.ozlabs.org/cover/1206845/

Please review!

Andrew

Andrew Jeffery (2):
  hw/sd: Configure number of slots exposed by the ASPEED SDHCI model
  hw/arm: ast2600: Wire up the eMMC controller

 hw/arm/aspeed.c  | 27 +--
 hw/arm/aspeed_ast2600.c  | 23 +++
 hw/arm/aspeed_soc.c  |  2 ++
 hw/sd/aspeed_sdhci.c | 11 +--
 include/hw/arm/aspeed_soc.h  |  2 ++
 include/hw/sd/aspeed_sdhci.h |  1 +
 6 files changed, 54 insertions(+), 12 deletions(-)

base-commit: 6a4ef4e5d1084ce41fafa7d470a644b0fd3d9317
-- 
git-series 0.9.1



[PATCH v2 2/2] hw/arm: ast2600: Wire up the eMMC controller

2019-12-12 Thread Andrew Jeffery
Initialise another SDHCI model instance for the AST2600's eMMC
controller and use the SDHCI's num_slots value introduced previously to
determine whether we should create an SD card instance for the new slot.

Signed-off-by: Andrew Jeffery 
---

v2:
* Extract instantiation of SD cards to helper function

 hw/arm/aspeed.c | 25 -
 hw/arm/aspeed_ast2600.c | 21 +
 include/hw/arm/aspeed_soc.h |  2 ++
 3 files changed, 39 insertions(+), 9 deletions(-)

diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c
index 862549b1f3a9..87baac0ea46c 100644
--- a/hw/arm/aspeed.c
+++ b/hw/arm/aspeed.c
@@ -167,6 +167,18 @@ static void aspeed_board_init_flashes(AspeedSMCState *s, 
const char *flashtype,
 }
 }
 
+static void sdhci_attach_drive(SDHCIState *sdhci, DriveInfo *dinfo)
+{
+BlockBackend *blk;
+DeviceState *card;
+
+blk = dinfo ? blk_by_legacy_dinfo(dinfo) : NULL;
+card = qdev_create(qdev_get_child_bus(DEVICE(sdhci), "sd-bus"),
+   TYPE_SD_CARD);
+qdev_prop_set_drive(card, "drive", blk, &error_fatal);
+object_property_set_bool(OBJECT(card), true, "realized", &error_fatal);
+}
+
 static void aspeed_board_init(MachineState *machine,
   const AspeedBoardConfig *cfg)
 {
@@ -260,16 +272,11 @@ static void aspeed_board_init(MachineState *machine,
 }
 
 for (i = 0; i < bmc->soc.sdhci.num_slots; i++) {
-SDHCIState *sdhci = &bmc->soc.sdhci.slots[i];
-DriveInfo *dinfo = drive_get_next(IF_SD);
-BlockBackend *blk;
-DeviceState *card;
+sdhci_attach_drive(&bmc->soc.sdhci.slots[i], drive_get_next(IF_SD));
+}
 
-blk = dinfo ? blk_by_legacy_dinfo(dinfo) : NULL;
-card = qdev_create(qdev_get_child_bus(DEVICE(sdhci), "sd-bus"),
-   TYPE_SD_CARD);
-qdev_prop_set_drive(card, "drive", blk, &error_fatal);
-object_property_set_bool(OBJECT(card), true, "realized", &error_fatal);
+if (bmc->soc.emmc.num_slots) {
+sdhci_attach_drive(&bmc->soc.emmc.slots[0], drive_get_next(IF_SD));
 }
 
 arm_load_kernel(ARM_CPU(first_cpu), machine, &aspeed_board_binfo);
diff --git a/hw/arm/aspeed_ast2600.c b/hw/arm/aspeed_ast2600.c
index 931ee5aae183..723c8196c8a5 100644
--- a/hw/arm/aspeed_ast2600.c
+++ b/hw/arm/aspeed_ast2600.c
@@ -46,6 +46,7 @@ static const hwaddr aspeed_soc_ast2600_memmap[] = {
 [ASPEED_ADC]   = 0x1E6E9000,
 [ASPEED_VIDEO] = 0x1E70,
 [ASPEED_SDHCI] = 0x1E74,
+[ASPEED_EMMC]  = 0x1E75,
 [ASPEED_GPIO]  = 0x1E78,
 [ASPEED_GPIO_1_8V] = 0x1E780800,
 [ASPEED_RTC]   = 0x1E781000,
@@ -64,6 +65,7 @@ static const hwaddr aspeed_soc_ast2600_memmap[] = {
 
 #define ASPEED_SOC_AST2600_MAX_IRQ 128
 
+/* Shared Peripheral Interrupt values below are offset by -32 from datasheet */
 static const int aspeed_soc_ast2600_irqmap[] = {
 [ASPEED_UART1] = 47,
 [ASPEED_UART2] = 48,
@@ -77,6 +79,7 @@ static const int aspeed_soc_ast2600_irqmap[] = {
 [ASPEED_ADC]   = 78,
 [ASPEED_XDMA]  = 6,
 [ASPEED_SDHCI] = 43,
+[ASPEED_EMMC]  = 15,
 [ASPEED_GPIO]  = 40,
 [ASPEED_GPIO_1_8V] = 11,
 [ASPEED_RTC]   = 13,
@@ -215,6 +218,14 @@ static void aspeed_soc_ast2600_init(Object *obj)
 sysbus_init_child_obj(obj, "sdhci[*]", OBJECT(&s->sdhci.slots[i]),
   sizeof(s->sdhci.slots[i]), TYPE_SYSBUS_SDHCI);
 }
+
+sysbus_init_child_obj(obj, "emmc", OBJECT(&s->emmc), sizeof(s->emmc),
+  TYPE_ASPEED_SDHCI);
+
+object_property_set_int(OBJECT(&s->emmc), 1, "num-slots", &error_abort);
+
+sysbus_init_child_obj(obj, "emmc[*]", OBJECT(&s->emmc.slots[0]),
+sizeof(s->emmc.slots[0]), TYPE_SYSBUS_SDHCI);
 }
 
 /*
@@ -487,6 +498,16 @@ static void aspeed_soc_ast2600_realize(DeviceState *dev, 
Error **errp)
 sc->memmap[ASPEED_SDHCI]);
 sysbus_connect_irq(SYS_BUS_DEVICE(&s->sdhci), 0,
aspeed_soc_get_irq(s, ASPEED_SDHCI));
+
+/* eMMC */
+object_property_set_bool(OBJECT(&s->emmc), true, "realized", &err);
+if (err) {
+error_propagate(errp, err);
+return;
+}
+sysbus_mmio_map(SYS_BUS_DEVICE(&s->emmc), 0, sc->memmap[ASPEED_EMMC]);
+sysbus_connect_irq(SYS_BUS_DEVICE(&s->emmc), 0,
+   aspeed_soc_get_irq(s, ASPEED_EMMC));
 }
 
 static void aspeed_soc_ast2600_class_init(ObjectClass *oc, void *data)
diff --git a/include/hw/arm/aspeed_soc.h b/include/hw/arm/aspeed_soc.h
index 495c08be1b84..911443f4c071 100644
--- a/include/hw/arm/aspeed_soc.h
+++ b/include/hw/arm/aspeed_soc.h
@@ -56,6 +56,7 @@ typedef struct AspeedSoCState {
 AspeedGPIOState gpio;
 AspeedGPIOState gpio_1_8v;
 AspeedSDHCIState sdhci;
+AspeedSDHCIState emmc;
 } AspeedSoCState;
 
 #define TYPE_ASPEED_SOC "aspeed-soc"
@@ -125,6 +126,7 @@ e

[PATCH v2 1/2] hw/sd: Configure number of slots exposed by the ASPEED SDHCI model

2019-12-12 Thread Andrew Jeffery
The AST2600 includes a second cut-down version of the SD/MMC controller
found in the AST2500, named the eMMC controller. It's cut down in the
sense that it only supports one slot rather than two, but it brings the
total number of slots supported by the AST2600 to three.

The existing code assumed that the SD controller always provided two
slots. Rework the SDHCI object to expose the number of slots as a
property to be set by the SoC configuration.

Signed-off-by: Andrew Jeffery 
Reviewed-by: Philippe Mathieu-Daudé 
---
 hw/arm/aspeed.c  |  2 +-
 hw/arm/aspeed_ast2600.c  |  2 ++
 hw/arm/aspeed_soc.c  |  2 ++
 hw/sd/aspeed_sdhci.c | 11 +--
 include/hw/sd/aspeed_sdhci.h |  1 +
 5 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c
index 028191ff36fc..862549b1f3a9 100644
--- a/hw/arm/aspeed.c
+++ b/hw/arm/aspeed.c
@@ -259,7 +259,7 @@ static void aspeed_board_init(MachineState *machine,
 cfg->i2c_init(bmc);
 }
 
-for (i = 0; i < ARRAY_SIZE(bmc->soc.sdhci.slots); i++) {
+for (i = 0; i < bmc->soc.sdhci.num_slots; i++) {
 SDHCIState *sdhci = &bmc->soc.sdhci.slots[i];
 DriveInfo *dinfo = drive_get_next(IF_SD);
 BlockBackend *blk;
diff --git a/hw/arm/aspeed_ast2600.c b/hw/arm/aspeed_ast2600.c
index 931887ac681f..931ee5aae183 100644
--- a/hw/arm/aspeed_ast2600.c
+++ b/hw/arm/aspeed_ast2600.c
@@ -208,6 +208,8 @@ static void aspeed_soc_ast2600_init(Object *obj)
 sysbus_init_child_obj(obj, "sdc", OBJECT(&s->sdhci), sizeof(s->sdhci),
   TYPE_ASPEED_SDHCI);
 
+object_property_set_int(OBJECT(&s->sdhci), 2, "num-slots", &error_abort);
+
 /* Init sd card slot class here so that they're under the correct parent */
 for (i = 0; i < ASPEED_SDHCI_NUM_SLOTS; ++i) {
 sysbus_init_child_obj(obj, "sdhci[*]", OBJECT(&s->sdhci.slots[i]),
diff --git a/hw/arm/aspeed_soc.c b/hw/arm/aspeed_soc.c
index f4fe243458fd..c39a42f914d4 100644
--- a/hw/arm/aspeed_soc.c
+++ b/hw/arm/aspeed_soc.c
@@ -215,6 +215,8 @@ static void aspeed_soc_init(Object *obj)
 sysbus_init_child_obj(obj, "sdc", OBJECT(&s->sdhci), sizeof(s->sdhci),
   TYPE_ASPEED_SDHCI);
 
+object_property_set_int(OBJECT(&s->sdhci), 2, "num-slots", &error_abort);
+
 /* Init sd card slot class here so that they're under the correct parent */
 for (i = 0; i < ASPEED_SDHCI_NUM_SLOTS; ++i) {
 sysbus_init_child_obj(obj, "sdhci[*]", OBJECT(&s->sdhci.slots[i]),
diff --git a/hw/sd/aspeed_sdhci.c b/hw/sd/aspeed_sdhci.c
index cff3eb7dd21e..939d1510dedb 100644
--- a/hw/sd/aspeed_sdhci.c
+++ b/hw/sd/aspeed_sdhci.c
@@ -13,6 +13,7 @@
 #include "qapi/error.h"
 #include "hw/irq.h"
 #include "migration/vmstate.h"
+#include "hw/qdev-properties.h"
 
 #define ASPEED_SDHCI_INFO0x00
 #define  ASPEED_SDHCI_INFO_RESET 0x0003
@@ -120,14 +121,14 @@ static void aspeed_sdhci_realize(DeviceState *dev, Error 
**errp)
 
 /* Create input irqs for the slots */
 qdev_init_gpio_in_named_with_opaque(DEVICE(sbd), aspeed_sdhci_set_irq,
-sdhci, NULL, ASPEED_SDHCI_NUM_SLOTS);
+sdhci, NULL, sdhci->num_slots);
 
 sysbus_init_irq(sbd, &sdhci->irq);
 memory_region_init_io(&sdhci->iomem, OBJECT(sdhci), &aspeed_sdhci_ops,
   sdhci, TYPE_ASPEED_SDHCI, 0x1000);
 sysbus_init_mmio(sbd, &sdhci->iomem);
 
-for (int i = 0; i < ASPEED_SDHCI_NUM_SLOTS; ++i) {
+for (int i = 0; i < sdhci->num_slots; ++i) {
 Object *sdhci_slot = OBJECT(&sdhci->slots[i]);
 SysBusDevice *sbd_slot = SYS_BUS_DEVICE(&sdhci->slots[i]);
 
@@ -174,6 +175,11 @@ static const VMStateDescription vmstate_aspeed_sdhci = {
 },
 };
 
+static Property aspeed_sdhci_properties[] = {
+DEFINE_PROP_UINT8("num-slots", AspeedSDHCIState, num_slots, 0),
+DEFINE_PROP_END_OF_LIST(),
+};
+
 static void aspeed_sdhci_class_init(ObjectClass *classp, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(classp);
@@ -181,6 +187,7 @@ static void aspeed_sdhci_class_init(ObjectClass *classp, 
void *data)
 dc->realize = aspeed_sdhci_realize;
 dc->reset = aspeed_sdhci_reset;
 dc->vmsd = &vmstate_aspeed_sdhci;
+dc->props = aspeed_sdhci_properties;
 }
 
 static TypeInfo aspeed_sdhci_info = {
diff --git a/include/hw/sd/aspeed_sdhci.h b/include/hw/sd/aspeed_sdhci.h
index dfdab4379021..dffbb46946b9 100644
--- a/include/hw/sd/aspeed_sdhci.h
+++ b/include/hw/sd/aspeed_sdhci.h
@@ -24,6 +24,7 @@ typedef struct AspeedSDHCIState {
 SysBusDevice parent;
 
 SDHCIState slots[ASPEED_SDHCI_NUM_SLOTS];
+uint8_t num_slots;
 
 MemoryRegion iomem;
 qemu_irq irq;
-- 
git-series 0.9.1



[PATCH] linux-user:Fix align mistake when mmap guest space

2019-12-12 Thread Xinyu Li
In init_guest_space, we need to mmap guest space. If the return address
of first mmap is not aligned with align, which was set to MAX(SHMLBA,
qemu_host_page_size), we need unmap and a new mmap(space is larger than
first size). The new size is named real_size, which is aligned_size +
qemu_host_page_size. alugned_size is the guest space size. And add a
qemu_host_page_size to avoid memory error when we align real_start
manually (ROUND_UP(real_start, align)). But when SHMLBA >
qemu_host_page_size, the added size will smaller than the size to align,
which can make a mistake(in a mips machine, it appears). So change
real_size from aligned_size +qemu_host_page_size
to aligned_size + align will solve it.

Signed-off-by: Xinyu Li 
---
 linux-user/elfload.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index f6693e5760..312ded0779 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -2189,7 +2189,7 @@ unsigned long init_guest_space(unsigned long host_start,
  * to where we need to put the commpage.
  */
 munmap((void *)real_start, host_size);
-real_size = aligned_size + qemu_host_page_size;
+real_size = aligned_size + align;
 real_start = (unsigned long)
 mmap((void *)real_start, real_size, PROT_NONE, flags, -1, 0);
 if (real_start == (unsigned long)-1) {
-- 
2.17.1





Re: [PATCH v2 ppc-for-5.0 2/2] ppc/spapr: Support reboot of secure pseries guest

2019-12-12 Thread Bharata B Rao
On Thu, Dec 12, 2019 at 01:27:23PM +0100, Greg Kurz wrote:
> > diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> > index f11422fc41..25e1a3446e 100644
> > --- a/hw/ppc/spapr.c
> > +++ b/hw/ppc/spapr.c
> > @@ -1597,6 +1597,21 @@ static void spapr_machine_reset(MachineState 
> > *machine)
> >  void *fdt;
> >  int rc;
> >  
> > +/*
> > + * KVM_PPC_SVM_OFF ioctl can fail for secure guests, check and
> > + * exit in that case. However check for -ENOTTY explicitly
> > + * to ensure that we don't terminate normal guests that are
> > + * running on kernels which don't support this ioctl.
> > + *
> > + * Also, this ioctl returns 0 for normal guests on kernels where
> > + * this ioctl is supported.
> > + */
> > +rc = kvmppc_svm_off();
> > +if (rc && rc != -ENOTTY) {
> 
> This ioctl can also return -EINVAL if the ultravisor actually failed to move
> the guest back to non-secure mode or -EBUSY if a vCPU is still running. I
> agree that the former deserve the VM to be terminated. What about the latter ?
> Can this happen and if yes, why ? Should we try again as suggested by Alexey ?
> Could this reveal a bug in QEMU, in which case we should maybe abort ?

We are in machine reset path, so all vcpus are already paused. So we don't
expect any vcpus to be running to handle -EBUSY here. Neither do I see any
sane recovery path from here.

As Alexey mentioned earlier, may be we can just stop the VM?
Do vm_stop() with RUN_STATE_PAUSED or some such reason?

Regards,
Bharata.




Re: QEMU VM crashes when enabling KVM

2019-12-12 Thread David Gibson
On Thu, Dec 12, 2019 at 10:40:44AM -0600, Wayne Li wrote:
> Dear David Gibson,
> 
> I know you are under no obligation to respond, but if it's possible for you
> to find the time to respond to my question, I would be extremely grateful.
> My team at Boeing has been stuck trying to get KVM working for our project
> for the last few months.  A good explanation of why this isn't possible
> would be absolutely critical.

As you can see from that diagram, the history ppc CPUs is quite a bit
more diverse than x86.  Although they're all very similar from the
point of view of userspace code, they're quite different for
privileged kernel code: they have different MMUs, different privileged
registers amongst other things.

Because of this there are several different KVM implementations.

1) KVM HV

This one uses the virtualization facilities of BookS CPUs (present
since POWER4 / 970, but only well supported from POWER7 onwards).
Those don't allow much to virtualize the guest cpu model, so it
assumes the guest cpu is the same as the host.

So, both your guest and host CPUs rule this one out.

2) Book3E KVM

Uses the virtualization features of recent enough Freescale Book E
CPUs.  I don't know a lot about this or its limitations.  The e6500
might well have these features, but I'm pretty sure it can only
emulate BookE cpus for the guest.

So, your guest rules this one out.

3) KVM PR

This one operates by running the entire guest in user mode, and
emulating all privileged instructions.  It's slow (relative to
hardware assisted KVM models), but it's flexible.

In theory, this one can do what you want, but there are a bunch of
caveats:

  * Emulating all the privileged instructions for a whole bunch of cpu
  variants is a huge task, and KVM PR is now barely maintained.  There
  are lots of gaps in coverage.

  * I'm not sure if it was ever really implemented for BookE hosts.

  * Although there aren't many, there are a few differences between
  userland instructions between cpu variants, mostly because of new
  additions.  I think 7457 is an old enough design that this probably
  won't cause you troube, but I'm not certain.



> 
> -Thanks, Wayne Li
> 
> On Thu, Dec 12, 2019 at 1:17 AM Paolo Bonzini  wrote:
> 
> > On 12/12/19 02:59, Wayne Li wrote:
> > > We wrote a project that is created on top of the QEMU source code; it
> > > calls functions from the QEMU code.  I run the executable created by
> > > compiling that project/QEMU code.  Anyway, looking at the following
0> > > documentation:
> > >
> > > https://www.kernel.org/doc/Documentation/powerpc/cpu_families.txt
> > >
> > > It looks like the PowerPC 7457 is Book3S and the PowerPC e6500 is
> > > BookE.  Is that why you think I require a Book3S KVM?  Exactly why do
> > > you feel this way?  Also would that mean my team would need to go and
> > > buy a board with a Book3S processor?
> >
> > CCing the PPC maintainer.  There are aspects of BookE and Book3S that
> > are different and not really interchangeable in the privileged interface.
> >
> > Paolo
> >
> > > -Thanks!, Wayne Li
> > >
> > > From my understanding
> > >
> > > On Wed, Dec 11, 2019 at 7:16 PM Paolo Bonzini  > > > wrote:
> > >
> > > On 11/12/19 22:23, Wayne Li wrote:
> > > >
> > > > Now I am fairly sure KVM is actually enabled on the system.
> > Finding
> > > > that out was another story that spanned a couple of months.  But
> > long
> > > > story short, lsmod doesn't show that the KVM kernel module is
> > > running.
> > > > But that's because KVM is built-in and it can't actually be built
> > as a
> > > > loadable kernel module in this particular system.
> > > >
> > > > So I'm not really sure what could be the problem.  Though I was
> > > thinking
> > > > if I understood the error better that might help?  Following the
> > > code I
> > > > see that the "Missing PVR setting capability." is called when a
> > > variable
> > > > called "cap_segstate" is 0:
> > > >
> > > > if (!cap_segstate) {
> > > > fprintf(stderr, "kvm error: missing PVR setting
> > > capability\n");
> > > > return -ENOSYS;
> > > > }
> > > >
> > > > And the cap_segstate variable is set by the following function:
> > > >
> > > > cap_segstate = kvm_check_extension(s, KVM_CAP_PPC_SEGSTATE);
> > >
> > > You are not saying how you are running QEMU.  I think you are using a
> > > CPU model that requires a Book3S KVM.
> > >
> > > Paolo
> > >
> >
> >

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature


Re: [PATCH] mos6522: remove anh register

2019-12-12 Thread David Gibson
On Thu, Dec 12, 2019 at 08:43:59PM +0100, Laurent Vivier wrote:
> Register addr 1 is defined as buffer A with handshake (vBufAH),
> register addr 15 is also defined as buffer A without handshake (vBufA).
> 
> Linux kernel has a big "DON'T USE!" next to the register 1 addr
> definition (vBufAH), and only uses register 15 (vBufA).
> 
> So remove the definition of 'anh' and use only 'a' (with VIA_REG_ANH and
> VIA_REG_A).

I'm not actually following the rationale for removing the register.
Linux doesn't use it, but if it's part of the real hardware model we
should keep it, no?

> 
> Signed-off-by: Laurent Vivier 
> ---
>  hw/misc/mos6522.c | 12 
>  include/hw/misc/mos6522.h |  1 -
>  2 files changed, 4 insertions(+), 9 deletions(-)
> 
> diff --git a/hw/misc/mos6522.c b/hw/misc/mos6522.c
> index cecf0be59e..86ede4005c 100644
> --- a/hw/misc/mos6522.c
> +++ b/hw/misc/mos6522.c
> @@ -244,6 +244,7 @@ uint64_t mos6522_read(void *opaque, hwaddr addr, unsigned 
> size)
>  val = s->b;
>  break;
>  case VIA_REG_A:
> +case VIA_REG_ANH:
>  val = s->a;
>  break;
>  case VIA_REG_DIRB:
> @@ -297,9 +298,7 @@ uint64_t mos6522_read(void *opaque, hwaddr addr, unsigned 
> size)
>  val = s->ier | 0x80;
>  break;
>  default:
> -case VIA_REG_ANH:
> -val = s->anh;
> -break;
> +g_assert_not_reached();
>  }
>  
>  if (addr != VIA_REG_IFR || val != 0) {
> @@ -322,6 +321,7 @@ void mos6522_write(void *opaque, hwaddr addr, uint64_t 
> val, unsigned size)
>  mdc->portB_write(s);
>  break;
>  case VIA_REG_A:
> +case VIA_REG_ANH:
>  s->a = (s->a & ~s->dira) | (val & s->dira);
>  mdc->portA_write(s);
>  break;
> @@ -395,9 +395,7 @@ void mos6522_write(void *opaque, hwaddr addr, uint64_t 
> val, unsigned size)
>qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
>  break;
>  default:
> -case VIA_REG_ANH:
> -s->anh = val;
> -break;
> +g_assert_not_reached();
>  }
>  }
>  
> @@ -439,7 +437,6 @@ const VMStateDescription vmstate_mos6522 = {
>  VMSTATE_UINT8(pcr, MOS6522State),
>  VMSTATE_UINT8(ifr, MOS6522State),
>  VMSTATE_UINT8(ier, MOS6522State),
> -VMSTATE_UINT8(anh, MOS6522State),
>  VMSTATE_STRUCT_ARRAY(timers, MOS6522State, 2, 0,
>   vmstate_mos6522_timer, MOS6522Timer),
>  VMSTATE_END_OF_LIST()
> @@ -460,7 +457,6 @@ static void mos6522_reset(DeviceState *dev)
>  s->ifr = 0;
>  s->ier = 0;
>  /* s->ier = T1_INT | SR_INT; */
> -s->anh = 0;
>  
>  s->timers[0].frequency = s->frequency;
>  s->timers[0].latch = 0x;
> diff --git a/include/hw/misc/mos6522.h b/include/hw/misc/mos6522.h
> index 493c907537..97384c6e02 100644
> --- a/include/hw/misc/mos6522.h
> +++ b/include/hw/misc/mos6522.h
> @@ -115,7 +115,6 @@ typedef struct MOS6522State {
>  uint8_t pcr;
>  uint8_t ifr;
>  uint8_t ier;
> -uint8_t anh;
>  
>  MOS6522Timer timers[2];
>  uint64_t frequency;

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature


Re: [virtio-dev] Re: guest / host buffer sharing ...

2019-12-12 Thread David Stevens
> > > Without buffer sharing support the driver importing a virtio-gpu dma-buf
> > > can send the buffer scatter list to the host.  So both virtio-gpu and
> > > the other device would actually access the same guest pages, but they
> > > are not aware that the buffer is shared between devices.
> >
> > With the uuid approach, how should this case be handled? Should it be
> > equivalent to exporting and importing the buffer which was created
> > first? Should the spec say it's undefined behavior that might work as
> > expected but might not, depending on the device implementation? Does
> > the spec even need to say anything about it?
>
> Using the uuid is an optional optimization.  I'd expect the workflow be
> roughly this:
>
>   (1) exporting driver exports a dma-buf as usual, additionally attaches
>   a uuid to it and notifies the host (using device-specific commands).
>   (2) importing driver will ask the host to use the buffer referenced by
>   the given uuid.
>   (3) if (2) fails for some reason use the dma-buf scatter list instead.
>
> Of course only virtio drivers would try step (2), other drivers (when
> sharing buffers between intel gvt device and virtio-gpu for example)
> would go straight to (3).

For virtio-gpu as it is today, it's not clear to me that they're
equivalent. As I read it, the virtio-gpu spec makes a distinction
between the guest memory and the host resource. If virtio-gpu is
communicating with non-virtio devices, then obviously you'd just be
working with guest memory. But if it's communicating with another
virtio device, then there are potentially distinct guest and host
buffers that could be used. The spec shouldn't leave any room for
ambiguity as to how this distinction is handled.

> > Not just buffers not backed by guest ram, but things like fences. I
> > would suggest the uuids represent 'exported resources' rather than
> > 'exported buffers'.
>
> Hmm, I can't see how this is useful.  Care to outline how you envision
> this to work in a typical use case?

Looking at the spec again, it seems like there's some more work that
would need to be done before this would be possible. But the use case
I was thinking of would be to export a fence from virtio-gpu and share
it with a virtio decoder, to set up a decode pipeline that doesn't
need to go back into the guest for synchronization. I'm fine dropping
this point for now, though, and revisiting it as a separate proposal.

-David



Re: [PATCH 2/2] numa: properly check if numa is supported

2019-12-12 Thread Tao Xu

On 12/12/2019 8:48 PM, Igor Mammedov wrote:

Commit aa57020774b, by mistake used MachineClass::numa_mem_supported
to check if NUMA is supported by machine and also as unrelated change
set it to true for sbsa-ref board.

Luckily change didn't break machines that support NUMA, as the field
is set to true for them.

But the field is not intended for checking if NUMA is supported and
will be flipped to false within this release for new machine types.

Fix it:
  - by using previously used condition
   !mc->cpu_index_to_instance_props || !mc->get_default_cpu_node_id
the first time and then use MachineState::numa_state down the road
to check if NUMA is supported
  - dropping stray sbsa-ref chunk

Fixes: aa57020774b690a22be72453b8e91c9b5a68c516
Signed-off-by: Igor Mammedov 
---
CC: Radoslaw Biernacki 
CC: Peter Maydell 
CC: Leif Lindholm 
CC: qemu-...@nongnu.org
CC: qemu-sta...@nongnu.org


  hw/arm/sbsa-ref.c | 1 -
  hw/core/machine.c | 4 ++--
  2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
index 27046cc..c6261d4 100644
--- a/hw/arm/sbsa-ref.c
+++ b/hw/arm/sbsa-ref.c
@@ -791,7 +791,6 @@ static void sbsa_ref_class_init(ObjectClass *oc, void *data)
  mc->possible_cpu_arch_ids = sbsa_ref_possible_cpu_arch_ids;
  mc->cpu_index_to_instance_props = sbsa_ref_cpu_index_to_props;
  mc->get_default_cpu_node_id = sbsa_ref_get_default_cpu_node_id;
-mc->numa_mem_supported = true;
  }
  
  static const TypeInfo sbsa_ref_info = {

diff --git a/hw/core/machine.c b/hw/core/machine.c
index 1689ad3..aa63231 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -958,7 +958,7 @@ static void machine_initfn(Object *obj)
  NULL);
  }
  
-if (mc->numa_mem_supported) {

+if (mc->cpu_index_to_instance_props && mc->get_default_cpu_node_id) {
  ms->numa_state = g_new0(NumaState, 1);
  }


I am wondering if @numa_mem_supported is unused here, it is unused for 
QEMU, because the only usage of @numa_mem_supported is to initialize 
@numa_state. Or there is other usage? So should it be removed from 
struct MachineClass?






[PATCH RESEND v20 6/8] hmat acpi: Build Memory Side Cache Information Structure(s)

2019-12-12 Thread Tao Xu
From: Liu Jingqi 

This structure describes memory side cache information for memory
proximity domains if the memory side cache is present and the
physical device forms the memory side cache.
The software could use this information to effectively place
the data in memory to maximize the performance of the system
memory that use the memory side cache.

Acked-by: Markus Armbruster 
Reviewed-by: Igor Mammedov 
Reviewed-by: Daniel Black 
Reviewed-by: Jonathan Cameron 
Signed-off-by: Liu Jingqi 
Signed-off-by: Tao Xu 
---

No changes in v20.

Changes in v16:
- Use checks and assert to replace masks (Igor)
- Fields in Cache Attributes are promoted to uint32_t before
  shifting (Igor)
- Drop cpu_to_le32() (Igor)

Changes in v13:
- rename level as cache_level
---
 hw/acpi/hmat.c | 69 +-
 1 file changed, 68 insertions(+), 1 deletion(-)

diff --git a/hw/acpi/hmat.c b/hw/acpi/hmat.c
index 4635d45dee..7c24bb5371 100644
--- a/hw/acpi/hmat.c
+++ b/hw/acpi/hmat.c
@@ -143,14 +143,62 @@ static void build_hmat_lb(GArray *table_data, 
HMAT_LB_Info *hmat_lb,
 g_free(entry_list);
 }
 
+/* ACPI 6.3: 5.2.27.5 Memory Side Cache Information Structure: Table 5-147 */
+static void build_hmat_cache(GArray *table_data, uint8_t total_levels,
+ NumaHmatCacheOptions *hmat_cache)
+{
+/*
+ * Cache Attributes: Bits [3:0] – Total Cache Levels
+ * for this Memory Proximity Domain
+ */
+uint32_t cache_attr = total_levels;
+
+/* Bits [7:4] : Cache Level described in this structure */
+cache_attr |= (uint32_t) hmat_cache->level << 4;
+
+/* Bits [11:8] - Cache Associativity */
+cache_attr |= (uint32_t) hmat_cache->associativity << 8;
+
+/* Bits [15:12] - Write Policy */
+cache_attr |= (uint32_t) hmat_cache->policy << 12;
+
+/* Bits [31:16] - Cache Line size in bytes */
+cache_attr |= (uint32_t) hmat_cache->line << 16;
+
+/* Type */
+build_append_int_noprefix(table_data, 2, 2);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 2);
+/* Length */
+build_append_int_noprefix(table_data, 32, 4);
+/* Proximity Domain for the Memory */
+build_append_int_noprefix(table_data, hmat_cache->node_id, 4);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 4);
+/* Memory Side Cache Size */
+build_append_int_noprefix(table_data, hmat_cache->size, 8);
+/* Cache Attributes */
+build_append_int_noprefix(table_data, cache_attr, 4);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 2);
+/*
+ * Number of SMBIOS handles (n)
+ * Linux kernel uses Memory Side Cache Information Structure
+ * without SMBIOS entries for now, so set Number of SMBIOS handles
+ * as 0.
+ */
+build_append_int_noprefix(table_data, 0, 2);
+}
+
 /* Build HMAT sub table structures */
 static void hmat_build_table_structs(GArray *table_data, NumaState *numa_state)
 {
 uint16_t flags;
 uint32_t num_initiator = 0;
 uint32_t initiator_list[MAX_NODES];
-int i, hierarchy, type;
+int i, hierarchy, type, cache_level, total_levels;
 HMAT_LB_Info *hmat_lb;
+NumaHmatCacheOptions *hmat_cache;
 
 for (i = 0; i < numa_state->num_nodes; i++) {
 flags = 0;
@@ -184,6 +232,25 @@ static void hmat_build_table_structs(GArray *table_data, 
NumaState *numa_state)
 }
 }
 }
+
+/*
+ * ACPI 6.3: 5.2.27.5 Memory Side Cache Information Structure:
+ * Table 5-147
+ */
+for (i = 0; i < numa_state->num_nodes; i++) {
+total_levels = 0;
+for (cache_level = 1; cache_level < HMAT_LB_LEVELS; cache_level++) {
+if (numa_state->hmat_cache[i][cache_level]) {
+total_levels++;
+}
+}
+for (cache_level = 0; cache_level <= total_levels; cache_level++) {
+hmat_cache = numa_state->hmat_cache[i][cache_level];
+if (hmat_cache) {
+build_hmat_cache(table_data, total_levels, hmat_cache);
+}
+}
+}
 }
 
 void build_hmat(GArray *table_data, BIOSLinker *linker, NumaState *numa_state)
-- 
2.20.1




[PATCH RESEND v20 5/8] hmat acpi: Build System Locality Latency and Bandwidth Information Structure(s)

2019-12-12 Thread Tao Xu
From: Liu Jingqi 

This structure describes the memory access latency and bandwidth
information from various memory access initiator proximity domains.
The latency and bandwidth numbers represented in this structure
correspond to rated latency and bandwidth for the platform.
The software could use this information as hint for optimization.

Acked-by: Markus Armbruster 
Reviewed-by: Igor Mammedov 
Signed-off-by: Liu Jingqi 
Signed-off-by: Tao Xu 
---

Changes in v20:
- Fix the broken CI case when user input latency or bandwidth
  less than required

Changes in v17:
- Remove unnecessary header file (Igor)

Changes in v16:
- Add more description for lb_length (Igor)
- Drop entry_list and calculate entries in this patch (Igor)

Changes in v13:
- Calculate the entries in a new patch.
---
 hw/acpi/hmat.c | 104 -
 1 file changed, 103 insertions(+), 1 deletion(-)

diff --git a/hw/acpi/hmat.c b/hw/acpi/hmat.c
index 9ff79308a4..4635d45dee 100644
--- a/hw/acpi/hmat.c
+++ b/hw/acpi/hmat.c
@@ -25,6 +25,7 @@
  */
 
 #include "qemu/osdep.h"
+#include "qemu/units.h"
 #include "sysemu/numa.h"
 #include "hw/acpi/hmat.h"
 
@@ -67,11 +68,89 @@ static void build_hmat_mpda(GArray *table_data, uint16_t 
flags,
 build_append_int_noprefix(table_data, 0, 8);
 }
 
+/*
+ * ACPI 6.3: 5.2.27.4 System Locality Latency and Bandwidth Information
+ * Structure: Table 5-146
+ */
+static void build_hmat_lb(GArray *table_data, HMAT_LB_Info *hmat_lb,
+  uint32_t num_initiator, uint32_t num_target,
+  uint32_t *initiator_list)
+{
+int i, index;
+HMAT_LB_Data *lb_data;
+uint16_t *entry_list;
+uint32_t base;
+/* Length in bytes for entire structure */
+uint32_t lb_length
+= 32 /* Table length upto and including Entry Base Unit */
++ 4 * num_initiator /* Initiator Proximity Domain List */
++ 4 * num_target /* Target Proximity Domain List */
++ 2 * num_initiator * num_target; /* Latency or Bandwidth Entries */
+
+/* Type */
+build_append_int_noprefix(table_data, 1, 2);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 2);
+/* Length */
+build_append_int_noprefix(table_data, lb_length, 4);
+/* Flags: Bits [3:0] Memory Hierarchy, Bits[7:4] Reserved */
+assert(!(hmat_lb->hierarchy >> 4));
+build_append_int_noprefix(table_data, hmat_lb->hierarchy, 1);
+/* Data Type */
+build_append_int_noprefix(table_data, hmat_lb->data_type, 1);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 2);
+/* Number of Initiator Proximity Domains (s) */
+build_append_int_noprefix(table_data, num_initiator, 4);
+/* Number of Target Proximity Domains (t) */
+build_append_int_noprefix(table_data, num_target, 4);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 4);
+
+/* Entry Base Unit */
+if (hmat_lb->data_type <= HMAT_LB_DATA_WRITE_LATENCY) {
+/* Convert latency base from nanoseconds to picosecond */
+base = hmat_lb->base * 1000;
+} else {
+/* Convert bandwidth base from Byte to Megabyte */
+base = hmat_lb->base / MiB;
+}
+build_append_int_noprefix(table_data, base, 8);
+
+/* Initiator Proximity Domain List */
+for (i = 0; i < num_initiator; i++) {
+build_append_int_noprefix(table_data, initiator_list[i], 4);
+}
+
+/* Target Proximity Domain List */
+for (i = 0; i < num_target; i++) {
+build_append_int_noprefix(table_data, i, 4);
+}
+
+/* Latency or Bandwidth Entries */
+entry_list = g_malloc0(num_initiator * num_target * sizeof(uint16_t));
+for (i = 0; i < hmat_lb->list->len; i++) {
+lb_data = &g_array_index(hmat_lb->list, HMAT_LB_Data, i);
+index = lb_data->initiator * num_target + lb_data->target;
+
+entry_list[index] = (uint16_t)(lb_data->data / hmat_lb->base);
+}
+
+for (i = 0; i < num_initiator * num_target; i++) {
+build_append_int_noprefix(table_data, entry_list[i], 2);
+}
+
+g_free(entry_list);
+}
+
 /* Build HMAT sub table structures */
 static void hmat_build_table_structs(GArray *table_data, NumaState *numa_state)
 {
 uint16_t flags;
-int i;
+uint32_t num_initiator = 0;
+uint32_t initiator_list[MAX_NODES];
+int i, hierarchy, type;
+HMAT_LB_Info *hmat_lb;
 
 for (i = 0; i < numa_state->num_nodes; i++) {
 flags = 0;
@@ -82,6 +161,29 @@ static void hmat_build_table_structs(GArray *table_data, 
NumaState *numa_state)
 
 build_hmat_mpda(table_data, flags, numa_state->nodes[i].initiator, i);
 }
+
+for (i = 0; i < numa_state->num_nodes; i++) {
+if (numa_state->nodes[i].has_cpu) {
+initiator_list[num_initiator++] = i;
+}
+}
+
+/*
+ * ACPI 6.3: 5.2.27.4 System Locality Latency and Bandwidth Information
+ * Structure: Table 5-146
+ */
+for (hierar

[PATCH RESEND v20 7/8] tests/numa: Add case for QMP build HMAT

2019-12-12 Thread Tao Xu
Check configuring HMAT usecase

Acked-by: Markus Armbruster 
Suggested-by: Igor Mammedov 
Signed-off-by: Tao Xu 
---

Changes in v20:
- Fix the wrong target in pc_hmat_erange_cfg
- Use g_assert_true and g_assert_false to replace g_assert
  (Thomas and Markus)

Changes in v19:
- Add some fail cases for hmat-cache when level=0

Changes in v18:
- Rewrite the lines over 80 characters

Chenges in v17:
- Add some fail test cases (Igor)
---
 tests/numa-test.c | 213 ++
 1 file changed, 213 insertions(+)

diff --git a/tests/numa-test.c b/tests/numa-test.c
index 8de8581231..17dd807d2a 100644
--- a/tests/numa-test.c
+++ b/tests/numa-test.c
@@ -327,6 +327,216 @@ static void pc_dynamic_cpu_cfg(const void *data)
 qtest_quit(qs);
 }
 
+static void pc_hmat_build_cfg(const void *data)
+{
+QTestState *qs = qtest_initf("%s -nodefaults --preconfig -machine hmat=on "
+ "-smp 2,sockets=2 "
+ "-m 128M,slots=2,maxmem=1G "
+ "-object memory-backend-ram,size=64M,id=m0 "
+ "-object memory-backend-ram,size=64M,id=m1 "
+ "-numa node,nodeid=0,memdev=m0 "
+ "-numa node,nodeid=1,memdev=m1,initiator=0 "
+ "-numa cpu,node-id=0,socket-id=0 "
+ "-numa cpu,node-id=0,socket-id=1",
+ data ? (char *)data : "");
+
+/* Fail: Initiator should be less than the number of nodes */
+g_assert_true(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 2, 'target': 0,"
+" 'hierarchy': \"memory\", 'data-type': \"access-latency\" } }")));
+
+/* Fail: Target should be less than the number of nodes */
+g_assert_true(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 2,"
+" 'hierarchy': \"memory\", 'data-type': \"access-latency\" } }")));
+
+/* Fail: Initiator should contain cpu */
+g_assert_true(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 1, 'target': 0,"
+" 'hierarchy': \"memory\", 'data-type': \"access-latency\" } }")));
+
+/* Fail: Data-type mismatch */
+g_assert_true(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 0,"
+" 'hierarchy': \"memory\", 'data-type': \"write-latency\","
+" 'bandwidth': 524288000 } }")));
+g_assert_true(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 0,"
+" 'hierarchy': \"memory\", 'data-type': \"read-bandwidth\","
+" 'latency': 5 } }")));
+
+/* Fail: Bandwidth should be 1MB (1048576) aligned */
+g_assert_true(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 0,"
+" 'hierarchy': \"memory\", 'data-type': \"access-bandwidth\","
+" 'bandwidth': 1048575 } }")));
+
+/* Configuring HMAT bandwidth and latency details */
+g_assert_false(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 0,"
+" 'hierarchy': \"memory\", 'data-type': \"access-latency\","
+" 'latency': 1 } }")));/* 1 ns */
+g_assert_true(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 0,"
+" 'hierarchy': \"memory\", 'data-type': \"access-latency\","
+" 'latency': 5 } }")));/* Fail: Duplicate configuration */
+g_assert_false(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 0,"
+" 'hierarchy': \"memory\", 'data-type': \"access-bandwidth\","
+" 'bandwidth': 68717379584 } }")));/* 65534 MB/s */
+g_assert_false(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 1,"
+" 'hierarchy': \"memory\", 'data-type': \"access-latency\","
+" 'latency': 65534 } }")));/* 65534 ns */
+g_assert_false(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-lb', 'initiator': 0, 'target': 1,"
+" 'hierarchy': \"memory\", 'data-type': \"access-bandwidth\","
+" 'bandwidth': 34358689792 } }")));/* 32767 MB/s */
+
+/* Fail: node_id should be less than the number of nodes */
+g_assert_true(qmp_rsp_is_err(qtest_qmp(qs, "{ 'execute': 'set-numa-node',"
+" 'arguments': { 'type': 'hmat-cache', 'node-id': 2, 'size': 10240,"
+" 'level': 1, 'associativity': \"direct\", 'policy

[PATCH RESEND v20 3/8] numa: Extend CLI to provide memory side cache information

2019-12-12 Thread Tao Xu
From: Liu Jingqi 

Add -numa hmat-cache option to provide Memory Side Cache Information.
These memory attributes help to build Memory Side Cache Information
Structure(s) in ACPI Heterogeneous Memory Attribute Table (HMAT).
Before using hmat-cache option, enable HMAT with -machine hmat=on.

Acked-by: Markus Armbruster 
Signed-off-by: Liu Jingqi 
Signed-off-by: Tao Xu 
---

Changes in v20:
- Disable cache level 0 in hmat-cache option (Igor)
- Update the QAPI description (Markus)

Changes in v19:
- Add description about the machine property 'hmat' in commit
  message (Markus)
- Update the QAPI comments
- Add a check for no memory side cache

Changes in v18:
- Update the error message (Igor)

Changes in v17:
- Use NumaHmatCacheOptions to replace HMAT_Cache_Info (Igor)
- Add check for unordered cache level input (Igor)

Changes in v16:
- Add cross check with hmat_lb data (Igor)
- Drop total_levels in struct HMAT_Cache_Info (Igor)
- Correct the error table number (Igor)
---
 hw/core/numa.c| 80 ++
 include/sysemu/numa.h |  5 +++
 qapi/machine.json | 81 +--
 qemu-options.hx   | 17 +++--
 4 files changed, 179 insertions(+), 4 deletions(-)

diff --git a/hw/core/numa.c b/hw/core/numa.c
index 34eb413f5d..33fda31a4c 100644
--- a/hw/core/numa.c
+++ b/hw/core/numa.c
@@ -379,6 +379,73 @@ void parse_numa_hmat_lb(NumaState *numa_state, 
NumaHmatLBOptions *node,
 g_array_append_val(hmat_lb->list, lb_data);
 }
 
+void parse_numa_hmat_cache(MachineState *ms, NumaHmatCacheOptions *node,
+   Error **errp)
+{
+int nb_numa_nodes = ms->numa_state->num_nodes;
+NodeInfo *numa_info = ms->numa_state->nodes;
+NumaHmatCacheOptions *hmat_cache = NULL;
+
+if (node->node_id >= nb_numa_nodes) {
+error_setg(errp, "Invalid node-id=%" PRIu32 ", it should be less "
+   "than %d", node->node_id, nb_numa_nodes);
+return;
+}
+
+if (numa_info[node->node_id].lb_info_provided != (BIT(0) | BIT(1))) {
+error_setg(errp, "The latency and bandwidth information of "
+   "node-id=%" PRIu32 " should be provided before memory side "
+   "cache attributes", node->node_id);
+return;
+}
+
+if (node->level < 1 || node->level >= HMAT_LB_LEVELS) {
+error_setg(errp, "Invalid level=%" PRIu8 ", it should be larger than 0 
"
+   "and less than or equal to %d", node->level,
+   HMAT_LB_LEVELS - 1);
+return;
+}
+
+assert(node->associativity < HMAT_CACHE_ASSOCIATIVITY__MAX);
+assert(node->policy < HMAT_CACHE_WRITE_POLICY__MAX);
+if (ms->numa_state->hmat_cache[node->node_id][node->level]) {
+error_setg(errp, "Duplicate configuration of the side cache for "
+   "node-id=%" PRIu32 " and level=%" PRIu8,
+   node->node_id, node->level);
+return;
+}
+
+if ((node->level > 1) &&
+ms->numa_state->hmat_cache[node->node_id][node->level - 1] &&
+(node->size >=
+ms->numa_state->hmat_cache[node->node_id][node->level - 1]->size)) 
{
+error_setg(errp, "Invalid size=%" PRIu64 ", the size of level=%" PRIu8
+   " should be less than the size(%" PRIu64 ") of "
+   "level=%" PRIu8, node->size, node->level,
+   ms->numa_state->hmat_cache[node->node_id]
+ [node->level - 1]->size,
+   node->level - 1);
+return;
+}
+
+if ((node->level < HMAT_LB_LEVELS - 1) &&
+ms->numa_state->hmat_cache[node->node_id][node->level + 1] &&
+(node->size <=
+ms->numa_state->hmat_cache[node->node_id][node->level + 1]->size)) 
{
+error_setg(errp, "Invalid size=%" PRIu64 ", the size of level=%" PRIu8
+   " should be larger than the size(%" PRIu64 ") of "
+   "level=%" PRIu8, node->size, node->level,
+   ms->numa_state->hmat_cache[node->node_id]
+ [node->level + 1]->size,
+   node->level + 1);
+return;
+}
+
+hmat_cache = g_malloc0(sizeof(*hmat_cache));
+memcpy(hmat_cache, node, sizeof(*hmat_cache));
+ms->numa_state->hmat_cache[node->node_id][node->level] = hmat_cache;
+}
+
 void set_numa_options(MachineState *ms, NumaOptions *object, Error **errp)
 {
 Error *err = NULL;
@@ -430,6 +497,19 @@ void set_numa_options(MachineState *ms, NumaOptions 
*object, Error **errp)
 goto end;
 }
 break;
+case NUMA_OPTIONS_TYPE_HMAT_CACHE:
+if (!ms->numa_state->hmat_enabled) {
+error_setg(errp, "ACPI Heterogeneous Memory Attribute Table "
+   "(HMAT) is disabled, enable it with -machine hmat=on "
+   "before using any of hm

[PATCH RESEND v20 8/8] tests/bios-tables-test: add test cases for ACPI HMAT

2019-12-12 Thread Tao Xu
ACPI table HMAT has been introduced, QEMU now builds HMAT tables for
Heterogeneous Memory with boot option '-numa node'.

Add test cases on PC and Q35 machines with 2 numa nodes.
Because HMAT is generated when system enable numa, the
following tables need to be added for this test:
tests/data/acpi/pc/APIC.acpihmat
tests/data/acpi/pc/SRAT.acpihmat
tests/data/acpi/pc/HMAT.acpihmat
tests/data/acpi/pc/DSDT.acpihmat
tests/data/acpi/q35/APIC.acpihmat
tests/data/acpi/q35/SRAT.acpihmat
tests/data/acpi/q35/HMAT.acpihmat
tests/data/acpi/q35/DSDT.acpihmat

Acked-by: Markus Armbruster 
Reviewed-by: Igor Mammedov 
Reviewed-by: Daniel Black 
Reviewed-by: Jingqi Liu 
Suggested-by: Igor Mammedov 
Signed-off-by: Tao Xu 
---

No changes in v20.

Changes in v18:
- Remove unit "ns".

Changes in v17:
- Update the latency and bandwidth

Changes in v15:
- Make tests without breaking CI (Michael)

Changes in v13:
- Use decimal notation with appropriate suffix for cache size
---
 tests/bios-tables-test-allowed-diff.h |  8 +
 tests/bios-tables-test.c  | 44 +++
 tests/data/acpi/pc/APIC.acpihmat  |  0
 tests/data/acpi/pc/DSDT.acpihmat  |  0
 tests/data/acpi/pc/HMAT.acpihmat  |  0
 tests/data/acpi/pc/SRAT.acpihmat  |  0
 tests/data/acpi/q35/APIC.acpihmat |  0
 tests/data/acpi/q35/DSDT.acpihmat |  0
 tests/data/acpi/q35/HMAT.acpihmat |  0
 tests/data/acpi/q35/SRAT.acpihmat |  0
 10 files changed, 52 insertions(+)
 create mode 100644 tests/data/acpi/pc/APIC.acpihmat
 create mode 100644 tests/data/acpi/pc/DSDT.acpihmat
 create mode 100644 tests/data/acpi/pc/HMAT.acpihmat
 create mode 100644 tests/data/acpi/pc/SRAT.acpihmat
 create mode 100644 tests/data/acpi/q35/APIC.acpihmat
 create mode 100644 tests/data/acpi/q35/DSDT.acpihmat
 create mode 100644 tests/data/acpi/q35/HMAT.acpihmat
 create mode 100644 tests/data/acpi/q35/SRAT.acpihmat

diff --git a/tests/bios-tables-test-allowed-diff.h 
b/tests/bios-tables-test-allowed-diff.h
index dfb8523c8b..3c9e0c979b 100644
--- a/tests/bios-tables-test-allowed-diff.h
+++ b/tests/bios-tables-test-allowed-diff.h
@@ -1 +1,9 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/pc/APIC.acpihmat",
+"tests/data/acpi/pc/SRAT.acpihmat",
+"tests/data/acpi/pc/HMAT.acpihmat",
+"tests/data/acpi/pc/DSDT.acpihmat",
+"tests/data/acpi/q35/APIC.acpihmat",
+"tests/data/acpi/q35/SRAT.acpihmat",
+"tests/data/acpi/q35/HMAT.acpihmat",
+"tests/data/acpi/q35/DSDT.acpihmat",
diff --git a/tests/bios-tables-test.c b/tests/bios-tables-test.c
index 79f5da092f..9823820043 100644
--- a/tests/bios-tables-test.c
+++ b/tests/bios-tables-test.c
@@ -947,6 +947,48 @@ static void test_acpi_virt_tcg_numamem(void)
 
 }
 
+static void test_acpi_tcg_acpi_hmat(const char *machine)
+{
+test_data data;
+
+memset(&data, 0, sizeof(data));
+data.machine = machine;
+data.variant = ".acpihmat";
+test_acpi_one(" -machine hmat=on"
+  " -smp 2,sockets=2"
+  " -m 128M,slots=2,maxmem=1G"
+  " -object memory-backend-ram,size=64M,id=m0"
+  " -object memory-backend-ram,size=64M,id=m1"
+  " -numa node,nodeid=0,memdev=m0"
+  " -numa node,nodeid=1,memdev=m1,initiator=0"
+  " -numa cpu,node-id=0,socket-id=0"
+  " -numa cpu,node-id=0,socket-id=1"
+  " -numa hmat-lb,initiator=0,target=0,hierarchy=memory,"
+  "data-type=access-latency,latency=1"
+  " -numa hmat-lb,initiator=0,target=0,hierarchy=memory,"
+  "data-type=access-bandwidth,bandwidth=65534M"
+  " -numa hmat-lb,initiator=0,target=1,hierarchy=memory,"
+  "data-type=access-latency,latency=65534"
+  " -numa hmat-lb,initiator=0,target=1,hierarchy=memory,"
+  "data-type=access-bandwidth,bandwidth=32767M"
+  " -numa hmat-cache,node-id=0,size=10K,level=1,"
+  "associativity=direct,policy=write-back,line=8"
+  " -numa hmat-cache,node-id=1,size=10K,level=1,"
+  "associativity=direct,policy=write-back,line=8",
+  &data);
+free_test_data(&data);
+}
+
+static void test_acpi_q35_tcg_acpi_hmat(void)
+{
+test_acpi_tcg_acpi_hmat(MACHINE_Q35);
+}
+
+static void test_acpi_piix4_tcg_acpi_hmat(void)
+{
+test_acpi_tcg_acpi_hmat(MACHINE_PC);
+}
+
 static void test_acpi_virt_tcg(void)
 {
 test_data data = {
@@ -991,6 +1033,8 @@ int main(int argc, char *argv[])
 qtest_add_func("acpi/q35/numamem", test_acpi_q35_tcg_numamem);
 qtest_add_func("acpi/piix4/dimmpxm", test_acpi_piix4_tcg_dimm_pxm);
 qtest_add_func("acpi/q35/dimmpxm", test_acpi_q35_tcg_dimm_pxm);
+qtest_add_func("acpi/piix4/acpihmat", test_acpi_piix4_tcg_acpi_hmat);
+qtest_add_func("acpi/q35/acpihmat", test_acpi_q35_tcg_ac

[PATCH RESEND v20 1/8] numa: Extend CLI to provide initiator information for numa nodes

2019-12-12 Thread Tao Xu
In ACPI 6.3 chapter 5.2.27 Heterogeneous Memory Attribute Table (HMAT),
The initiator represents processor which access to memory. And in 5.2.27.3
Memory Proximity Domain Attributes Structure, the attached initiator is
defined as where the memory controller responsible for a memory proximity
domain. With attached initiator information, the topology of heterogeneous
memory can be described. Add new machine property 'hmat' to enable all
HMAT specific options.

Extend CLI of "-numa node" option to indicate the initiator numa node-id.
In the linux kernel, the codes in drivers/acpi/hmat/hmat.c parse and report
the platform's HMAT tables. Before using initiator option, enable HMAT with
-machine hmat=on.

Acked-by: Markus Armbruster 
Reviewed-by: Igor Mammedov 
Reviewed-by: Jingqi Liu 
Suggested-by: Dan Williams 
Signed-off-by: Tao Xu 
---

No changes in v20.

Changes in v19:
- Add description about the machine property 'hmat' in commit
  message (Markus)

Changes in v15:
- Change the QAPI version tag to 5.0 (Eric)
---
 hw/core/machine.c | 64 +++
 hw/core/numa.c| 23 
 include/sysemu/numa.h |  5 
 qapi/machine.json | 10 ++-
 qemu-options.hx   | 35 +++
 5 files changed, 131 insertions(+), 6 deletions(-)

diff --git a/hw/core/machine.c b/hw/core/machine.c
index 1689ad3bf8..d7d2cfa66d 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -518,6 +518,20 @@ static void machine_set_nvdimm(Object *obj, bool value, 
Error **errp)
 ms->nvdimms_state->is_enabled = value;
 }
 
+static bool machine_get_hmat(Object *obj, Error **errp)
+{
+MachineState *ms = MACHINE(obj);
+
+return ms->numa_state->hmat_enabled;
+}
+
+static void machine_set_hmat(Object *obj, bool value, Error **errp)
+{
+MachineState *ms = MACHINE(obj);
+
+ms->numa_state->hmat_enabled = value;
+}
+
 static char *machine_get_nvdimm_persistence(Object *obj, Error **errp)
 {
 MachineState *ms = MACHINE(obj);
@@ -645,6 +659,7 @@ void machine_set_cpu_numa_node(MachineState *machine,
const CpuInstanceProperties *props, Error 
**errp)
 {
 MachineClass *mc = MACHINE_GET_CLASS(machine);
+NodeInfo *numa_info = machine->numa_state->nodes;
 bool match = false;
 int i;
 
@@ -714,6 +729,17 @@ void machine_set_cpu_numa_node(MachineState *machine,
 match = true;
 slot->props.node_id = props->node_id;
 slot->props.has_node_id = props->has_node_id;
+
+if (machine->numa_state->hmat_enabled) {
+if ((numa_info[props->node_id].initiator < MAX_NODES) &&
+(props->node_id != numa_info[props->node_id].initiator)) {
+error_setg(errp, "The initiator of CPU NUMA node %" PRId64
+" should be itself", props->node_id);
+return;
+}
+numa_info[props->node_id].has_cpu = true;
+numa_info[props->node_id].initiator = props->node_id;
+}
 }
 
 if (!match) {
@@ -960,6 +986,13 @@ static void machine_initfn(Object *obj)
 
 if (mc->numa_mem_supported) {
 ms->numa_state = g_new0(NumaState, 1);
+object_property_add_bool(obj, "hmat",
+ machine_get_hmat, machine_set_hmat,
+ &error_abort);
+object_property_set_description(obj, "hmat",
+"Set on/off to enable/disable "
+"ACPI Heterogeneous Memory Attribute "
+"Table (HMAT)", NULL);
 }
 
 /* Register notifier when init is done for sysbus sanity checks */
@@ -1048,6 +1081,32 @@ static char *cpu_slot_to_string(const CPUArchId *cpu)
 return g_string_free(s, false);
 }
 
+static void numa_validate_initiator(NumaState *numa_state)
+{
+int i;
+NodeInfo *numa_info = numa_state->nodes;
+
+for (i = 0; i < numa_state->num_nodes; i++) {
+if (numa_info[i].initiator == MAX_NODES) {
+error_report("The initiator of NUMA node %d is missing, use "
+ "'-numa node,initiator' option to declare it", i);
+exit(1);
+}
+
+if (!numa_info[numa_info[i].initiator].present) {
+error_report("NUMA node %" PRIu16 " is missing, use "
+ "'-numa node' option to declare it first",
+ numa_info[i].initiator);
+exit(1);
+}
+
+if (!numa_info[numa_info[i].initiator].has_cpu) {
+error_report("The initiator of NUMA node %d is invalid", i);
+exit(1);
+}
+}
+}
+
 static void machine_numa_finish_cpu_init(MachineState *machine)
 {
 int i;
@@ -1088,6 +1147,11 @@ static void machine_numa_finish_cpu_init(MachineState 
*machine)
 machine_set_cpu_numa_node(machine, &props, &error_fatal);
 }
 }
+
+if (machi

[PATCH RESEND v20 2/8] numa: Extend CLI to provide memory latency and bandwidth information

2019-12-12 Thread Tao Xu
From: Liu Jingqi 

Add -numa hmat-lb option to provide System Locality Latency and
Bandwidth Information. These memory attributes help to build
System Locality Latency and Bandwidth Information Structure(s)
in ACPI Heterogeneous Memory Attribute Table (HMAT). Before using
hmat-lb option, enable HMAT with -machine hmat=on.

Acked-by: Markus Armbruster 
Signed-off-by: Liu Jingqi 
Signed-off-by: Tao Xu 
---

Changes in v20:
- Update the QAPI description (Markus)
- Keep base and bitmap unchanged when latency or bandwidth
  out of range

Changes in v19:
- Add description about the machine property 'hmat' in commit
  message (Markus)

Changes in v18:
- Use qapi type uint64 and only nanosecond for latency (Markus)

Changes in v17:
- Add check when user input latency or bandwidth 0, the
  lb_info_provided should also be 0. Because in ACPI 6.3 5.2.27.4,
  0 means the corresponding latency or bandwidth information is
  not provided.
- Fix the infinite loop when node->latency is 0.
---
 hw/core/numa.c| 194 ++
 include/sysemu/numa.h |  53 
 qapi/machine.json |  93 +++-
 qemu-options.hx   |  47 +-
 4 files changed, 384 insertions(+), 3 deletions(-)

diff --git a/hw/core/numa.c b/hw/core/numa.c
index e60da99293..34eb413f5d 100644
--- a/hw/core/numa.c
+++ b/hw/core/numa.c
@@ -23,6 +23,7 @@
  */
 
 #include "qemu/osdep.h"
+#include "qemu/units.h"
 #include "sysemu/hostmem.h"
 #include "sysemu/numa.h"
 #include "sysemu/sysemu.h"
@@ -198,6 +199,186 @@ void parse_numa_distance(MachineState *ms, 
NumaDistOptions *dist, Error **errp)
 ms->numa_state->have_numa_distance = true;
 }
 
+void parse_numa_hmat_lb(NumaState *numa_state, NumaHmatLBOptions *node,
+Error **errp)
+{
+int i, first_bit, last_bit;
+uint64_t max_entry, temp_base, bitmap_copy;
+NodeInfo *numa_info = numa_state->nodes;
+HMAT_LB_Info *hmat_lb =
+numa_state->hmat_lb[node->hierarchy][node->data_type];
+HMAT_LB_Data lb_data = {};
+HMAT_LB_Data *lb_temp;
+
+/* Error checking */
+if (node->initiator > numa_state->num_nodes) {
+error_setg(errp, "Invalid initiator=%d, it should be less than %d",
+   node->initiator, numa_state->num_nodes);
+return;
+}
+if (node->target > numa_state->num_nodes) {
+error_setg(errp, "Invalid target=%d, it should be less than %d",
+   node->target, numa_state->num_nodes);
+return;
+}
+if (!numa_info[node->initiator].has_cpu) {
+error_setg(errp, "Invalid initiator=%d, it isn't an "
+   "initiator proximity domain", node->initiator);
+return;
+}
+if (!numa_info[node->target].present) {
+error_setg(errp, "The target=%d should point to an existing node",
+   node->target);
+return;
+}
+
+if (!hmat_lb) {
+hmat_lb = g_malloc0(sizeof(*hmat_lb));
+numa_state->hmat_lb[node->hierarchy][node->data_type] = hmat_lb;
+hmat_lb->list = g_array_new(false, true, sizeof(HMAT_LB_Data));
+}
+hmat_lb->hierarchy = node->hierarchy;
+hmat_lb->data_type = node->data_type;
+lb_data.initiator = node->initiator;
+lb_data.target = node->target;
+
+if (node->data_type <= HMATLB_DATA_TYPE_WRITE_LATENCY) {
+/* Input latency data */
+
+if (!node->has_latency) {
+error_setg(errp, "Missing 'latency' option");
+return;
+}
+if (node->has_bandwidth) {
+error_setg(errp, "Invalid option 'bandwidth' since "
+   "the data type is latency");
+return;
+}
+
+/* Detect duplicate configuration */
+for (i = 0; i < hmat_lb->list->len; i++) {
+lb_temp = &g_array_index(hmat_lb->list, HMAT_LB_Data, i);
+
+if (node->initiator == lb_temp->initiator &&
+node->target == lb_temp->target) {
+error_setg(errp, "Duplicate configuration of the latency for "
+"initiator=%d and target=%d", node->initiator,
+node->target);
+return;
+}
+}
+
+hmat_lb->base = hmat_lb->base ? hmat_lb->base : UINT64_MAX;
+
+if (node->latency) {
+/* Calculate the temporary base and compressed latency */
+max_entry = node->latency;
+temp_base = 1;
+while (QEMU_IS_ALIGNED(max_entry, 10)) {
+max_entry /= 10;
+temp_base *= 10;
+}
+
+/* Calculate the max compressed latency */
+temp_base = MIN(hmat_lb->base, temp_base);
+max_entry = node->latency / hmat_lb->base;
+max_entry = MAX(hmat_lb->range_bitmap, max_entry);
+
+/*
+ * For latency hmat_lb->range_bitmap record the max compressed
+ * la

[PATCH RESEND v20 4/8] hmat acpi: Build Memory Proximity Domain Attributes Structure(s)

2019-12-12 Thread Tao Xu
From: Liu Jingqi 

HMAT is defined in ACPI 6.3: 5.2.27 Heterogeneous Memory Attribute Table
(HMAT). The specification references below link:
http://www.uefi.org/sites/default/files/resources/ACPI_6_3_final_Jan30.pdf

It describes the memory attributes, such as memory side cache
attributes and bandwidth and latency details, related to the
Memory Proximity Domain. The software is
expected to use this information as hint for optimization.

This structure describes Memory Proximity Domain Attributes by memory
subsystem and its associativity with processor proximity domain as well as
hint for memory usage.

In the linux kernel, the codes in drivers/acpi/hmat/hmat.c parse and report
the platform's HMAT tables.

Acked-by: Markus Armbruster 
Reviewed-by: Igor Mammedov 
Reviewed-by: Daniel Black 
Reviewed-by: Jonathan Cameron 
Signed-off-by: Liu Jingqi 
Signed-off-by: Tao Xu 
---

No changes in v20.

Changes in v16:
- Use uint32_t for initiator and mem_node

Changes in v13:
- Remove the unnecessary head file.
---
 hw/acpi/Kconfig   |  7 ++-
 hw/acpi/Makefile.objs |  1 +
 hw/acpi/hmat.c| 99 +++
 hw/acpi/hmat.h| 42 ++
 hw/i386/acpi-build.c  |  5 +++
 5 files changed, 152 insertions(+), 2 deletions(-)
 create mode 100644 hw/acpi/hmat.c
 create mode 100644 hw/acpi/hmat.h

diff --git a/hw/acpi/Kconfig b/hw/acpi/Kconfig
index 12e3f1e86e..54209c6f2f 100644
--- a/hw/acpi/Kconfig
+++ b/hw/acpi/Kconfig
@@ -7,6 +7,7 @@ config ACPI_X86
 select ACPI_NVDIMM
 select ACPI_CPU_HOTPLUG
 select ACPI_MEMORY_HOTPLUG
+select ACPI_HMAT
 
 config ACPI_X86_ICH
 bool
@@ -23,6 +24,10 @@ config ACPI_NVDIMM
 bool
 depends on ACPI
 
+config ACPI_HMAT
+bool
+depends on ACPI
+
 config ACPI_PCI
 bool
 depends on ACPI && PCI
@@ -33,5 +38,3 @@ config ACPI_VMGENID
 depends on PC
 
 config ACPI_HW_REDUCED
-bool
-depends on ACPI
diff --git a/hw/acpi/Makefile.objs b/hw/acpi/Makefile.objs
index 655a9c1973..517bd88704 100644
--- a/hw/acpi/Makefile.objs
+++ b/hw/acpi/Makefile.objs
@@ -7,6 +7,7 @@ common-obj-$(CONFIG_ACPI_CPU_HOTPLUG) += cpu.o
 common-obj-$(CONFIG_ACPI_NVDIMM) += nvdimm.o
 common-obj-$(CONFIG_ACPI_VMGENID) += vmgenid.o
 common-obj-$(CONFIG_ACPI_HW_REDUCED) += generic_event_device.o
+common-obj-$(CONFIG_ACPI_HMAT) += hmat.o
 common-obj-$(call lnot,$(CONFIG_ACPI_X86)) += acpi-stub.o
 
 common-obj-y += acpi_interface.o
diff --git a/hw/acpi/hmat.c b/hw/acpi/hmat.c
new file mode 100644
index 00..9ff79308a4
--- /dev/null
+++ b/hw/acpi/hmat.c
@@ -0,0 +1,99 @@
+/*
+ * HMAT ACPI Implementation
+ *
+ * Copyright(C) 2019 Intel Corporation.
+ *
+ * Author:
+ *  Liu jingqi 
+ *  Tao Xu 
+ *
+ * HMAT is defined in ACPI 6.3: 5.2.27 Heterogeneous Memory Attribute Table
+ * (HMAT)
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see 
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/numa.h"
+#include "hw/acpi/hmat.h"
+
+/*
+ * ACPI 6.3:
+ * 5.2.27.3 Memory Proximity Domain Attributes Structure: Table 5-145
+ */
+static void build_hmat_mpda(GArray *table_data, uint16_t flags,
+uint32_t initiator, uint32_t mem_node)
+{
+
+/* Memory Proximity Domain Attributes Structure */
+/* Type */
+build_append_int_noprefix(table_data, 0, 2);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 2);
+/* Length */
+build_append_int_noprefix(table_data, 40, 4);
+/* Flags */
+build_append_int_noprefix(table_data, flags, 2);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 2);
+/* Proximity Domain for the Attached Initiator */
+build_append_int_noprefix(table_data, initiator, 4);
+/* Proximity Domain for the Memory */
+build_append_int_noprefix(table_data, mem_node, 4);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 4);
+/*
+ * Reserved:
+ * Previously defined as the Start Address of the System Physical
+ * Address Range. Deprecated since ACPI Spec 6.3.
+ */
+build_append_int_noprefix(table_data, 0, 8);
+/*
+ * Reserved:
+ * Previously defined as the Range Length of the region in bytes.
+ * Deprecated since ACPI Spec 6.3.
+ */
+build_append_int_noprefix(table_data, 0, 8);
+}
+
+/* Build HMAT sub table structures */
+static void hmat_build_table_structs

[PATCH RESEND v20 0/8] Build ACPI Heterogeneous Memory Attribute Table (HMAT)

2019-12-12 Thread Tao Xu
This series of patches will build Heterogeneous Memory Attribute Table (HMAT)
according to the command line. The ACPI HMAT describes the memory attributes,
such as memory side cache attributes and bandwidth and latency details,
related to the Memory Proximity Domain.
The software is expected to use HMAT information as hint for optimization.

In the linux kernel, the codes in drivers/acpi/hmat/hmat.c parse and report
the platform's HMAT tables.

The V19 patches link:
https://patchwork.kernel.org/cover/11265525/

Changelog:
v20:
- Resend to fix the wrong target in pc_hmat_erange_cfg()
- Use g_assert_true and g_assert_false to replace g_assert
  (Thomas and Markus)
- Rename assoc as associativity, update the QAPI description (Markus)
- Disable cache level 0 in hmat-cache option (Igor)
- Keep base and bitmap unchanged when latency or bandwidth
  out of range
- Fix the broken CI case when user input latency or bandwidth
  less than required.
v19:
- Add description about the machine property 'hmat' in commit
  message (Markus)
- Update the QAPI comments
- Add a check for no memory side cache
- Add some fail cases for hmat-cache when level=0
v18:
- Defer patches 01/14~06/14 of V17, use qapi type uint64 and
  only nanosecond for latency (Markus)
- Rewrite the lines over 80 characters(Igor)
v17:
- Add check when user input latency or bandwidth 0, the
  lb_info_provided should also be 0. Because in ACPI 6.3 5.2.27.4,
  0 means the corresponding latency or bandwidth information is
  not provided.
- Fix the infinite loop when node->latency is 0.
- Use NumaHmatCacheOptions to replace HMAT_Cache_Info (Igor)
- Add check for unordered cache level input (Igor)
- Add some fail test cases (Igor)
v16:
- Add and use qemu_strtold_finite to parse size, support full
  64bit precision, modify related test cases (Eduardo and Markus)
- Simplify struct HMAT_LB_Info and related code, unify latency
  and bandwidth (Igor)
- Add cross check with hmat_lb data (Igor)
- Fields in Cache Attributes are promoted to uint32_t before
  shifting (Igor)
- Add case for QMP build HMAT (Igor)
v15:
- Add a new patch to refactor do_strtosz() (Eduardo)
- Make tests without breaking CI (Michael)
v14:
- Reuse the codes of do_strtosz to build qemu_strtotime_ns
  (Eduardo)
- Squash patch v13 01/12 and 02/12 together (Daniel and Eduardo)
- Drop time unit picosecond (Eric)
- Use qemu ctz64 and clz64 instead of builtin function
v13:
- Modify some text description
- Drop "initiator_valid" field in struct NodeInfo
- Reuse Garray to store the raw bandwidth and bandwidth data
- Calculate common base unit using range bitmap
- Add a patch to alculate hmat latency and bandwidth entry list
- Drop the total_levels option and use readable cache size
- Remove the unnecessary head file
- Use decimal notation with appropriate suffix for cache size

Liu Jingqi (5):
  numa: Extend CLI to provide memory latency and bandwidth information
  numa: Extend CLI to provide memory side cache information
  hmat acpi: Build Memory Proximity Domain Attributes Structure(s)
  hmat acpi: Build System Locality Latency and Bandwidth Information
Structure(s)
  hmat acpi: Build Memory Side Cache Information Structure(s)

Tao Xu (3):
  numa: Extend CLI to provide initiator information for numa nodes
  tests/numa: Add case for QMP build HMAT
  tests/bios-tables-test: add test cases for ACPI HMAT

 hw/acpi/Kconfig   |   7 +-
 hw/acpi/Makefile.objs |   1 +
 hw/acpi/hmat.c| 268 +++
 hw/acpi/hmat.h|  42 
 hw/core/machine.c |  64 ++
 hw/core/numa.c| 297 ++
 hw/i386/acpi-build.c  |   5 +
 include/sysemu/numa.h |  63 ++
 qapi/machine.json | 180 +++-
 qemu-options.hx   |  95 +++-
 tests/bios-tables-test-allowed-diff.h |   8 +
 tests/bios-tables-test.c  |  44 
 tests/data/acpi/pc/APIC.acpihmat  |   0
 tests/data/acpi/pc/DSDT.acpihmat  |   0
 tests/data/acpi/pc/HMAT.acpihmat  |   0
 tests/data/acpi/pc/SRAT.acpihmat  |   0
 tests/data/acpi/q35/APIC.acpihmat |   0
 tests/data/acpi/q35/DSDT.acpihmat |   0
 tests/data/acpi/q35/HMAT.acpihmat |   0
 tests/data/acpi/q35/SRAT.acpihmat |   0
 tests/numa-test.c | 213 ++
 21 files changed, 1276 insertions(+), 11 deletions(-)
 create mode 100644 hw/acpi/hmat.c
 create mode 100644 hw/acpi/hmat.h
 create mode 100644 tests/data/acpi/pc/APIC.acpihmat
 create mode 100644 tests/data/acpi/pc/DSDT.acpihmat
 create mode 100644 tests/data/acpi/pc/HMAT.acpihmat
 create mode 100644 tests/data/acpi/pc/SRAT.acpihmat
 create mode 100644 test

Re: [PATCH 05/10] arm: allwinner-h3: add System Control module

2019-12-12 Thread Philippe Mathieu-Daudé

On 12/2/19 10:09 PM, Niek Linnenbank wrote:

The Allwinner H3 System on Chip has an System Control
module that provides system wide generic controls and
device information. This commit adds support for the
Allwinner H3 System Control module.

Signed-off-by: Niek Linnenbank 
---
  hw/arm/allwinner-h3.c |  11 ++
  hw/misc/Makefile.objs |   1 +
  hw/misc/allwinner-h3-syscon.c | 139 ++
  include/hw/arm/allwinner-h3.h |   2 +
  include/hw/misc/allwinner-h3-syscon.h |  43 
  5 files changed, 196 insertions(+)
  create mode 100644 hw/misc/allwinner-h3-syscon.c
  create mode 100644 include/hw/misc/allwinner-h3-syscon.h

diff --git a/hw/arm/allwinner-h3.c b/hw/arm/allwinner-h3.c
index afeb49c0ac..ebd8fde412 100644
--- a/hw/arm/allwinner-h3.c
+++ b/hw/arm/allwinner-h3.c
@@ -41,6 +41,9 @@ static void aw_h3_init(Object *obj)
  
  sysbus_init_child_obj(obj, "ccu", &s->ccu, sizeof(s->ccu),

TYPE_AW_H3_CLK);
+
+sysbus_init_child_obj(obj, "syscon", &s->syscon, sizeof(s->syscon),
+  TYPE_AW_H3_SYSCON);
  }
  
  static void aw_h3_realize(DeviceState *dev, Error **errp)

@@ -184,6 +187,14 @@ static void aw_h3_realize(DeviceState *dev, Error **errp)
  }
  sysbus_mmio_map(SYS_BUS_DEVICE(&s->ccu), 0, AW_H3_CCU_BASE);
  
+/* System Control */

+object_property_set_bool(OBJECT(&s->syscon), true, "realized", &err);
+if (err) {
+error_propagate(errp, err);
+return;
+}
+sysbus_mmio_map(SYS_BUS_DEVICE(&s->syscon), 0, AW_H3_SYSCON_BASE);
+
  /* Universal Serial Bus */
  sysbus_create_simple(TYPE_AW_H3_EHCI, AW_H3_EHCI0_BASE,
   s->irq[AW_H3_GIC_SPI_EHCI0]);
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index 200ed44ce1..b234aefba5 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -29,6 +29,7 @@ common-obj-$(CONFIG_MACIO) += macio/
  common-obj-$(CONFIG_IVSHMEM_DEVICE) += ivshmem.o
  
  common-obj-$(CONFIG_ALLWINNER_H3) += allwinner-h3-clk.o

+common-obj-$(CONFIG_ALLWINNER_H3) += allwinner-h3-syscon.o
  common-obj-$(CONFIG_REALVIEW) += arm_sysctl.o
  common-obj-$(CONFIG_NSERIES) += cbus.o
  common-obj-$(CONFIG_ECCMEMCTL) += eccmemctl.o
diff --git a/hw/misc/allwinner-h3-syscon.c b/hw/misc/allwinner-h3-syscon.c
new file mode 100644
index 00..66bd518a05
--- /dev/null
+++ b/hw/misc/allwinner-h3-syscon.c
@@ -0,0 +1,139 @@
+/*
+ * Allwinner H3 System Control emulation
+ *
+ * Copyright (C) 2019 Niek Linnenbank 
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "hw/sysbus.h"
+#include "migration/vmstate.h"
+#include "qemu/log.h"
+#include "qemu/module.h"
+#include "hw/misc/allwinner-h3-syscon.h"
+
+/* SYSCON register offsets */
+#define REG_VER (0x24)  /* Version */
+#define REG_EMAC_PHY_CLK(0x30)  /* EMAC PHY Clock */
+#define REG_INDEX(offset)   (offset / sizeof(uint32_t))
+
+/* SYSCON register reset values */
+#define REG_VER_RST (0x0)
+#define REG_EMAC_PHY_CLK_RST(0x58000)
+
+static uint64_t allwinner_h3_syscon_read(void *opaque, hwaddr offset,
+ unsigned size)
+{
+const AwH3SysconState *s = (AwH3SysconState *)opaque;
+const uint32_t idx = REG_INDEX(offset);
+
+if (idx >= AW_H3_SYSCON_REGS_NUM) {
+qemu_log_mask(LOG_GUEST_ERROR, "%s: bad read offset 0x%04x\n",
+  __func__, (uint32_t)offset);
+return 0;
+}
+
+return s->regs[idx];
+}
+
+static void allwinner_h3_syscon_write(void *opaque, hwaddr offset,
+  uint64_t val, unsigned size)
+{
+AwH3SysconState *s = (AwH3SysconState *)opaque;
+const uint32_t idx = REG_INDEX(offset);
+
+if (idx >= AW_H3_SYSCON_REGS_NUM) {
+qemu_log_mask(LOG_GUEST_ERROR, "%s: bad write offset 0x%04x\n",
+  __func__, (uint32_t)offset);
+return;
+}
+
+switch (offset) {
+case REG_VER:   /* Version */
+break;
+default:
+s->regs[idx] = (uint32_t) val;
+break;
+}
+}
+
+static const MemoryRegionOps allwinner_h3_syscon_ops = {
+.read = allwinner_h3_syscon_read,
+.write = allwinner_h3_syscon_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
+.valid = {
+  

Re: [PATCH 03/10] arm: allwinner-h3: add Clock Control Unit

2019-12-12 Thread Philippe Mathieu-Daudé

On 12/2/19 10:09 PM, Niek Linnenbank wrote:

The Clock Control Unit is responsible for clock signal generation,
configuration and distribution in the Allwinner H3 System on Chip.
This commit adds support for the Clock Control Unit which emulates
a simple read/write register interface.

Signed-off-by: Niek Linnenbank 
---
  hw/arm/allwinner-h3.c  |  11 ++
  hw/misc/Makefile.objs  |   1 +
  hw/misc/allwinner-h3-clk.c | 227 +
  include/hw/arm/allwinner-h3.h  |   2 +
  include/hw/misc/allwinner-h3-clk.h |  41 ++
  5 files changed, 282 insertions(+)
  create mode 100644 hw/misc/allwinner-h3-clk.c
  create mode 100644 include/hw/misc/allwinner-h3-clk.h

diff --git a/hw/arm/allwinner-h3.c b/hw/arm/allwinner-h3.c
index 470fdfebef..5566e979ec 100644
--- a/hw/arm/allwinner-h3.c
+++ b/hw/arm/allwinner-h3.c
@@ -37,6 +37,9 @@ static void aw_h3_init(Object *obj)
  
  sysbus_init_child_obj(obj, "timer", &s->timer, sizeof(s->timer),

TYPE_AW_A10_PIT);
+
+sysbus_init_child_obj(obj, "ccu", &s->ccu, sizeof(s->ccu),
+  TYPE_AW_H3_CLK);
  }
  
  static void aw_h3_realize(DeviceState *dev, Error **errp)

@@ -172,6 +175,14 @@ static void aw_h3_realize(DeviceState *dev, Error **errp)
  memory_region_add_subregion(get_system_memory(), AW_H3_SRAM_C_BASE,
  &s->sram_c);
  
+/* Clock Control Unit */

+object_property_set_bool(OBJECT(&s->ccu), true, "realized", &err);
+if (err) {
+error_propagate(errp, err);
+return;
+}
+sysbus_mmio_map(SYS_BUS_DEVICE(&s->ccu), 0, AW_H3_CCU_BASE);
+
  /* UART */
  if (serial_hd(0)) {
  serial_mm_init(get_system_memory(), AW_H3_UART0_REG_BASE, 2,
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index ba898a5781..200ed44ce1 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -28,6 +28,7 @@ common-obj-$(CONFIG_MACIO) += macio/
  
  common-obj-$(CONFIG_IVSHMEM_DEVICE) += ivshmem.o
  
+common-obj-$(CONFIG_ALLWINNER_H3) += allwinner-h3-clk.o

  common-obj-$(CONFIG_REALVIEW) += arm_sysctl.o
  common-obj-$(CONFIG_NSERIES) += cbus.o
  common-obj-$(CONFIG_ECCMEMCTL) += eccmemctl.o
diff --git a/hw/misc/allwinner-h3-clk.c b/hw/misc/allwinner-h3-clk.c
new file mode 100644
index 00..77c55b4f92
--- /dev/null
+++ b/hw/misc/allwinner-h3-clk.c
@@ -0,0 +1,227 @@
+/*
+ * Allwinner H3 Clock Control Unit emulation
+ *
+ * Copyright (C) 2019 Niek Linnenbank 
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "hw/sysbus.h"
+#include "migration/vmstate.h"
+#include "qemu/log.h"
+#include "qemu/module.h"
+#include "hw/misc/allwinner-h3-clk.h"
+
+/* CCU register offsets */
+#define REG_PLL_CPUX (0x) /* PLL CPUX Control */
+#define REG_PLL_AUDIO(0x0008) /* PLL Audio Control */
+#define REG_PLL_VIDEO(0x0010) /* PLL Video Control */
+#define REG_PLL_VE   (0x0018) /* PLL VE Control */
+#define REG_PLL_DDR  (0x0020) /* PLL DDR Control */
+#define REG_PLL_PERIPH0  (0x0028) /* PLL Peripherals 0 Control */
+#define REG_PLL_GPU  (0x0038) /* PLL GPU Control */
+#define REG_PLL_PERIPH1  (0x0044) /* PLL Peripherals 1 Control */
+#define REG_PLL_DE   (0x0048) /* PLL Display Engine Control */
+#define REG_CPUX_AXI (0x0050) /* CPUX/AXI Configuration */
+#define REG_APB1 (0x0054) /* ARM Peripheral Bus 1 Config */
+#define REG_APB2 (0x0058) /* ARM Peripheral Bus 2 Config */
+#define REG_MBUS (0x00FC) /* MBUS Reset */
+#define REG_PLL_TIME0(0x0200) /* PLL Stable Time 0 */
+#define REG_PLL_TIME1(0x0204) /* PLL Stable Time 1 */
+#define REG_PLL_CPUX_BIAS(0x0220) /* PLL CPUX Bias */
+#define REG_PLL_AUDIO_BIAS   (0x0224) /* PLL Audio Bias */
+#define REG_PLL_VIDEO_BIAS   (0x0228) /* PLL Video Bias */
+#define REG_PLL_VE_BIAS  (0x022C) /* PLL VE Bias */
+#define REG_PLL_DDR_BIAS (0x0230) /* PLL DDR Bias */
+#define REG_PLL_PERIPH0_BIAS (0x0234) /* PLL Peripherals 0 Bias */
+#define REG_PLL_GPU_BIAS (0x023C) /* PLL GPU Bias */
+#define REG_PLL_PERIPH1_BIAS (0x0244) /* PLL Peripherals 1 Bias */
+#define REG_PLL_DE_BIAS  (0x0248

Re: [PATCH 09/10] arm: allwinner-h3: add SD/MMC host controller

2019-12-12 Thread Philippe Mathieu-Daudé

Hi Niek,

On 12/11/19 11:34 PM, Niek Linnenbank wrote:

Ping!

Anyone would like to comment on this driver?

I finished the rework on all previous comments in this series.

Currently debugging the hflags error reported by Philippe.
After that, I'm ready to send out v2 of these patches.

Regards,
Niek

On Mon, Dec 2, 2019 at 10:10 PM Niek Linnenbank 
mailto:nieklinnenb...@gmail.com>> wrote:


The Allwinner H3 System on Chip contains an integrated storage
controller for Secure Digital (SD) and Multi Media Card (MMC)
interfaces. This commit adds support for the Allwinner H3
SD/MMC storage controller with the following emulated features:

  * DMA transfers
  * Direct FIFO I/O
  * Short/Long format command responses
  * Auto-Stop command (CMD12)
  * Insert & remove card detection

Signed-off-by: Niek Linnenbank mailto:nieklinnenb...@gmail.com>>
---
  hw/arm/allwinner-h3.c               |  20 +
  hw/arm/orangepi.c                   |  17 +
  hw/sd/Makefile.objs                 |   1 +
  hw/sd/allwinner-h3-sdhost.c         | 791 
  hw/sd/trace-events                  |   7 +
  include/hw/arm/allwinner-h3.h       |   2 +
  include/hw/sd/allwinner-h3-sdhost.h |  73 +++
  7 files changed, 911 insertions(+)
  create mode 100644 hw/sd/allwinner-h3-sdhost.c
  create mode 100644 include/hw/sd/allwinner-h3-sdhost.h

diff --git a/hw/arm/allwinner-h3.c b/hw/arm/allwinner-h3.c
index 4fc4c8c725..c2972caf88 100644
--- a/hw/arm/allwinner-h3.c
+++ b/hw/arm/allwinner-h3.c
@@ -50,6 +50,9 @@ static void aw_h3_init(Object *obj)

      sysbus_init_child_obj(obj, "sid", &s->sid, sizeof(s->sid),
                            TYPE_AW_H3_SID);
+
+    sysbus_init_child_obj(obj, "mmc0", &s->mmc0, sizeof(s->mmc0),
+                          TYPE_AW_H3_SDHOST);
  }

  static void aw_h3_realize(DeviceState *dev, Error **errp)
@@ -217,6 +220,23 @@ static void aw_h3_realize(DeviceState *dev,
Error **errp)
      }
      sysbus_mmio_map(SYS_BUS_DEVICE(&s->sid), 0, AW_H3_SID_BASE);

+    /* SD/MMC */
+    object_property_set_bool(OBJECT(&s->mmc0), true, "realized", &err);
+    if (err != NULL) {
+        error_propagate(errp, err);
+        return;
+    }
+    sysbusdev = SYS_BUS_DEVICE(&s->mmc0);
+    sysbus_mmio_map(sysbusdev, 0, AW_H3_MMC0_BASE);
+    sysbus_connect_irq(sysbusdev, 0, s->irq[AW_H3_GIC_SPI_MMC0]);
+
+    object_property_add_alias(OBJECT(s), "sd-bus", OBJECT(&s->mmc0),
+                              "sd-bus", &err);
+    if (err) {
+        error_propagate(errp, err);
+        return;
+    }
+
      /* Universal Serial Bus */
      sysbus_create_simple(TYPE_AW_H3_EHCI, AW_H3_EHCI0_BASE,
                           s->irq[AW_H3_GIC_SPI_EHCI0]);
diff --git a/hw/arm/orangepi.c b/hw/arm/orangepi.c
index 5ef2735f81..dee3efaf08 100644
--- a/hw/arm/orangepi.c
+++ b/hw/arm/orangepi.c
@@ -39,6 +39,10 @@ typedef struct OrangePiState {
  static void orangepi_init(MachineState *machine)
  {
      OrangePiState *s = g_new(OrangePiState, 1);
+    DriveInfo *di;
+    BlockBackend *blk;
+    BusState *bus;
+    DeviceState *carddev;
      Error *err = NULL;

      s->h3 = AW_H3(object_new(TYPE_AW_H3));
@@ -64,6 +68,18 @@ static void orangepi_init(MachineState *machine)
          exit(1);
      }

+    /* Create and plug in the SD card */
+    di = drive_get_next(IF_SD);
+    blk = di ? blk_by_legacy_dinfo(di) : NULL;
+    bus = qdev_get_child_bus(DEVICE(s->h3), "sd-bus");
+    if (bus == NULL) {
+        error_report("No SD/MMC found in H3 object");
+        exit(1);
+    }


Your device always creates a bus, so I don't think the if(bus) check is 
worthwhile. Eventually use an assert(bus)?



+    carddev = qdev_create(bus, TYPE_SD_CARD);
+    qdev_prop_set_drive(carddev, "drive", blk, &error_fatal);
+    object_property_set_bool(OBJECT(carddev), true, "realized",
&error_fatal);
+
      /* RAM */
      memory_region_allocate_system_memory(&s->sdram, NULL,
"orangepi.ram",
                                           machine->ram_size);
@@ -80,6 +96,7 @@ static void orangepi_machine_init(MachineClass *mc)
  {
      mc->desc = "Orange Pi PC";
      mc->init = orangepi_init;
+    mc->block_default_type = IF_SD;
      mc->units_per_default_bus = 1;
      mc->min_cpus = AW_H3_NUM_CPUS;
      mc->max_cpus = AW_H3_NUM_CPUS;
diff --git a/hw/sd/Makefile.objs b/hw/sd/Makefile.objs
index a884c238df..e7cc5ab739 100644
--- a/hw/sd/Makefile.objs
+++ b/hw/sd/Makefile.objs
@@ -4,6 +4,7 @@ common-obj-$(CONFIG_SD) += sd.o core.o sdmmc-internal.o
  common-obj-$(CONFIG_SDHCI) += sdhci.o
  common-obj-$(CONFIG_SDHCI_PCI) += sdhc

[ANNOUNCE] QEMU 4.2.0 is now available

2019-12-12 Thread Michael Roth
Hello,

On behalf of the QEMU Team, I'd like to announce the availability of
the QEMU 4.2.0 release. This release contains 2200+ commits from 198
authors.

You can grab the tarball from our download page here:

  https://www.qemu.org/download/#source

The full list of changes are available at:

  https://wiki.qemu.org/ChangeLog/4.2

Highlights include:

 * TCG plugin support for passive monitoring of instructions and memory accesses
 * block: NBD block driver now supports more efficient handling of copy-on-read
   requests
 * block: NBD server optimizations for copying of sparse images, and general
   fixes/improvements for NBD server/client implementations
 * block/crypto: improved performance for AES-XTS encryption for LUKS disk
   encryption
 * vfio-pci support for "failover_pair_id" property for easier migration of
   VFIO devices
 * virtio-mmio now supports virtio-compatible v2 personality and virtio 1.1
   support for packed virtqueues

 * 68k: new "next-cube" machine for emulating a classic NeXTcube
 * 68k: new "q800" machine for emulating Macintosh Quadro 800
 * ARM: new "ast2600-evb" machine for  emulating Aspeed AST2600 SoC
 * ARM: semihosting v2.0 support with STDOUT_STDERR/EXIT_EXTENDED extentions
 * ARM: KVM support for more than 256 CPUs
 * ARM: "virt" machine now supports memory hotplugging
 * ARM: improved TCG emulation performance
 * ARM: KVM support for SVE SIMD instructions on SVE-capable hardware
 * PowerPC: emulation support for mffsce, mffscrn, and mffscrni POWER9
   instructions
 * PowerPC: "powernv" machine now supports Homer and OCC SRAM system devices
 * RISC-V: "-initrd" argument now supported
 * RISC-V: debugger can now see all architectural state
 * s390: emulation support for IEP (Instruction Execution Protection)
 * SPARC: "sun4u" IOMMU now supports "invert endianness" bit
 * x86: VMX features can be enabled/disabled via "-cpu" flags
 * x86: new "microvm" machine that uses virtio-mmio instead of PCI for use as
   baseline for performance optimizations
 * x86: emulation support for AVX512 BFloat16 extensions
 * x86: new CPU models for Denverton (server-class Atom-based SoC), Snowridge,
   and Dhyana
 * x86: macOS Hypervisor.framework support ("-accel hvf") now considered stable
 * xtensa: new "virt" machine type
 * xtensa: call0 ABI support for user-mode emulation

 * and lots more...

Thank you to everyone involved!




Re: [PATCH 00/10] Add Allwinner H3 SoC and Orange Pi PC Machine

2019-12-12 Thread Philippe Mathieu-Daudé

Cc'ing Alex.

On 12/13/19 12:07 AM, Niek Linnenbank wrote:

Hi Philippe,

I have discovered that the hflags assertion error you reported is not 
caused by the Allwinner H3
patches but actually an existing problem. What I did is to use the 
latest master (v4.2.0 tag) without any patches applied.
and tried to boot the raspi2 machine with and without debugging enabled. 
Without debuggin, the raspi2
machine runs fine and can boot the 5.4.2 linux kernel. With debugging 
enabled, the same hflags error shows.


This might be the same bug I hit last week... Alex suggested a patch:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg664500.html

Do you mind to try it?

If it still fails, you might also add this one on top:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg663843.html
and report the error.



To reproduce it, build Linux 5.4.2 with the bmc2835_defconfig:

$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make bcm2835_defconfig
$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
...

First build QEMU without debugging and try to boot linux:
$ ./configure --target-list=arm-softmmu; make clean; make -j5
$ ./arm-softmmu/qemu-system-arm -M raspi2 \
   -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
   -append 'console=ttyAMA0,115200 earlyprintk debug' \
   -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
   -m 1024 -nographic -s
[0.00] Booting Linux on physical CPU 0x0
[0.00] Linux version 5.4.2 (me@host) (gcc version 7.4.0 (Ubuntu/Linaro 
7.4.0-1ubuntu1~18.04.1)) #1 Thu Dec 12 22:49:14 CET 2019
[0.00] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c53c7d
...

Then rebuild QEMU with debugging enabled and again try to boot linux:
$ ./configure --target-list=arm-softmmu --enable-debug --extra-cflags=-ggdb; 
make clean; make -j5
$ ./arm-softmmu/qemu-system-arm -M raspi2 \
   -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
   -append 'console=ttyAMA0,115200 earlyprintk debug' \
   -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
   -m 1024 -nographic -s
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359: cpu_get_tb_cpu_state: 
Assertion `flags == rebuild_hflags_internal(env)' failed.
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359: cpu_get_tb_cpu_state: 
Assertion `flags == rebuild_hflags_internal(env)' failed.
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359: cpu_get_tb_cpu_state: 
Assertion `flags == rebuild_hflags_internal(env)' failed.
Aborted (core dumped)

$ git describe
v4.2.0


What should be the next step? Should this be reported as a bug?


In this case we might already have the fix, but if Alex patch doesn't 
help, you are always welcome to open a bug report:

https://bugs.launchpad.net/qemu/+filebug
This help to have notes/progress gathered.

On Tue, Dec 10, 2019 at 9:12 PM Niek Linnenbank 
mailto:nieklinnenb...@gmail.com>> wrote:


Hi Philippe,

On Tue, Dec 10, 2019 at 9:26 AM Philippe Mathieu-Daudé
mailto:phi...@redhat.com>> wrote:

On 12/9/19 10:37 PM, Niek Linnenbank wrote:
 > Hi Philippe,
 >
 > On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé
mailto:phi...@redhat.com>
 > >> wrote:
 >
 >     On 12/2/19 10:09 PM, Niek Linnenbank wrote:
 >      > Dear QEMU developers,
 >      >
 >      > Hereby I would like to contribute the following set of
patches to
 >     QEMU
 >      > which add support for the Allwinner H3 System on Chip
and the
 >      > Orange Pi PC machine. The following features and
devices are
 >     supported:
 >      >
 >      >   * SMP (Quad Core Cortex A7)
 >      >   * Generic Interrupt Controller configuration
 >      >   * SRAM mappings
 >      >   * Timer device (re-used from Allwinner A10)
 >      >   * UART
 >      >   * SD/MMC storage controller
 >      >   * EMAC ethernet connectivity
 >      >   * USB 2.0 interfaces
 >      >   * Clock Control Unit
 >      >   * System Control module
 >      >   * Security Identifier device
 >
 >     Awesome!
 >
 >      > Functionality related to graphical output such as
HDMI, GPU,
 >      > Display Engine and audio are not included. Recently
released
 >      > mainline Linux kernels (4.19 up to latest master) and
mainline U-Boot
 >      > are known to work. The SD/MMC code is tested using
bonnie++ and
 >      > various tools such as fsck, dd and fdisk. The EMAC is
verified
 >     with iperf3
 >      > using -netdev socket.
 >      >
 >      > To build a Linux mainline kernel that can be booted by
the Orange
 >     Pi PC
 >      > ma

[PATCH 2/2] target/xtensa: use MPU background map from core configuration

2019-12-12 Thread Max Filippov
Configuration overlay may define MPU background map. Import
core-matmap.h from the overlay and use XCHAL_MPU_BACKGROUND_MAP macro
if it's defined.

Signed-off-by: Max Filippov 
---
 target/xtensa/import_core.sh |  4 +++-
 target/xtensa/overlay_tool.h | 15 ++-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/target/xtensa/import_core.sh b/target/xtensa/import_core.sh
index 97c3219debf0..8f844cf9e2a6 100755
--- a/target/xtensa/import_core.sh
+++ b/target/xtensa/import_core.sh
@@ -20,7 +20,8 @@ exit
 [ $# -ge 3 ] && FREQ="$3"
 mkdir -p "$TARGET"
 tar -xf "$OVERLAY" -C "$TARGET" --strip-components=2 \
-xtensa/config/core-isa.h
+xtensa/config/core-isa.h \
+xtensa/config/core-matmap.h
 tar -xf "$OVERLAY" -O gdb/xtensa-config.c | \
 sed -n '1,/*\//p;/XTREG/,/XTREG_END/p' > "$TARGET"/gdb-config.inc.c
 #
@@ -44,6 +45,7 @@ cat < "${TARGET}.c"
 #include "qemu/host-utils.h"
 
 #include "core-$NAME/core-isa.h"
+#include "core-$NAME/core-matmap.h"
 #include "overlay_tool.h"
 
 #define xtensa_modules xtensa_modules_$NAME
diff --git a/target/xtensa/overlay_tool.h b/target/xtensa/overlay_tool.h
index f0cc33adfe05..cab532095c9e 100644
--- a/target/xtensa/overlay_tool.h
+++ b/target/xtensa/overlay_tool.h
@@ -373,15 +373,28 @@
 #elif XCHAL_HAVE_MPU
 
 #ifndef XTENSA_MPU_BG_MAP
+#ifdef XCHAL_MPU_BACKGROUND_MAP
+#define XCHAL_MPU_BGMAP(s, vaddr_start, vaddr_last, rights, memtype, x...) \
+{ .vaddr = (vaddr_start), .attr = ((rights) << 8) | ((memtype) << 12), },
+
+#define XTENSA_MPU_BG_MAP (xtensa_mpu_entry []){\
+XCHAL_MPU_BACKGROUND_MAP(0) \
+}
+
+#define XTENSA_MPU_BG_MAP_ENTRIES XCHAL_MPU_BACKGROUND_ENTRIES
+#else
 #define XTENSA_MPU_BG_MAP (xtensa_mpu_entry []){\
 { .vaddr = 0, .attr = 0x6700, }, \
 }
+
+#define XTENSA_MPU_BG_MAP_ENTRIES 1
+#endif
 #endif
 
 #define TLB_SECTION \
 .mpu_align = XCHAL_MPU_ALIGN, \
 .n_mpu_fg_segments = XCHAL_MPU_ENTRIES, \
-.n_mpu_bg_segments = 1, \
+.n_mpu_bg_segments = XTENSA_MPU_BG_MAP_ENTRIES, \
 .mpu_bg = XTENSA_MPU_BG_MAP
 
 #ifndef XCHAL_SYSROM0_PADDR
-- 
2.20.1




[PATCH 0/2] target/xtensa: use background MPU map from overlay

2019-12-12 Thread Max Filippov
Hello,

this series changes target/xtensa/import_core.sh script to import one
more header from the configuration overlay: the one with default address
space map for the core and uses information in this header to generate
background MPU map.

Max Filippov (2):
  target/xtensa: import xtensa/config/core-isa.h
  target/xtensa: use MPU background map from core configuration

 target/xtensa/import_core.sh |  6 --
 target/xtensa/overlay_tool.h | 15 ++-
 2 files changed, 18 insertions(+), 3 deletions(-)

-- 
2.20.1




[PATCH 1/2] target/xtensa: import xtensa/config/core-isa.h

2019-12-12 Thread Max Filippov
Import core-isa.h from its canonical place in the configuration overlay.
Drop --xform option from the tar command line.

Signed-off-by: Max Filippov 
---
 target/xtensa/import_core.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target/xtensa/import_core.sh b/target/xtensa/import_core.sh
index e4a2e39f6353..97c3219debf0 100755
--- a/target/xtensa/import_core.sh
+++ b/target/xtensa/import_core.sh
@@ -19,8 +19,8 @@ exit
 
 [ $# -ge 3 ] && FREQ="$3"
 mkdir -p "$TARGET"
-tar -xf "$OVERLAY" -C "$TARGET" --strip-components=1 \
---xform='s/core/core-isa/' config/core.h
+tar -xf "$OVERLAY" -C "$TARGET" --strip-components=2 \
+xtensa/config/core-isa.h
 tar -xf "$OVERLAY" -O gdb/xtensa-config.c | \
 sed -n '1,/*\//p;/XTREG/,/XTREG_END/p' > "$TARGET"/gdb-config.inc.c
 #
-- 
2.20.1




[PATCH] target/xtensa: fix ps.ring use in MPU configs

2019-12-12 Thread Max Filippov
Allow ps.ring modification by wsr.ps/xsr.ps and use ps.ring value in
xtensa_get_[c]ring on configurations with MPU.

Signed-off-by: Max Filippov 
---
 target/xtensa/cpu.h   | 10 +++---
 target/xtensa/translate.c |  3 ++-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/target/xtensa/cpu.h b/target/xtensa/cpu.h
index b363ffcf1066..75e65df59704 100644
--- a/target/xtensa/cpu.h
+++ b/target/xtensa/cpu.h
@@ -645,7 +645,9 @@ static inline int xtensa_get_cintlevel(const CPUXtensaState 
*env)
 
 static inline int xtensa_get_ring(const CPUXtensaState *env)
 {
-if (xtensa_option_enabled(env->config, XTENSA_OPTION_MMU)) {
+if (xtensa_option_bits_enabled(env->config,
+   XTENSA_OPTION_BIT(XTENSA_OPTION_MMU) |
+   XTENSA_OPTION_BIT(XTENSA_OPTION_MPU))) {
 return (env->sregs[PS] & PS_RING) >> PS_RING_SHIFT;
 } else {
 return 0;
@@ -654,8 +656,10 @@ static inline int xtensa_get_ring(const CPUXtensaState 
*env)
 
 static inline int xtensa_get_cring(const CPUXtensaState *env)
 {
-if (xtensa_option_enabled(env->config, XTENSA_OPTION_MMU) &&
-(env->sregs[PS] & PS_EXCM) == 0) {
+if (xtensa_option_bits_enabled(env->config,
+   XTENSA_OPTION_BIT(XTENSA_OPTION_MMU) |
+   XTENSA_OPTION_BIT(XTENSA_OPTION_MPU)) &&
+(env->sregs[PS] & PS_EXCM) == 0) {
 return (env->sregs[PS] & PS_RING) >> PS_RING_SHIFT;
 } else {
 return 0;
diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c
index 4a14fdb3f1db..159bbd404885 100644
--- a/target/xtensa/translate.c
+++ b/target/xtensa/translate.c
@@ -2713,7 +2713,8 @@ static void translate_wsr_ps(DisasContext *dc, const 
OpcodeArg arg[],
 uint32_t mask = PS_WOE | PS_CALLINC | PS_OWB |
 PS_UM | PS_EXCM | PS_INTLEVEL;
 
-if (option_enabled(dc, XTENSA_OPTION_MMU)) {
+if (option_enabled(dc, XTENSA_OPTION_MMU) ||
+option_enabled(dc, XTENSA_OPTION_MPU)) {
 mask |= PS_RING;
 }
 tcg_gen_andi_i32(cpu_SR[par[0]], arg[0].in, mask);
-- 
2.20.1




Re: [PATCH 00/10] Add Allwinner H3 SoC and Orange Pi PC Machine

2019-12-12 Thread Niek Linnenbank
Hi Philippe,

I have discovered that the hflags assertion error you reported is not
caused by the Allwinner H3
patches but actually an existing problem. What I did is to use the latest
master (v4.2.0 tag) without any patches applied.
and tried to boot the raspi2 machine with and without debugging enabled.
Without debuggin, the raspi2
machine runs fine and can boot the 5.4.2 linux kernel. With debugging
enabled, the same hflags error shows.

To reproduce it, build Linux 5.4.2 with the bmc2835_defconfig:

$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make bcm2835_defconfig
$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
...
First build QEMU without debugging and try to boot linux:
$ ./configure --target-list=arm-softmmu; make clean; make -j5
$ ./arm-softmmu/qemu-system-arm -M raspi2 \
  -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
  -append 'console=ttyAMA0,115200 earlyprintk debug' \
  -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
  -m 1024 -nographic -s
[0.00] Booting Linux on physical CPU 0x0
[0.00] Linux version 5.4.2 (me@host) (gcc version 7.4.0
(Ubuntu/Linaro 7.4.0-1ubuntu1~18.04.1)) #1 Thu Dec 12 22:49:14 CET
2019
[0.00] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c53c7d
...
Then rebuild QEMU with debugging enabled and again try to boot linux:
$ ./configure --target-list=arm-softmmu --enable-debug
--extra-cflags=-ggdb; make clean; make -j5
$ ./arm-softmmu/qemu-system-arm -M raspi2 \
  -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
  -append 'console=ttyAMA0,115200 earlyprintk debug' \
  -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
  -m 1024 -nographic -s
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
cpu_get_tb_cpu_state: Assertion `flags ==
rebuild_hflags_internal(env)' failed.
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
cpu_get_tb_cpu_state: Assertion `flags ==
rebuild_hflags_internal(env)' failed.
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
cpu_get_tb_cpu_state: Assertion `flags ==
rebuild_hflags_internal(env)' failed.
Aborted (core dumped)

$ git describe
v4.2.0


What should be the next step? Should this be reported as a bug?

Regards,
Niek

On Tue, Dec 10, 2019 at 9:12 PM Niek Linnenbank 
wrote:

> Hi Philippe,
>
> On Tue, Dec 10, 2019 at 9:26 AM Philippe Mathieu-Daudé 
> wrote:
>
>> On 12/9/19 10:37 PM, Niek Linnenbank wrote:
>> > Hi Philippe,
>> >
>> > On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé <
>> phi...@redhat.com
>> > > wrote:
>> >
>> > On 12/2/19 10:09 PM, Niek Linnenbank wrote:
>> >  > Dear QEMU developers,
>> >  >
>> >  > Hereby I would like to contribute the following set of patches to
>> > QEMU
>> >  > which add support for the Allwinner H3 System on Chip and the
>> >  > Orange Pi PC machine. The following features and devices are
>> > supported:
>> >  >
>> >  >   * SMP (Quad Core Cortex A7)
>> >  >   * Generic Interrupt Controller configuration
>> >  >   * SRAM mappings
>> >  >   * Timer device (re-used from Allwinner A10)
>> >  >   * UART
>> >  >   * SD/MMC storage controller
>> >  >   * EMAC ethernet connectivity
>> >  >   * USB 2.0 interfaces
>> >  >   * Clock Control Unit
>> >  >   * System Control module
>> >  >   * Security Identifier device
>> >
>> > Awesome!
>> >
>> >  > Functionality related to graphical output such as HDMI, GPU,
>> >  > Display Engine and audio are not included. Recently released
>> >  > mainline Linux kernels (4.19 up to latest master) and mainline
>> U-Boot
>> >  > are known to work. The SD/MMC code is tested using bonnie++ and
>> >  > various tools such as fsck, dd and fdisk. The EMAC is verified
>> > with iperf3
>> >  > using -netdev socket.
>> >  >
>> >  > To build a Linux mainline kernel that can be booted by the Orange
>> > Pi PC
>> >  > machine, simply configure the kernel using the sunxi_defconfig
>> > configuration:
>> >  >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
>> >  >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make
>> sunxi_defconfig
>> >  >
>> >  > To be able to use USB storage, you need to manually enable the
>> > corresponding
>> >  > configuration item. Start the kconfig configuration tool:
>> >  >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
>> >  >
>> >  > Navigate to the following item, enable it and save your
>> > configuration:
>> >  >   Device Drivers > USB support > USB Mass Storage support
>> >  >
>> >  > Build the Linux kernel with:
>> >  >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
>> >  >
>> >  > To boot the newly build linux kernel in QEMU with the Orange Pi
>> > PC machine, use:
>> >  >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>> >  >   

[PULL 5/5] virtfs: Remove the deprecated "-virtfs_synth" option

2019-12-12 Thread Greg Kurz
From: Thomas Huth 

It's been marked as deprecated since QEMU v4.1, time to remove it now.

Signed-off-by: Thomas Huth 
Signed-off-by: Greg Kurz 
---
 qemu-deprecated.texi |  5 -
 qemu-options.hx  | 10 --
 vl.c | 23 ---
 3 files changed, 38 deletions(-)

diff --git a/qemu-deprecated.texi b/qemu-deprecated.texi
index 4b4b7425ac1e..8471eef9c22d 100644
--- a/qemu-deprecated.texi
+++ b/qemu-deprecated.texi
@@ -89,11 +89,6 @@ error in the future.
 The @code{-realtime mlock=on|off} argument has been replaced by the
 @code{-overcommit mem-lock=on|off} argument.
 
-@subsection -virtfs_synth (since 4.1)
-
-The ``-virtfs_synth'' argument is now deprecated. Please use ``-fsdev synth''
-and ``-device virtio-9p-...'' instead.
-
 @subsection -numa node,mem=@var{size} (since 4.1)
 
 The parameter @option{mem} of @option{-numa node} is used to assign a part of
diff --git a/qemu-options.hx b/qemu-options.hx
index 65c9473b7325..4cf7751adeba 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1468,16 +1468,6 @@ would still return entries from other devices).
 @end table
 ETEXI
 
-DEF("virtfs_synth", 0, QEMU_OPTION_virtfs_synth,
-"-virtfs_synth Create synthetic file system image\n",
-QEMU_ARCH_ALL)
-STEXI
-@item -virtfs_synth
-@findex -virtfs_synth
-Create synthetic file system image. Note that this option is now deprecated.
-Please use @code{-fsdev synth} and @code{-device virtio-9p-...} instead.
-ETEXI
-
 DEF("iscsi", HAS_ARG, QEMU_OPTION_iscsi,
 "-iscsi [user=user][,password=password]\n"
 "   [,header-digest=CRC32C|CR32C-NONE|NONE-CRC32C|NONE\n"
diff --git a/vl.c b/vl.c
index 6a65a64bfd64..c0904b365b55 100644
--- a/vl.c
+++ b/vl.c
@@ -3374,29 +3374,6 @@ int main(int argc, char **argv, char **envp)
  qemu_opt_get(opts, "mount_tag"), &error_abort);
 break;
 }
-case QEMU_OPTION_virtfs_synth: {
-QemuOpts *fsdev;
-QemuOpts *device;
-
-warn_report("'-virtfs_synth' is deprecated, please use "
- "'-fsdev synth' and '-device virtio-9p-...' "
-"instead");
-
-fsdev = qemu_opts_create(qemu_find_opts("fsdev"), "v_synth",
- 1, NULL);
-if (!fsdev) {
-error_report("duplicate option: %s", "virtfs_synth");
-exit(1);
-}
-qemu_opt_set(fsdev, "fsdriver", "synth", &error_abort);
-
-device = qemu_opts_create(qemu_find_opts("device"), NULL, 0,
-  &error_abort);
-qemu_opt_set(device, "driver", "virtio-9p-pci", &error_abort);
-qemu_opt_set(device, "fsdev", "v_synth", &error_abort);
-qemu_opt_set(device, "mount_tag", "v_synth", &error_abort);
-break;
-}
 case QEMU_OPTION_serial:
 add_device_config(DEV_SERIAL, optarg);
 default_serial = 0;
-- 
2.21.0




[PULL 2/5] docker: remove libcap development packages

2019-12-12 Thread Greg Kurz
From: Paolo Bonzini 

Libcap was dropped from virtio-9p (commit 7e46261368d1), so remove it from
the dockerfiles as well.

Signed-off-by: Paolo Bonzini 
Acked-by: Alex Bennée 
[groug, mention SHA1 that dropped libcap]
Signed-off-by: Greg Kurz 
---
 tests/docker/dockerfiles/fedora.docker | 1 -
 tests/docker/dockerfiles/ubuntu.docker | 1 -
 tests/docker/dockerfiles/ubuntu1804.docker | 1 -
 3 files changed, 3 deletions(-)

diff --git a/tests/docker/dockerfiles/fedora.docker 
b/tests/docker/dockerfiles/fedora.docker
index 4ddc7dd112a2..47732fc5d565 100644
--- a/tests/docker/dockerfiles/fedora.docker
+++ b/tests/docker/dockerfiles/fedora.docker
@@ -25,7 +25,6 @@ ENV PACKAGES \
 libasan \
 libattr-devel \
 libblockdev-mpath-devel \
-libcap-devel \
 libcap-ng-devel \
 libcurl-devel \
 libfdt-devel \
diff --git a/tests/docker/dockerfiles/ubuntu.docker 
b/tests/docker/dockerfiles/ubuntu.docker
index f4864922240b..ecea155646ea 100644
--- a/tests/docker/dockerfiles/ubuntu.docker
+++ b/tests/docker/dockerfiles/ubuntu.docker
@@ -23,7 +23,6 @@ ENV PACKAGES flex bison \
 libbrlapi-dev \
 libbz2-dev \
 libcacard-dev \
-libcap-dev \
 libcap-ng-dev \
 libcurl4-gnutls-dev \
 libdrm-dev \
diff --git a/tests/docker/dockerfiles/ubuntu1804.docker 
b/tests/docker/dockerfiles/ubuntu1804.docker
index 3cc4f492c4a7..32a607471a0c 100644
--- a/tests/docker/dockerfiles/ubuntu1804.docker
+++ b/tests/docker/dockerfiles/ubuntu1804.docker
@@ -12,7 +12,6 @@ ENV PACKAGES flex bison \
 libbrlapi-dev \
 libbz2-dev \
 libcacard-dev \
-libcap-dev \
 libcap-ng-dev \
 libcurl4-gnutls-dev \
 libdrm-dev \
-- 
2.21.0




[PULL 3/5] ci: Use libcap-ng

2019-12-12 Thread Greg Kurz
From: "Dr. David Alan Gilbert" 

We currently enable libcap-dev in build-clang to pick up the 9p proxy
helper.  Paolo's patch changes (commit 7e46261368d1) that to use
libcap-ng, so switch to using it.  This also means we'll be testing the
scsi pr manager and the bridge helper.

Signed-off-by: Dr. David Alan Gilbert 
Acked-by: Thomas Huth 
Reviewed-by: Daniel P. Berrangé 
Reviewed-by: Philippe Mathieu-Daudé 
[groug, mention SHA1 that dropped libcap]
Signed-off-by: Greg Kurz 
---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index be57c6a454a5..62a96097983d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -59,7 +59,7 @@ build-user:
 
 build-clang:
  script:
- - apt-get install -y -qq clang libsdl2-dev libattr1-dev libcap-dev
+ - apt-get install -y -qq clang libsdl2-dev libattr1-dev libcap-ng-dev
   xfslibs-dev libiscsi-dev libnfs-dev libseccomp-dev gnutls-dev librbd-dev
  - ./configure --cc=clang --cxx=clang++ --enable-werror
   --target-list="alpha-softmmu arm-softmmu m68k-softmmu mips64-softmmu
-- 
2.21.0




[PULL 4/5] travis.yml: Drop libcap-dev

2019-12-12 Thread Greg Kurz
Commit 7e46261368d1 converted virtfs-proxy-helper to using libcap-ng. There
aren't any users of libcap anymore. No need to install libcap-dev.

Signed-off-by: Greg Kurz 
Reviewed-by: Thomas Huth 
Reviewed-by: Philippe Mathieu-Daudé 
Acked-by: Alex Bennée 
---
 .travis.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 445b0646c18a..6cb8af6fa599 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -26,7 +26,6 @@ addons:
   - libaio-dev
   - libattr1-dev
   - libbrlapi-dev
-  - libcap-dev
   - libcap-ng-dev
   - libgcc-4.8-dev
   - libgnutls28-dev
-- 
2.21.0




[PULL 1/5] virtfs-proxy-helper: switch from libcap to libcap-ng

2019-12-12 Thread Greg Kurz
From: Paolo Bonzini 

virtfs-proxy-helper is the only user of libcap; everyone else is using
the simpler libcap-ng API.  Switch and remove the configure code to
detect libcap.

Signed-off-by: Paolo Bonzini 
Reviewed-by: Daniel P. Berrangé 
Reviewed-by: Greg Kurz 
[groug: - drop remaining -lcap from Makefile
- fix error message in configure]
Signed-off-by: Greg Kurz 
---
 Makefile|   1 -
 configure   |  20 +---
 fsdev/virtfs-proxy-helper.c | 100 
 3 files changed, 47 insertions(+), 74 deletions(-)

diff --git a/Makefile b/Makefile
index b437a346d71a..1361def1441c 100644
--- a/Makefile
+++ b/Makefile
@@ -575,7 +575,6 @@ qemu-keymap$(EXESUF): qemu-keymap.o ui/input-keymap.o 
$(COMMON_LDADDS)
 qemu-edid$(EXESUF): qemu-edid.o hw/display/edid-generate.o $(COMMON_LDADDS)
 
 fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o 
fsdev/9p-marshal.o fsdev/9p-iov-marshal.o $(COMMON_LDADDS)
-fsdev/virtfs-proxy-helper$(EXESUF): LIBS += -lcap
 
 scsi/qemu-pr-helper$(EXESUF): scsi/qemu-pr-helper.o scsi/utils.o 
$(authz-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS)
 ifdef CONFIG_MPATH
diff --git a/configure b/configure
index 6099be1d848c..2c72e04d23f3 100755
--- a/configure
+++ b/configure
@@ -3863,22 +3863,6 @@ else
   mpathpersist=no
 fi
 
-##
-# libcap probe
-
-if test "$cap" != "no" ; then
-  cat > $TMPC <
-#include 
-int main(void) { cap_t caps; caps = cap_init(); return caps != NULL; }
-EOF
-  if compile_prog "" "-lcap" ; then
-cap=yes
-  else
-cap=no
-  fi
-fi
-
 ##
 # pthread probe
 PTHREADLIBS_LIST="-pthread -lpthread -lpthreadGC2"
@@ -6204,12 +6188,12 @@ if test "$want_tools" = "yes" ; then
 fi
 if test "$softmmu" = yes ; then
   if test "$linux" = yes; then
-if test "$virtfs" != no && test "$cap" = yes && test "$attr" = yes ; then
+if test "$virtfs" != no && test "$cap_ng" = yes && test "$attr" = yes ; 
then
   virtfs=yes
   tools="$tools fsdev/virtfs-proxy-helper\$(EXESUF)"
 else
   if test "$virtfs" = yes; then
-error_exit "VirtFS requires libcap devel and libattr devel"
+error_exit "VirtFS requires libcap-ng devel and libattr devel"
   fi
   virtfs=no
 fi
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index 6f132c5ff15a..0d4de49dcf75 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -13,7 +13,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -21,6 +20,7 @@
 #ifdef CONFIG_LINUX_MAGIC_H
 #include 
 #endif
+#include 
 #include "qemu-common.h"
 #include "qemu/sockets.h"
 #include "qemu/xattr.h"
@@ -79,49 +79,10 @@ static void do_perror(const char *string)
 }
 }
 
-static int do_cap_set(cap_value_t *cap_value, int size, int reset)
-{
-cap_t caps;
-if (reset) {
-/*
- * Start with an empty set and set permitted and effective
- */
-caps = cap_init();
-if (caps == NULL) {
-do_perror("cap_init");
-return -1;
-}
-if (cap_set_flag(caps, CAP_PERMITTED, size, cap_value, CAP_SET) < 0) {
-do_perror("cap_set_flag");
-goto error;
-}
-} else {
-caps = cap_get_proc();
-if (!caps) {
-do_perror("cap_get_proc");
-return -1;
-}
-}
-if (cap_set_flag(caps, CAP_EFFECTIVE, size, cap_value, CAP_SET) < 0) {
-do_perror("cap_set_flag");
-goto error;
-}
-if (cap_set_proc(caps) < 0) {
-do_perror("cap_set_proc");
-goto error;
-}
-cap_free(caps);
-return 0;
-
-error:
-cap_free(caps);
-return -1;
-}
-
 static int init_capabilities(void)
 {
 /* helper needs following capabilities only */
-cap_value_t cap_list[] = {
+int cap_list[] = {
 CAP_CHOWN,
 CAP_DAC_OVERRIDE,
 CAP_FOWNER,
@@ -130,7 +91,34 @@ static int init_capabilities(void)
 CAP_MKNOD,
 CAP_SETUID,
 };
-return do_cap_set(cap_list, ARRAY_SIZE(cap_list), 1);
+int i;
+
+capng_clear(CAPNG_SELECT_BOTH);
+for (i = 0; i < ARRAY_SIZE(cap_list); i++) {
+if (capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED,
+ cap_list[i]) < 0) {
+do_perror("capng_update");
+return -1;
+}
+}
+if (capng_apply(CAPNG_SELECT_BOTH) < 0) {
+do_perror("capng_apply");
+return -1;
+}
+
+/* Prepare effective set for setugid.  */
+for (i = 0; i < ARRAY_SIZE(cap_list); i++) {
+if (cap_list[i] == CAP_DAC_OVERRIDE) {
+continue;
+}
+
+if (capng_update(CAPNG_DROP, CAPNG_EFFECTIVE,
+ cap_list[i]) < 0) {
+do_perror("capng_update");
+return -1;
+}
+}
+return 0;
 }
 
 static int socket_

[PULL 0/5] 9pfs patches for QEMU 5.0

2019-12-12 Thread Greg Kurz
The following changes since commit fb2246882a2c8d7f084ebe0617e97ac78467d156:

  .travis.yml: drop xcode9.4 from build matrix (2019-11-29 15:51:52 +)

are available in the Git repository at:

  https://github.com/gkurz/qemu.git tags/9p-next-2019-12-12

for you to fetch changes up to b3e2bb9458af556cb8aa0558f59222f462b81069:

  virtfs: Remove the deprecated "-virtfs_synth" option (2019-12-09 18:00:35 
+0100)


- conversion of virtfs-proxy-helper from libcap to libcap-ng
- removal of libcap-dev from docker, travis and gitlab CI
- removal of deprecate "-virtfs_synth" option


Dr. David Alan Gilbert (1):
  ci: Use libcap-ng

Greg Kurz (1):
  travis.yml: Drop libcap-dev

Paolo Bonzini (2):
  virtfs-proxy-helper: switch from libcap to libcap-ng
  docker: remove libcap development packages

Thomas Huth (1):
  virtfs: Remove the deprecated "-virtfs_synth" option

 .gitlab-ci.yml |   2 +-
 .travis.yml|   1 -
 Makefile   |   1 -
 configure  |  20 +-
 fsdev/virtfs-proxy-helper.c| 100 +
 qemu-deprecated.texi   |   5 --
 qemu-options.hx|  10 ---
 tests/docker/dockerfiles/fedora.docker |   1 -
 tests/docker/dockerfiles/ubuntu.docker |   1 -
 tests/docker/dockerfiles/ubuntu1804.docker |   1 -
 vl.c   |  23 ---
 11 files changed, 48 insertions(+), 117 deletions(-)
-- 
2.21.0




[PATCH 09/10] migration-test: Rename cmd_src/dst to arch_source/arch_target

2019-12-12 Thread Juan Quintela
This explains better what they do and avoid confussino with
command_src/target.

Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 40 +---
 1 file changed, 21 insertions(+), 19 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index 5ab8cfd4b2..6c7c4163a4 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -549,7 +549,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
bool use_shmem, const char *opts_src,
const char *opts_dst)
 {
-gchar *cmd_src, *cmd_dst;
+gchar *arch_source, *arch_target;
 gchar *cmd_source, *cmd_target;
 const gchar *ignore_stderr;
 char *bootpath = NULL;
@@ -579,8 +579,8 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 machine_type = "";
 machine_args = "";
 memory_size = "150M";
-cmd_src = g_strdup_printf("-drive file=%s,format=raw", bootpath);
-cmd_dst = g_strdup(cmd_src);
+arch_source = g_strdup_printf("-drive file=%s,format=raw", bootpath);
+arch_target = g_strdup(arch_source);
 start_address = X86_TEST_MEM_START;
 end_address = X86_TEST_MEM_END;
 } else if (g_str_equal(arch, "s390x")) {
@@ -588,20 +588,20 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "";
 machine_args = "";
 memory_size = "128M";
-cmd_src = g_strdup_printf("-bios %s", bootpath);
-cmd_dst = g_strdup(cmd_src);
+arch_source = g_strdup_printf("-bios %s", bootpath);
+arch_target = g_strdup(arch_source);
 start_address = S390_TEST_MEM_START;
 end_address = S390_TEST_MEM_END;
 } else if (strcmp(arch, "ppc64") == 0) {
 machine_type = "";
 machine_args = ",vsmt=8";
 memory_size = "256M";
-cmd_src = g_strdup_printf("-nodefaults "
-  "-prom-env 'use-nvramrc?=true' -prom-env "
-  "'nvramrc=hex .\" _\" begin %x %x "
-  "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
-  "until'", end_address, start_address);
-cmd_dst = g_strdup("");
+arch_source = g_strdup_printf("-nodefaults "
+  "-prom-env 'use-nvramrc?=true' -prom-env 
"
+  "'nvramrc=hex .\" _\" begin %x %x "
+  "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
+  "until'", end_address, start_address);
+arch_target = g_strdup("");
 start_address = PPC_TEST_MEM_START;
 end_address = PPC_TEST_MEM_END;
 } else if (strcmp(arch, "aarch64") == 0) {
@@ -609,10 +609,10 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "virt,";
 machine_args = "gic-version=max";
 memory_size = "150M";
-cmd_src = g_strdup_printf("-cpu max "
-  "-kernel %s",
-  bootpath);
-cmd_dst = g_strdup(cmd_src);
+arch_source = g_strdup_printf("-cpu max "
+  "-kernel %s",
+  bootpath);
+arch_target = g_strdup(arch_source);
 start_address = ARM_TEST_MEM_START;
 end_address = ARM_TEST_MEM_END;
 
@@ -647,8 +647,9 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
  "%s %s %s %s",
  machine_type, machine_args,
  memory_size, tmpfs,
- cmd_src, shmem_opts, opts_src, ignore_stderr);
-g_free(cmd_src);
+ arch_source, shmem_opts, opts_src,
+ ignore_stderr);
+g_free(arch_source);
 *from = qtest_init(cmd_source);
 g_free(cmd_source);
 
@@ -660,8 +661,9 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
  "%s %s %s %s",
  machine_type, machine_args,
  memory_size, tmpfs, uri,
- cmd_dst, shmem_opts, opts_dst, ignore_stderr);
-g_free(cmd_dst);
+ arch_target, shmem_opts, opts_dst,
+ ignore_stderr);
+g_free(arch_target);
 *to = qtest_init(cmd_target);
 g_free(cmd_target);
 
-- 
2.21.0




[PATCH 06/10] migration-test: Move -name handling to common commandline

2019-12-12 Thread Juan Quintela
Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 22 +-
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index 85c98f0f9c..a83e43b7b6 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -579,12 +579,10 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "";
 machine_args = "";
 memory_size = "150M";
-cmd_src = g_strdup_printf(" -name source,debug-threads=on"
-  " -serial file:%s/src_serial"
+cmd_src = g_strdup_printf(" -serial file:%s/src_serial"
   " -drive file=%s,format=raw",
   tmpfs, bootpath);
-cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
-  " -serial file:%s/dest_serial"
+cmd_dst = g_strdup_printf(" -serial file:%s/dest_serial"
   " -drive file=%s,format=raw"
   " -incoming %s",
   tmpfs, bootpath, uri);
@@ -595,11 +593,9 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "";
 machine_args = "";
 memory_size = "128M";
-cmd_src = g_strdup_printf(" -name source,debug-threads=on"
-  " -serial file:%s/src_serial -bios %s",
+cmd_src = g_strdup_printf(" -serial file:%s/src_serial -bios %s",
   tmpfs, bootpath);
-cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
-  " -serial file:%s/dest_serial -bios %s"
+cmd_dst = g_strdup_printf(" -serial file:%s/dest_serial -bios %s"
   " -incoming %s",
   tmpfs, bootpath, uri);
 start_address = S390_TEST_MEM_START;
@@ -609,15 +605,13 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_args = ",vsmt=8";
 memory_size = "256M";
 cmd_src = g_strdup_printf("-nodefaults"
-  " -name source,debug-threads=on"
   " -serial file:%s/src_serial"
   " -prom-env 'use-nvramrc?=true' -prom-env "
   "'nvramrc=hex .\" _\" begin %x %x "
   "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
   "until'", tmpfs, end_address,
   start_address);
-cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
-  " -serial file:%s/dest_serial"
+cmd_dst = g_strdup_printf(" -serial file:%s/dest_serial"
   " -incoming %s",
   tmpfs, uri);
 
@@ -628,11 +622,11 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "virt,";
 machine_args = "gic-version=max";
 memory_size = "150M";
-cmd_src = g_strdup_printf("-name vmsource,debug-threads=on -cpu max "
+cmd_src = g_strdup_printf("-cpu max "
   "-serial file:%s/src_serial "
   "-kernel %s",
   tmpfs, bootpath);
-cmd_dst = g_strdup_printf("-name vmdest,debug-threads=on -cpu max "
+cmd_dst = g_strdup_printf("-cpu max "
   "-serial file:%s/dest_serial "
   "-kernel %s "
   "-incoming %s",
@@ -666,6 +660,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 }
 
 cmd_source = g_strdup_printf("-machine %saccel=kvm:tcg%s "
+ "-name source,debug-threads=on "
  "-m %s "
  "%s %s %s %s",
  machine_type, machine_args,
@@ -676,6 +671,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 g_free(cmd_source);
 
 cmd_target = g_strdup_printf("-machine %saccel=kvm:tcg%s "
+ "-name target,debug-threads=on "
  "-m %s "
  "%s %s %s %s",
  machine_type, machine_args,
-- 
2.21.0




[PATCH 05/10] migration-test: Move shmem handling to common commandline

2019-12-12 Thread Juan Quintela
Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 76 +++---
 1 file changed, 34 insertions(+), 42 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index 18857f08f4..85c98f0f9c 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -380,13 +380,6 @@ static void cleanup(const char *filename)
 g_free(path);
 }
 
-static char *get_shmem_opts(const char *mem_size, const char *shmem_path)
-{
-return g_strdup_printf("-object memory-backend-file,id=mem0,size=%s"
-   ",mem-path=%s,share=on -numa node,memdev=mem0",
-   mem_size, shmem_path);
-}
-
 static char *SocketAddress_to_str(SocketAddress *addr)
 {
 switch (addr->type) {
@@ -560,8 +553,8 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 gchar *cmd_source, *cmd_target;
 const gchar *ignore_stderr;
 char *bootpath = NULL;
-char *extra_opts = NULL;
-char *shmem_path = NULL;
+char *shmem_opts;
+char *shmem_path;
 const char *arch = qtest_get_arch();
 const char *machine_type;
 const char *machine_args;
@@ -575,7 +568,6 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 g_test_skip("/dev/shm is not supported");
 return -1;
 }
-shmem_path = g_strdup_printf("/dev/shm/qemu-%d", getpid());
 }
 
 got_stop = false;
@@ -587,18 +579,15 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "";
 machine_args = "";
 memory_size = "150M";
-extra_opts = use_shmem ? get_shmem_opts(memory_size, shmem_path) : 
NULL;
 cmd_src = g_strdup_printf(" -name source,debug-threads=on"
   " -serial file:%s/src_serial"
-  " -drive file=%s,format=raw %s",
-  tmpfs, bootpath,
-  extra_opts ? extra_opts : "");
+  " -drive file=%s,format=raw",
+  tmpfs, bootpath);
 cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
   " -serial file:%s/dest_serial"
   " -drive file=%s,format=raw"
-  " -incoming %s %s",
-  tmpfs, bootpath, uri,
-  extra_opts ? extra_opts : "");
+  " -incoming %s",
+  tmpfs, bootpath, uri);
 start_address = X86_TEST_MEM_START;
 end_address = X86_TEST_MEM_END;
 } else if (g_str_equal(arch, "s390x")) {
@@ -606,36 +595,31 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "";
 machine_args = "";
 memory_size = "128M";
-extra_opts = use_shmem ? get_shmem_opts(memory_size, shmem_path) : 
NULL;
 cmd_src = g_strdup_printf(" -name source,debug-threads=on"
-  " -serial file:%s/src_serial -bios %s %s",
-  tmpfs, bootpath,
-  extra_opts ? extra_opts : "");
+  " -serial file:%s/src_serial -bios %s",
+  tmpfs, bootpath);
 cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
   " -serial file:%s/dest_serial -bios %s"
-  " -incoming %s %s",
-  tmpfs, bootpath, uri,
-  extra_opts ? extra_opts : "");
+  " -incoming %s",
+  tmpfs, bootpath, uri);
 start_address = S390_TEST_MEM_START;
 end_address = S390_TEST_MEM_END;
 } else if (strcmp(arch, "ppc64") == 0) {
 machine_type = "";
 machine_args = ",vsmt=8";
 memory_size = "256M";
-extra_opts = use_shmem ? get_shmem_opts(memory_size, shmem_path) : 
NULL;
 cmd_src = g_strdup_printf("-nodefaults"
   " -name source,debug-threads=on"
   " -serial file:%s/src_serial"
   " -prom-env 'use-nvramrc?=true' -prom-env "
   "'nvramrc=hex .\" _\" begin %x %x "
   "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
-  "until' %s", tmpfs, end_address,
-  start_address, extra_opts ? extra_opts : "");
+  "until'", tmpfs, end_address,
+  start_address);
 cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
   " -serial file:%s/dest_serial"
-  " -inco

[PATCH 07/10] migration-test: Move -serial handling to common commandline

2019-12-12 Thread Juan Quintela
Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 41 -
 1 file changed, 16 insertions(+), 25 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index a83e43b7b6..85e270ca39 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -579,13 +579,10 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "";
 machine_args = "";
 memory_size = "150M";
-cmd_src = g_strdup_printf(" -serial file:%s/src_serial"
-  " -drive file=%s,format=raw",
-  tmpfs, bootpath);
-cmd_dst = g_strdup_printf(" -serial file:%s/dest_serial"
-  " -drive file=%s,format=raw"
+cmd_src = g_strdup_printf("-drive file=%s,format=raw", bootpath);
+cmd_dst = g_strdup_printf("-drive file=%s,format=raw"
   " -incoming %s",
-  tmpfs, bootpath, uri);
+  bootpath, uri);
 start_address = X86_TEST_MEM_START;
 end_address = X86_TEST_MEM_END;
 } else if (g_str_equal(arch, "s390x")) {
@@ -593,28 +590,22 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_type = "";
 machine_args = "";
 memory_size = "128M";
-cmd_src = g_strdup_printf(" -serial file:%s/src_serial -bios %s",
-  tmpfs, bootpath);
-cmd_dst = g_strdup_printf(" -serial file:%s/dest_serial -bios %s"
+cmd_src = g_strdup_printf("-bios %s", bootpath);
+cmd_dst = g_strdup_printf("-bios %s"
   " -incoming %s",
-  tmpfs, bootpath, uri);
+  bootpath, uri);
 start_address = S390_TEST_MEM_START;
 end_address = S390_TEST_MEM_END;
 } else if (strcmp(arch, "ppc64") == 0) {
 machine_type = "";
 machine_args = ",vsmt=8";
 memory_size = "256M";
-cmd_src = g_strdup_printf("-nodefaults"
-  " -serial file:%s/src_serial"
-  " -prom-env 'use-nvramrc?=true' -prom-env "
+cmd_src = g_strdup_printf("-nodefaults "
+  "-prom-env 'use-nvramrc?=true' -prom-env "
   "'nvramrc=hex .\" _\" begin %x %x "
   "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
-  "until'", tmpfs, end_address,
-  start_address);
-cmd_dst = g_strdup_printf(" -serial file:%s/dest_serial"
-  " -incoming %s",
-  tmpfs, uri);
-
+  "until'", end_address, start_address);
+cmd_dst = g_strdup_printf(" -incoming %s", uri);
 start_address = PPC_TEST_MEM_START;
 end_address = PPC_TEST_MEM_END;
 } else if (strcmp(arch, "aarch64") == 0) {
@@ -623,14 +614,12 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 machine_args = "gic-version=max";
 memory_size = "150M";
 cmd_src = g_strdup_printf("-cpu max "
-  "-serial file:%s/src_serial "
   "-kernel %s",
-  tmpfs, bootpath);
+  bootpath);
 cmd_dst = g_strdup_printf("-cpu max "
-  "-serial file:%s/dest_serial "
   "-kernel %s "
   "-incoming %s",
-  tmpfs, bootpath, uri);
+  bootpath, uri);
 
 start_address = ARM_TEST_MEM_START;
 end_address = ARM_TEST_MEM_END;
@@ -661,10 +650,11 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 
 cmd_source = g_strdup_printf("-machine %saccel=kvm:tcg%s "
  "-name source,debug-threads=on "
+ "-serial file:%s/src_serial "
  "-m %s "
  "%s %s %s %s",
  machine_type, machine_args,
- memory_size,
+ tmpfs, memory_size,
  cmd_src, shmem_opts, opts_src, ignore_stderr);
 g_free(cmd_src);
 *from = qtest_init(cmd_source);
@@ -673,9 +663,10 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 cmd_target = g_strdup_printf("-machine %saccel=kvm:tcg%s "
  "-name target,debug-threads=on "
  "-m %s "
+ "-serial file:%s/dest_serial "
  "%

[PATCH 04/10] migration-test: Move memory size to common commandline

2019-12-12 Thread Juan Quintela
Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 44 --
 1 file changed, 25 insertions(+), 19 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index 39203f6d46..18857f08f4 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -565,6 +565,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 const char *arch = qtest_get_arch();
 const char *machine_type;
 const char *machine_args;
+const char *memory_size;
 
 opts_src = opts_src ? opts_src : "";
 opts_dst = opts_dst ? opts_dst : "";
@@ -585,15 +586,14 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 init_bootfile(bootpath, x86_bootsect, sizeof(x86_bootsect));
 machine_type = "";
 machine_args = "";
-extra_opts = use_shmem ? get_shmem_opts("150M", shmem_path) : NULL;
-cmd_src = g_strdup_printf("-m 150M"
-  " -name source,debug-threads=on"
+memory_size = "150M";
+extra_opts = use_shmem ? get_shmem_opts(memory_size, shmem_path) : 
NULL;
+cmd_src = g_strdup_printf(" -name source,debug-threads=on"
   " -serial file:%s/src_serial"
   " -drive file=%s,format=raw %s",
   tmpfs, bootpath,
   extra_opts ? extra_opts : "");
-cmd_dst = g_strdup_printf("-m 150M"
-  " -name target,debug-threads=on"
+cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
   " -serial file:%s/dest_serial"
   " -drive file=%s,format=raw"
   " -incoming %s %s",
@@ -605,14 +605,13 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 init_bootfile(bootpath, s390x_elf, sizeof(s390x_elf));
 machine_type = "";
 machine_args = "";
-extra_opts = use_shmem ? get_shmem_opts("128M", shmem_path) : NULL;
-cmd_src = g_strdup_printf("-m 128M"
-  " -name source,debug-threads=on"
+memory_size = "128M";
+extra_opts = use_shmem ? get_shmem_opts(memory_size, shmem_path) : 
NULL;
+cmd_src = g_strdup_printf(" -name source,debug-threads=on"
   " -serial file:%s/src_serial -bios %s %s",
   tmpfs, bootpath,
   extra_opts ? extra_opts : "");
-cmd_dst = g_strdup_printf("-m 128M"
-  " -name target,debug-threads=on"
+cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
   " -serial file:%s/dest_serial -bios %s"
   " -incoming %s %s",
   tmpfs, bootpath, uri,
@@ -622,8 +621,9 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 } else if (strcmp(arch, "ppc64") == 0) {
 machine_type = "";
 machine_args = ",vsmt=8";
-extra_opts = use_shmem ? get_shmem_opts("256M", shmem_path) : NULL;
-cmd_src = g_strdup_printf("-m 256M -nodefaults"
+memory_size = "256M";
+extra_opts = use_shmem ? get_shmem_opts(memory_size, shmem_path) : 
NULL;
+cmd_src = g_strdup_printf("-nodefaults"
   " -name source,debug-threads=on"
   " -serial file:%s/src_serial"
   " -prom-env 'use-nvramrc?=true' -prom-env "
@@ -631,8 +631,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
   "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
   "until' %s", tmpfs, end_address,
   start_address, extra_opts ? extra_opts : "");
-cmd_dst = g_strdup_printf("-m 256M"
-  " -name target,debug-threads=on"
+cmd_dst = g_strdup_printf(" -name target,debug-threads=on"
   " -serial file:%s/dest_serial"
   " -incoming %s %s",
   tmpfs, uri,
@@ -644,14 +643,15 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 init_bootfile(bootpath, aarch64_kernel, sizeof(aarch64_kernel));
 machine_type = "virt,";
 machine_args = "gic-version=max";
-extra_opts = use_shmem ? get_shmem_opts("150M", shmem_path) : NULL;
+memory_size = "150M";
+extra_opts = use_shmem ? get_shmem_opts(memory_size, shmem_path) : 
NULL;
 cmd_src = g_strdup_printf("-name vmsource,debug-threads=on -cpu max "
-  "-m 150M -serial file:%s/src_serial "
+  "-serial file:%s/src_serial "
 

[PATCH 01/10] migration-test: Create cmd_soure and cmd_target

2019-12-12 Thread Juan Quintela
We are repeating almost everything for each machine while creating the
command line for migration.  And once for source and another for
destination.  We start putting there opts_src and opts_dst.

Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 44 --
 1 file changed, 25 insertions(+), 19 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index ebd77a581a..9573861ede 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -557,6 +557,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
const char *opts_dst)
 {
 gchar *cmd_src, *cmd_dst;
+gchar *cmd_source, *cmd_target;
 char *bootpath = NULL;
 char *extra_opts = NULL;
 char *shmem_path = NULL;
@@ -584,16 +585,16 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 cmd_src = g_strdup_printf("-machine accel=%s -m 150M"
   " -name source,debug-threads=on"
   " -serial file:%s/src_serial"
-  " -drive file=%s,format=raw %s %s",
+  " -drive file=%s,format=raw %s",
   accel, tmpfs, bootpath,
-  extra_opts ? extra_opts : "", opts_src);
+  extra_opts ? extra_opts : "");
 cmd_dst = g_strdup_printf("-machine accel=%s -m 150M"
   " -name target,debug-threads=on"
   " -serial file:%s/dest_serial"
   " -drive file=%s,format=raw"
-  " -incoming %s %s %s",
+  " -incoming %s %s",
   accel, tmpfs, bootpath, uri,
-  extra_opts ? extra_opts : "", opts_dst);
+  extra_opts ? extra_opts : "");
 start_address = X86_TEST_MEM_START;
 end_address = X86_TEST_MEM_END;
 } else if (g_str_equal(arch, "s390x")) {
@@ -601,15 +602,15 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 extra_opts = use_shmem ? get_shmem_opts("128M", shmem_path) : NULL;
 cmd_src = g_strdup_printf("-machine accel=%s -m 128M"
   " -name source,debug-threads=on"
-  " -serial file:%s/src_serial -bios %s %s %s",
+  " -serial file:%s/src_serial -bios %s %s",
   accel, tmpfs, bootpath,
-  extra_opts ? extra_opts : "", opts_src);
+  extra_opts ? extra_opts : "");
 cmd_dst = g_strdup_printf("-machine accel=%s -m 128M"
   " -name target,debug-threads=on"
   " -serial file:%s/dest_serial -bios %s"
-  " -incoming %s %s %s",
+  " -incoming %s %s",
   accel, tmpfs, bootpath, uri,
-  extra_opts ? extra_opts : "", opts_dst);
+  extra_opts ? extra_opts : "");
 start_address = S390_TEST_MEM_START;
 end_address = S390_TEST_MEM_END;
 } else if (strcmp(arch, "ppc64") == 0) {
@@ -620,15 +621,14 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
   " -prom-env 'use-nvramrc?=true' -prom-env "
   "'nvramrc=hex .\" _\" begin %x %x "
   "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
-  "until' %s %s",  accel, tmpfs, end_address,
-  start_address, extra_opts ? extra_opts : "",
-  opts_src);
+  "until' %s",  accel, tmpfs, end_address,
+  start_address, extra_opts ? extra_opts : "");
 cmd_dst = g_strdup_printf("-machine accel=%s,vsmt=8 -m 256M"
   " -name target,debug-threads=on"
   " -serial file:%s/dest_serial"
-  " -incoming %s %s %s",
+  " -incoming %s %s",
   accel, tmpfs, uri,
-  extra_opts ? extra_opts : "", opts_dst);
+  extra_opts ? extra_opts : "");
 
 start_address = PPC_TEST_MEM_START;
 end_address = PPC_TEST_MEM_END;
@@ -638,16 +638,16 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 cmd_src = g_strdup_printf("-machine virt,accel=%s,gic-version=max "
   "-name vmsource,debug-threads=on -cpu max "
 

[PATCH 03/10] migration-test: Move -machine to common commandline

2019-12-12 Thread Juan Quintela
Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 51 +-
 1 file changed, 30 insertions(+), 21 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index 372e66c755..39203f6d46 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -563,7 +563,8 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 char *extra_opts = NULL;
 char *shmem_path = NULL;
 const char *arch = qtest_get_arch();
-const char *accel = "kvm:tcg";
+const char *machine_type;
+const char *machine_args;
 
 opts_src = opts_src ? opts_src : "";
 opts_dst = opts_dst ? opts_dst : "";
@@ -582,72 +583,78 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 /* the assembled x86 boot sector should be exactly one sector large */
 assert(sizeof(x86_bootsect) == 512);
 init_bootfile(bootpath, x86_bootsect, sizeof(x86_bootsect));
+machine_type = "";
+machine_args = "";
 extra_opts = use_shmem ? get_shmem_opts("150M", shmem_path) : NULL;
-cmd_src = g_strdup_printf("-machine accel=%s -m 150M"
+cmd_src = g_strdup_printf("-m 150M"
   " -name source,debug-threads=on"
   " -serial file:%s/src_serial"
   " -drive file=%s,format=raw %s",
-  accel, tmpfs, bootpath,
+  tmpfs, bootpath,
   extra_opts ? extra_opts : "");
-cmd_dst = g_strdup_printf("-machine accel=%s -m 150M"
+cmd_dst = g_strdup_printf("-m 150M"
   " -name target,debug-threads=on"
   " -serial file:%s/dest_serial"
   " -drive file=%s,format=raw"
   " -incoming %s %s",
-  accel, tmpfs, bootpath, uri,
+  tmpfs, bootpath, uri,
   extra_opts ? extra_opts : "");
 start_address = X86_TEST_MEM_START;
 end_address = X86_TEST_MEM_END;
 } else if (g_str_equal(arch, "s390x")) {
 init_bootfile(bootpath, s390x_elf, sizeof(s390x_elf));
+machine_type = "";
+machine_args = "";
 extra_opts = use_shmem ? get_shmem_opts("128M", shmem_path) : NULL;
-cmd_src = g_strdup_printf("-machine accel=%s -m 128M"
+cmd_src = g_strdup_printf("-m 128M"
   " -name source,debug-threads=on"
   " -serial file:%s/src_serial -bios %s %s",
-  accel, tmpfs, bootpath,
+  tmpfs, bootpath,
   extra_opts ? extra_opts : "");
-cmd_dst = g_strdup_printf("-machine accel=%s -m 128M"
+cmd_dst = g_strdup_printf("-m 128M"
   " -name target,debug-threads=on"
   " -serial file:%s/dest_serial -bios %s"
   " -incoming %s %s",
-  accel, tmpfs, bootpath, uri,
+  tmpfs, bootpath, uri,
   extra_opts ? extra_opts : "");
 start_address = S390_TEST_MEM_START;
 end_address = S390_TEST_MEM_END;
 } else if (strcmp(arch, "ppc64") == 0) {
+machine_type = "";
+machine_args = ",vsmt=8";
 extra_opts = use_shmem ? get_shmem_opts("256M", shmem_path) : NULL;
-cmd_src = g_strdup_printf("-machine accel=%s,vsmt=8 -m 256M 
-nodefaults"
+cmd_src = g_strdup_printf("-m 256M -nodefaults"
   " -name source,debug-threads=on"
   " -serial file:%s/src_serial"
   " -prom-env 'use-nvramrc?=true' -prom-env "
   "'nvramrc=hex .\" _\" begin %x %x "
   "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
-  "until' %s",  accel, tmpfs, end_address,
+  "until' %s", tmpfs, end_address,
   start_address, extra_opts ? extra_opts : "");
-cmd_dst = g_strdup_printf("-machine accel=%s,vsmt=8 -m 256M"
+cmd_dst = g_strdup_printf("-m 256M"
   " -name target,debug-threads=on"
   " -serial file:%s/dest_serial"
   " -incoming %s %s",
-  accel, tmpfs, uri,
+  tmpfs, uri,
   extra_opts ? extra_opts : "");
 
 start_address = PPC_TEST_MEM_START;
 end_address = PPC_TEST_MEM_END;
 } else if (strcmp(arch, "aarch64") == 0) {
   

[PATCH 10/10] migration-test: Use a struct for test_migrate_start parameters

2019-12-12 Thread Juan Quintela
It has two bools and two strings, it is very difficult to remember
which does what.  And it makes very difficult to add new parameters as
we need to modify all the callers.

Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 118 +++--
 1 file changed, 78 insertions(+), 40 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index 6c7c4163a4..4a192116ce 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -544,10 +544,31 @@ static void migrate_postcopy_start(QTestState *from, 
QTestState *to)
 qtest_qmp_eventwait(to, "RESUME");
 }
 
+typedef struct {
+bool hide_stderr;
+bool use_shmem;
+char *opts_source;
+char *opts_target;
+} MigrateStart;
+
+static MigrateStart *migrate_start_new(void)
+{
+MigrateStart *args = g_new0(MigrateStart, 1);
+
+args->opts_source = g_strdup("");
+args->opts_target = g_strdup("");
+return args;
+}
+
+static void migrate_start_destroy(MigrateStart *args)
+{
+g_free(args->opts_source);
+g_free(args->opts_target);
+g_free(args);
+}
+
 static int test_migrate_start(QTestState **from, QTestState **to,
-   const char *uri, bool hide_stderr,
-   bool use_shmem, const char *opts_src,
-   const char *opts_dst)
+  const char *uri, MigrateStart *args)
 {
 gchar *arch_source, *arch_target;
 gchar *cmd_source, *cmd_target;
@@ -560,10 +581,7 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 const char *machine_args;
 const char *memory_size;
 
-opts_src = opts_src ? opts_src : "";
-opts_dst = opts_dst ? opts_dst : "";
-
-if (use_shmem) {
+if (args->use_shmem) {
 if (!g_file_test("/dev/shm", G_FILE_TEST_IS_DIR)) {
 g_test_skip("/dev/shm is not supported");
 return -1;
@@ -623,13 +641,13 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 
 g_free(bootpath);
 
-if (hide_stderr) {
+if (args->hide_stderr) {
 ignore_stderr = "2>/dev/null";
 } else {
 ignore_stderr = "";
 }
 
-if (use_shmem) {
+if (args->use_shmem) {
 shmem_path = g_strdup_printf("/dev/shm/qemu-%d", getpid());
 shmem_opts = g_strdup_printf(
 "-object memory-backend-file,id=mem0,size=%s"
@@ -647,7 +665,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
  "%s %s %s %s",
  machine_type, machine_args,
  memory_size, tmpfs,
- arch_source, shmem_opts, opts_src,
+ arch_source, shmem_opts, args->opts_source,
  ignore_stderr);
 g_free(arch_source);
 *from = qtest_init(cmd_source);
@@ -661,18 +679,19 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
  "%s %s %s %s",
  machine_type, machine_args,
  memory_size, tmpfs, uri,
- arch_target, shmem_opts, opts_dst,
- ignore_stderr);
+ arch_target, shmem_opts,
+ args->opts_target, ignore_stderr);
 g_free(arch_target);
 *to = qtest_init(cmd_target);
 g_free(cmd_target);
 
+migrate_start_destroy(args);
 g_free(shmem_opts);
 /*
  * Remove shmem file immediately to avoid memory leak in test failed case.
  * It's valid becase QEMU has already opened this file
  */
-if (use_shmem) {
+if (args->use_shmem) {
 unlink(shmem_path);
 g_free(shmem_path);
 }
@@ -762,13 +781,13 @@ static void test_deprecated(void)
 }
 
 static int migrate_postcopy_prepare(QTestState **from_ptr,
- QTestState **to_ptr,
- bool hide_error)
+QTestState **to_ptr,
+MigrateStart *args)
 {
 char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
 QTestState *from, *to;
 
-if (test_migrate_start(&from, &to, uri, hide_error, false, NULL, NULL)) {
+if (test_migrate_start(&from, &to, uri, args)) {
 return -1;
 }
 
@@ -813,9 +832,10 @@ static void migrate_postcopy_complete(QTestState *from, 
QTestState *to)
 
 static void test_postcopy(void)
 {
+MigrateStart *args = migrate_start_new();
 QTestState *from, *to;
 
-if (migrate_postcopy_prepare(&from, &to, false)) {
+if (migrate_postcopy_prepare(&from, &to, args)) {
 return;
 }
 migrate_postcopy_start(from, to);
@@ -824,10 +844,13 @@ static void test_postcopy(void)
 
 static void test_postcopy_recovery(void)
 {
+MigrateStart *args = migrate_start_new();
 QTestS

[PATCH 08/10] migration-test: Move -incomming handling to common commandline

2019-12-12 Thread Juan Quintela
Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 23 ---
 1 file changed, 8 insertions(+), 15 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index 85e270ca39..5ab8cfd4b2 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -580,9 +580,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 machine_args = "";
 memory_size = "150M";
 cmd_src = g_strdup_printf("-drive file=%s,format=raw", bootpath);
-cmd_dst = g_strdup_printf("-drive file=%s,format=raw"
-  " -incoming %s",
-  bootpath, uri);
+cmd_dst = g_strdup(cmd_src);
 start_address = X86_TEST_MEM_START;
 end_address = X86_TEST_MEM_END;
 } else if (g_str_equal(arch, "s390x")) {
@@ -591,9 +589,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 machine_args = "";
 memory_size = "128M";
 cmd_src = g_strdup_printf("-bios %s", bootpath);
-cmd_dst = g_strdup_printf("-bios %s"
-  " -incoming %s",
-  bootpath, uri);
+cmd_dst = g_strdup(cmd_src);
 start_address = S390_TEST_MEM_START;
 end_address = S390_TEST_MEM_END;
 } else if (strcmp(arch, "ppc64") == 0) {
@@ -605,7 +601,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
   "'nvramrc=hex .\" _\" begin %x %x "
   "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
   "until'", end_address, start_address);
-cmd_dst = g_strdup_printf(" -incoming %s", uri);
+cmd_dst = g_strdup("");
 start_address = PPC_TEST_MEM_START;
 end_address = PPC_TEST_MEM_END;
 } else if (strcmp(arch, "aarch64") == 0) {
@@ -616,11 +612,7 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 cmd_src = g_strdup_printf("-cpu max "
   "-kernel %s",
   bootpath);
-cmd_dst = g_strdup_printf("-cpu max "
-  "-kernel %s "
-  "-incoming %s",
-  bootpath, uri);
-
+cmd_dst = g_strdup(cmd_src);
 start_address = ARM_TEST_MEM_START;
 end_address = ARM_TEST_MEM_END;
 
@@ -650,11 +642,11 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 
 cmd_source = g_strdup_printf("-machine %saccel=kvm:tcg%s "
  "-name source,debug-threads=on "
+ "-m %s "
  "-serial file:%s/src_serial "
- "-m %s "
  "%s %s %s %s",
  machine_type, machine_args,
- tmpfs, memory_size,
+ memory_size, tmpfs,
  cmd_src, shmem_opts, opts_src, ignore_stderr);
 g_free(cmd_src);
 *from = qtest_init(cmd_source);
@@ -664,9 +656,10 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
  "-name target,debug-threads=on "
  "-m %s "
  "-serial file:%s/dest_serial "
+ "-incoming %s "
  "%s %s %s %s",
  machine_type, machine_args,
- tmpfs, memory_size,
+ memory_size, tmpfs, uri,
  cmd_dst, shmem_opts, opts_dst, ignore_stderr);
 g_free(cmd_dst);
 *to = qtest_init(cmd_target);
-- 
2.21.0




[PATCH 00/10] Migration Arguments cleanup

2019-12-12 Thread Juan Quintela
Hi

This series simplify test_migrate_start() in two ways:
- simplify the command line creation, so everything that is common between
  architectures don't have to be repeated (DRY).
  Note that this bit remove lines of code.
- test_migrate_start() has two bools and two strings as arguments, it is very
  difficult to remmeber which is which and meaning.  And it is even worse to
  add new parameters.  Just pass them through one struct.

Please, review.

Juan Quintela (10):
  migration-test: Create cmd_soure and cmd_target
  migration-test: Move hide_stderr to common commandline
  migration-test: Move -machine to common commandline
  migration-test: Move memory size to common commandline
  migration-test: Move shmem handling to common commandline
  migration-test: Move -name handling to common commandline
  migration-test: Move -serial handling to common commandline
  migration-test: Move -incomming handling to common commandline
  migration-test: Rename cmd_src/dst to arch_source/arch_target
  migration-test: Use a struct for test_migrate_start parameters

 tests/migration-test.c | 265 +++--
 1 file changed, 147 insertions(+), 118 deletions(-)

-- 
2.21.0




[PATCH 02/10] migration-test: Move hide_stderr to common commandline

2019-12-12 Thread Juan Quintela
Signed-off-by: Juan Quintela 
---
 tests/migration-test.c | 20 
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index 9573861ede..372e66c755 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -558,6 +558,7 @@ static int test_migrate_start(QTestState **from, QTestState 
**to,
 {
 gchar *cmd_src, *cmd_dst;
 gchar *cmd_source, *cmd_target;
+const gchar *ignore_stderr;
 char *bootpath = NULL;
 char *extra_opts = NULL;
 char *shmem_path = NULL;
@@ -661,24 +662,19 @@ static int test_migrate_start(QTestState **from, 
QTestState **to,
 g_free(extra_opts);
 
 if (hide_stderr) {
-gchar *tmp;
-tmp = g_strdup_printf("%s 2>/dev/null", cmd_src);
-g_free(cmd_src);
-cmd_src = tmp;
-
-tmp = g_strdup_printf("%s 2>/dev/null", cmd_dst);
-g_free(cmd_dst);
-cmd_dst = tmp;
+ignore_stderr = "2>/dev/null";
+} else {
+ignore_stderr = "";
 }
 
-cmd_source = g_strdup_printf("%s %s",
- cmd_src, opts_src);
+cmd_source = g_strdup_printf("%s %s %s",
+ cmd_src, opts_src, ignore_stderr);
 g_free(cmd_src);
 *from = qtest_init(cmd_source);
 g_free(cmd_source);
 
-cmd_target = g_strdup_printf("%s %s",
- cmd_dst, opts_dst);
+cmd_target = g_strdup_printf("%s %s %s",
+ cmd_dst, opts_dst, ignore_stderr);
 g_free(cmd_dst);
 *to = qtest_init(cmd_target);
 g_free(cmd_target);
-- 
2.21.0




Re: [PATCH 2/3] q800: add djMEMC memory controller

2019-12-12 Thread Philippe Mathieu-Daudé

On 12/12/19 9:01 PM, Laurent Vivier wrote:

Current implementation is based on GLUE, an early implementation
of the memory controller found in Macintosh II series.

Quadra 800 uses in fact djMEMC:

The djMEMC is an Apple custom integrated circuit chip that performs a
variety of functions (RAM management, clock generation, ...).
It receives interrupt requests from various devices, assign priority to
each, and asserts one or more interrupt line to the CPU.

Signed-off-by: Laurent Vivier 
---
  MAINTAINERS  |   2 +
  hw/m68k/Kconfig  |   1 +
  hw/m68k/q800.c   |  61 --
  hw/misc/Kconfig  |   3 +
  hw/misc/Makefile.objs|   1 +
  hw/misc/djmemc.c | 176 +++
  hw/misc/trace-events |   4 +
  include/hw/misc/djmemc.h |  34 
  8 files changed, 237 insertions(+), 45 deletions(-)
  create mode 100644 hw/misc/djmemc.c
  create mode 100644 include/hw/misc/djmemc.h

diff --git a/MAINTAINERS b/MAINTAINERS
index 5e5e3e52d6..07224a2fa2 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -925,11 +925,13 @@ F: hw/misc/mac_via.c
  F: hw/nubus/*
  F: hw/display/macfb.c
  F: hw/block/swim.c
+F: hw/misc/djmemc.c
  F: hw/m68k/bootinfo.h
  F: include/hw/misc/mac_via.h
  F: include/hw/nubus/*
  F: include/hw/display/macfb.h
  F: include/hw/block/swim.h
+F: include/hw/misc/djmemc.c
  
  MicroBlaze Machines

  ---
diff --git a/hw/m68k/Kconfig b/hw/m68k/Kconfig
index c757e7dfa4..bdc43a798a 100644
--- a/hw/m68k/Kconfig
+++ b/hw/m68k/Kconfig
@@ -22,3 +22,4 @@ config Q800
  select ESCC
  select ESP
  select DP8393X
+select DJMEMC
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index ef0014f4c4..9ee0cb1141 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -46,6 +46,7 @@
  #include "sysemu/qtest.h"
  #include "sysemu/runstate.h"
  #include "sysemu/reset.h"
+#include "hw/misc/djmemc.h"
  
  #define MACROM_ADDR 0x4000

  #define MACROM_SIZE 0x0010
@@ -68,6 +69,7 @@
  #define SONIC_PROM_BASE   (IO_BASE + 0x08000)
  #define SONIC_BASE(IO_BASE + 0x0a000)
  #define SCC_BASE  (IO_BASE + 0x0c000)
+#define DJMEMC_BASE   (IO_BASE + 0x0e000)
  #define ESP_BASE  (IO_BASE + 0x1)
  #define ESP_PDMA  (IO_BASE + 0x10100)
  #define ASC_BASE  (IO_BASE + 0x14000)
@@ -85,39 +87,6 @@
  
  #define MAC_CLOCK  3686418
  
-/*

- * The GLUE (General Logic Unit) is an Apple custom integrated circuit chip
- * that performs a variety of functions (RAM management, clock generation, 
...).
- * The GLUE chip receives interrupt requests from various devices,
- * assign priority to each, and asserts one or more interrupt line to the
- * CPU.
- */
-
-typedef struct {
-M68kCPU *cpu;
-uint8_t ipr;
-} GLUEState;
-
-static void GLUE_set_irq(void *opaque, int irq, int level)
-{
-GLUEState *s = opaque;
-int i;
-
-if (level) {
-s->ipr |= 1 << irq;
-} else {
-s->ipr &= ~(1 << irq);
-}
-
-for (i = 7; i >= 0; i--) {
-if ((s->ipr >> i) & 1) {
-m68k_set_irq_level(s->cpu, i + 1, i + 25);
-return;
-}
-}
-m68k_set_irq_level(s->cpu, 0, 0);
-}
-
  static void main_cpu_reset(void *opaque)
  {
  M68kCPU *cpu = opaque;
@@ -149,6 +118,7 @@ static void q800_init(MachineState *machine)
  const char *kernel_cmdline = machine->kernel_cmdline;
  hwaddr parameters_base;
  CPUState *cs;
+DeviceState *djmemc_dev;
  DeviceState *dev;
  DeviceState *via_dev;
  SysBusESPState *sysbus_esp;
@@ -156,8 +126,6 @@ static void q800_init(MachineState *machine)
  SysBusDevice *sysbus;
  BusState *adb_bus;
  NubusBus *nubus;
-GLUEState *irq;
-qemu_irq *pic;
  
  linux_boot = (kernel_filename != NULL);
  
@@ -191,11 +159,13 @@ static void q800_init(MachineState *machine)

  g_free(name);
  }
  
-/* IRQ Glue */

+/* djMEMC memory and interrupt controller */
  
-irq = g_new0(GLUEState, 1);

-irq->cpu = cpu;
-pic = qemu_allocate_irqs(GLUE_set_irq, irq, 8);


Glad to see you add a QOM INTC and use QDEV API.


+djmemc_dev = qdev_create(NULL, TYPE_DJMEMC);
+object_property_set_link(OBJECT(djmemc_dev), OBJECT(cpu), "cpu",
+ &error_abort);
+qdev_init_nofail(djmemc_dev);
+sysbus_mmio_map(SYS_BUS_DEVICE(djmemc_dev), 0, DJMEMC_BASE);
  
  /* VIA */
  
@@ -203,9 +173,10 @@ static void q800_init(MachineState *machine)

  qdev_init_nofail(via_dev);
  sysbus = SYS_BUS_DEVICE(via_dev);
  sysbus_mmio_map(sysbus, 0, VIA_BASE);
-qdev_connect_gpio_out_named(DEVICE(sysbus), "irq", 0, pic[0]);
-qdev_connect_gpio_out_named(DEVICE(sysbus), "irq", 1, pic[1]);
-
+qdev_connect_gpio_out_named(DEVICE(sysbus), "irq", 0,
+qdev_get_gpio_in(djmemc_dev, 0));
+qdev_connect_gpio_out_named(DEVICE(sysbus),
+"irq", 

Re: [PATCH 2/3] q800: add djMEMC memory controller

2019-12-12 Thread BALATON Zoltan

On Thu, 12 Dec 2019, Laurent Vivier wrote:

Current implementation is based on GLUE, an early implementation
of the memory controller found in Macintosh II series.

Quadra 800 uses in fact djMEMC:

The djMEMC is an Apple custom integrated circuit chip that performs a
variety of functions (RAM management, clock generation, ...).
It receives interrupt requests from various devices, assign priority to
each, and asserts one or more interrupt line to the CPU.

Signed-off-by: Laurent Vivier 
---
MAINTAINERS  |   2 +
hw/m68k/Kconfig  |   1 +
hw/m68k/q800.c   |  61 --
hw/misc/Kconfig  |   3 +
hw/misc/Makefile.objs|   1 +
hw/misc/djmemc.c | 176 +++
hw/misc/trace-events |   4 +
include/hw/misc/djmemc.h |  34 
8 files changed, 237 insertions(+), 45 deletions(-)
create mode 100644 hw/misc/djmemc.c
create mode 100644 include/hw/misc/djmemc.h


[...]

diff --git a/hw/misc/djmemc.c b/hw/misc/djmemc.c
new file mode 100644
index 00..b494e82a60
--- /dev/null
+++ b/hw/misc/djmemc.c
@@ -0,0 +1,176 @@
+/*
+ * djMEMC, macintosh memory and interrupt controller
+ * (Quadra 610/650/800 & Centris 610/650)
+ *
+ *https://mac68k.info/wiki/display/mac68k/djMEMC+Information
+ *
+ * The djMEMC is an Apple custom integrated circuit chip that performs a
+ * variety of functions (RAM management, clock generation, ...).
+ * It receives interrupt requests from various devices, assign priority to
+ * each, and asserts one or more interrupt line to the CPU.
+ */
+
+#include "qemu/osdep.h"
+#include "migration/vmstate.h"
+#include "hw/misc/djmemc.h"
+#include "hw/qdev-properties.h"
+#include "trace.h"
+
+#define DJMEMC_SIZE   0x2000
+
+#define InterleaveConf0
+#define Bank0Conf 1
+#define Bank1Conf 2
+#define Bank2Conf 3
+#define Bank3Conf 4
+#define Bank4Conf 5
+#define Bank5Conf 6
+#define Bank6Conf 7
+#define Bank7Conf 8
+#define Bank8Conf 9
+#define Bank9Conf 10
+#define MemTop11
+#define Config12
+#define Refresh   13


Should this be an enum so the compiler can better verify values and if all 
cases are handled?


Regards,
BALATON Zoltan



Re: [PATCH v5 1/5] tpm_spapr: Support TPM for ppc64 using CRQ based interface

2019-12-12 Thread Stefan Berger

On 12/12/19 3:33 PM, Eric Blake wrote:

On 12/12/19 2:24 PM, Stefan Berger wrote:
Implement support for TPM on ppc64 by implementing the vTPM CRQ 
interface
as a frontend. It can use the tpm_emulator driver backend with the 
external

swtpm.

The Linux vTPM driver for ppc64 works with this emulation.

This TPM emulator also handles the TPM 2 case.

Signed-off-by: Stefan Berger 
Reviewed-by: David Gibson 

diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig


Odd that your diff doesn't include the usual --- marker or a diffstat.



+++ b/hw/tpm/tpm_spapr.c
@@ -0,0 +1,405 @@
+/*
+ * QEMU PowerPC pSeries Logical Partition (aka sPAPR) hardware 
System Emulator

+ *
+ * PAPR Virtual TPM
+ *
+ * Copyright (c) 2015, 2017 IBM Corporation.


Do you want to claim 2019?


:-)




Re: [PATCH 00/28] cputlb: Remove support for MMU_MODE*_SUFFIX

2019-12-12 Thread Aleksandar Markovic
On Thursday, December 12, 2019, Richard Henderson <
richard.hender...@linaro.org> wrote:

> This is part of a project to raise the limit on NB_MMU_MODES.
>
> One of those is in cpu_ldst.h, in support of MMU_MODE*_SUFFIX.
> While this could be extended, it's not the best interface for
> such things.  Better is a single interface that allows a variable
> mmu_idx.  The best exemplars of that is the usage in target/mips
> and target/ppc.
>
> In the process, I tried to clean up the implementation of these
> functions for softmmu and user-only.
>
>
Just a suggestion: Given the nature of the series, please consider some
additional changes to:

 docs/devel/loads-stores.rst

Aleksandar


> r~
>
>
> Cc: Aleksandar Markovic 
> Cc: Aleksandar Rikalo 
> Cc: Aurelien Jarno 
> Cc: Chris Wulff 
> Cc: David Gibson 
> Cc: David Hildenbrand 
> Cc: Edgar E. Iglesias 
> Cc: Eduardo Habkost 
> Cc: Guan Xuetao 
> Cc: Laurent Vivier 
> Cc: Marek Vasut 
> Cc: Max Filippov 
> Cc: Paolo Bonzini 
> Cc: Peter Maydell 
>
>
> Richard Henderson (28):
>   target/xtensa: Use probe_access for itlb_hit_test
>   cputlb: Use trace_mem_get_info instead of trace_mem_build_info
>   trace: Remove trace_mem_build_info_no_se_[bl]e
>   cputlb: Move body of cpu_ldst_template.h out of line
>   translator: Use cpu_ld*_code instead of open-coding
>   cputlb: Rename helper_ret_ld*_cmmu to cpu_ld*_code
>   cputlb: Provide cpu_(ld,st}*_mmuidx_ra for user-only
>   target/i386: Use cpu_*_mmuidx_ra instead of templates
>   target/s390x: Include tcg.h in mem_helper.c
>   target/arm: Include tcg.h in sve_helper.c
>   accel/tcg: Include tcg.h in tcg-runtime.c
>   linux-user: Include tcg.h in syscall.c
>   linux-user: Include trace-root.h in syscall-trace.h
>   cputlb: Expand cpu_ldst_useronly_template.h in user-exec.c
>   target/nios2: Remove MMU_MODE{0,1}_SUFFIX
>   target/alpha: Remove MMU_MODE{0,1}_SUFFIX
>   target/cris: Remove MMU_MODE{0,1}_SUFFIX
>   target/i386: Remove MMU_MODE{0,1,2}_SUFFIX
>   target/microblaze: Remove MMU_MODE{0,1,2}_SUFFIX
>   target/sh4: Remove MMU_MODE{0,1}_SUFFIX
>   target/unicore32: Remove MMU_MODE{0,1}_SUFFIX
>   target/xtensa: Remove MMU_MODE{0,1,2,3}_SUFFIX
>   target/m68k: Use cpu_*_mmuidx_ra instead of MMU_MODE{0,1}_SUFFIX
>   target/mips: Use cpu_*_mmuidx_ra instead of MMU_MODE*_SUFFIX
>   target/s390x: Use cpu_*_mmuidx_ra instead of MMU_MODE*_SUFFIX
>   target/ppc: Use cpu_*_mmuidx_ra instead of MMU_MODE*_SUFFIX
>   cputlb: Remove support for MMU_MODE*_SUFFIX
>   cputlb: Expand cpu_ldst_template.h in cputlb.c
>
>  accel/tcg/atomic_template.h   |  67 ++--
>  include/exec/cpu_ldst.h   | 448 +++---
>  include/exec/cpu_ldst_template.h  | 211 --
>  include/exec/cpu_ldst_useronly_template.h | 159 
>  include/exec/translator.h |  48 +--
>  include/user/syscall-trace.h  |   2 +
>  target/alpha/cpu.h|   2 -
>  target/cris/cpu.h |   2 -
>  target/i386/cpu.h |   3 -
>  target/m68k/cpu.h |   2 -
>  target/microblaze/cpu.h   |   3 -
>  target/mips/cpu.h |   4 -
>  target/nios2/cpu.h|   2 -
>  target/ppc/cpu.h  |   2 -
>  target/s390x/cpu.h|   5 -
>  target/sh4/cpu.h  |   2 -
>  target/unicore32/cpu.h|   2 -
>  target/xtensa/cpu.h   |   4 -
>  tcg/tcg.h |  29 --
>  trace/mem-internal.h  |  17 -
>  accel/tcg/cputlb.c| 315 +++
>  accel/tcg/tcg-runtime.c   |   1 +
>  accel/tcg/user-exec.c | 236 
>  linux-user/syscall.c  |   1 +
>  target/arm/sve_helper.c   |   1 +
>  target/i386/seg_helper.c  |  75 ++--
>  target/m68k/op_helper.c   |   5 +
>  target/mips/op_helper.c   | 182 +++--
>  target/ppc/mem_helper.c   |  11 +-
>  target/s390x/mem_helper.c |   6 +
>  target/xtensa/mmu_helper.c|   5 +-
>  docs/devel/loads-stores.rst   |   4 +-
>  32 files changed, 788 insertions(+), 1068 deletions(-)
>  delete mode 100644 include/exec/cpu_ldst_template.h
>  delete mode 100644 include/exec/cpu_ldst_useronly_template.h
>
> --
> 2.20.1
>
>
>


Re: [PATCH v5 1/5] tpm_spapr: Support TPM for ppc64 using CRQ based interface

2019-12-12 Thread Eric Blake

On 12/12/19 2:24 PM, Stefan Berger wrote:

Implement support for TPM on ppc64 by implementing the vTPM CRQ interface
as a frontend. It can use the tpm_emulator driver backend with the external
swtpm.

The Linux vTPM driver for ppc64 works with this emulation.

This TPM emulator also handles the TPM 2 case.

Signed-off-by: Stefan Berger 
Reviewed-by: David Gibson 

diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig


Odd that your diff doesn't include the usual --- marker or a diffstat.



+++ b/hw/tpm/tpm_spapr.c
@@ -0,0 +1,405 @@
+/*
+ * QEMU PowerPC pSeries Logical Partition (aka sPAPR) hardware System Emulator
+ *
+ * PAPR Virtual TPM
+ *
+ * Copyright (c) 2015, 2017 IBM Corporation.


Do you want to claim 2019?

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3226
Virtualization:  qemu.org | libvirt.org




[PATCH v5 1/5] tpm_spapr: Support TPM for ppc64 using CRQ based interface

2019-12-12 Thread Stefan Berger
Implement support for TPM on ppc64 by implementing the vTPM CRQ interface
as a frontend. It can use the tpm_emulator driver backend with the external
swtpm.

The Linux vTPM driver for ppc64 works with this emulation.

This TPM emulator also handles the TPM 2 case.

Signed-off-by: Stefan Berger 
Reviewed-by: David Gibson 

diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig
index 4c8ee87d67..66a570aac1 100644
--- a/hw/tpm/Kconfig
+++ b/hw/tpm/Kconfig
@@ -22,3 +22,9 @@ config TPM_EMULATOR
 bool
 default y
 depends on TPMDEV
+
+config TPM_SPAPR
+bool
+default n
+select TPMDEV
+depends on PSERIES
diff --git a/hw/tpm/Makefile.objs b/hw/tpm/Makefile.objs
index de0b85d02a..85eb99ae05 100644
--- a/hw/tpm/Makefile.objs
+++ b/hw/tpm/Makefile.objs
@@ -4,3 +4,4 @@ common-obj-$(CONFIG_TPM_TIS) += tpm_tis.o
 common-obj-$(CONFIG_TPM_CRB) += tpm_crb.o
 common-obj-$(CONFIG_TPM_PASSTHROUGH) += tpm_passthrough.o
 common-obj-$(CONFIG_TPM_EMULATOR) += tpm_emulator.o
+obj-$(CONFIG_TPM_SPAPR) += tpm_spapr.o
diff --git a/hw/tpm/tpm_spapr.c b/hw/tpm/tpm_spapr.c
new file mode 100644
index 00..c4a67e2403
--- /dev/null
+++ b/hw/tpm/tpm_spapr.c
@@ -0,0 +1,405 @@
+/*
+ * QEMU PowerPC pSeries Logical Partition (aka sPAPR) hardware System Emulator
+ *
+ * PAPR Virtual TPM
+ *
+ * Copyright (c) 2015, 2017 IBM Corporation.
+ *
+ * Authors:
+ *Stefan Berger 
+ *
+ * This code is licensed under the GPL version 2 or later. See the
+ * COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+#include "hw/qdev-properties.h"
+#include "migration/vmstate.h"
+
+#include "sysemu/tpm_backend.h"
+#include "tpm_int.h"
+#include "tpm_util.h"
+
+#include "hw/ppc/spapr.h"
+#include "hw/ppc/spapr_vio.h"
+#include "trace.h"
+
+#define DEBUG_SPAPR 0
+
+#define VIO_SPAPR_VTPM(obj) \
+ OBJECT_CHECK(SPAPRvTPMState, (obj), TYPE_TPM_SPAPR)
+
+typedef struct VioCRQ {
+uint8_t valid;  /* 0x80: cmd; 0xc0: init crq */
+/* 0x81-0x83: CRQ message response */
+uint8_t msg;/* see below */
+uint16_t len;   /* len of TPM request; len of TPM response */
+uint32_t data;  /* rtce_dma_handle when sending TPM request */
+uint64_t reserved;
+} VioCRQ;
+
+typedef union TPMSpaprCRQ {
+VioCRQ s;
+uint8_t raw[sizeof(VioCRQ)];
+} TPMSpaprCRQ;
+
+#define SPAPR_VTPM_VALID_INIT_CRQ_COMMAND  0xC0
+#define SPAPR_VTPM_VALID_COMMAND   0x80
+#define SPAPR_VTPM_MSG_RESULT  0x80
+
+/* msg types for valid = SPAPR_VTPM_VALID_INIT_CRQ */
+#define SPAPR_VTPM_INIT_CRQ_RESULT   0x1
+#define SPAPR_VTPM_INIT_CRQ_COMPLETE_RESULT  0x2
+
+/* msg types for valid = SPAPR_VTPM_VALID_CMD */
+#define SPAPR_VTPM_GET_VERSION   0x1
+#define SPAPR_VTPM_TPM_COMMAND   0x2
+#define SPAPR_VTPM_GET_RTCE_BUFFER_SIZE  0x3
+#define SPAPR_VTPM_PREPARE_TO_SUSPEND0x4
+
+/* response error messages */
+#define SPAPR_VTPM_VTPM_ERROR0xff
+
+/* error codes */
+#define SPAPR_VTPM_ERR_COPY_IN_FAILED0x3
+#define SPAPR_VTPM_ERR_COPY_OUT_FAILED   0x4
+
+#define MAX_BUFFER_SIZE TARGET_PAGE_SIZE
+
+typedef struct {
+SpaprVioDevice vdev;
+
+TPMSpaprCRQ crq; /* track single TPM command */
+
+uint8_t state;
+#define SPAPR_VTPM_STATE_NONE 0
+#define SPAPR_VTPM_STATE_EXECUTION1
+#define SPAPR_VTPM_STATE_COMPLETION   2
+
+unsigned char buffer[MAX_BUFFER_SIZE];
+
+TPMBackendCmd cmd;
+
+TPMBackend *be_driver;
+TPMVersion be_tpm_version;
+
+size_t be_buffer_size;
+} SPAPRvTPMState;
+
+static void tpm_spapr_show_buffer(const unsigned char *buffer,
+  size_t buffer_size, const char *string)
+{
+size_t len, i;
+char *line_buffer, *p;
+
+len = MIN(tpm_cmd_get_size(buffer), buffer_size);
+
+/*
+ * allocate enough room for 3 chars per buffer entry plus a
+ * newline after every 16 chars and a final null terminator.
+ */
+line_buffer = g_malloc(len * 3 + (len / 16) + 1);
+
+for (i = 0, p = line_buffer; i < len; i++) {
+if (i && !(i % 16)) {
+p += sprintf(p, "\n");
+}
+p += sprintf(p, "%.2X ", buffer[i]);
+}
+trace_tpm_spapr_show_buffer(string, len, line_buffer);
+
+g_free(line_buffer);
+}
+
+/*
+ * Send a request to the TPM.
+ */
+static void tpm_spapr_tpm_send(SPAPRvTPMState *s)
+{
+if (trace_event_get_state_backends(TRACE_TPM_SPAPR_SHOW_BUFFER)) {
+tpm_spapr_show_buffer(s->buffer, sizeof(s->buffer), "To TPM");
+}
+
+s->state = SPAPR_VTPM_STATE_EXECUTION;
+s->cmd = (TPMBackendCmd) {
+.locty = 0,
+.in = s->buffer,
+.in_len = MIN(tpm_cmd_get_size(s->buffer), sizeof(s->buffer)),
+.out = s->buffer,
+.out_len = sizeof(s->buffer),
+};
+
+tpm_backend_deliver_request(s->be_driver, &s->cmd);
+}
+
+static int tpm_spapr_process_cmd(SPAPRvTPMState *s, uint64_t dataptr)
+{
+lo

[PATCH v5 5/5] docs: tpm: Add example command line for ppc64 and tpm-spapr

2019-12-12 Thread Stefan Berger
Add an example to the TPM docs for how to add a TPM SPAPR
device model to a QEMU VM emulating a pSeries machine.

Signed-off-by: Stefan Berger 

diff --git a/docs/specs/tpm.txt b/docs/specs/tpm.txt
index 9c8cca042d..9c3e67d8a7 100644
--- a/docs/specs/tpm.txt
+++ b/docs/specs/tpm.txt
@@ -34,6 +34,12 @@ The CRB interface makes a memory mapped IO region in the 
area 0xfed4 -
 QEMU files related to TPM CRB interface:
  - hw/tpm/tpm_crb.c
 
+
+pSeries (ppc64) machines offer a tpm-spapr device model.
+
+QEMU files related to the SPAPR interface:
+ - hw/tpm/tpm_spapr.c
+
 = fw_cfg interface =
 
 The bios/firmware may read the "etc/tpm/config" fw_cfg entry for
@@ -281,7 +287,7 @@ swtpm socket --tpmstate dir=/tmp/mytpm1 \
   --log level=20
 
 Command line to start QEMU with the TPM emulator device communicating with
-the swtpm:
+the swtpm (x86):
 
 qemu-system-x86_64 -display sdl -accel kvm \
   -m 1024 -boot d -bios bios-256k.bin -boot menu=on \
@@ -289,6 +295,18 @@ qemu-system-x86_64 -display sdl -accel kvm \
   -tpmdev emulator,id=tpm0,chardev=chrtpm \
   -device tpm-tis,tpmdev=tpm0 test.img
 
+In case a pSeries machine is emulated, use the following command line:
+
+qemu-system-ppc64 -display sdl -machine pseries,accel=kvm \
+  -m 1024 -bios slof.bin -boot menu=on \
+  -nodefaults -device VGA -device pci-ohci -device usb-kbd \
+  -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
+  -tpmdev emulator,id=tpm0,chardev=chrtpm \
+  -device tpm-spapr,tpmdev=tpm0 \
+  -device spapr-vscsi,id=scsi0,reg=0x2000 \
+  -device 
virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0
 \
+  -drive file=test.img,format=raw,if=none,id=drive-virtio-disk0
+
 
 In case SeaBIOS is used as firmware, it should show the TPM menu item
 after entering the menu with 'ESC'.
-- 
2.21.0




[PATCH v5 4/5] hw/ppc/Kconfig: Enable TPM_SPAPR as part of PSERIES config

2019-12-12 Thread Stefan Berger
Signed-off-by: Stefan Berger 

diff --git a/hw/ppc/Kconfig b/hw/ppc/Kconfig
index f927ec9c74..b5b3519158 100644
--- a/hw/ppc/Kconfig
+++ b/hw/ppc/Kconfig
@@ -10,6 +10,7 @@ config PSERIES
 select XICS_SPAPR
 select XIVE_SPAPR
 select MSI_NONBROKEN
+select TPM_SPAPR
 
 config SPAPR_RNG
 bool
-- 
2.21.0




[PATCH v5 2/5] tpm: Return bool from tpm_backend_finish_sync

2019-12-12 Thread Stefan Berger
Return true in case we had to wait for an outstanding response
to come back, false otherwise.

Signed-off-by: Stefan Berger 

diff --git a/backends/tpm.c b/backends/tpm.c
index 375587e743..1f75883d8a 100644
--- a/backends/tpm.c
+++ b/backends/tpm.c
@@ -49,11 +49,15 @@ static int tpm_backend_worker_thread(gpointer data)
 return 0;
 }
 
-void tpm_backend_finish_sync(TPMBackend *s)
+bool tpm_backend_finish_sync(TPMBackend *s)
 {
+bool ret = s->cmd != NULL;
+
 while (s->cmd) {
 aio_poll(qemu_get_aio_context(), true);
 }
+
+return ret;
 }
 
 enum TpmType tpm_backend_get_type(TPMBackend *s)
diff --git a/include/sysemu/tpm_backend.h b/include/sysemu/tpm_backend.h
index 9e7451fb52..c35fe85c62 100644
--- a/include/sysemu/tpm_backend.h
+++ b/include/sysemu/tpm_backend.h
@@ -200,8 +200,10 @@ size_t tpm_backend_get_buffer_size(TPMBackend *s);
  *
  * Finish the pending command synchronously (this will call aio_poll()
  * on qemu main AIOContext until it ends)
+ *
+ * Returns true in case there was a pending command, false otherwise.
  */
-void tpm_backend_finish_sync(TPMBackend *s);
+bool tpm_backend_finish_sync(TPMBackend *s);
 
 /**
  * tpm_backend_query_tpm:
-- 
2.21.0




[PATCH v5 3/5] tpm_spapr: Support suspend and resume

2019-12-12 Thread Stefan Berger
Extend the tpm_spapr frontend with VM suspend and resume support.

Signed-off-by: Stefan Berger 

diff --git a/hw/tpm/tpm_spapr.c b/hw/tpm/tpm_spapr.c
index c4a67e2403..8f5a142bd4 100644
--- a/hw/tpm/tpm_spapr.c
+++ b/hw/tpm/tpm_spapr.c
@@ -87,6 +87,8 @@ typedef struct {
 TPMVersion be_tpm_version;
 
 size_t be_buffer_size;
+
+bool deliver_response; /* whether to deliver response after VM resume */
 } SPAPRvTPMState;
 
 static void tpm_spapr_show_buffer(const unsigned char *buffer,
@@ -256,6 +258,12 @@ static void tpm_spapr_request_completed(TPMIf *ti, int ret)
 uint32_t len;
 int rc;
 
+if (runstate_check(RUN_STATE_FINISH_MIGRATE)) {
+/* defer delivery of response until .post_load */
+s->deliver_response |= true;
+return;
+}
+
 s->state = SPAPR_VTPM_STATE_COMPLETION;
 
 /* a max. of be_buffer_size bytes can be transported */
@@ -316,6 +324,7 @@ static void tpm_spapr_reset(SpaprVioDevice *dev)
 SPAPRvTPMState *s = VIO_SPAPR_VTPM(dev);
 
 s->state = SPAPR_VTPM_STATE_NONE;
+s->deliver_response = false;
 
 s->be_tpm_version = tpm_backend_get_tpm_version(s->be_driver);
 tpm_spapr_update_deviceclass(dev);
@@ -339,9 +348,53 @@ static enum TPMVersion tpm_spapr_get_version(TPMIf *ti)
 return tpm_backend_get_tpm_version(s->be_driver);
 }
 
+/* persistent state handling */
+
+static int tpm_spapr_pre_save(void *opaque)
+{
+SPAPRvTPMState *s = opaque;
+
+s->deliver_response |= tpm_backend_finish_sync(s->be_driver);
+
+trace_tpm_spapr_pre_save(s->deliver_response);
+/*
+ * we cannot deliver the results to the VM since DMA would touch VM memory
+ */
+
+return 0;
+}
+
+static int tpm_spapr_post_load(void *opaque, int version_id)
+{
+SPAPRvTPMState *s = opaque;
+
+if (s->deliver_response) {
+trace_tpm_spapr_post_load();
+/* deliver the results to the VM via DMA */
+tpm_spapr_request_completed(TPM_IF(s), 0);
+s->deliver_response = false;
+}
+
+return 0;
+}
+
 static const VMStateDescription vmstate_spapr_vtpm = {
 .name = "tpm-spapr",
-.unmigratable = 1,
+.version_id = 1,
+.minimum_version_id = 0,
+.minimum_version_id_old = 0,
+.pre_save = tpm_spapr_pre_save,
+.post_load = tpm_spapr_post_load,
+.fields = (VMStateField[]) {
+VMSTATE_SPAPR_VIO(vdev, SPAPRvTPMState),
+
+VMSTATE_UINT8(state, SPAPRvTPMState),
+VMSTATE_BUFFER(buffer, SPAPRvTPMState),
+/* remember DMA address */
+VMSTATE_UINT32(crq.s.data, SPAPRvTPMState),
+VMSTATE_BOOL(deliver_response, SPAPRvTPMState),
+VMSTATE_END_OF_LIST(),
+}
 };
 
 static Property tpm_spapr_properties[] = {
diff --git a/hw/tpm/trace-events b/hw/tpm/trace-events
index 6278a39618..d109661b96 100644
--- a/hw/tpm/trace-events
+++ b/hw/tpm/trace-events
@@ -67,3 +67,5 @@ tpm_spapr_do_crq_get_version(uint32_t version) "response: 
version %u"
 tpm_spapr_do_crq_prepare_to_suspend(void) "response: preparing to suspend"
 tpm_spapr_do_crq_unknown_msg_type(uint8_t type) "Unknown message type 0x%02x"
 tpm_spapr_do_crq_unknown_crq(uint8_t raw1, uint8_t raw2) "unknown CRQ 0x%02x 
0x%02x ..."
+tpm_spapr_pre_save(bool v) "TPM response to deliver after resume: %d"
+tpm_spapr_post_load(void) "Delivering TPM response after resume"
-- 
2.21.0




[PATCH v5 0/5] Add vTPM emulator support for ppc64 platform

2019-12-12 Thread Stefan Berger
The following series of patches adds vTPM emulator support for the
ppc64 platform (pSeries). 

It can be tested as follows with swtpm/libtpms:

mkdir /tmp/mytpm1
swtpm socket --tpmstate dir=/tmp/mytpm1 \
  --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
  --log level=20

If TPM 2 is desired, add --tpm2 as parameter to the above.

In another terminal start QEMU:

sudo ./ppc64-softmmu/qemu-system-ppc64 -display sdl \
-machine pseries,accel=kvm \
-m 1024 -bios slof.bin -boot menu=on \
-nodefaults -device VGA -device pci-ohci -device usb-kbd \
-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-spapr,tpmdev=tpm0 \
-device spapr-vscsi,id=scsi0,reg=0x2000 \
-device 
virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0
 \
-drive file=test.img,format=raw,if=none,id=drive-virtio-disk0

Links:
 - libtpms: https://github.com/stefanberger/libtpms/wiki
 - swtpm: https://github.com/stefanberger/swtpm/wiki

Changes:
 v4->v5:
  - use runstate_check(RUN_STATE_FINISH_MIGRATE) to check whether devices
are suspending; ditch 3 patches in this series that tried to do similar

 v3->v4:
  - addressed comments to v3
  - reworked suspend/resume support that requires extensions to backends

 v2->v3:
  - patch 1: a TPM 2 is identified by IBM,vtpm20 in the compatible node
  - patch 1: convert to tracing to display Tx and Rx buffers
  - added documentation patch
  - added patch to enable TPM device as part of pSeries

 v1->v2:
  - followed Cedric Le Goater's suggestions to patch 1
  - send appropriate CRQ error responses if DMA read or write fails
  - renamed tpm_spapr_got_payload to tpm_spapr_process_cmd and
pass endianess-adjusted data pointer from CRQ to it

Regards,
Stefan

Stefan Berger (5):
  tpm_spapr: Support TPM for ppc64 using CRQ based interface
  tpm: Return bool from tpm_backend_finish_sync
  tpm_spapr: Support suspend and resume
  hw/ppc/Kconfig: Enable TPM_SPAPR as part of PSERIES config
  docs: tpm: Add example command line for ppc64 and tpm-spapr

 backends/tpm.c   |   6 +-
 docs/specs/tpm.txt   |  20 +-
 hw/ppc/Kconfig   |   1 +
 hw/tpm/Kconfig   |   6 +
 hw/tpm/Makefile.objs |   1 +
 hw/tpm/tpm_spapr.c   | 458 +++
 hw/tpm/trace-events  |  14 ++
 include/sysemu/tpm.h |   3 +
 include/sysemu/tpm_backend.h |   4 +-
 qapi/tpm.json|   6 +-
 10 files changed, 513 insertions(+), 6 deletions(-)
 create mode 100644 hw/tpm/tpm_spapr.c

-- 
2.21.0




Re: [PATCH v4 00/37] Clean-ups: qom-ify serial and remove QDEV_PROP_PTR

2019-12-12 Thread Dr. David Alan Gilbert
Apologies for the delay.

* Marc-André Lureau (marcandre.lur...@gmail.com) wrote:
> Hi
> 
> On Sun, Dec 1, 2019 at 10:10 PM Peter Maydell  
> wrote:
> >
> > On Sun, 1 Dec 2019 at 17:27, Marc-André Lureau
> >  wrote:
> > >
> > > Hi
> > >
> > > On Sun, Dec 1, 2019 at 9:18 PM Peter Maydell  
> > > wrote:
> > > >
> > > > On Sun, 1 Dec 2019 at 10:19, Marc-André Lureau
> > > >  wrote:
> > > > >
> > > > > - "serial: register vmsd with DeviceClass"
> > > > >
> > > > > This is standard qdev-ification, however it breaks backward migration,
> > > > > but that's just how qdev_set_legacy_instance_id() works.
> > > >
> > > > I don't understand this part. Surely the whole point
> > > > of setting a legacy instance ID is exactly to preserve
> > > > migration compatibility? If it doesn't do that then what
> > > > does setting legacy ID value do?
> > > >
> > >
> > > It works in old->new direction only, because new code can match the
> > > legacy instance id.
> > >
> > > But when going from new->old, the legacy instance id is lost, as it
> > > uses new 0-based instance_id.
> >
> > I still don't understand. My mental model of the situation is:
> >
> >  * in the old (current) version of the code, the instance ID
> >is some random thing resulting from what the old code does
> 
> right
> 
> >  * in the new version of the code, we use qdev_set_legacy_instance_id,
> >and so instead of using the ID you'd naturally get as a
> >written-from-scratch qdev device, it uses the legacy value
> >you pass in
> 
> no, it only sets the SaveStateEntry.alias_id, which is only used
> during incoming migration in find_se().
> 
> Iow, it only works old->new.
> 
> >  * thus the device/board in both old and new versions of QEMU
> >uses the same value and migration in both directions works
> 
> sadly no
> 
> >
> > I don't understand why we would ever be using a "new 0-based
> > instance_id" -- it seems to me that the whole point of setting
> > a legacy ID value is that we will use it always, and I don't
> > understand how the board code can know that it's going to be
> > the target of an old->new migration as opposed to being the
> > source of a new->old migration such that it can end up with
> > a different ID value in the latter case.
> 
> The target will find the "legacy" alias with find_se() on incoming
> migration, but any new outgoing migration will use the new 0-based
> instance_id
> 
> >
> > If qdev_set_legacy_instance_id() doesn't work the way I
> > think it does above, what *does* it do ?
> 
> just set the old alias_id for incoming migration.
> 
> David, is that correct?

Yes, I think it is.
However, I'm curious which devices you're finding are explicitly setting
their id's;  there aren't many - although there are some that probably
should!
For example, running an x86 image with:
   -device isa-parallel,chardev=... -device isa-serial -device isa-serial 
-trace enable=qemu_loadvm_state_section_startfull

shows:
qemu_loadvm_state_section_startfull(uint32_t section_id, const char *idstr, 
uint32_t instance_id, uint32_t version_id) "%u(%s) %u %u"

165217@1576179638.856300:qemu_loadvm_state_section_startfull 41(serial) 0 3
165217@1576179638.856307:qemu_loadvm_state_section_startfull 42(serial) 1 3
165217@1576179638.856311:qemu_loadvm_state_section_startfull 43(parallel_isa) 0 
1

so those two serial devices are instances '0' and '1' I think by luck of
their command line order, rather than having specified their base
address (which would have been safer).

Dave



> thanks
> 
> 
> -- 
> Marc-André Lureau
> 
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK




Re: [PATCH v4 3/8] tpm_emulator: Implement callback for whether we are suspended

2019-12-12 Thread Stefan Berger

On 12/12/19 1:33 PM, Stefan Berger wrote:

On 12/12/19 1:07 PM, Stefan Berger wrote:

Implement the check whether the emulator backend is suspended.

Signed-off-by: Stefan Berger 

diff --git a/hw/tpm/tpm_emulator.c b/hw/tpm/tpm_emulator.c
index 22f9113432..7be7d3a91b 100644
--- a/hw/tpm/tpm_emulator.c
+++ b/hw/tpm/tpm_emulator.c
@@ -80,6 +80,8 @@ typedef struct TPMEmulator {
  unsigned int established_flag_cached:1;
    TPMBlobBuffers state_blobs;
+
+    bool is_suspended;
  } TPMEmulator;
    struct tpm_error {
@@ -486,6 +488,13 @@ static size_t 
tpm_emulator_get_buffer_size(TPMBackend *tb)

  return actual_size;
  }
  +static bool tpm_emulator_is_suspended(TPMBackend *tb)
+{
+    TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+
+    return tpm_emu->is_suspended;
+}
+
  static int tpm_emulator_block_migration(TPMEmulator *tpm_emu)
  {
  Error *err = NULL;
@@ -846,6 +855,8 @@ static int tpm_emulator_pre_save(void *opaque)
  TPMBackend *tb = opaque;
  TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
  +    tpm_emu->is_suspended = true;


This is the most critical part here. It must be true when we receive a 
response in the tpm_spapr_request_completed(). The problem is that 
what tpm_backend_finish_sync() does is not specific to this backend 
but more a global operation that another device could run as well -- 
none seem to do this today. So the point is that there could be a race 
here. This flag should really be set in '.pre_pre_save,' so before any 
other device could poll. Better would be calling a global function 
that indicates whether device suspension has started. In this case we 
could do away with this and just call that function from the spapr 
device.



runstate_check(RUN_STATE_FINISH_MIGRATE) seems to be what we need here...












Re: [PATCH v2 3/8] hw: replace hw/i386/pc.h with a header just for the i8259

2019-12-12 Thread Paolo Bonzini
Il gio 12 dic 2019, 20:04 Philippe Mathieu-Daudé  ha
scritto:

> On 12/12/19 6:29 PM, Paolo Bonzini wrote:
> > Remove the need to include i386/pc.h to get to the i8259 functions.
> > This is enough to remove the inclusion of hw/i386/pc.h from all non-x86
> > files.
>
> Eh this is very similar to the patch I'v staged for 5.0, now than the
> Malta/PC split got merged.
>

Ok, these patches are not urgent so I will just wait for yours to go in and
rebase.

Paolo


[PATCH 2/3] q800: add djMEMC memory controller

2019-12-12 Thread Laurent Vivier
Current implementation is based on GLUE, an early implementation
of the memory controller found in Macintosh II series.

Quadra 800 uses in fact djMEMC:

The djMEMC is an Apple custom integrated circuit chip that performs a
variety of functions (RAM management, clock generation, ...).
It receives interrupt requests from various devices, assign priority to
each, and asserts one or more interrupt line to the CPU.

Signed-off-by: Laurent Vivier 
---
 MAINTAINERS  |   2 +
 hw/m68k/Kconfig  |   1 +
 hw/m68k/q800.c   |  61 --
 hw/misc/Kconfig  |   3 +
 hw/misc/Makefile.objs|   1 +
 hw/misc/djmemc.c | 176 +++
 hw/misc/trace-events |   4 +
 include/hw/misc/djmemc.h |  34 
 8 files changed, 237 insertions(+), 45 deletions(-)
 create mode 100644 hw/misc/djmemc.c
 create mode 100644 include/hw/misc/djmemc.h

diff --git a/MAINTAINERS b/MAINTAINERS
index 5e5e3e52d6..07224a2fa2 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -925,11 +925,13 @@ F: hw/misc/mac_via.c
 F: hw/nubus/*
 F: hw/display/macfb.c
 F: hw/block/swim.c
+F: hw/misc/djmemc.c
 F: hw/m68k/bootinfo.h
 F: include/hw/misc/mac_via.h
 F: include/hw/nubus/*
 F: include/hw/display/macfb.h
 F: include/hw/block/swim.h
+F: include/hw/misc/djmemc.c
 
 MicroBlaze Machines
 ---
diff --git a/hw/m68k/Kconfig b/hw/m68k/Kconfig
index c757e7dfa4..bdc43a798a 100644
--- a/hw/m68k/Kconfig
+++ b/hw/m68k/Kconfig
@@ -22,3 +22,4 @@ config Q800
 select ESCC
 select ESP
 select DP8393X
+select DJMEMC
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index ef0014f4c4..9ee0cb1141 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -46,6 +46,7 @@
 #include "sysemu/qtest.h"
 #include "sysemu/runstate.h"
 #include "sysemu/reset.h"
+#include "hw/misc/djmemc.h"
 
 #define MACROM_ADDR 0x4000
 #define MACROM_SIZE 0x0010
@@ -68,6 +69,7 @@
 #define SONIC_PROM_BASE   (IO_BASE + 0x08000)
 #define SONIC_BASE(IO_BASE + 0x0a000)
 #define SCC_BASE  (IO_BASE + 0x0c000)
+#define DJMEMC_BASE   (IO_BASE + 0x0e000)
 #define ESP_BASE  (IO_BASE + 0x1)
 #define ESP_PDMA  (IO_BASE + 0x10100)
 #define ASC_BASE  (IO_BASE + 0x14000)
@@ -85,39 +87,6 @@
 
 #define MAC_CLOCK  3686418
 
-/*
- * The GLUE (General Logic Unit) is an Apple custom integrated circuit chip
- * that performs a variety of functions (RAM management, clock generation, 
...).
- * The GLUE chip receives interrupt requests from various devices,
- * assign priority to each, and asserts one or more interrupt line to the
- * CPU.
- */
-
-typedef struct {
-M68kCPU *cpu;
-uint8_t ipr;
-} GLUEState;
-
-static void GLUE_set_irq(void *opaque, int irq, int level)
-{
-GLUEState *s = opaque;
-int i;
-
-if (level) {
-s->ipr |= 1 << irq;
-} else {
-s->ipr &= ~(1 << irq);
-}
-
-for (i = 7; i >= 0; i--) {
-if ((s->ipr >> i) & 1) {
-m68k_set_irq_level(s->cpu, i + 1, i + 25);
-return;
-}
-}
-m68k_set_irq_level(s->cpu, 0, 0);
-}
-
 static void main_cpu_reset(void *opaque)
 {
 M68kCPU *cpu = opaque;
@@ -149,6 +118,7 @@ static void q800_init(MachineState *machine)
 const char *kernel_cmdline = machine->kernel_cmdline;
 hwaddr parameters_base;
 CPUState *cs;
+DeviceState *djmemc_dev;
 DeviceState *dev;
 DeviceState *via_dev;
 SysBusESPState *sysbus_esp;
@@ -156,8 +126,6 @@ static void q800_init(MachineState *machine)
 SysBusDevice *sysbus;
 BusState *adb_bus;
 NubusBus *nubus;
-GLUEState *irq;
-qemu_irq *pic;
 
 linux_boot = (kernel_filename != NULL);
 
@@ -191,11 +159,13 @@ static void q800_init(MachineState *machine)
 g_free(name);
 }
 
-/* IRQ Glue */
+/* djMEMC memory and interrupt controller */
 
-irq = g_new0(GLUEState, 1);
-irq->cpu = cpu;
-pic = qemu_allocate_irqs(GLUE_set_irq, irq, 8);
+djmemc_dev = qdev_create(NULL, TYPE_DJMEMC);
+object_property_set_link(OBJECT(djmemc_dev), OBJECT(cpu), "cpu",
+ &error_abort);
+qdev_init_nofail(djmemc_dev);
+sysbus_mmio_map(SYS_BUS_DEVICE(djmemc_dev), 0, DJMEMC_BASE);
 
 /* VIA */
 
@@ -203,9 +173,10 @@ static void q800_init(MachineState *machine)
 qdev_init_nofail(via_dev);
 sysbus = SYS_BUS_DEVICE(via_dev);
 sysbus_mmio_map(sysbus, 0, VIA_BASE);
-qdev_connect_gpio_out_named(DEVICE(sysbus), "irq", 0, pic[0]);
-qdev_connect_gpio_out_named(DEVICE(sysbus), "irq", 1, pic[1]);
-
+qdev_connect_gpio_out_named(DEVICE(sysbus), "irq", 0,
+qdev_get_gpio_in(djmemc_dev, 0));
+qdev_connect_gpio_out_named(DEVICE(sysbus),
+"irq", 1, qdev_get_gpio_in(djmemc_dev, 1));
 
 adb_bus = qdev_get_child_bus(via_dev, "adb.0");
 dev = qdev_create(adb_bus, TYPE_ADB_KEYBOARD);
@@ -244,7 +215,7 @@ static

[PATCH 0/3] q800: update machine emulation

2019-12-12 Thread Laurent Vivier
On the way to run a MacOS ROM we need a more accurate
emulation of the Quadra 800.

This series fixes the ESCC base address that was wrong but
as the linux kernel uses the one provided by the bootloader
(in our case QEMU) it was not a problem. This value
is hardcoded in the ROM, so QEMU must use the good one.

The two other patches update the description of the machine
by introducing the djMEMC memory controller and the machine id
register.

Laurent Vivier (3):
  q800: fix ESCC base
  q800: add djMEMC memory controller
  q800: add machine id register

 MAINTAINERS  |   2 +
 hw/m68k/Kconfig  |   1 +
 hw/m68k/q800.c   |  85 +--
 hw/misc/Kconfig  |   3 +
 hw/misc/Makefile.objs|   1 +
 hw/misc/djmemc.c | 176 +++
 hw/misc/trace-events |   4 +
 include/hw/misc/djmemc.h |  34 
 8 files changed, 260 insertions(+), 46 deletions(-)
 create mode 100644 hw/misc/djmemc.c
 create mode 100644 include/hw/misc/djmemc.h

-- 
2.23.0




[PATCH 14/28] cputlb: Expand cpu_ldst_useronly_template.h in user-exec.c

2019-12-12 Thread Aleksandar Markovic
On Thursday, December 12, 2019, Richard Henderson <
richard.hender...@linaro.org> wrote:

> With the tracing hooks, the inline functions are no longer
> so simple.  Reduce the amount of preprocessor obfuscation
> by expanding the text of each of the functions generated.
> The result is only slightly larger than the original.
>
>
Hello, Richard.

Are you talking about source code size here?

I am truly interested in the size of exectutable - it should remain about
the same, no? Can you perhaps confirm that?

Thanks.


> Signed-off-by: Richard Henderson 
> ---
>  include/exec/cpu_ldst.h   |  54 +++--
>  include/exec/cpu_ldst_useronly_template.h | 159 ---
>  accel/tcg/user-exec.c | 236 ++
>  3 files changed, 262 insertions(+), 187 deletions(-)
>  delete mode 100644 include/exec/cpu_ldst_useronly_template.h
>
> diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h
> index 3b2c46bdf4..5a638fd8d6 100644
> --- a/include/exec/cpu_ldst.h
> +++ b/include/exec/cpu_ldst.h
> @@ -124,35 +124,33 @@ static inline void clear_helper_retaddr(void)
>
>  /* In user-only mode we provide only the _code and _data accessors. */
>
> -#define MEMSUFFIX _data
> -#define DATA_SIZE 1
> -#include "exec/cpu_ldst_useronly_template.h"
> +uint32_t cpu_ldub_data(CPUArchState *env, abi_ptr ptr);
> +uint32_t cpu_lduw_data(CPUArchState *env, abi_ptr ptr);
> +uint32_t cpu_ldl_data(CPUArchState *env, abi_ptr ptr);
> +uint64_t cpu_ldq_data(CPUArchState *env, abi_ptr ptr);
> +int cpu_ldsb_data(CPUArchState *env, abi_ptr ptr);
> +int cpu_ldsw_data(CPUArchState *env, abi_ptr ptr);
>
> -#define DATA_SIZE 2
> -#include "exec/cpu_ldst_useronly_template.h"
> +uint32_t cpu_ldub_data_ra(CPUArchState *env, abi_ptr ptr, uintptr_t
> retaddr);
> +uint32_t cpu_lduw_data_ra(CPUArchState *env, abi_ptr ptr, uintptr_t
> retaddr);
> +uint32_t cpu_ldl_data_ra(CPUArchState *env, abi_ptr ptr, uintptr_t
> retaddr);
> +uint64_t cpu_ldq_data_ra(CPUArchState *env, abi_ptr ptr, uintptr_t
> retaddr);
> +int cpu_ldsb_data_ra(CPUArchState *env, abi_ptr ptr, uintptr_t retaddr);
> +int cpu_ldsw_data_ra(CPUArchState *env, abi_ptr ptr, uintptr_t retaddr);
>
> -#define DATA_SIZE 4
> -#include "exec/cpu_ldst_useronly_template.h"
> +void cpu_stb_data(CPUArchState *env, abi_ptr ptr, uint32_t val);
> +void cpu_stw_data(CPUArchState *env, abi_ptr ptr, uint32_t val);
> +void cpu_stl_data(CPUArchState *env, abi_ptr ptr, uint32_t val);
> +void cpu_stq_data(CPUArchState *env, abi_ptr ptr, uint64_t val);
>
> -#define DATA_SIZE 8
> -#include "exec/cpu_ldst_useronly_template.h"
> -#undef MEMSUFFIX
> -
> -#define MEMSUFFIX _code
> -#define CODE_ACCESS
> -#define DATA_SIZE 1
> -#include "exec/cpu_ldst_useronly_template.h"
> -
> -#define DATA_SIZE 2
> -#include "exec/cpu_ldst_useronly_template.h"
> -
> -#define DATA_SIZE 4
> -#include "exec/cpu_ldst_useronly_template.h"
> -
> -#define DATA_SIZE 8
> -#include "exec/cpu_ldst_useronly_template.h"
> -#undef MEMSUFFIX
> -#undef CODE_ACCESS
> +void cpu_stb_data_ra(CPUArchState *env, abi_ptr ptr,
> + uint32_t val, uintptr_t retaddr);
> +void cpu_stw_data_ra(CPUArchState *env, abi_ptr ptr,
> + uint32_t val, uintptr_t retaddr);
> +void cpu_stl_data_ra(CPUArchState *env, abi_ptr ptr,
> + uint32_t val, uintptr_t retaddr);
> +void cpu_stq_data_ra(CPUArchState *env, abi_ptr ptr,
> + uint64_t val, uintptr_t retaddr);
>
>  /*
>   * Provide the same *_mmuidx_ra interface as for softmmu.
> @@ -524,6 +522,8 @@ void cpu_stq_mmuidx_ra(CPUArchState *env, abi_ptr
> addr, uint64_t val,
>  #undef CPU_MMU_INDEX
>  #undef MEMSUFFIX
>
> +#endif /* defined(CONFIG_USER_ONLY) */
> +
>  uint32_t cpu_ldub_code(CPUArchState *env, abi_ptr addr);
>  uint32_t cpu_lduw_code(CPUArchState *env, abi_ptr addr);
>  uint32_t cpu_ldl_code(CPUArchState *env, abi_ptr addr);
> @@ -539,8 +539,6 @@ static inline int cpu_ldsw_code(CPUArchState *env,
> abi_ptr addr)
>  return (int16_t)cpu_lduw_code(env, addr);
>  }
>
> -#endif /* defined(CONFIG_USER_ONLY) */
> -
>  /**
>   * tlb_vaddr_to_host:
>   * @env: CPUArchState
> diff --git a/include/exec/cpu_ldst_useronly_template.h
> b/include/exec/cpu_ldst_useronly_template.h
> deleted file mode 100644
> index e5a3d1983a..00
> --- a/include/exec/cpu_ldst_useronly_template.h
> +++ /dev/null
> @@ -1,159 +0,0 @@
> -/*
> - *  User-only accessor function support
> - *
> - * Generate inline load/store functions for one data size.
> - *
> - * Generate a store function as well as signed and unsigned loads.
> - *
> - * Not used directly but included from cpu_ldst.h.
> - *
> - *  Copyright (c) 2015 Linaro Limited
> - *
> - * This library is free software; you can redistribute it and/or
> - * modify it under the terms of the GNU Lesser General Public
> - * License as published by the Free Software Foundation; either
> - * version 2 of the License, or (at your option) any later version.
> - *
> - * 

[PATCH 3/3] q800: add machine id register

2019-12-12 Thread Laurent Vivier
MacOS reads this address to identify the hardware.

This is a basic implementation returning the ID of Quadra 800.

Details:

  http://mess.redump.net/mess/driver_info/mac_technical_notes

"There are 3 ID schemes [...]
 The third and most scalable is a machine ID register at 0x5ffc.
 The top word must be 0xa55a to be valid. Then bits 15-11 are 0 for
 consumer Macs, 1 for portables, 2 for high-end 68k, and 3 for high-end
 PowerPC. Bit 10 is 1 if additional ID bits appear elsewhere (e.g. in VIA1).
 The rest of the bits are a per-model identifier.

 Model  Lower 16 bits of ID
...
 Quadra/Centris 610/650/800 0x2BAD"

Signed-off-by: Laurent Vivier 
---
 hw/m68k/q800.c | 22 ++
 1 file changed, 22 insertions(+)

diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index 9ee0cb1141..c2b2aa779f 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -97,6 +97,23 @@ static void main_cpu_reset(void *opaque)
 cpu->env.pc = ldl_phys(cs->as, 4);
 }
 
+static uint64_t machine_id_read(void *opaque, hwaddr addr, unsigned size)
+{
+return 0xa55a2bad; /* Quadra 800 ID */
+}
+
+static void machine_id_write(void *opaque, hwaddr addr, uint64_t val,
+ unsigned size)
+{
+}
+
+static const MemoryRegionOps machine_id_ops = {
+.read = machine_id_read,
+.write = machine_id_write,
+.valid.min_access_size = 4,
+.valid.max_access_size = 4,
+};
+
 static void q800_init(MachineState *machine)
 {
 M68kCPU *cpu = NULL;
@@ -110,6 +127,7 @@ static void q800_init(MachineState *machine)
 MemoryRegion *rom;
 MemoryRegion *ram;
 MemoryRegion *io;
+MemoryRegion *machine_id;
 const int io_slice_nb = (IO_SIZE / IO_SLICE) - 1;
 int i;
 ram_addr_t ram_size = machine->ram_size;
@@ -159,6 +177,10 @@ static void q800_init(MachineState *machine)
 g_free(name);
 }
 
+machine_id = g_malloc(sizeof(*machine_id));
+memory_region_init_io(machine_id, NULL, &machine_id_ops, NULL, "Machine 
ID", 4);
+memory_region_add_subregion(get_system_memory(), 0x5ffc, machine_id);
+
 /* djMEMC memory and interrupt controller */
 
 djmemc_dev = qdev_create(NULL, TYPE_DJMEMC);
-- 
2.23.0




[PATCH 1/3] q800: fix ESCC base

2019-12-12 Thread Laurent Vivier
0xc020 is for Q900/Q950, Q800 uses 0xc000.
This value was provided to the kernel, this explains why it was working
even with wrong value

Signed-off-by: Laurent Vivier 
---
 hw/m68k/q800.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index 4ca8678007..ef0014f4c4 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -67,7 +67,7 @@
 #define VIA_BASE  (IO_BASE + 0x0)
 #define SONIC_PROM_BASE   (IO_BASE + 0x08000)
 #define SONIC_BASE(IO_BASE + 0x0a000)
-#define SCC_BASE  (IO_BASE + 0x0c020)
+#define SCC_BASE  (IO_BASE + 0x0c000)
 #define ESP_BASE  (IO_BASE + 0x1)
 #define ESP_PDMA  (IO_BASE + 0x10100)
 #define ASC_BASE  (IO_BASE + 0x14000)
-- 
2.23.0




[PATCH] mos6522: remove anh register

2019-12-12 Thread Laurent Vivier
Register addr 1 is defined as buffer A with handshake (vBufAH),
register addr 15 is also defined as buffer A without handshake (vBufA).

Linux kernel has a big "DON'T USE!" next to the register 1 addr
definition (vBufAH), and only uses register 15 (vBufA).

So remove the definition of 'anh' and use only 'a' (with VIA_REG_ANH and
VIA_REG_A).

Signed-off-by: Laurent Vivier 
---
 hw/misc/mos6522.c | 12 
 include/hw/misc/mos6522.h |  1 -
 2 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/hw/misc/mos6522.c b/hw/misc/mos6522.c
index cecf0be59e..86ede4005c 100644
--- a/hw/misc/mos6522.c
+++ b/hw/misc/mos6522.c
@@ -244,6 +244,7 @@ uint64_t mos6522_read(void *opaque, hwaddr addr, unsigned 
size)
 val = s->b;
 break;
 case VIA_REG_A:
+case VIA_REG_ANH:
 val = s->a;
 break;
 case VIA_REG_DIRB:
@@ -297,9 +298,7 @@ uint64_t mos6522_read(void *opaque, hwaddr addr, unsigned 
size)
 val = s->ier | 0x80;
 break;
 default:
-case VIA_REG_ANH:
-val = s->anh;
-break;
+g_assert_not_reached();
 }
 
 if (addr != VIA_REG_IFR || val != 0) {
@@ -322,6 +321,7 @@ void mos6522_write(void *opaque, hwaddr addr, uint64_t val, 
unsigned size)
 mdc->portB_write(s);
 break;
 case VIA_REG_A:
+case VIA_REG_ANH:
 s->a = (s->a & ~s->dira) | (val & s->dira);
 mdc->portA_write(s);
 break;
@@ -395,9 +395,7 @@ void mos6522_write(void *opaque, hwaddr addr, uint64_t val, 
unsigned size)
   qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
 break;
 default:
-case VIA_REG_ANH:
-s->anh = val;
-break;
+g_assert_not_reached();
 }
 }
 
@@ -439,7 +437,6 @@ const VMStateDescription vmstate_mos6522 = {
 VMSTATE_UINT8(pcr, MOS6522State),
 VMSTATE_UINT8(ifr, MOS6522State),
 VMSTATE_UINT8(ier, MOS6522State),
-VMSTATE_UINT8(anh, MOS6522State),
 VMSTATE_STRUCT_ARRAY(timers, MOS6522State, 2, 0,
  vmstate_mos6522_timer, MOS6522Timer),
 VMSTATE_END_OF_LIST()
@@ -460,7 +457,6 @@ static void mos6522_reset(DeviceState *dev)
 s->ifr = 0;
 s->ier = 0;
 /* s->ier = T1_INT | SR_INT; */
-s->anh = 0;
 
 s->timers[0].frequency = s->frequency;
 s->timers[0].latch = 0x;
diff --git a/include/hw/misc/mos6522.h b/include/hw/misc/mos6522.h
index 493c907537..97384c6e02 100644
--- a/include/hw/misc/mos6522.h
+++ b/include/hw/misc/mos6522.h
@@ -115,7 +115,6 @@ typedef struct MOS6522State {
 uint8_t pcr;
 uint8_t ifr;
 uint8_t ier;
-uint8_t anh;
 
 MOS6522Timer timers[2];
 uint64_t frequency;
-- 
2.23.0




Re: [PATCH v2 4/8] pci-stub: add more MSI functions

2019-12-12 Thread Philippe Mathieu-Daudé

On 12/12/19 6:29 PM, Paolo Bonzini wrote:

On x86, KVM needs some function from the PCI subsystem in order to set
up interrupt routes.  Provide some stubs to support x86 machines that
lack PCI.

Reviewed-by: Sergio Lopez 
Signed-off-by: Paolo Bonzini 


Reviewed-by: Philippe Mathieu-Daudé 


---
  hw/pci/pci-stub.c | 27 +++
  1 file changed, 27 insertions(+)

diff --git a/hw/pci/pci-stub.c b/hw/pci/pci-stub.c
index c04a5df..cc2a2e1 100644
--- a/hw/pci/pci-stub.c
+++ b/hw/pci/pci-stub.c
@@ -26,6 +26,7 @@
  #include "qapi/qmp/qerror.h"
  #include "hw/pci/pci.h"
  #include "hw/pci/msi.h"
+#include "hw/pci/msix.h"
  
  bool msi_nonbroken;

  bool pci_available;
@@ -64,3 +65,29 @@ void msi_notify(PCIDevice *dev, unsigned int vector)
  {
  g_assert_not_reached();
  }
+
+/* Required by target/i386/kvm.c */
+bool msi_is_masked(const PCIDevice *dev, unsigned vector)
+{
+g_assert_not_reached();
+}
+
+MSIMessage msi_get_message(PCIDevice *dev, unsigned int vector)
+{
+g_assert_not_reached();
+}
+
+int msix_enabled(PCIDevice *dev)
+{
+return false;
+}
+
+bool msix_is_masked(PCIDevice *dev, unsigned vector)
+{
+g_assert_not_reached();
+}
+
+MSIMessage msix_get_message(PCIDevice *dev, unsigned int vector)
+{
+g_assert_not_reached();
+}






[PATCH] target/m68k: only change valid bits in CACR

2019-12-12 Thread Laurent Vivier
This is used by netBSD (and MacOS ROM) to detect the MMU type

Signed-off-by: Laurent Vivier 
---
 target/m68k/cpu.c| 28 ++--
 target/m68k/cpu.h|  4 
 target/m68k/helper.c | 16 ++--
 3 files changed, 40 insertions(+), 8 deletions(-)

diff --git a/target/m68k/cpu.c b/target/m68k/cpu.c
index e6596de29c..1d202cec49 100644
--- a/target/m68k/cpu.c
+++ b/target/m68k/cpu.c
@@ -114,11 +114,8 @@ static void m68000_cpu_initfn(Object *obj)
 m68k_set_feature(env, M68K_FEATURE_MOVEP);
 }
 
-static void m68020_cpu_initfn(Object *obj)
+static void m680x0_cpu_common(CPUM68KState *env)
 {
-M68kCPU *cpu = M68K_CPU(obj);
-CPUM68KState *env = &cpu->env;
-
 m68k_set_feature(env, M68K_FEATURE_M68000);
 m68k_set_feature(env, M68K_FEATURE_USP);
 m68k_set_feature(env, M68K_FEATURE_WORD_INDEX);
@@ -136,14 +133,32 @@ static void m68020_cpu_initfn(Object *obj)
 m68k_set_feature(env, M68K_FEATURE_CHK2);
 m68k_set_feature(env, M68K_FEATURE_MOVEP);
 }
-#define m68030_cpu_initfn m68020_cpu_initfn
+
+static void m68020_cpu_initfn(Object *obj)
+{
+M68kCPU *cpu = M68K_CPU(obj);
+CPUM68KState *env = &cpu->env;
+
+m680x0_cpu_common(env);
+m68k_set_feature(env, M68K_FEATURE_MMU68851);
+}
+
+static void m68030_cpu_initfn(Object *obj)
+{
+M68kCPU *cpu = M68K_CPU(obj);
+CPUM68KState *env = &cpu->env;
+
+m680x0_cpu_common(env);
+m68k_set_feature(env, M68K_FEATURE_MMU68030);
+}
 
 static void m68040_cpu_initfn(Object *obj)
 {
 M68kCPU *cpu = M68K_CPU(obj);
 CPUM68KState *env = &cpu->env;
 
-m68020_cpu_initfn(obj);
+m680x0_cpu_common(env);
+m68k_set_feature(env, M68K_FEATURE_MMU68040);
 m68k_set_feature(env, M68K_FEATURE_M68040);
 }
 
@@ -166,6 +181,7 @@ static void m68060_cpu_initfn(Object *obj)
 m68k_set_feature(env, M68K_FEATURE_BKPT);
 m68k_set_feature(env, M68K_FEATURE_RTD);
 m68k_set_feature(env, M68K_FEATURE_CHK2);
+m68k_set_feature(env, M68K_FEATURE_MMU68060);
 }
 
 static void m5208_cpu_initfn(Object *obj)
diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index 20de3c379a..36e4353b44 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -483,6 +483,10 @@ enum m68k_features {
 M68K_FEATURE_CHK2,
 M68K_FEATURE_M68040, /* instructions specific to MC68040 */
 M68K_FEATURE_MOVEP,
+M68K_FEATURE_MMU68851,
+M68K_FEATURE_MMU68030,
+M68K_FEATURE_MMU68040,
+M68K_FEATURE_MMU68060,
 };
 
 static inline int m68k_feature(CPUM68KState *env, int feature)
diff --git a/target/m68k/helper.c b/target/m68k/helper.c
index ae766a6cb0..b5758bbd7d 100644
--- a/target/m68k/helper.c
+++ b/target/m68k/helper.c
@@ -205,7 +205,13 @@ void HELPER(m68k_movec_to)(CPUM68KState *env, uint32_t 
reg, uint32_t val)
 return;
 /* MC680[234]0 */
 case M68K_CR_CACR:
-env->cacr = val;
+if (m68k_feature(env, M68K_FEATURE_MMU68040)) {
+env->cacr = val & 0x80008000;
+} else if (m68k_feature(env, M68K_FEATURE_MMU68030)) {
+env->cacr = val & 0x3fff;
+} else if (m68k_feature(env, M68K_FEATURE_MMU68851)) {
+env->cacr = val & 0x000f;
+}
 m68k_switch_sp(env);
 return;
 /* MC680[34]0 */
@@ -261,7 +267,13 @@ uint32_t HELPER(m68k_movec_from)(CPUM68KState *env, 
uint32_t reg)
 return env->vbr;
 /* MC680[234]0 */
 case M68K_CR_CACR:
-return env->cacr;
+if (m68k_feature(env, M68K_FEATURE_MMU68040)) {
+return env->cacr & 0x80008000;
+} else if (m68k_feature(env, M68K_FEATURE_MMU68030)) {
+return env->cacr & 0x3fff;
+} else if (m68k_feature(env, M68K_FEATURE_MMU68851)) {
+return env->cacr & 0x000f;
+}
 /* MC680[34]0 */
 case M68K_CR_TC:
 return env->mmu.tcr;
-- 
2.23.0




Re: [PATCH] runstate: ignore finishmigrate -> prelaunch transition

2019-12-12 Thread Laurent Vivier
On 06/12/2019 20:52, Dr. David Alan Gilbert wrote:
> * Laurent Vivier (lviv...@redhat.com) wrote:
>> Commit 1bd71dce4bf2 tries to prevent a finishmigrate -> prelaunch
>> transition by exiting at the beginning of the main_loop_should_exit()
>> function if the state is already finishmigrate.
>>
>> As the finishmigrate state is set in the migration thread it can
>> happen concurrently to the function. The migration thread and the
>> function are normally protected by the iothread mutex and thus the
>> state should no evolve between the start of the function and its end.
>>
>> Unfortunately during the function life the lock is released by
>> pause_all_vcpus() just before the point we need to be sure we are
>> not in finishmigrate state and if the migration thread is waiting
>> for the lock it will take the opportunity to change the state
>> to finishmigrate.
> 
> Ewww.
> I hate those short wakeups for pause_all_vcpus; I'm sure there are loads
> more corners that break.
> 
> Still, I _think_ this is an improvement, so:
> 
> Reviewed-by: Dr. David Alan Gilbert 
> 

Who volunteers to take this in his queue?

Thanks,
Laurent




Re: [RFC PATCH v2 1/5] hw: add compat machines for 5.0

2019-12-12 Thread Eduardo Habkost
On Thu, Dec 12, 2019 at 06:33:16PM +0100, Andrew Jones wrote:
> Add 5.0 machine types for arm/i440fx/q35/s390x/spapr.
> 
> Signed-off-by: Andrew Jones 
> 
> ---
> 
> Hi Eduardo,
> 
> If we need to do something special for i440fx and q35, as
> 9aec2e52ce9d ("hw: add compat machines for 4.2") implies, then
> I'll need guidance as to what.

Keeping default_cpu_version==1 in pc-*-5.0 (like you did) is
correct.

However, you might want to use Cornelia's patch (which is
probably already queued in the s390 tree) instead:
https://patchew.org/QEMU/20191112104811.30323-1-coh...@redhat.com

-- 
Eduardo




Re: [PATCH v2 3/8] hw: replace hw/i386/pc.h with a header just for the i8259

2019-12-12 Thread Philippe Mathieu-Daudé

On 12/12/19 6:29 PM, Paolo Bonzini wrote:

Remove the need to include i386/pc.h to get to the i8259 functions.
This is enough to remove the inclusion of hw/i386/pc.h from all non-x86
files.


Eh this is very similar to the patch I'v staged for 5.0, now than the 
Malta/PC split got merged.




Signed-off-by: Paolo Bonzini 
---
  hw/alpha/alpha_sys.h|  3 ++-
  hw/alpha/dp264.c|  1 +
  hw/hppa/hppa_sys.h  |  3 ++-
  hw/hppa/machine.c   |  1 +
  hw/i386/kvm/i8259.c |  1 +
  hw/i386/microvm.c   |  1 +
  hw/i386/pc.c|  1 +
  hw/i386/x86.c   |  1 +
  hw/input/pckbd.c|  1 -
  hw/intc/Kconfig |  2 ++
  hw/intc/apic.c  |  2 +-
  hw/intc/i8259.c |  2 +-
  hw/intc/i8259_common.c  |  2 +-
  hw/intc/ioapic.c|  3 ++-
  hw/isa/i82378.c |  2 +-
  hw/isa/lpc_ich9.c   |  1 -
  hw/isa/piix4.c  |  2 +-
  hw/mips/gt64xxx_pci.c   |  2 +-
  hw/mips/mips_fulong2e.c |  2 +-
  hw/mips/mips_jazz.c |  2 +-
  hw/mips/mips_r4k.c  |  2 +-
  hw/pci-host/bonito.c|  1 -
  hw/pci-host/prep.c  |  2 +-
  include/hw/i386/pc.h|  8 
  include/hw/intc/i8259.h | 12 
  include/hw/isa/i8259_internal.h |  2 +-
  target/i386/monitor.c   |  1 -
  27 files changed, 37 insertions(+), 26 deletions(-)
  create mode 100644 include/hw/intc/i8259.h


Can you setup QEMU scripts/git.orderfile?



diff --git a/hw/alpha/alpha_sys.h b/hw/alpha/alpha_sys.h
index 4e127a6..95033d7 100644
--- a/hw/alpha/alpha_sys.h
+++ b/hw/alpha/alpha_sys.h
@@ -7,7 +7,8 @@
  #include "hw/pci/pci.h"
  #include "hw/pci/pci_host.h"
  #include "hw/ide.h"
-#include "hw/i386/pc.h"
+#include "hw/boards.h"
+#include "hw/intc/i8259.h"
  
  
  PCIBus *typhoon_init(ram_addr_t, ISABus **, qemu_irq *, AlphaCPU *[4],

diff --git a/hw/alpha/dp264.c b/hw/alpha/dp264.c
index 4320497..5ed9a5a 100644
--- a/hw/alpha/dp264.c
+++ b/hw/alpha/dp264.c
@@ -20,6 +20,7 @@
  #include "hw/timer/i8254.h"
  #include "hw/isa/superio.h"
  #include "hw/dma/i8257.h"
+#include "net/net.h"
  #include "qemu/cutils.h"
  
  #define MAX_IDE_BUS 2

diff --git a/hw/hppa/hppa_sys.h b/hw/hppa/hppa_sys.h
index 43d25d2..4e50196 100644
--- a/hw/hppa/hppa_sys.h
+++ b/hw/hppa/hppa_sys.h
@@ -6,7 +6,8 @@
  #include "hw/pci/pci.h"
  #include "hw/pci/pci_host.h"
  #include "hw/ide.h"
-#include "hw/i386/pc.h"
+#include "hw/boards.h"
+#include "hw/intc/i8259.h"
  
  #include "hppa_hardware.h"
  
diff --git a/hw/hppa/machine.c b/hw/hppa/machine.c

index b30aba6..5d0de26 100644
--- a/hw/hppa/machine.c
+++ b/hw/hppa/machine.c
@@ -19,6 +19,7 @@
  #include "hppa_sys.h"
  #include "qemu/units.h"
  #include "qapi/error.h"
+#include "net/net.h"
  #include "qemu/log.h"
  
  #define MAX_IDE_BUS 2

diff --git a/hw/i386/kvm/i8259.c b/hw/i386/kvm/i8259.c
index d0c1b1d..e404fdc 100644
--- a/hw/i386/kvm/i8259.c
+++ b/hw/i386/kvm/i8259.c
@@ -12,6 +12,7 @@
  
  #include "qemu/osdep.h"

  #include "hw/isa/i8259_internal.h"
+#include "hw/intc/i8259.h"
  #include "qemu/module.h"
  #include "hw/i386/apic_internal.h"
  #include "hw/irq.h"
diff --git a/hw/i386/microvm.c b/hw/i386/microvm.c
index def37e6..2068319 100644
--- a/hw/i386/microvm.c
+++ b/hw/i386/microvm.c
@@ -34,6 +34,7 @@
  #include "hw/i386/x86.h"
  #include "hw/i386/pc.h"
  #include "target/i386/cpu.h"
+#include "hw/intc/i8259.h"
  #include "hw/timer/i8254.h"
  #include "hw/rtc/mc146818rtc.h"
  #include "hw/char/serial.h"
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 3d2c5d8..fdbd2bf 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -44,6 +44,7 @@
  #include "migration/vmstate.h"
  #include "multiboot.h"
  #include "hw/rtc/mc146818rtc.h"
+#include "hw/intc/i8259.h"
  #include "hw/dma/i8257.h"
  #include "hw/timer/i8254.h"
  #include "hw/input/i8042.h"
diff --git a/hw/i386/x86.c b/hw/i386/x86.c
index 394edc2..3e4aee5 100644
--- a/hw/i386/x86.c
+++ b/hw/i386/x86.c
@@ -39,6 +39,7 @@
  #include "target/i386/cpu.h"
  #include "hw/i386/topology.h"
  #include "hw/i386/fw_cfg.h"
+#include "hw/intc/i8259.h"
  
  #include "hw/acpi/cpu_hotplug.h"

  #include "hw/nmi.h"
diff --git a/hw/input/pckbd.c b/hw/input/pckbd.c
index f0acfd8..2f09f78 100644
--- a/hw/input/pckbd.c
+++ b/hw/input/pckbd.c
@@ -26,7 +26,6 @@
  #include "qemu/log.h"
  #include "hw/isa/isa.h"
  #include "migration/vmstate.h"
-#include "hw/i386/pc.h"
  #include "hw/input/ps2.h"
  #include "hw/irq.h"
  #include "hw/input/i8042.h"
diff --git a/hw/intc/Kconfig b/hw/intc/Kconfig
index 5347f84..10a680b 100644
--- a/hw/intc/Kconfig
+++ b/hw/intc/Kconfig
@@ -9,6 +9,7 @@ config PL190
  
  config IOAPIC

  bool
+select I8259
  
  config ARM_GIC

  bool
@@ -21,6 +22,7 @@ config OPENPIC
  config APIC
  bool
  select MSI_NONBROKEN
+select I8259
  
  config ARM_GIC_KVM

  bool
diff

[PULL 10/10] tests: use g_test_rand_int

2019-12-12 Thread Thomas Huth
From: Paolo Bonzini 

g_test_rand_int provides a reproducible random integer number, using a
different number seed every time but allowing reproduction using the
--seed command line option.  It is thus better suited to tests than
g_random_int or random.

Signed-off-by: Paolo Bonzini 
Message-Id: <1576113478-42926-1-git-send-email-pbonz...@redhat.com>
Reviewed-by: Thomas Huth 
Reviewed-by: Richard Henderson 
Signed-off-by: Thomas Huth 
---
 tests/ivshmem-test.c | 2 +-
 tests/test-bitmap.c  | 8 
 tests/test-qga.c | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/tests/ivshmem-test.c b/tests/ivshmem-test.c
index be9aa92a61..ecda256472 100644
--- a/tests/ivshmem-test.c
+++ b/tests/ivshmem-test.c
@@ -443,7 +443,7 @@ static gchar *mktempshm(int size, int *fd)
 while (true) {
 gchar *name;
 
-name = g_strdup_printf("/qtest-%u-%u", getpid(), g_random_int());
+name = g_strdup_printf("/qtest-%u-%u", getpid(), g_test_rand_int());
 *fd = shm_open(name, O_CREAT|O_RDWR|O_EXCL,
S_IRWXU|S_IRWXG|S_IRWXO);
 if (*fd > 0) {
diff --git a/tests/test-bitmap.c b/tests/test-bitmap.c
index 087e02a26c..2f5b71458a 100644
--- a/tests/test-bitmap.c
+++ b/tests/test-bitmap.c
@@ -22,10 +22,10 @@ static void check_bitmap_copy_with_offset(void)
 bmap2 = bitmap_new(BMAP_SIZE);
 bmap3 = bitmap_new(BMAP_SIZE);
 
-bmap1[0] = random();
-bmap1[1] = random();
-bmap1[2] = random();
-bmap1[3] = random();
+bmap1[0] = g_test_rand_int();
+bmap1[1] = g_test_rand_int();
+bmap1[2] = g_test_rand_int();
+bmap1[3] = g_test_rand_int();
 total = BITS_PER_LONG * 4;
 
 /* Shift 115 bits into bmap2 */
diff --git a/tests/test-qga.c b/tests/test-qga.c
index 1ca49bbced..d2b2435bb4 100644
--- a/tests/test-qga.c
+++ b/tests/test-qga.c
@@ -143,7 +143,7 @@ static void qmp_assertion_message_error(const char 
*domain,
 static void test_qga_sync_delimited(gconstpointer fix)
 {
 const TestFixture *fixture = fix;
-guint32 v, r = g_random_int();
+guint32 v, r = g_test_rand_int();
 unsigned char c;
 QDict *ret;
 
@@ -186,7 +186,7 @@ static void test_qga_sync_delimited(gconstpointer fix)
 static void test_qga_sync(gconstpointer fix)
 {
 const TestFixture *fixture = fix;
-guint32 v, r = g_random_int();
+guint32 v, r = g_test_rand_int();
 QDict *ret;
 
 /*
-- 
2.18.1




[PULL 08/10] glib: use portable g_setenv()

2019-12-12 Thread Thomas Huth
From: Marc-André Lureau 

We have a setenv() wrapper in os-win32.c that no one is actually using.
Drop it and change to g_setenv() uniformly.

Signed-off-by: Marc-André Lureau 
Signed-off-by: Paolo Bonzini 
Message-Id: <1576074210-52834-7-git-send-email-pbonz...@redhat.com>
Reviewed-by: Thomas Huth 
Signed-off-by: Thomas Huth 
---
 include/sysemu/os-win32.h|  2 --
 os-win32.c   | 22 --
 tests/libqtest.c |  2 +-
 tests/test-crypto-tlscredsx509.c |  2 +-
 tests/test-crypto-tlssession.c   |  2 +-
 tests/test-io-channel-tls.c  |  2 +-
 tests/test-vmstate.c |  2 +-
 ui/sdl2.c|  2 +-
 8 files changed, 6 insertions(+), 30 deletions(-)

diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h
index ff18b23db1..d8978e28c0 100644
--- a/include/sysemu/os-win32.h
+++ b/include/sysemu/os-win32.h
@@ -67,8 +67,6 @@ int getpagesize(void);
 # define EPROTONOSUPPORT EINVAL
 #endif
 
-int setenv(const char *name, const char *value, int overwrite);
-
 typedef struct {
 long tv_sec;
 long tv_usec;
diff --git a/os-win32.c b/os-win32.c
index 1336cd34f0..6b86e022f0 100644
--- a/os-win32.c
+++ b/os-win32.c
@@ -30,28 +30,6 @@
 #include "qemu-options.h"
 #include "sysemu/runstate.h"
 
-/***/
-/* Functions missing in mingw */
-
-int setenv(const char *name, const char *value, int overwrite)
-{
-int result = 0;
-if (overwrite || !getenv(name)) {
-size_t length = strlen(name) + strlen(value) + 2;
-char *string = g_malloc(length);
-snprintf(string, length, "%s=%s", name, value);
-result = putenv(string);
-
-/* Windows takes a copy and does not continue to use our string.
- * Therefore it can be safely freed on this platform.  POSIX code
- * typically has to leak the string because according to the spec it
- * becomes part of the environment.
- */
-g_free(string);
-}
-return result;
-}
-
 static BOOL WINAPI qemu_ctrl_handler(DWORD type)
 {
 qemu_system_shutdown_request(SHUTDOWN_CAUSE_HOST_SIGNAL);
diff --git a/tests/libqtest.c b/tests/libqtest.c
index 91e9cb220c..f36e30a4de 100644
--- a/tests/libqtest.c
+++ b/tests/libqtest.c
@@ -254,7 +254,7 @@ QTestState *qtest_init_without_qmp_handshake(const char 
*extra_args)
 s->expected_status = 0;
 s->qemu_pid = fork();
 if (s->qemu_pid == 0) {
-setenv("QEMU_AUDIO_DRV", "none", true);
+g_setenv("QEMU_AUDIO_DRV", "none", true);
 execlp("/bin/sh", "sh", "-c", command, NULL);
 exit(1);
 }
diff --git a/tests/test-crypto-tlscredsx509.c b/tests/test-crypto-tlscredsx509.c
index a27efb7540..f487349c32 100644
--- a/tests/test-crypto-tlscredsx509.c
+++ b/tests/test-crypto-tlscredsx509.c
@@ -141,7 +141,7 @@ int main(int argc, char **argv)
 
 module_call_init(MODULE_INIT_QOM);
 g_test_init(&argc, &argv, NULL);
-setenv("GNUTLS_FORCE_FIPS_MODE", "2", 1);
+g_setenv("GNUTLS_FORCE_FIPS_MODE", "2", 1);
 
 mkdir(WORKDIR, 0700);
 
diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c
index 6560d7134f..8b2453fa79 100644
--- a/tests/test-crypto-tlssession.c
+++ b/tests/test-crypto-tlssession.c
@@ -398,7 +398,7 @@ int main(int argc, char **argv)
 
 module_call_init(MODULE_INIT_QOM);
 g_test_init(&argc, &argv, NULL);
-setenv("GNUTLS_FORCE_FIPS_MODE", "2", 1);
+g_setenv("GNUTLS_FORCE_FIPS_MODE", "2", 1);
 
 mkdir(WORKDIR, 0700);
 
diff --git a/tests/test-io-channel-tls.c b/tests/test-io-channel-tls.c
index 3c9ef6f941..ad7554c534 100644
--- a/tests/test-io-channel-tls.c
+++ b/tests/test-io-channel-tls.c
@@ -273,7 +273,7 @@ int main(int argc, char **argv)
 
 module_call_init(MODULE_INIT_QOM);
 g_test_init(&argc, &argv, NULL);
-setenv("GNUTLS_FORCE_FIPS_MODE", "2", 1);
+g_setenv("GNUTLS_FORCE_FIPS_MODE", "2", 1);
 
 mkdir(WORKDIR, 0700);
 
diff --git a/tests/test-vmstate.c b/tests/test-vmstate.c
index 1e5be1d4ff..8f184f3556 100644
--- a/tests/test-vmstate.c
+++ b/tests/test-vmstate.c
@@ -1325,7 +1325,7 @@ int main(int argc, char **argv)
 
 module_call_init(MODULE_INIT_QOM);
 
-setenv("QTEST_SILENT_ERRORS", "1", 1);
+g_setenv("QTEST_SILENT_ERRORS", "1", 1);
 
 g_test_init(&argc, &argv, NULL);
 g_test_add_func("/vmstate/simple/primitive", test_simple_primitive);
diff --git a/ui/sdl2.c b/ui/sdl2.c
index bd4e73661d..9030f1c42e 100644
--- a/ui/sdl2.c
+++ b/ui/sdl2.c
@@ -772,7 +772,7 @@ static void sdl2_display_init(DisplayState *ds, 
DisplayOptions *o)
  * This is a bit hackish but saves us from bigger problem.
  * Maybe it's a good idea to fix this in SDL instead.
  */
-setenv("SDL_VIDEODRIVER", "x11", 0);
+g_setenv("SDL_VIDEODRIVER", "x11", 0);
 #endif
 
 if (SDL_Init(SDL_INIT_VIDEO)) {
-- 
2.18.1




Re: QEMU VM crashes when enabling KVM

2019-12-12 Thread BALATON Zoltan

Hello,

I'm no expert on PPC KVM and don't have much experience with it myself so 
what I say may or may not be correct, it's just my understanding. 
Nevertheless I share it in the hope that it may help and maybe those who 
know will correct me.



On Thu, Dec 12, 2019 at 1:17 AM Paolo Bonzini  wrote:

On 12/12/19 02:59, Wayne Li wrote:

We wrote a project that is created on top of the QEMU source code; it
calls functions from the QEMU code.  I run the executable created by
compiling that project/QEMU code.  Anyway, looking at the following
documentation:

https://www.kernel.org/doc/Documentation/powerpc/cpu_families.txt

It looks like the PowerPC 7457 is Book3S and the PowerPC e6500 is
BookE.  Is that why you think I require a Book3S KVM?  Exactly why do
you feel this way?  Also would that mean my team would need to go and
buy a board with a Book3S processor?


CCing the PPC maintainer.  There are aspects of BookE and Book3S that
are different and not really interchangeable in the privileged interface.


It's best to look at the kvm sources in Linux under linux/arch/powerpc/kvm 
or also ask on the appropriate Linux list for KVM specific questions. 
AFAIK KVM between BookE and BookS CPUs doesn't work, at least running 
BookE guest on a BookS host doesn't work which is what we've tried. You 
seem to want the opposite direction: running BookS code on BookE host but 
I think PPC KVM works best on BookS host running BookS code and apart from 
that there's some support for running BookE code on BookE host for e500 
but that's not much supported any more and that's it, other combinations 
are likely untested and don't work. So it's best to have host CPU match 
target (running e500 code on e6500 host or run 7457 code on same or newer 
host CPU, but the more different the host from the guest the most problems 
are to be expected). There are also HV and PR KVM where HV needs new 
enough CPU that supports it (e6500 probably does) but guest CPU cannot be 
different than host with HV KVM. With PR KVM there's some more freedom 
about host and guest as only user space runs on host CPU with privileged 
instructions are software emulated but mixing BookE and BookS is not 
supported even with PR KVM if I'm not mistaken. So you may have better 
luck with some BookS host but I can't tell for sure.


Regrads,
BALATON Zoltan



[PULL 07/10] hw/misc/ivshmem: Bury dead legacy INTx code

2019-12-12 Thread Thomas Huth
From: Markus Armbruster 

Devices "ivshmem-plain" and "ivshmem-doorbell" support only MSI-X.
Config space register Interrupt Pin is zero.  Device "ivshmem"
additionally supported legacy INTx, but it was removed in commit
5a0e75f0a9 "hw/misc/ivshmem: Remove deprecated "ivshmem" legacy
device".  The commit left ivshmem_update_irq() behind.  Since the
Interrupt Pin register is zero, the function does nothing.  Remove it.

Signed-off-by: Markus Armbruster 
Reviewed-by: Thomas Huth 
Message-Id: <20191205203557.11254-1-arm...@redhat.com>
Signed-off-by: Thomas Huth 
---
 hw/misc/ivshmem.c | 35 ---
 1 file changed, 35 deletions(-)

diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c
index 5e3b05eae0..710cdb7263 100644
--- a/hw/misc/ivshmem.c
+++ b/hw/misc/ivshmem.c
@@ -136,44 +136,11 @@ static inline bool ivshmem_is_master(IVShmemState *s)
 return s->master == ON_OFF_AUTO_ON;
 }
 
-static void ivshmem_update_irq(IVShmemState *s)
-{
-PCIDevice *d = PCI_DEVICE(s);
-uint32_t isr = s->intrstatus & s->intrmask;
-
-/*
- * Do nothing unless the device actually uses INTx.  Here's how
- * the device variants signal interrupts, what they put in PCI
- * config space:
- * Device variantInterrupt  Interrupt Pin  MSI-X cap.
- * ivshmem-plain none0 no
- * ivshmem-doorbell MSI-X1yes(1)
- * ivshmem,msi=off   INTx1 no
- * ivshmem,msi=on   MSI-X1(2) yes(1)
- * (1) if guest enabled MSI-X
- * (2) the device lies
- * Leads to the condition for doing nothing:
- */
-if (ivshmem_has_feature(s, IVSHMEM_MSI)
-|| !d->config[PCI_INTERRUPT_PIN]) {
-return;
-}
-
-/* don't print ISR resets */
-if (isr) {
-IVSHMEM_DPRINTF("Set IRQ to %d (%04x %04x)\n",
-isr ? 1 : 0, s->intrstatus, s->intrmask);
-}
-
-pci_set_irq(d, isr != 0);
-}
-
 static void ivshmem_IntrMask_write(IVShmemState *s, uint32_t val)
 {
 IVSHMEM_DPRINTF("IntrMask write(w) val = 0x%04x\n", val);
 
 s->intrmask = val;
-ivshmem_update_irq(s);
 }
 
 static uint32_t ivshmem_IntrMask_read(IVShmemState *s)
@@ -189,7 +156,6 @@ static void ivshmem_IntrStatus_write(IVShmemState *s, 
uint32_t val)
 IVSHMEM_DPRINTF("IntrStatus write(w) val = 0x%04x\n", val);
 
 s->intrstatus = val;
-ivshmem_update_irq(s);
 }
 
 static uint32_t ivshmem_IntrStatus_read(IVShmemState *s)
@@ -198,7 +164,6 @@ static uint32_t ivshmem_IntrStatus_read(IVShmemState *s)
 
 /* reading ISR clears all interrupts */
 s->intrstatus = 0;
-ivshmem_update_irq(s);
 return ret;
 }
 
-- 
2.18.1




[PULL 06/10] pseries: disable migration-test if /dev/kvm cannot be used

2019-12-12 Thread Thomas Huth
From: Laurent Vivier 

On ppc64, migration-test only works with kvm_hv, and we already
have a check to verify the module is loaded.

kvm_hv module can be loaded in memory and /sys/module/kvm_hv exists,
but on some systems (like build systems) /dev/kvm can be missing
(by administrators choice).

And as kvm_hv exists test-migration is started but QEMU falls back to
TCG because it cannot be used:

Could not access KVM kernel module: No such file or directory
failed to initialize KVM: No such file or directory
Back to tcg accelerator

And as the test is done with TCG, it fails.

As for s390x, we must check for the existence and the access rights
of /dev/kvm.

Reported-by: Cole Robinson 
Signed-off-by: Laurent Vivier 
Message-Id: <20191120170955.242900-1-lviv...@redhat.com>
Reviewed-by: Thomas Huth 
Reviewed-by: Greg Kurz 
Reviewed-by: Juan Quintela 
Signed-off-by: Thomas Huth 
---
 tests/migration-test.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/migration-test.c b/tests/migration-test.c
index ebd77a581a..a5343fdc66 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -1349,7 +1349,8 @@ int main(int argc, char **argv)
  * some reason)
  */
 if (g_str_equal(qtest_get_arch(), "ppc64") &&
-access("/sys/module/kvm_hv", F_OK)) {
+(access("/sys/module/kvm_hv", F_OK) ||
+ access("/dev/kvm", R_OK | W_OK))) {
 g_test_message("Skipping test: kvm_hv not available");
 return g_test_run();
 }
-- 
2.18.1




[PULL 01/10] hw/arm/nseries: Replace the bluetooth chardev with a "null" chardev

2019-12-12 Thread Thomas Huth
We are going to remove the bitrotten bluetooth backend, so we can
not use it in the n800 and n810 machines anymore. Replace the chardev
here with a "null" chardev and stop including the "hw/bt.h" header.

I am not aware of a full working N8x0 environment that can be used to
test these machines, but the Linux kernel from the Meego project that
can be found on http://stskeeps.subnetmask.net/meego-n8x0/ still seems
to boot as far as it did before.

Message-Id: <20191120091014.16883-2-th...@redhat.com>
Reviewed-by: Peter Maydell 
Acked-by: Paolo Bonzini 
Signed-off-by: Thomas Huth 
---
 hw/arm/nseries.c | 16 +++-
 qemu-doc.texi|  2 --
 2 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/hw/arm/nseries.c b/hw/arm/nseries.c
index 7e361936a9..3fd196fb30 100644
--- a/hw/arm/nseries.c
+++ b/hw/arm/nseries.c
@@ -21,6 +21,7 @@
 #include "qemu/osdep.h"
 #include "qapi/error.h"
 #include "cpu.h"
+#include "chardev/char.h"
 #include "qemu/cutils.h"
 #include "qemu/bswap.h"
 #include "sysemu/reset.h"
@@ -39,7 +40,6 @@
 #include "hw/qdev-properties.h"
 #include "hw/block/flash.h"
 #include "hw/hw.h"
-#include "hw/bt.h"
 #include "hw/loader.h"
 #include "hw/sysbus.h"
 #include "qemu/log.h"
@@ -792,13 +792,11 @@ static void n8x0_cbus_setup(struct n800_s *s)
 
 static void n8x0_uart_setup(struct n800_s *s)
 {
-Chardev *radio = uart_hci_init();
-
-qdev_connect_gpio_out(s->mpu->gpio, N8X0_BT_RESET_GPIO,
-csrhci_pins_get(radio)[csrhci_pin_reset]);
-qdev_connect_gpio_out(s->mpu->gpio, N8X0_BT_WKUP_GPIO,
-csrhci_pins_get(radio)[csrhci_pin_wakeup]);
-
+Chardev *radio = qemu_chr_new("bt-dummy-uart", "null", NULL);
+/*
+ * Note: We used to connect N8X0_BT_RESET_GPIO and N8X0_BT_WKUP_GPIO
+ * here, but this code has been removed with the bluetooth backend.
+ */
 omap_uart_attach(s->mpu->uart[BT_UART], radio);
 }
 
@@ -1137,7 +1135,7 @@ static struct omap_partition_info_s {
 { 0, 0, 0, NULL }
 };
 
-static bdaddr_t n8x0_bd_addr = {{ N8X0_BD_ADDR }};
+static uint8_t n8x0_bd_addr[6] = { N8X0_BD_ADDR };
 
 static int n8x0_atag_setup(void *p, int model)
 {
diff --git a/qemu-doc.texi b/qemu-doc.texi
index 3ddf5c0a68..ed3df01dac 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -2308,8 +2308,6 @@ Secure Digital card connected to OMAP MMC/SD host
 @item
 Three OMAP on-chip UARTs and on-chip STI debugging console
 @item
-A Bluetooth(R) transceiver and HCI connected to an UART
-@item
 Mentor Graphics "Inventra" dual-role USB controller embedded in a TI
 TUSB6010 chip - only USB host mode is supported
 @item
-- 
2.18.1




[PULL 09/10] tests/Makefile: Fix check-report.* targets shown in check-help

2019-12-12 Thread Thomas Huth
From: Wainer dos Santos Moschetta 

The check-report.html and check-report.xml targets were replaced
with check-report.tap in commit 9df43317b82 but the check-help
text was not updated so it still lists check-report.html.

Fixes: 9df43317b82
Signed-off-by: Wainer dos Santos Moschetta 
Message-Id: <20191211204427.4681-2-waine...@redhat.com>
Reviewed-by: Thomas Huth 
Signed-off-by: Thomas Huth 
---
 tests/Makefile.include | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/tests/Makefile.include b/tests/Makefile.include
index 8566f5f119..680bd8a669 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -16,12 +16,10 @@ check-help:
@echo " $(MAKE) check-softfloat  Run FPU emulation tests"
@echo " $(MAKE) check-acceptance Run all acceptance (functional) 
tests"
@echo
-   @echo " $(MAKE) check-report.htmlGenerates an HTML test report"
+   @echo " $(MAKE) check-report.tap Generates an aggregated TAP test 
report"
@echo " $(MAKE) check-venv   Creates a Python venv for tests"
@echo " $(MAKE) check-clean  Clean the tests and related data"
@echo
-   @echo "Please note that HTML reports do not regenerate if the unit 
tests"
-   @echo "have not changed."
@echo
@echo "The variable SPEED can be set to control the gtester speed 
setting."
@echo "Default options are -k and (for $(MAKE) V=1) --verbose; they can 
be"
-- 
2.18.1




[PULL 05/10] tests: fix modules-test 'duplicate test case' error

2019-12-12 Thread Thomas Huth
From: Cole Robinson 

./configure --enable-sdl --audio-drv-list=sdl --enable-modules

Will generate two identical test names: /$arch/module/load/sdl
Which generates an error like:

(tests/modules-test:23814): GLib-ERROR **: 18:23:06.359: duplicate test case 
path: /aarch64//module/load/sdl

Add the subsystem prefix in the name as well, so instead we get:

/$arch/module/load/audio-sdl
/$arch/module/load/ui-sdl

Signed-off-by: Cole Robinson 
Message-Id: 

Reviewed-by: Marc-André Lureau 
Reviewed-by: Thomas Huth 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Thomas Huth 
---
 tests/modules-test.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/modules-test.c b/tests/modules-test.c
index d1a6ace218..88217686e1 100644
--- a/tests/modules-test.c
+++ b/tests/modules-test.c
@@ -64,7 +64,8 @@ int main(int argc, char *argv[])
 g_test_init(&argc, &argv, NULL);
 
 for (i = 0; i < G_N_ELEMENTS(modules); i += 2) {
-char *testname = g_strdup_printf("/module/load/%s", modules[i + 1]);
+char *testname = g_strdup_printf("/module/load/%s%s",
+ modules[i], modules[i + 1]);
 qtest_add_data_func(testname, modules + i, test_modules_load);
 g_free(testname);
 }
-- 
2.18.1




[PULL 04/10] Remove libbluetooth / bluez from the CI tests

2019-12-12 Thread Thomas Huth
Since the bluetooth code has been removed, we don't need to test
with this library anymore.

Message-Id: <20191120091014.16883-5-th...@redhat.com>
Acked-by: Paolo Bonzini 
Signed-off-by: Thomas Huth 
---
 .gitlab-ci.yml | 2 +-
 tests/docker/dockerfiles/fedora.docker | 1 -
 tests/docker/dockerfiles/ubuntu.docker | 1 -
 tests/docker/dockerfiles/ubuntu1804.docker | 1 -
 4 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index be57c6a454..a28e389794 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -36,7 +36,7 @@ build-disabled:
 
 build-tcg-disabled:
  script:
- - apt-get install -y -qq clang libgtk-3-dev libbluetooth-dev libusb-dev
+ - apt-get install -y -qq clang libgtk-3-dev libusb-dev
  - ./configure --cc=clang --enable-werror --disable-tcg --audio-drv-list=""
  - make -j2
  - make check-unit
diff --git a/tests/docker/dockerfiles/fedora.docker 
b/tests/docker/dockerfiles/fedora.docker
index 4ddc7dd112..f143b26cf3 100644
--- a/tests/docker/dockerfiles/fedora.docker
+++ b/tests/docker/dockerfiles/fedora.docker
@@ -2,7 +2,6 @@ FROM fedora:30
 ENV PACKAGES \
 bc \
 bison \
-bluez-libs-devel \
 brlapi-devel \
 bzip2 \
 bzip2-devel \
diff --git a/tests/docker/dockerfiles/ubuntu.docker 
b/tests/docker/dockerfiles/ubuntu.docker
index f486492224..1b3b2693d2 100644
--- a/tests/docker/dockerfiles/ubuntu.docker
+++ b/tests/docker/dockerfiles/ubuntu.docker
@@ -19,7 +19,6 @@ ENV PACKAGES flex bison \
 glusterfs-common \
 libaio-dev \
 libattr1-dev \
-libbluetooth-dev \
 libbrlapi-dev \
 libbz2-dev \
 libcacard-dev \
diff --git a/tests/docker/dockerfiles/ubuntu1804.docker 
b/tests/docker/dockerfiles/ubuntu1804.docker
index 3cc4f492c4..21a5f2c45c 100644
--- a/tests/docker/dockerfiles/ubuntu1804.docker
+++ b/tests/docker/dockerfiles/ubuntu1804.docker
@@ -8,7 +8,6 @@ ENV PACKAGES flex bison \
 glusterfs-common \
 libaio-dev \
 libattr1-dev \
-libbluetooth-dev \
 libbrlapi-dev \
 libbz2-dev \
 libcacard-dev \
-- 
2.18.1




[PULL 00/10] Bluetooth removal, and qtest & misc patches

2019-12-12 Thread Thomas Huth
 Hi,

the following changes since commit 52901abf94477b400cf88c1f70bb305e690ba2de:

  Update version for v4.2.0-rc5 release (2019-12-10 17:15:21 +)

are available in the Git repository at:

  https://gitlab.com/huth/qemu.git tags/pull-request-2019-12-12

for you to fetch changes up to e38f04c4db40a9219cc0c516a6c68b9ca0a783d0:

  tests: use g_test_rand_int (2019-12-12 08:16:24 +0100)


- Removal of the deprecated bluetooth code
- Some qtest and misc patches


Cole Robinson (1):
  tests: fix modules-test 'duplicate test case' error

Laurent Vivier (1):
  pseries: disable migration-test if /dev/kvm cannot be used

Marc-André Lureau (1):
  glib: use portable g_setenv()

Markus Armbruster (1):
  hw/misc/ivshmem: Bury dead legacy INTx code

Paolo Bonzini (1):
  tests: use g_test_rand_int

Thomas Huth (4):
  hw/arm/nseries: Replace the bluetooth chardev with a "null" chardev
  hw/usb: Remove the USB bluetooth dongle device
  Remove the core bluetooth code
  Remove libbluetooth / bluez from the CI tests

Wainer dos Santos Moschetta (1):
  tests/Makefile: Fix check-report.* targets shown in check-help

 .gitlab-ci.yml |2 +-
 Makefile.objs  |2 -
 bt-host.c  |  198 ---
 bt-vhci.c  |  167 --
 configure  |   31 -
 hw/Kconfig |1 -
 hw/Makefile.objs   |1 -
 hw/arm/nseries.c   |   16 +-
 hw/bt/Kconfig  |2 -
 hw/bt/Makefile.objs|3 -
 hw/bt/core.c   |  143 --
 hw/bt/hci-csr.c|  512 ---
 hw/bt/hci.c| 2263 
 hw/bt/hid.c|  553 ---
 hw/bt/l2cap.c  | 1367 -
 hw/bt/sdp.c|  989 
 hw/misc/ivshmem.c  |   35 -
 hw/usb/Kconfig |5 -
 hw/usb/Makefile.objs   |1 -
 hw/usb/dev-bluetooth.c |  581 ---
 include/hw/bt.h| 2177 --
 include/sysemu/bt.h|   20 -
 include/sysemu/os-win32.h  |2 -
 os-win32.c |   22 -
 qemu-deprecated.texi   |7 -
 qemu-doc.texi  |   17 -
 qemu-options.hx|   79 -
 tests/Makefile.include |4 +-
 tests/docker/dockerfiles/fedora.docker |1 -
 tests/docker/dockerfiles/ubuntu.docker |1 -
 tests/docker/dockerfiles/ubuntu1804.docker |1 -
 tests/ivshmem-test.c   |2 +-
 tests/libqtest.c   |2 +-
 tests/migration-test.c |3 +-
 tests/modules-test.c   |3 +-
 tests/test-bitmap.c|8 +-
 tests/test-crypto-tlscredsx509.c   |2 +-
 tests/test-crypto-tlssession.c |2 +-
 tests/test-io-channel-tls.c|2 +-
 tests/test-qga.c   |4 +-
 tests/test-vmstate.c   |2 +-
 ui/sdl2.c  |2 +-
 vl.c   |  136 --
 43 files changed, 26 insertions(+), 9345 deletions(-)
 delete mode 100644 bt-host.c
 delete mode 100644 bt-vhci.c
 delete mode 100644 hw/bt/Kconfig
 delete mode 100644 hw/bt/Makefile.objs
 delete mode 100644 hw/bt/core.c
 delete mode 100644 hw/bt/hci-csr.c
 delete mode 100644 hw/bt/hci.c
 delete mode 100644 hw/bt/hid.c
 delete mode 100644 hw/bt/l2cap.c
 delete mode 100644 hw/bt/sdp.c
 delete mode 100644 hw/usb/dev-bluetooth.c
 delete mode 100644 include/hw/bt.h
 delete mode 100644 include/sysemu/bt.h




  1   2   3   4   5   >