Re: [PATCH 7/7] scsi: move host_status handling into SCSI drivers
On 17/11/20 07:55, Hannes Reinecke wrote:
On 11/16/20 11:00 PM, Paolo Bonzini wrote:
On 16/11/20 20:05, Hannes Reinecke wrote:
+ if (sreq->host_status == SCSI_HOST_OK) {
+ SCSISense sense;
+
+ sreq->status =
scsi_sense_from_host_status(sreq->host_status, &sense);
+ if (sreq->status == CHECK_CONDITION) {
+ scsi_req_build_sense(sreq, sense);
+ }
+ }
Should be != of course.
No.
scsi_req_build_sense() transfers the sense code from the second argument
into a proper SCSI sense. Which is only set if the status is
CHECK_CONDITION...
I mean sreq->host_status != SCSI_HOST_OK. I might be wrong, but every
other HBA is using that...
Bah. Yes, of course, you are right.
Shall I resubmit? Or how is the process nowadays?
Depends on how busy and grumpy I am. :) Since we're right in the middle
of the freeze, let me send a RFC patch for Linux to clean up DID_* a
little bit.
Paolo
Re: [PATCH v8 2/5] hw/block/nvme: pull aio error handling
On Nov 16 19:18, Klaus Jensen wrote:
> On Nov 16 09:57, Keith Busch wrote:
> > On Thu, Nov 12, 2020 at 08:59:42PM +0100, Klaus Jensen wrote:
> > > +static void nvme_aio_err(NvmeRequest *req, int ret)
> > > +{
> > > +uint16_t status = NVME_SUCCESS;
> > > +Error *local_err = NULL;
> > > +
> > > +switch (req->cmd.opcode) {
> > > +case NVME_CMD_READ:
> > > +status = NVME_UNRECOVERED_READ;
> > > +break;
> > > +case NVME_CMD_FLUSH:
> > > +case NVME_CMD_WRITE:
> > > +case NVME_CMD_WRITE_ZEROES:
> > > +status = NVME_WRITE_FAULT;
> > > +break;
> > > +default:
> > > +status = NVME_INTERNAL_DEV_ERROR;
> > > +break;
> > > +}
> >
> > Just curious, is there potentially a more appropriate way to set an nvme
> > status based on the value of 'ret'? What is 'ret' representing anyway?
> > Are these errno values?
> >
>
> Yes, it's errno values from down below.
>
> But looking at this more closely, it actually looks like this is where
> we should behave as dictated by the rerror and werror drive options.
>
> I'll do a follow up patch to fix that.
So, following up on this after looking more into it.
Currently, the device is basically behaving as if werror and rerror were
both set to "report" - that is, report the error to the guest.
Since we currently do not support werror and rerror, I think it is fine
to behave as if it was report and set a meaningful status code that fits
the command that failed (if we can).
But I'll start working on a patch to support rerror/werror, since it
would be nice to support.
signature.asc
Description: PGP signature
[PATCH] gitlab-ci.yml: Add openSUSE Leap 15.2 for gitlab CI/CD
Add build-system-opensuse jobs and add opensuse-leap.docker dockerfile. Use openSUSE Leap 15.2 container image in the gitlab-CI. Signed-off-by: Cho, Yu-Chen --- .gitlab-ci.d/containers.yml | 5 ++ .gitlab-ci.yml| 30 +++ tests/docker/dockerfiles/opensuse-leap.docker | 88 +++ 3 files changed, 123 insertions(+) create mode 100644 tests/docker/dockerfiles/opensuse-leap.docker diff --git a/.gitlab-ci.d/containers.yml b/.gitlab-ci.d/containers.yml index 11d079ea58..082624a6fa 100644 --- a/.gitlab-ci.d/containers.yml +++ b/.gitlab-ci.d/containers.yml @@ -246,3 +246,8 @@ amd64-ubuntu-container: <<: *container_job_definition variables: NAME: ubuntu + +amd64-opensuse-leap-container: + <<: *container_job_definition + variables: +NAME: opensuse-leap diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9a8b375188..bf4759296a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -195,6 +195,36 @@ acceptance-system-centos: MAKE_CHECK_ARGS: check-acceptance <<: *acceptance_definition +build-system-opensuse: + <<: *native_build_job_definition + variables: +IMAGE: opensuse-leap +TARGETS: s390x-softmmu x86_64-softmmu aarch64-softmmu +MAKE_CHECK_ARGS: check-build + artifacts: +expire_in: 2 days +paths: + - build + +check-system-opensuse: + <<: *native_test_job_definition + needs: +- job: build-system-opensuse + artifacts: true + variables: +IMAGE: opensuse-leap +MAKE_CHECK_ARGS: check + +acceptance-system-opensuse: + <<: *native_test_job_definition + needs: +- job: build-system-opensuse + artifacts: true + variables: +IMAGE: opensuse-leap +MAKE_CHECK_ARGS: check-acceptance + <<: *acceptance_definition + build-disabled: <<: *native_build_job_definition variables: diff --git a/tests/docker/dockerfiles/opensuse-leap.docker b/tests/docker/dockerfiles/opensuse-leap.docker new file mode 100644 index 00..712eb4fe3a --- /dev/null +++ b/tests/docker/dockerfiles/opensuse-leap.docker @@ -0,0 +1,88 @@ +FROM opensuse/leap:15.2 + +RUN zypper update -y + +# Please keep this list sorted alphabetically +ENV PACKAGES \ +bc \ +brlapi-devel \ +bzip2 \ +libzip-devel \ +ccache \ +clang \ +cyrus-sasl-devel \ +dbus-1 \ +device-mapper-devel \ +gcc \ +gcc-c++ \ +mkisofs \ +gettext-runtime \ +git \ +glib2-devel \ +glusterfs-devel \ +libgnutls-devel \ +gtk3-devel \ +hostname \ +libaio-devel \ +libasan5 \ +libattr-devel \ +libblockdev-devel \ +libcap-ng-devel \ +libcurl-devel \ +libepoxy-devel \ +libfdt-devel \ +libiscsi-devel \ +libjpeg8-devel \ +libpmem-devel \ +libpng16-devel \ +librbd-devel \ +libseccomp-devel \ +libssh-devel \ +libubsan0 \ +libudev-devel \ +libxml2-devel \ +libzstd-devel \ +llvm \ +lzo-devel \ +make \ +mingw32-filesystem \ +glibc-devel-32bit \ +libSDL2_image-devel \ +mingw64-binutils \ +nmap \ +ncat \ +ncurses-devel \ +libnettle-devel \ +ninja \ +mozilla-nss-devel \ +libnuma-devel \ +perl \ +libpixman-1-0-devel \ +python3-base \ +python3-PyYAML \ +python3-numpy \ +python3-opencv \ +python3-Pillow \ +python3-pip \ +python3-Sphinx \ +python3-virtualenv \ +rdma-core-devel \ +libSDL2-devel \ +snappy-devel \ +sparse \ +libspice-server-devel \ +systemd-devel \ +systemtap-sdt-devel \ +tar \ +tesseract-ocr \ +tesseract-ocr-traineddata-english \ +usbredir-devel \ +virglrenderer-devel \ +libvte-2_91-0 \ +which \ +xen-devel \ +zlib-devel +ENV QEMU_CONFIGURE_OPTS --python=/usr/bin/python3.8 + +RUN zypper --non-interactive install -y $PACKAGES +RUN rpm -q $PACKAGES | sort > /packages.txt -- 2.29.2
Re: [PATCH 5/7] scsi: Add mapping for generic SCSI_HOST status to sense codes
On 11/16/20 9:05 PM, Paolo Bonzini wrote: On 16/11/20 20:03, Hannes Reinecke wrote: + case SCSI_HOST_TARGET_FAILURE: + *sense = SENSE_CODE(TARGET_FAILURE); + return CHECK_CONDITION; + case SCSI_HOST_RESERVATION_ERROR: + return RESERVATION_CONFLICT; + case SCSI_HOST_ALLOCATION_FAILURE: + *sense = SENSE_CODE(SPACE_ALLOC_FAILED); + return CHECK_CONDITION; + case SCSI_HOST_MEDIUM_ERROR: + *sense = SENSE_CODE(READ_ERROR); + return CHECK_CONDITION; Can these actually be visible to userspace? I'd rather avoid having them in QEMU if possible. Otherwise, the patches are completely sensible. And I did it exactly for the opposite purpose: rather than painstakingly figuring out which codes _might_ be returned (and be utterly surprised if we missed some) add an interpretation for every _possible_ code, avoiding nasty surprises. And that certainly makes sense too. On the other hand it'd be nice if Linux was clearer about which the SCSI_HOST values are part of the userspace API and which are just an (ugly) implementation detail. Oh, I certainly agree with that. But that is more of a long-term prospect; I do see some discussions ahead if one were to try it. Especially as (like DID_BAD_TARGET and DID_NO_CONNECT) have no clear distinction between them, and are used more-or-less interchangeably. But a clear definition of these values would inevitably lead to a change in various drivers, which then would lead to a change in behaviour, and a possible user-space regression. So not that easy, sadly. Cheers, Hannes -- Dr. Hannes ReineckeKernel Storage Architect h...@suse.de +49 911 74053 688 SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg HRB 36809 (AG Nürnberg), Geschäftsführer: Felix Imendörffer
Re: [PATCH 09/13] u2f-passthru: put it into the 'usb' category
On Mon, Nov 16, 2020 at 03:04:52PM +0100, Philippe Mathieu-Daudé wrote: > On 11/15/20 7:48 PM, Gan Qixin wrote: > > The category of the u2f-passthru device is not set, put it into the 'usb' > > category. > > I guess we discussed this with Thomas 1 or 2 years ago > but I don't remember. I think it was about using set_bits() > so devices can appear in multiple categories. > > Gerd, do you know what is the point of the "usb" category for > management apps? This is a bus accepting multiple better > categorized devices (display, storage, input, network, sound). Right now we have the host adapters collected in the usb category. Maybe we should rename the category to make that clear. And, yes, tagging the u2f devices as "usb" doesn't look useful. > Unrelated but multiple devices are related to SECURITY. > Maybe it is time to introduce the DEVICE_CATEGORY_SECURITY? Either that, or place it in the "misc" category. take care, Gerd
Re: [PATCH 7/7] scsi: move host_status handling into SCSI drivers
On 11/16/20 11:00 PM, Paolo Bonzini wrote:
On 16/11/20 20:05, Hannes Reinecke wrote:
+ if (sreq->host_status == SCSI_HOST_OK) {
+ SCSISense sense;
+
+ sreq->status =
scsi_sense_from_host_status(sreq->host_status, &sense);
+ if (sreq->status == CHECK_CONDITION) {
+ scsi_req_build_sense(sreq, sense);
+ }
+ }
Should be != of course.
No.
scsi_req_build_sense() transfers the sense code from the second argument
into a proper SCSI sense. Which is only set if the status is
CHECK_CONDITION...
I mean sreq->host_status != SCSI_HOST_OK. I might be wrong, but every
other HBA is using that...
Bah. Yes, of course, you are right.
Shall I resubmit? Or how is the process nowadays?
Cheers,
Hannes
--
Dr. Hannes ReineckeKernel Storage Architect
h...@suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), Geschäftsführer: Felix Imendörffer
Re: [PATCH] gitlab-ci.yml: Add openSUSE Tumbleweed and Leap for gitlab CI/CD
Hi, On Mon, 2020-11-16 at 12:19 +, Alex Bennée wrote: > Yu-Chen, Cho writes: > > > Add build-system-opensusetw and build-system-opensuse152 jobs and > > add opensuse152.docker and opensusetw.docker dockerfile. > > Use openSUSE Tumbleweed and openSUSE Leap 15.2 container image in > > the > > gitlab-CI. > > > > Signed-off-by: Yu-Chen, Cho > > Hi, > > Could you split the TW and the Leap patches please as they are adding > distinct things. > ok, no problem, I will send it again only for openSUSE Leap. > I'm not super familiar with openSUSE LEAP but I assume this is in the > same category of short lived "tip" distros as Fedora and non LTS > Ubuntu? > In which case we should name it as such (opensuse-leap?) as we will > tick > the build version each time a new version comes out. > > I'm less sure about Tumbleweed because I don't think we make any > commitment to support rolling distros. We don't have Gentoo, Arch or > Debian Testing* in our dockerfiles either. I would expect rolling > distros to track the upstream build themselves. > Yes, I got it, thanks for your suggestion. Cheers, AL > * Debian 11 (next stable is there purely for compiling test cases) > > > --- > > .gitlab-ci.d/containers.yml | 10 +++ > > .gitlab-ci.yml | 60 ++ > > tests/docker/dockerfiles/opensuse152.docker | 88 > > > > tests/docker/dockerfiles/opensusetw.docker | 89 > > + > > 4 files changed, 247 insertions(+) > > create mode 100644 tests/docker/dockerfiles/opensuse152.docker > > create mode 100644 tests/docker/dockerfiles/opensusetw.docker > > > > diff --git a/.gitlab-ci.d/containers.yml b/.gitlab- > > ci.d/containers.yml > > index 11d079ea58..449a00de70 100644 > > --- a/.gitlab-ci.d/containers.yml > > +++ b/.gitlab-ci.d/containers.yml > > @@ -48,6 +48,16 @@ amd64-debian11-container: > >variables: > > NAME: debian11 > > > > +amd64-opensuseTW-container: > > + <<: *container_job_definition > > + variables: > > +NAME: opensusetw > > + > > +amd64-opensuse152-container: > > + <<: *container_job_definition > > + variables: > > +NAME: opensuse152 > > + > > alpha-debian-cross-container: > ><<: *container_job_definition > >stage: containers-layer2 > > diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml > > index 9a8b375188..540a700596 100644 > > --- a/.gitlab-ci.yml > > +++ b/.gitlab-ci.yml > > @@ -195,6 +195,66 @@ acceptance-system-centos: > > MAKE_CHECK_ARGS: check-acceptance > ><<: *acceptance_definition > > > > > + > > +build-system-opensuse152: > > + <<: *native_build_job_definition > > + variables: > > +IMAGE: opensuse152 > > +TARGETS: s390x-softmmu x86_64-softmmu aarch64-softmmu > > +MAKE_CHECK_ARGS: check-build > > + artifacts: > > +expire_in: 2 days > > +paths: > > + - build > > + > > +check-system-opensuse152: > > + <<: *native_test_job_definition > > + needs: > > +- job: build-system-opensuse152 > > + artifacts: true > > + variables: > > +IMAGE: opensuse152 > > +MAKE_CHECK_ARGS: check > > + > > +acceptance-system-opensuse152: > > + <<: *native_test_job_definition > > + needs: > > +- job: build-system-opensuse152 > > + artifacts: true > > + variables: > > +IMAGE: opensuse152 > > +MAKE_CHECK_ARGS: check-acceptance > > + <<: *acceptance_definition > > + > > What's the thinking about this selection of TARGETS and tests? We've > tried to spread the various configure, TARGETS and CHECK combinations > across all the distros to avoid too much repetition of what is mostly > the same code being tested. >
[Bug 1904486] Re: resource leak in /net/tap.c
** Description changed:
Hi,there might be a resource leak in function net_init_tap in
- /net/tap.c.
+ /net/tap.c. The version is 5.1.91.
- 811 fd = monitor_fd_param(monitor_cur(), tap->fd, errp);
- 812 if (fd == -1) {
- 813 return -1;
- 814 }
- 815
- 816 ret = qemu_try_set_nonblock(fd);
- 817 if (ret < 0) {
- 818 error_setg_errno(errp, -ret, "%s: Can't use file descriptor
%d",
- 819 name, fd);
- 820 return -1;
- 821 }
- 822
- 823 vnet_hdr = tap_probe_vnet_hdr(fd, errp);
- 824 if (vnet_hdr < 0) {
- 825 close(fd);
- 826 return -1;
- 827 }
- 828
- 829 net_init_tap_one(tap, peer, "tap", name, NULL,
- 830 script, downscript,
- 831 vhostfdname, vnet_hdr, fd, &err);
- 832 if (err) {
- 833 error_propagate(errp, err);
- 834 return -1;
- 835 }
+
+ 811 fd = monitor_fd_param(monitor_cur(), tap->fd, errp);
+ 812 if (fd == -1) {
+ 813 return -1;
+ 814 }
+ 815
+ 816 ret = qemu_try_set_nonblock(fd);
+ 817 if (ret < 0) {
+ 818 error_setg_errno(errp, -ret, "%s: Can't use file descriptor
%d",
+ 819 name, fd);
+ 820 return -1;
+ 821 }
+ 822
+ 823 vnet_hdr = tap_probe_vnet_hdr(fd, errp);
+ 824 if (vnet_hdr < 0) {
+ 825 close(fd);
+ 826 return -1;
+ 827 }
+ 828
+ 829 net_init_tap_one(tap, peer, "tap", name, NULL,
+ 830 script, downscript,
+ 831 vhostfdname, vnet_hdr, fd, &err);
+ 832 if (err) {
+ 833 error_propagate(errp, err);
+ 834 return -1;
+ 835 }
fd should be closed before return in line 820 and line 834, similar to
the implementation in line 825.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1904486
Title:
resource leak in /net/tap.c
Status in QEMU:
New
Bug description:
Hi,there might be a resource leak in function net_init_tap in
/net/tap.c. The version is 5.1.91.
811 fd = monitor_fd_param(monitor_cur(), tap->fd, errp);
812 if (fd == -1) {
813 return -1;
814 }
815
816 ret = qemu_try_set_nonblock(fd);
817 if (ret < 0) {
818 error_setg_errno(errp, -ret, "%s: Can't use file descriptor
%d",
819 name, fd);
820 return -1;
821 }
822
823 vnet_hdr = tap_probe_vnet_hdr(fd, errp);
824 if (vnet_hdr < 0) {
825 close(fd);
826 return -1;
827 }
828
829 net_init_tap_one(tap, peer, "tap", name, NULL,
830 script, downscript,
831 vhostfdname, vnet_hdr, fd, &err);
832 if (err) {
833 error_propagate(errp, err);
834 return -1;
835 }
fd should be closed before return in line 820 and line 834, similar to
the implementation in line 825.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1904486/+subscriptions
Re: [PATCH 13/13] bcm2835_cprman: put some peripherals of bcm2835 cprman into the 'misc' category
Peter Maydell writes:
> On Mon, 16 Nov 2020 at 17:09, Markus Armbruster wrote:
>> But TYPE_CPRMAN_PLL is *not* a descendant of TYPE_SYS_BUS_DEVICE, it's a
>> bus-less device:
>>
>> static const TypeInfo cprman_pll_info = {
>> .name = TYPE_CPRMAN_PLL,
>> --->.parent = TYPE_DEVICE,
>> .instance_size = sizeof(CprmanPllState),
>> .class_init = pll_class_init,
>> .instance_init = pll_init,
>> };
>
> I'm really dubious of devices that directly inherit from
> TYPE_DEVICE, because their reset method won't be automatically
> called. In this case it looks like the TYPE_BCM2835_CPRMAN
> device's reset method manually calls reset on these devices,
> though, so it isn't actually buggy, just confusing.
I guess this is a trap for unwary implementers, aggravated by our usual
dearth of qdev documentation. I can see ~100 .parent = TYPE_DEVICE
lines. Checking them all manually won't be fun. Any automation ideas?
The concept "bus-less device" is sane. We used not to have it, and the
resulting need for pseudo-busses was annoying enough to make us add
bus-less devices.
Re: [PATCH v3 00/41] Mirror map JIT memory for TCG
Hi, I'm wondering what the progress is for this patch set and the iOS
support one? I know 5.2 is frozen, so will this be considered for 6.0?
Apple Silicon Macs are out now and a few people are asking about QEMU
support :)
-j
On Thu, Nov 5, 2020 at 9:29 PM Richard Henderson
wrote:
>
> This is my take on Joelle's patch set:
> https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg07837.html
>
> Changes for v3:
> * Even more patches -- all tcg backends converted.
> * Fixups for darwin/ios merged (Joelle).
> * Feature renamed to splitwx (Paolo).
>
>
> r~
>
>
> Richard Henderson (41):
> tcg: Enhance flush_icache_range with separate data pointer
> tcg: Move tcg prologue pointer out of TCGContext
> tcg: Move tcg epilogue pointer out of TCGContext
> tcg: Add in_code_gen_buffer
> tcg: Introduce tcg_splitwx_to_{rx,rw}
> tcg: Adjust TCGLabel for const
> tcg: Adjust tcg_out_call for const
> tcg: Adjust tcg_out_label for const
> tcg: Adjust tcg_register_jit for const
> tcg: Adjust tb_target_set_jmp_target for split-wx
> tcg: Make DisasContextBase.tb const
> tcg: Make tb arg to synchronize_from_tb const
> tcg: Use Error with alloc_code_gen_buffer
> tcg: Add --accel tcg,split-wx property
> accel/tcg: Support split-wx for linux with memfd
> accel/tcg: Support split-wx for darwin/iOS with vm_remap
> tcg: Return the TB pointer from the rx region from exit_tb
> tcg/i386: Support split-wx code generation
> tcg/aarch64: Use B not BL for tcg_out_goto_long
> tcg/aarch64: Implement flush_idcache_range manually
> tcg/aarch64: Support split-wx code generation
> disas: Push const down through host disasassembly
> tcg/tci: Push const down through bytecode reading
> tcg: Introduce tcg_tbrel_diff
> tcg/ppc: Use tcg_tbrel_diff
> tcg/ppc: Use tcg_out_mem_long to reset TCG_REG_TB
> tcg/ppc: Support split-wx code generation
> tcg/sparc: Use tcg_tbrel_diff
> tcg/sparc: Support split-wx code generation
> tcg/s390: Use tcg_tbrel_diff
> tcg/s390: Support split-wx code generation
> tcg/riscv: Fix branch range checks
> tcg/riscv: Remove branch-over-branch fallback
> tcg/riscv: Support split-wx code generation
> accel/tcg: Add mips support to alloc_code_gen_buffer_splitwx_memfd
> tcg/mips: Do not assert on relocation overflow
> tcg/mips: Support split-wx code generation
> tcg/arm: Support split-wx code generation
> tcg: Remove TCG_TARGET_SUPPORT_MIRROR
> tcg: Constify tcg_code_gen_epilogue
> tcg: Constify TCGLabelQemuLdst.raddr
>
> accel/tcg/tcg-runtime.h | 2 +-
> include/disas/dis-asm.h | 4 +-
> include/disas/disas.h| 2 +-
> include/exec/exec-all.h | 2 +-
> include/exec/gen-icount.h| 4 +-
> include/exec/log.h | 2 +-
> include/exec/translator.h| 2 +-
> include/hw/core/cpu.h| 3 +-
> include/sysemu/tcg.h | 3 +-
> include/tcg/tcg-op.h | 2 +-
> include/tcg/tcg.h| 56 +--
> tcg/aarch64/tcg-target.h | 8 +-
> tcg/arm/tcg-target.h | 10 +-
> tcg/i386/tcg-target.h| 9 +-
> tcg/mips/tcg-target.h| 10 +-
> tcg/ppc/tcg-target.h | 4 +-
> tcg/riscv/tcg-target.h | 10 +-
> tcg/s390/tcg-target.h| 11 +-
> tcg/sparc/tcg-target.h | 10 +-
> tcg/tci/tcg-target.h | 11 +-
> accel/tcg/cpu-exec.c | 41 +++--
> accel/tcg/tcg-all.c | 26 ++-
> accel/tcg/tcg-runtime.c | 4 +-
> accel/tcg/translate-all.c| 307 +++
> accel/tcg/translator.c | 4 +-
> bsd-user/main.c | 2 +-
> disas.c | 2 +-
> disas/capstone.c | 2 +-
> linux-user/main.c| 2 +-
> softmmu/physmem.c| 9 +-
> target/arm/cpu.c | 3 +-
> target/arm/translate-a64.c | 2 +-
> target/avr/cpu.c | 3 +-
> target/hppa/cpu.c| 3 +-
> target/i386/cpu.c| 3 +-
> target/microblaze/cpu.c | 3 +-
> target/mips/cpu.c| 3 +-
> target/riscv/cpu.c | 3 +-
> target/rx/cpu.c | 3 +-
> target/sh4/cpu.c | 3 +-
> target/sparc/cpu.c | 3 +-
> target/tricore/cpu.c | 2 +-
> tcg/tcg-op.c | 15 +-
> tcg/tcg.c| 86 --
> tcg/tci.c| 60 ---
> accel/tcg/trace-events | 2 +-
> tcg/aarch64/tcg-target.c.inc | 139
> tcg/arm/tcg-target.c.inc | 41 ++---
> tcg/i386/tcg-target.c.inc| 36 ++--
> tcg/mips/tcg-target.c.inc| 97 +--
> tcg/ppc/tcg-target.c.inc | 105 ++--
> tcg/riscv/tcg-target.c.inc | 125 +-
> tcg/s390/tcg-target.c.inc| 91 +--
> tcg/sparc/tcg-target.c.inc | 58 +++
> tcg/tcg-ldst.c.inc | 2 +-
> tcg/tcg-pool.c.inc | 6 +-
> tcg/tci/tcg-target.c.inc | 2 +-
> 57 files ch
[RFC PATCH 1/2] Update linux headers
This is a placeholder for a proper run of scripts/update-linux-headers.sh
Signed-off-by: Eric Farman
---
linux-headers/linux/vfio.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/linux-headers/linux/vfio.h b/linux-headers/linux/vfio.h
index b92dcc4daf..609099e455 100644
--- a/linux-headers/linux/vfio.h
+++ b/linux-headers/linux/vfio.h
@@ -820,6 +820,7 @@ enum {
enum {
VFIO_CCW_IO_IRQ_INDEX,
VFIO_CCW_CRW_IRQ_INDEX,
+ VFIO_CCW_REQ_IRQ_INDEX,
VFIO_CCW_NUM_IRQS
};
--
2.17.1
[RFC PATCH 0/2] vfio-ccw: Implement request notifier
This is the corresponding QEMU code for the kernel series posted here: https://lore.kernel.org/kvm/20201117032139.50988-1-far...@linux.ibm.com/ Long story short, when a device disappears because of a subchannel event, userspace can receive a notification that the device should be released as it is no longer usable. This implements that for the vfio-ccw interface. Eric Farman (2): Update linux headers vfio-ccw: Connect the device request notifier hw/vfio/ccw.c | 40 ++ linux-headers/linux/vfio.h | 1 + 2 files changed, 37 insertions(+), 4 deletions(-) -- 2.17.1
[RFC PATCH 2/2] vfio-ccw: Connect the device request notifier
Now that the vfio-ccw code has a notifier interface to request that
a device be unplugged, let's wire that together.
Signed-off-by: Eric Farman
---
hw/vfio/ccw.c | 40
1 file changed, 36 insertions(+), 4 deletions(-)
diff --git a/hw/vfio/ccw.c b/hw/vfio/ccw.c
index d2755d7fc5..bc78a0ad76 100644
--- a/hw/vfio/ccw.c
+++ b/hw/vfio/ccw.c
@@ -49,6 +49,7 @@ struct VFIOCCWDevice {
struct ccw_crw_region *crw_region;
EventNotifier io_notifier;
EventNotifier crw_notifier;
+EventNotifier req_notifier;
bool force_orb_pfch;
bool warned_orb_pfch;
};
@@ -287,6 +288,21 @@ static void vfio_ccw_crw_read(VFIOCCWDevice *vcdev)
} while (1);
}
+static void vfio_ccw_req_notifier_handler(void *opaque)
+{
+VFIOCCWDevice *vcdev = opaque;
+Error *err = NULL;
+
+if (!event_notifier_test_and_clear(&vcdev->req_notifier)) {
+return;
+}
+
+qdev_unplug(DEVICE(vcdev), &err);
+if (err) {
+warn_reportf_err(err, VFIO_MSG_PREFIX, vcdev->vdev.name);
+}
+}
+
static void vfio_ccw_crw_notifier_handler(void *opaque)
{
VFIOCCWDevice *vcdev = opaque;
@@ -386,6 +402,10 @@ static void vfio_ccw_register_irq_notifier(VFIOCCWDevice
*vcdev,
notifier = &vcdev->crw_notifier;
fd_read = vfio_ccw_crw_notifier_handler;
break;
+case VFIO_CCW_REQ_IRQ_INDEX:
+notifier = &vcdev->req_notifier;
+fd_read = vfio_ccw_req_notifier_handler;
+break;
default:
error_setg(errp, "vfio: Unsupported device irq(%d)", irq);
return;
@@ -440,6 +460,9 @@ static void vfio_ccw_unregister_irq_notifier(VFIOCCWDevice
*vcdev,
case VFIO_CCW_CRW_IRQ_INDEX:
notifier = &vcdev->crw_notifier;
break;
+case VFIO_CCW_REQ_IRQ_INDEX:
+notifier = &vcdev->req_notifier;
+break;
default:
error_report("vfio: Unsupported device irq(%d)", irq);
return;
@@ -661,20 +684,28 @@ static void vfio_ccw_realize(DeviceState *dev, Error
**errp)
vfio_ccw_register_irq_notifier(vcdev, VFIO_CCW_IO_IRQ_INDEX, &err);
if (err) {
-goto out_notifier_err;
+goto out_io_notifier_err;
}
if (vcdev->crw_region) {
vfio_ccw_register_irq_notifier(vcdev, VFIO_CCW_CRW_IRQ_INDEX, &err);
if (err) {
-vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_IO_IRQ_INDEX);
-goto out_notifier_err;
+goto out_crw_notifier_err;
}
}
+vfio_ccw_register_irq_notifier(vcdev, VFIO_CCW_REQ_IRQ_INDEX, &err);
+if (err) {
+goto out_req_notifier_err;
+}
+
return;
-out_notifier_err:
+out_req_notifier_err:
+vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_CRW_IRQ_INDEX);
+out_crw_notifier_err:
+vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_IO_IRQ_INDEX);
+out_io_notifier_err:
vfio_ccw_put_region(vcdev);
out_region_err:
vfio_ccw_put_device(vcdev);
@@ -696,6 +727,7 @@ static void vfio_ccw_unrealize(DeviceState *dev)
S390CCWDeviceClass *cdc = S390_CCW_DEVICE_GET_CLASS(cdev);
VFIOGroup *group = vcdev->vdev.group;
+vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_REQ_IRQ_INDEX);
vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_CRW_IRQ_INDEX);
vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_IO_IRQ_INDEX);
vfio_ccw_put_region(vcdev);
--
2.17.1
[Bug 1904490] [NEW] intel-hda: valid registers are unknown
Public bug reported: According to HDA specification, "3.1.2 General Register Behaviors and Access Requirements": "All controller registers must be addressable as byte, Word, and Dword quantities." But e.g. if you try the following to reset and enable the CORB, assuming es:esi contains the base MMIO address of the controller, es or [esi+4bh], byte 80h ; reset CORB corbresetloop: es test [esi+4bh], byte 80h ; is HW done resetting yet? jnz corbreset1ok; yes, bit is now 1 hlt ; wait a little bit jmp corbresetloop ; and check again corbreset1ok: es and [esi+4bh], byte 7fh ; clear the bit It will hang indefinitely because the bit never gets set, and if you enable debug output of the controller with "-device intel-hda,debug=1", you will see infinitely the line "unknown register, addr 0x4b" output. The same code on a real hardware (I tried with ICH7M) works fine, as it should according to the spec. Host/guest/version does not matter (I am writing own drivers) --- as of right now, latest version still has this code: https://github.com/qemu/qemu/blob/master/hw/audio/intel-hda.c which seems to emit "unknown register" message in intel_hda_reg_find(), and this function does not take into account range of addresses that each register occupies. ** Affects: qemu Importance: Undecided Status: New ** Tags: intel-hda -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1904490 Title: intel-hda: valid registers are unknown Status in QEMU: New Bug description: According to HDA specification, "3.1.2 General Register Behaviors and Access Requirements": "All controller registers must be addressable as byte, Word, and Dword quantities." But e.g. if you try the following to reset and enable the CORB, assuming es:esi contains the base MMIO address of the controller, es or [esi+4bh], byte 80h ; reset CORB corbresetloop: es test [esi+4bh], byte 80h ; is HW done resetting yet? jnz corbreset1ok; yes, bit is now 1 hlt ; wait a little bit jmp corbresetloop ; and check again corbreset1ok: es and [esi+4bh], byte 7fh ; clear the bit It will hang indefinitely because the bit never gets set, and if you enable debug output of the controller with "-device intel- hda,debug=1", you will see infinitely the line "unknown register, addr 0x4b" output. The same code on a real hardware (I tried with ICH7M) works fine, as it should according to the spec. Host/guest/version does not matter (I am writing own drivers) --- as of right now, latest version still has this code: https://github.com/qemu/qemu/blob/master/hw/audio/intel-hda.c which seems to emit "unknown register" message in intel_hda_reg_find(), and this function does not take into account range of addresses that each register occupies. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1904490/+subscriptions
[Bug 1904486] [NEW] resource leak in /net/tap.c
Public bug reported:
Hi,there might be a resource leak in function net_init_tap in
/net/tap.c.
811 fd = monitor_fd_param(monitor_cur(), tap->fd, errp);
812 if (fd == -1) {
813 return -1;
814 }
815
816 ret = qemu_try_set_nonblock(fd);
817 if (ret < 0) {
818 error_setg_errno(errp, -ret, "%s: Can't use file descriptor
%d",
819 name, fd);
820 return -1;
821 }
822
823 vnet_hdr = tap_probe_vnet_hdr(fd, errp);
824 if (vnet_hdr < 0) {
825 close(fd);
826 return -1;
827 }
828
829 net_init_tap_one(tap, peer, "tap", name, NULL,
830 script, downscript,
831 vhostfdname, vnet_hdr, fd, &err);
832 if (err) {
833 error_propagate(errp, err);
834 return -1;
835 }
fd should be closed before return in line 820 and line 834, similar to
the implementation in line 825.
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1904486
Title:
resource leak in /net/tap.c
Status in QEMU:
New
Bug description:
Hi,there might be a resource leak in function net_init_tap in
/net/tap.c.
811 fd = monitor_fd_param(monitor_cur(), tap->fd, errp);
812 if (fd == -1) {
813 return -1;
814 }
815
816 ret = qemu_try_set_nonblock(fd);
817 if (ret < 0) {
818 error_setg_errno(errp, -ret, "%s: Can't use file descriptor
%d",
819 name, fd);
820 return -1;
821 }
822
823 vnet_hdr = tap_probe_vnet_hdr(fd, errp);
824 if (vnet_hdr < 0) {
825 close(fd);
826 return -1;
827 }
828
829 net_init_tap_one(tap, peer, "tap", name, NULL,
830 script, downscript,
831 vhostfdname, vnet_hdr, fd, &err);
832 if (err) {
833 error_propagate(errp, err);
834 return -1;
835 }
fd should be closed before return in line 820 and line 834, similar to
the implementation in line 825.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1904486/+subscriptions
[PATCH RFC] vfio: Set the priority of VFIO VM state change handler explicitly
In VFIO VM state change handler, VFIO devices are transitioned in _SAVING state, which should keep them from sending interrupts. Then we can save the pending states of all interrupts in GIC VM state change handler (on ARM). So we have to set the priority of VFIO VM state change handler explicitly (like virtio devices) to ensure it is called before GIC's in saving. Signed-off-by: Shenming Lu --- hw/vfio/migration.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/vfio/migration.c b/hw/vfio/migration.c index 55261562d4..d0d30864ba 100644 --- a/hw/vfio/migration.c +++ b/hw/vfio/migration.c @@ -857,7 +857,8 @@ static int vfio_migration_init(VFIODevice *vbasedev, register_savevm_live(id, VMSTATE_INSTANCE_ID_ANY, 1, &savevm_vfio_handlers, vbasedev); -migration->vm_state = qemu_add_vm_change_state_handler(vfio_vmstate_change, +migration->vm_state = qdev_add_vm_change_state_handler(vbasedev->dev, + vfio_vmstate_change, vbasedev); migration->migration_state.notify = vfio_migration_state_notifier; add_migration_state_change_notifier(&migration->migration_state); -- 2.19.1
Re: [PATCH 2/2] plugins: Fix two resource leaks in connect_socket()
On 2020/11/17 0:50, Thomas Huth wrote:
> On 28/10/2020 14.45, AlexChen wrote:
>> Either accept() fails or exits normally, we need to close the fd.
>>
>> Reported-by: Euler Robot
>> Signed-off-by: AlexChen
>> ---
>> contrib/plugins/lockstep.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/contrib/plugins/lockstep.c b/contrib/plugins/lockstep.c
>> index 319bd44b83..5aad50869d 100644
>> --- a/contrib/plugins/lockstep.c
>> +++ b/contrib/plugins/lockstep.c
>> @@ -268,11 +268,13 @@ static bool setup_socket(const char *path)
>> socket_fd = accept(fd, NULL, NULL);
>
> I think you could also simply close(fd) here instead, then you don't have to
> do it twice below.
>
Hi Thomas and Alex,
Thanks for your suggestion. It's a simple and effective solution.
Considering that the patch v3 has been queued by Alex Bennée,
May I modify this patch and then send patch v4?
Thanks,
Alex
>
>> if (socket_fd < 0 && errno != EINTR) {
>> perror("accept socket");
>> +close(fd);
>> return false;
>> }
>>
>> qemu_plugin_outs("setup_socket::ready\n");
>>
>> +close(fd);
>> return true;
>> }
>>
>
> .
>
[PATCH v5 4/4] hw/block/m25p80: Fix Numonyx fast read dummy cycle count
Numonyx chips determine the number of cycles to wait based on bits 7:4
in the volatile configuration register.
However, if these bits are 0x0 or 0xF, the number of dummy cycles to
wait is 10 for QIOR and QIOR4 commands or when in QIO mode, and otherwise 8 for
the currently supported fast read commands. [1]
[1]
https://www.micron.com/-/media/client/global/documents/products/data-sheet/nor-flash/serial-nor/mt25q/die-rev-b/mt25q_qlkt_u_02g_cbb_0.pdf?rev=9b167fbf2b3645efba6385949a72e453
Signed-off-by: Joe Komlodi
Reviewed-by: Francisco Iglesias
---
hw/block/m25p80.c | 30 +++---
1 file changed, 27 insertions(+), 3 deletions(-)
diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c
index 56bd5bc..a67dc53 100644
--- a/hw/block/m25p80.c
+++ b/hw/block/m25p80.c
@@ -837,6 +837,30 @@ static uint8_t numonyx_mode(Flash *s)
}
}
+static uint8_t numonyx_extract_cfg_num_dummies(Flash *s)
+{
+uint8_t num_dummies;
+uint8_t mode;
+assert(get_man(s) == MAN_NUMONYX);
+
+mode = numonyx_mode(s);
+num_dummies = extract32(s->volatile_cfg, 4, 4);
+
+if (num_dummies == 0x0 || num_dummies == 0xf) {
+switch (s->cmd_in_progress) {
+case QIOR:
+case QIOR4:
+num_dummies = 10;
+break;
+default:
+num_dummies = (mode == MODE_QIO) ? 10 : 8;
+break;
+}
+}
+
+return num_dummies;
+}
+
static void decode_fast_read_cmd(Flash *s)
{
s->needed_bytes = get_addr_length(s);
@@ -846,7 +870,7 @@ static void decode_fast_read_cmd(Flash *s)
s->needed_bytes += 8;
break;
case MAN_NUMONYX:
-s->needed_bytes += extract32(s->volatile_cfg, 4, 4);
+s->needed_bytes += numonyx_extract_cfg_num_dummies(s);
break;
case MAN_MACRONIX:
if (extract32(s->volatile_cfg, 6, 2) == 1) {
@@ -885,7 +909,7 @@ static void decode_dio_read_cmd(Flash *s)
);
break;
case MAN_NUMONYX:
-s->needed_bytes += extract32(s->volatile_cfg, 4, 4);
+s->needed_bytes += numonyx_extract_cfg_num_dummies(s);
break;
case MAN_MACRONIX:
switch (extract32(s->volatile_cfg, 6, 2)) {
@@ -925,7 +949,7 @@ static void decode_qio_read_cmd(Flash *s)
);
break;
case MAN_NUMONYX:
-s->needed_bytes += extract32(s->volatile_cfg, 4, 4);
+s->needed_bytes += numonyx_extract_cfg_num_dummies(s);
break;
case MAN_MACRONIX:
switch (extract32(s->volatile_cfg, 6, 2)) {
--
2.7.4
[PATCH v5 1/4] hw/block/m25p80: Make Numonyx config field names more accurate
The previous naming of the configuration registers made it sound like that if
the bits were set the settings would be enabled, while the opposite is true.
Signed-off-by: Joe Komlodi
Reviewed-by: Francisco Iglesias
---
hw/block/m25p80.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c
index 483925f..452d252 100644
--- a/hw/block/m25p80.c
+++ b/hw/block/m25p80.c
@@ -136,7 +136,7 @@ typedef struct FlashPartInfo {
#define VCFG_WRAP_SEQUENTIAL 0x2
#define NVCFG_XIP_MODE_DISABLED (7 << 9)
#define NVCFG_XIP_MODE_MASK (7 << 9)
-#define VCFG_XIP_MODE_ENABLED (1 << 3)
+#define VCFG_XIP_MODE_DISABLED (1 << 3)
#define CFG_DUMMY_CLK_LEN 4
#define NVCFG_DUMMY_CLK_POS 12
#define VCFG_DUMMY_CLK_POS 4
@@ -144,9 +144,9 @@ typedef struct FlashPartInfo {
#define EVCFG_VPP_ACCELERATOR (1 << 3)
#define EVCFG_RESET_HOLD_ENABLED (1 << 4)
#define NVCFG_DUAL_IO_MASK (1 << 2)
-#define EVCFG_DUAL_IO_ENABLED (1 << 6)
+#define EVCFG_DUAL_IO_DISABLED (1 << 6)
#define NVCFG_QUAD_IO_MASK (1 << 3)
-#define EVCFG_QUAD_IO_ENABLED (1 << 7)
+#define EVCFG_QUAD_IO_DISABLED (1 << 7)
#define NVCFG_4BYTE_ADDR_MASK (1 << 0)
#define NVCFG_LOWER_SEGMENT_MASK (1 << 1)
@@ -769,7 +769,7 @@ static void reset_memory(Flash *s)
s->volatile_cfg |= VCFG_WRAP_SEQUENTIAL;
if ((s->nonvolatile_cfg & NVCFG_XIP_MODE_MASK)
!= NVCFG_XIP_MODE_DISABLED) {
-s->volatile_cfg |= VCFG_XIP_MODE_ENABLED;
+s->volatile_cfg |= VCFG_XIP_MODE_DISABLED;
}
s->volatile_cfg |= deposit32(s->volatile_cfg,
VCFG_DUMMY_CLK_POS,
@@ -784,10 +784,10 @@ static void reset_memory(Flash *s)
s->enh_volatile_cfg |= EVCFG_VPP_ACCELERATOR;
s->enh_volatile_cfg |= EVCFG_RESET_HOLD_ENABLED;
if (s->nonvolatile_cfg & NVCFG_DUAL_IO_MASK) {
-s->enh_volatile_cfg |= EVCFG_DUAL_IO_ENABLED;
+s->enh_volatile_cfg |= EVCFG_DUAL_IO_DISABLED;
}
if (s->nonvolatile_cfg & NVCFG_QUAD_IO_MASK) {
-s->enh_volatile_cfg |= EVCFG_QUAD_IO_ENABLED;
+s->enh_volatile_cfg |= EVCFG_QUAD_IO_DISABLED;
}
if (!(s->nonvolatile_cfg & NVCFG_4BYTE_ADDR_MASK)) {
s->four_bytes_address_mode = true;
--
2.7.4
[PATCH v5 2/4] hw/block/m25p80: Fix when VCFG XIP bit is set for Numonyx
VCFG XIP is set (disabled) when the NVCFG XIP bits are all set (disabled).
Signed-off-by: Joe Komlodi
Reviewed-by: Francisco Iglesias
---
hw/block/m25p80.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c
index 452d252..eb6539f 100644
--- a/hw/block/m25p80.c
+++ b/hw/block/m25p80.c
@@ -768,7 +768,7 @@ static void reset_memory(Flash *s)
s->volatile_cfg |= VCFG_DUMMY;
s->volatile_cfg |= VCFG_WRAP_SEQUENTIAL;
if ((s->nonvolatile_cfg & NVCFG_XIP_MODE_MASK)
-!= NVCFG_XIP_MODE_DISABLED) {
+== NVCFG_XIP_MODE_DISABLED) {
s->volatile_cfg |= VCFG_XIP_MODE_DISABLED;
}
s->volatile_cfg |= deposit32(s->volatile_cfg,
--
2.7.4
[PATCH v5 3/4] hw/block/m25p80: Check SPI mode before running some Numonyx commands
Some Numonyx flash commands cannot be executed in DIO and QIO mode, such as
trying to do DPP or DOR when in QIO mode.
Signed-off-by: Joe Komlodi
---
hw/block/m25p80.c | 114 +-
1 file changed, 95 insertions(+), 19 deletions(-)
diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c
index eb6539f..56bd5bc 100644
--- a/hw/block/m25p80.c
+++ b/hw/block/m25p80.c
@@ -413,6 +413,12 @@ typedef enum {
MAN_GENERIC,
} Manufacturer;
+typedef enum {
+MODE_STD = 0,
+MODE_DIO = 1,
+MODE_QIO = 2
+} SPIMode;
+
#define M25P80_INTERNAL_DATA_BUFFER_SZ 16
struct Flash {
@@ -820,6 +826,17 @@ static void reset_memory(Flash *s)
trace_m25p80_reset_done(s);
}
+static uint8_t numonyx_mode(Flash *s)
+{
+if (!(s->enh_volatile_cfg & EVCFG_QUAD_IO_DISABLED)) {
+return MODE_QIO;
+} else if (!(s->enh_volatile_cfg & EVCFG_DUAL_IO_DISABLED)) {
+return MODE_DIO;
+} else {
+return MODE_STD;
+}
+}
+
static void decode_fast_read_cmd(Flash *s)
{
s->needed_bytes = get_addr_length(s);
@@ -950,14 +967,8 @@ static void decode_new_cmd(Flash *s, uint32_t value)
case ERASE4_32K:
case ERASE_SECTOR:
case ERASE4_SECTOR:
-case READ:
-case READ4:
-case DPP:
-case QPP:
-case QPP_4:
case PP:
case PP4:
-case PP4_4:
case DIE_ERASE:
case RDID_90:
case RDID_AB:
@@ -966,24 +977,84 @@ static void decode_new_cmd(Flash *s, uint32_t value)
s->len = 0;
s->state = STATE_COLLECTING_DATA;
break;
+case READ:
+case READ4:
+if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) == MODE_STD) {
+s->needed_bytes = get_addr_length(s);
+s->pos = 0;
+s->len = 0;
+s->state = STATE_COLLECTING_DATA;
+} else {
+qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in "
+ "DIO or QIO mode\n", s->cmd_in_progress);
+}
+break;
+case DPP:
+if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_QIO) {
+s->needed_bytes = get_addr_length(s);
+s->pos = 0;
+s->len = 0;
+s->state = STATE_COLLECTING_DATA;
+} else {
+qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in "
+ "QIO mode\n", s->cmd_in_progress);
+}
+break;
+case QPP:
+case QPP_4:
+case PP4_4:
+if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_DIO) {
+s->needed_bytes = get_addr_length(s);
+s->pos = 0;
+s->len = 0;
+s->state = STATE_COLLECTING_DATA;
+} else {
+qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in "
+ "DIO mode\n", s->cmd_in_progress);
+}
+break;
case FAST_READ:
case FAST_READ4:
+decode_fast_read_cmd(s);
+break;
case DOR:
case DOR4:
+if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_QIO) {
+decode_fast_read_cmd(s);
+} else {
+qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in "
+ "QIO mode\n", s->cmd_in_progress);
+}
+break;
case QOR:
case QOR4:
-decode_fast_read_cmd(s);
+if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_DIO) {
+decode_fast_read_cmd(s);
+} else {
+qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in "
+ "DIO mode\n", s->cmd_in_progress);
+}
break;
case DIOR:
case DIOR4:
-decode_dio_read_cmd(s);
+if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_QIO) {
+decode_dio_read_cmd(s);
+} else {
+qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in "
+ "QIO mode\n", s->cmd_in_progress);
+}
break;
case QIOR:
case QIOR4:
-decode_qio_read_cmd(s);
+if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_DIO) {
+decode_qio_read_cmd(s);
+} else {
+qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in "
+ "DIO mode\n", s->cmd_in_progress);
+}
break;
case WRSR:
@@ -1035,17 +1106,22 @@ static void decode_new_cmd(Flash *s, uint32_t value)
break;
case JEDEC_READ:
-trace_m25p80_populated_jedec(s);
-for (i = 0; i < s->pi->id_len; i++) {
-s->data[i] = s->pi->id[i];
-}
-for (; i < SPI_NOR_MAX_ID_LEN; i++) {
-s->data[i] = 0;
-}
+if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) == MODE_STD) {
+trace_m25p80_populated_jedec(s);
+for (i = 0; i < s->pi->id_len; i++) {
+s->data[i] = s->pi->id[i];
+
[PATCH v5 0/4] hw/block/m25p80: Numonyx: Fix dummy cycles and check for SPI mode on cmds
Changelog: v4 -> v5 - 3/4: Simplify logic when changing state and checking mode. - 3/4: numonyx_get_mode -> numonyx_mode - 4/4: Reword commit message to include QIO mode. v3 -> v4 - 1/4: Patch changed to change names of register fields to be more accurate. - 1/4: Revert polarity change from v3. - 2/4: Added, fixes polarity of VCFG XIP mode when copied from NVCFG. - 3/4: Removed check_cmd_mode function, each command check is done in decode_new_cmd instead. - 3/4: Add guest error print if JEDEC read is executed in QIO or DIO mode. - 3/4: Don't check PP and PP4, they work regardless of mode. PP4_4 is left as is. - 3/4: Simplify get_mode function. - 4/4: Simplify extract_cfg_num_dummies function. - 4/4: Use switch statement instead of table for cycle retrieving. v2 -> v3 - 1/3: Added, Fixes NVCFG polarity for DIO/QIO. - 2/3: Added, Checks if we can execute the current command in standard/DIO/QIO mode. - 3/3: Was 1/1 in v2. Added cycle counts for DIO/QIO mode. v1 -> v2 - 1/2: Change function name to be more accurate - 2/2: Dropped Hi all, The series fixes the behavior of the dummy cycle register for Numonyx flashes so it's closer to how hardware behaves. It also checks if a command can be executed in the current SPI mode (standard, DIO, or QIO) before extracting dummy cycles for the command. On hardware, the dummy cycles for fast read commands are set to a specific value (8 or 10) if the register is all 0s or 1s. If the register value isn't all 0s or 1s, then the flash expects the amount of cycles sent to be equal to the count in the register. Thanks! Joe Joe Komlodi (4): hw/block/m25p80: Make Numonyx config field names more accurate hw/block/m25p80: Fix when VCFG XIP bit is set for Numonyx hw/block/m25p80: Check SPI mode before running some Numonyx commands hw/block/m25p80: Fix Numonyx fast read dummy cycle count hw/block/m25p80.c | 158 -- 1 file changed, 129 insertions(+), 29 deletions(-) -- 2.7.4
[Bug 1798451] Re: MMX emulation is missing on HVF Acceleration
** Changed in: qemu Status: Incomplete => New -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1798451 Title: MMX emulation is missing on HVF Acceleration Status in QEMU: New Bug description: Robs-MacBook-Pro-2:~ robmaskell$ qemu-system-x86_64 --version QEMU emulator version 3.0.0 Host: MacOS - 10.13.6 Model Name: MacBook Pro Model Identifier: MacBookPro14,3 Processor Name: Intel Core i7 Processor Speed:2.8 GHz Number of Processors: 1 Total Number of Cores: 4 L2 Cache (per Core):256 KB L3 Cache: 6 MB Memory: 16 GB Guest OS: Elementary Linux Loki 0.4.1, patched up to date Command used to start QEMU: qemu-system-x86_64 \ -name ElementaryLokiDev \ -machine pc,accel=hvf \ -cpu max \ -smp cpus=2,sockets=2,cores=1,threads=1,maxcpus=2 \ -numa node,nodeid=0 \ -numa cpu,node-id=0,socket-id=0 -numa cpu,node-id=0,socket-id=1 \ -m 8G \ -vga vmware \ -hda e4.qcow2 Symptoms: Started without the -smp / -numa commands to install the OS, then added -smp / -numa and the machine boots and lscpu reports extra cpu as expected. Restart VM and it hangs on startup. Remove -smp / -numa and machine starts again. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1798451/+subscriptions
[PATCH v2 6/8] qlit: qlit_type() function
Useful function where we need to check for the qlit type before
converting it to an actual QObject.
Signed-off-by: Eduardo Habkost
---
include/qapi/qmp/qlit.h | 5 +
1 file changed, 5 insertions(+)
diff --git a/include/qapi/qmp/qlit.h b/include/qapi/qmp/qlit.h
index f9e356d31e..acddb80831 100644
--- a/include/qapi/qmp/qlit.h
+++ b/include/qapi/qmp/qlit.h
@@ -59,4 +59,9 @@ bool qlit_equal_qobject(const QLitObject *lhs, const QObject
*rhs);
QObject *qobject_from_qlit(const QLitObject *qlit);
+static inline QType qlit_type(const QLitObject *qlit)
+{
+return qlit->type;
+}
+
#endif /* QLIT_H */
--
2.28.0
[PATCH v2 5/8] qlit: Support all types of QNums
Use QNumValue to represent QNums, so we can also support uint64_t
and double QNum values. Add new QLIT_QNUM_(INT|UINT|DOUBLE)
macros for each case.
The QLIT_QNUM() macro is being kept for compatibility with
existing code, but becomes just a wrapper for QLIT_QNUM_INT().
Signed-off-by: Eduardo Habkost
---
Changes v1 -> v2:
* Coding style fix at qlit_equal_qobject()
---
include/qapi/qmp/qlit.h | 11 +--
qobject/qlit.c | 5 +--
tests/check-qjson.c | 72 ++---
3 files changed, 79 insertions(+), 9 deletions(-)
diff --git a/include/qapi/qmp/qlit.h b/include/qapi/qmp/qlit.h
index c0676d5daf..f9e356d31e 100644
--- a/include/qapi/qmp/qlit.h
+++ b/include/qapi/qmp/qlit.h
@@ -15,6 +15,7 @@
#define QLIT_H
#include "qobject.h"
+#include "qnum.h"
typedef struct QLitDictEntry QLitDictEntry;
typedef struct QLitObject QLitObject;
@@ -23,7 +24,7 @@ struct QLitObject {
QType type;
union {
bool qbool;
-int64_t qnum;
+QNumValue qnum;
const char *qstr;
QLitDictEntry *qdict;
QLitObject *qlist;
@@ -39,8 +40,14 @@ struct QLitDictEntry {
{ .type = QTYPE_QNULL }
#define QLIT_QBOOL(val) \
{ .type = QTYPE_QBOOL, .value.qbool = (val) }
+#define QLIT_QNUM_INT(val) \
+{ .type = QTYPE_QNUM, .value.qnum = QNUM_VAL_INT(val) }
+#define QLIT_QNUM_UINT(val) \
+{ .type = QTYPE_QNUM, .value.qnum = QNUM_VAL_UINT(val) }
+#define QLIT_QNUM_DOUBLE(val) \
+{ .type = QTYPE_QNUM, .value.qnum = QNUM_VAL_DOUBLE(val) }
#define QLIT_QNUM(val) \
-{ .type = QTYPE_QNUM, .value.qnum = (val) }
+QLIT_QNUM_INT(val)
#define QLIT_QSTR(val) \
{ .type = QTYPE_QSTRING, .value.qstr = (val) }
#define QLIT_QDICT(val) \
diff --git a/qobject/qlit.c b/qobject/qlit.c
index be8332136c..b23cdc4532 100644
--- a/qobject/qlit.c
+++ b/qobject/qlit.c
@@ -71,7 +71,8 @@ bool qlit_equal_qobject(const QLitObject *lhs, const QObject
*rhs)
case QTYPE_QBOOL:
return lhs->value.qbool == qbool_get_bool(qobject_to(QBool, rhs));
case QTYPE_QNUM:
-return lhs->value.qnum == qnum_get_int(qobject_to(QNum, rhs));
+return qnum_value_is_equal(&lhs->value.qnum,
+ qnum_get_value(qobject_to(QNum, rhs)));
case QTYPE_QSTRING:
return (strcmp(lhs->value.qstr,
qstring_get_str(qobject_to(QString, rhs))) == 0);
@@ -94,7 +95,7 @@ QObject *qobject_from_qlit(const QLitObject *qlit)
case QTYPE_QNULL:
return QOBJECT(qnull());
case QTYPE_QNUM:
-return QOBJECT(qnum_from_int(qlit->value.qnum));
+return QOBJECT(qnum_from_value(qlit->value.qnum));
case QTYPE_QSTRING:
return QOBJECT(qstring_from_str(qlit->value.qstr));
case QTYPE_QDICT: {
diff --git a/tests/check-qjson.c b/tests/check-qjson.c
index 07a773e653..711030cffd 100644
--- a/tests/check-qjson.c
+++ b/tests/check-qjson.c
@@ -796,20 +796,23 @@ static void simple_number(void)
int i;
struct {
const char *encoded;
+QLitObject qlit;
int64_t decoded;
int skip;
} test_cases[] = {
-{ "0", 0 },
-{ "1234", 1234 },
-{ "1", 1 },
-{ "-32", -32 },
-{ "-0", 0, .skip = 1 },
+{ "0",QLIT_QNUM(0),0, },
+{ "1234", QLIT_QNUM(1234), 1234, },
+{ "1",QLIT_QNUM(1),1, },
+{ "-32", QLIT_QNUM(-32), -32, },
+{ "-0", QLIT_QNUM(0),0, .skip = 1 },
{ },
};
for (i = 0; test_cases[i].encoded; i++) {
QNum *qnum;
int64_t val;
+QNum *qlit_num;
+int64_t qlit_val;
qnum = qobject_to(QNum,
qobject_from_json(test_cases[i].encoded,
@@ -817,6 +820,7 @@ static void simple_number(void)
g_assert(qnum);
g_assert(qnum_get_try_int(qnum, &val));
g_assert_cmpint(val, ==, test_cases[i].decoded);
+
if (test_cases[i].skip == 0) {
QString *str;
@@ -826,9 +830,66 @@ static void simple_number(void)
}
qobject_unref(qnum);
+
+qlit_num = qobject_to(QNum,
+ qobject_from_qlit(&test_cases[i].qlit));
+g_assert(qlit_num);
+g_assert(qnum_get_try_int(qlit_num, &qlit_val));
+g_assert_cmpint(qlit_val, ==, test_cases[i].decoded);
+
+qobject_unref(qlit_num);
}
}
+static void qlit_large_number(void)
+{
+QLitObject maxu64 = QLIT_QNUM_UINT(UINT64_MAX);
+QLitObject maxi64 = QLIT_QNUM(INT64_MAX);
+QLitObject mini64 = QLIT_QNUM(INT64_MIN);
+QLitObject gtu64 = QLIT_QNUM_DOUBLE(18446744073709552e3);
+QLitObject lti64 = QLIT_QNUM_DOUBLE(-92233720368547758e2);
+QNum *qnum;
+uint64_t val;
+int64_t ival;
+
+qnum = qobject_to(QNum, qobject_from_qlit(&maxu64));
+g_assert(qnum);
+g_assert_cmpuint(qnum_get_uint(qnum), ==, UINT64_MAX);
+g_assert(!qnum_get_try_int(qnum, &ival));
+
+qobje
[PATCH v2 8/8] qom: Use qlit to represent property defaults
Using QLitObject lets us get rid of most of the
.set_default_value functions, and just use
object_property_set_default() directly.
Signed-off-by: Eduardo Habkost
---
Changes v1 -> v2:
* Instead of initializing defval to QLIT_QNULL
by default, just check for QTYPE_NONE, to find out if .defval
was explicitly set. This avoids extra complexity at
set_prop_arraylen().
---
include/hw/qdev-properties-system.h | 2 +-
include/qom/field-property-internal.h | 4 ---
include/qom/field-property.h | 26 ---
include/qom/property-types.h | 19 ++
hw/core/qdev-properties-system.c | 8 --
qom/field-property.c | 27 ++--
qom/property-types.c | 36 ---
7 files changed, 42 insertions(+), 80 deletions(-)
diff --git a/include/hw/qdev-properties-system.h
b/include/hw/qdev-properties-system.h
index 0ac327ae60..a586424a33 100644
--- a/include/hw/qdev-properties-system.h
+++ b/include/hw/qdev-properties-system.h
@@ -65,7 +65,7 @@ extern const PropertyInfo qdev_prop_pcie_link_width;
#define DEFINE_PROP_UUID(_name, _state, _field) \
DEFINE_PROP(_name, _state, _field, qdev_prop_uuid, QemuUUID, \
-.set_default = true)
+.defval = QLIT_QSTR("auto"))
#define DEFINE_PROP_AUDIODEV(_n, _s, _f) \
DEFINE_PROP(_n, _s, _f, qdev_prop_audiodev, QEMUSoundCard)
diff --git a/include/qom/field-property-internal.h
b/include/qom/field-property-internal.h
index a7b7e2b69d..9bc29e9b67 100644
--- a/include/qom/field-property-internal.h
+++ b/include/qom/field-property-internal.h
@@ -15,10 +15,6 @@ void field_prop_set_enum(Object *obj, Visitor *v, const char
*name,
void field_prop_set_default_value_enum(ObjectProperty *op,
const Property *prop);
-void field_prop_set_default_value_int(ObjectProperty *op,
- const Property *prop);
-void field_prop_set_default_value_uint(ObjectProperty *op,
- const Property *prop);
void field_prop_get_int32(Object *obj, Visitor *v, const char *name,
void *opaque, Error **errp);
diff --git a/include/qom/field-property.h b/include/qom/field-property.h
index 0cb1fe2217..3cfd19cc14 100644
--- a/include/qom/field-property.h
+++ b/include/qom/field-property.h
@@ -6,6 +6,7 @@
#include "qom/object.h"
#include "qapi/util.h"
+#include "qapi/qmp/qlit.h"
/**
* struct Property: definition of a field property
@@ -27,21 +28,8 @@ struct Property {
const PropertyInfo *info;
ptrdiff_toffset;
uint8_t bitnr;
-/**
- * @set_default: true if the default value should be set from @defval,
- *in which case @info->set_default_value must not be NULL
- *(if false then no default value is set by the property system
- * and the field retains whatever value it was given by instance_init).
- */
-bool set_default;
-/**
- * @defval: default value for the property. This is used only if
@set_default
- * is true.
- */
-union {
-int64_t i;
-uint64_t u;
-} defval;
+/** @defval: If not QTYPE_NONE, the default value for the property */
+QLitObject defval;
/* private: */
int arrayoffset;
const PropertyInfo *arrayinfo;
@@ -61,7 +49,13 @@ struct PropertyInfo {
const QEnumLookup *enum_table;
/** @print: String formatting function, for the human monitor */
int (*print)(Object *obj, Property *prop, char *dest, size_t len);
-/** @set_default_value: Callback for initializing the default value */
+/**
+ * @set_default_value: Optional callback for initializing the default value
+ *
+ * Most property types don't need to set this, as by default
+ * object_property_set_default() is called with the value at
+ * Property.defval.
+ */
void (*set_default_value)(ObjectProperty *op, const Property *prop);
/** @create: Optional callback for creation of property */
ObjectProperty *(*create)(ObjectClass *oc, const char *name,
diff --git a/include/qom/property-types.h b/include/qom/property-types.h
index 3132ddafd9..869d1a993a 100644
--- a/include/qom/property-types.h
+++ b/include/qom/property-types.h
@@ -5,6 +5,7 @@
#define QOM_PROPERTY_TYPES_H
#include "qom/field-property.h"
+#include "qapi/qmp/qlit.h"
extern const PropertyInfo prop_info_bit;
extern const PropertyInfo prop_info_bit64;
@@ -25,34 +26,29 @@ extern const PropertyInfo prop_info_link;
#define PROP_SIGNED(_state, _field, _defval, _prop, _type, ...) \
FIELD_PROP(_state, _field, _prop, _type,\
- .set_default = true, \
- .defval.i= (_type)_defval, \
+ .defval = QLIT_QNUM_INT((_type)_defval),\
__VA_ARGS__)
#define PROP_
[PATCH v2 0/8] qom: Use qlit to represent property defaults
Based-on: 20201104160021.2342108-1-ehabk...@redhat.com Git branch: https://gitlab.com/ehabkost/qemu/-/commits/work/qdev-qlit-defaults This extend qlit.h to support all QNum types (signed int, unsigned int, and double), and use QLitObject to represent field property defaults. It allows us to get rid of most type-specific .set_default_value functions for QOM property types. Changes v1 -> v2: * Rebase to latest version of field properties series * Fix unit test failure * Coding style changes Eduardo Habkost (8): qobject: Include API docs in docs/devel/qobject.html qnum: Make qnum_get_double() get const pointer qnum: QNumValue type for QNum value literals qnum: qnum_value_is_equal() function qlit: Support all types of QNums qlit: qlit_type() function qom: Make object_property_set_default() public qom: Use qlit to represent property defaults docs/devel/index.rst | 1 + docs/devel/qobject.rst| 11 +++ include/hw/qdev-properties-system.h | 2 +- include/qapi/qmp/qlit.h | 16 +++- include/qapi/qmp/qnum.h | 47 ++- include/qapi/qmp/qobject.h| 48 +++ include/qom/field-property-internal.h | 4 - include/qom/field-property.h | 26 +++--- include/qom/object.h | 11 +++ include/qom/property-types.h | 19 ++--- hw/core/qdev-properties-system.c | 8 -- qobject/qlit.c| 5 +- qobject/qnum.c| 116 +++--- qom/field-property.c | 27 -- qom/object.c | 2 +- qom/property-types.c | 36 ++-- tests/check-qjson.c | 72 ++-- tests/check-qnum.c| 14 ++-- 18 files changed, 301 insertions(+), 164 deletions(-) create mode 100644 docs/devel/qobject.rst -- 2.28.0
[PATCH v2 7/8] qom: Make object_property_set_default() public
The function will be used outside qom/object.c, to simplify the
field property code that sets the property default value.
Signed-off-by: Eduardo Habkost
---
include/qom/object.h | 11 +++
qom/object.c | 2 +-
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/include/qom/object.h b/include/qom/object.h
index 2ab124b8f0..4234cc9b66 100644
--- a/include/qom/object.h
+++ b/include/qom/object.h
@@ -1090,6 +1090,17 @@ ObjectProperty *object_class_property_add(ObjectClass
*klass, const char *name,
ObjectPropertyRelease *release,
void *opaque);
+/**
+ * object_property_set_default:
+ * @prop: the property to set
+ * @value: the value to be written to the property
+ *
+ * Set the property default value.
+ *
+ * Ownership of @value is transferred to the property.
+ */
+void object_property_set_default(ObjectProperty *prop, QObject *value);
+
/**
* object_property_set_default_bool:
* @prop: the property to set
diff --git a/qom/object.c b/qom/object.c
index 7c11bcd3b1..6b0d9d8c79 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -1547,7 +1547,7 @@ static void object_property_init_defval(Object *obj,
ObjectProperty *prop)
visit_free(v);
}
-static void object_property_set_default(ObjectProperty *prop, QObject *defval)
+void object_property_set_default(ObjectProperty *prop, QObject *defval)
{
assert(!prop->defval);
assert(!prop->init);
--
2.28.0
[PATCH v2 1/8] qobject: Include API docs in docs/devel/qobject.html
Render existing doc comments at docs/devel/qobject.html.
Signed-off-by: Eduardo Habkost
---
docs/devel/index.rst | 1 +
docs/devel/qobject.rst | 11 +
include/qapi/qmp/qnum.h| 4 +++-
include/qapi/qmp/qobject.h | 48 +-
qobject/qnum.c | 19 ---
5 files changed, 63 insertions(+), 20 deletions(-)
create mode 100644 docs/devel/qobject.rst
diff --git a/docs/devel/index.rst b/docs/devel/index.rst
index f10ed77e4c..1cb39a9384 100644
--- a/docs/devel/index.rst
+++ b/docs/devel/index.rst
@@ -35,3 +35,4 @@ Contents:
clocks
qom
block-coroutine-wrapper
+ qobject
diff --git a/docs/devel/qobject.rst b/docs/devel/qobject.rst
new file mode 100644
index 00..4f192ced7c
--- /dev/null
+++ b/docs/devel/qobject.rst
@@ -0,0 +1,11 @@
+QObject API
+===
+
+.. kernel-doc:: include/qapi/qmp/qobject.h
+
+QNum module
+---
+
+.. kernel-doc:: include/qapi/qmp/qnum.h
+
+.. kernel-doc:: qobject/qnum.c
diff --git a/include/qapi/qmp/qnum.h b/include/qapi/qmp/qnum.h
index bbae0a5ec8..25f4733efc 100644
--- a/include/qapi/qmp/qnum.h
+++ b/include/qapi/qmp/qnum.h
@@ -23,7 +23,9 @@ typedef enum {
QNUM_DOUBLE
} QNumKind;
-/*
+/**
+ * DOC:
+ *
* QNum encapsulates how our dialect of JSON fills in the blanks left
* by the JSON specification (RFC 8259) regarding numbers.
*
diff --git a/include/qapi/qmp/qobject.h b/include/qapi/qmp/qobject.h
index fcfd549220..bdc33bdb65 100644
--- a/include/qapi/qmp/qobject.h
+++ b/include/qapi/qmp/qobject.h
@@ -1,5 +1,5 @@
/*
- * QEMU Object Model.
+ * QObject API
*
* Based on ideas by Avi Kivity
*
@@ -10,24 +10,31 @@
*
* This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
* See the COPYING.LIB file in the top-level directory.
+ */
+
+/**
+ * DOC: QObject Reference Counts Terminology
*
- * QObject Reference Counts Terminology
- *
+ * Returning references
+ *
*
- * - Returning references: A function that returns an object may
- * return it as either a weak or a strong reference. If the
- * reference is strong, you are responsible for calling
- * qobject_unref() on the reference when you are done.
+ * A function that returns an object may return it as either a
+ * weak or a strong reference. If the reference is strong, you
+ * are responsible for calling qobject_unref() on the reference
+ * when you are done.
*
- * If the reference is weak, the owner of the reference may free it at
- * any time in the future. Before storing the reference anywhere, you
- * should call qobject_ref() to make the reference strong.
+ * If the reference is weak, the owner of the reference may free it at
+ * any time in the future. Before storing the reference anywhere, you
+ * should call qobject_ref() to make the reference strong.
*
- * - Transferring ownership: when you transfer ownership of a reference
- * by calling a function, you are no longer responsible for calling
- * qobject_unref() when the reference is no longer needed. In other words,
- * when the function returns you must behave as if the reference to the
- * passed object was weak.
+ * Transferring ownership
+ * --
+ *
+ * When you transfer ownership of a reference by calling a
+ * function, you are no longer responsible for calling
+ * qobject_unref() when the reference is no longer needed. In
+ * other words, when the function returns you must behave as if
+ * the reference to the passed object was weak.
*/
#ifndef QOBJECT_H
#define QOBJECT_H
@@ -81,6 +88,8 @@ static inline void qobject_ref_impl(QObject *obj)
/**
* qobject_is_equal(): Return whether the two objects are equal.
+ * @x: QObject pointer
+ * @y: QObject pointer
*
* Any of the pointers may be NULL; return true if both are. Always
* return false if only one is (therefore a QNull object is not
@@ -90,6 +99,7 @@ bool qobject_is_equal(const QObject *x, const QObject *y);
/**
* qobject_destroy(): Free resources used by the object
+ * @obj: QObject pointer
*/
void qobject_destroy(QObject *obj);
@@ -103,6 +113,7 @@ static inline void qobject_unref_impl(QObject *obj)
/**
* qobject_ref(): Increment QObject's reference count
+ * @obj: QObject pointer
*
* Returns: the same @obj. The type of @obj will be propagated to the
* return type.
@@ -115,12 +126,14 @@ static inline void qobject_unref_impl(QObject *obj)
/**
* qobject_unref(): Decrement QObject's reference count, deallocate
- * when it reaches zero
+ * when it reaches zero
+ * @obj: QObject pointer
*/
#define qobject_unref(obj) qobject_unref_impl(QOBJECT(obj))
/**
* qobject_type(): Return the QObject's type
+ * @obj: QObject pointer
*/
static inline QType qobject_type(const QObject *obj)
{
@@ -130,6 +143,9 @@ static inline QType qobject_type(const QObject *obj)
/**
* qobject_check_type(): Helper function for the qobje
[PATCH v2 2/8] qnum: Make qnum_get_double() get const pointer
qnum_get_double() won't change the object, the argument can be
const.
Signed-off-by: Eduardo Habkost
---
include/qapi/qmp/qnum.h | 2 +-
qobject/qnum.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/qapi/qmp/qnum.h b/include/qapi/qmp/qnum.h
index 25f4733efc..55c27b1c24 100644
--- a/include/qapi/qmp/qnum.h
+++ b/include/qapi/qmp/qnum.h
@@ -66,7 +66,7 @@ int64_t qnum_get_int(const QNum *qn);
bool qnum_get_try_uint(const QNum *qn, uint64_t *val);
uint64_t qnum_get_uint(const QNum *qn);
-double qnum_get_double(QNum *qn);
+double qnum_get_double(const QNum *qn);
char *qnum_to_string(QNum *qn);
diff --git a/qobject/qnum.c b/qobject/qnum.c
index 017c8aa739..69fd9a82d9 100644
--- a/qobject/qnum.c
+++ b/qobject/qnum.c
@@ -154,7 +154,7 @@ uint64_t qnum_get_uint(const QNum *qn)
*
* qnum_get_double() loses precision for integers beyond 53 bits.
*/
-double qnum_get_double(QNum *qn)
+double qnum_get_double(const QNum *qn)
{
switch (qn->kind) {
case QNUM_I64:
--
2.28.0
[PATCH v2 3/8] qnum: QNumValue type for QNum value literals
Provide a separate QNumValue type that can be used for QNum value
literals without the referencing counting and memory allocation
features provided by QObject.
Signed-off-by: Eduardo Habkost
---
Changes v1 -> v2:
* Fix "make check" failure, by updating check-qnum unit test to
use the new struct fields
---
include/qapi/qmp/qnum.h | 40 +++--
qobject/qnum.c | 78 -
tests/check-qnum.c | 14
3 files changed, 84 insertions(+), 48 deletions(-)
diff --git a/include/qapi/qmp/qnum.h b/include/qapi/qmp/qnum.h
index 55c27b1c24..62fbdfda68 100644
--- a/include/qapi/qmp/qnum.h
+++ b/include/qapi/qmp/qnum.h
@@ -46,20 +46,56 @@ typedef enum {
* in range: qnum_get_try_int() / qnum_get_try_uint() check range and
* convert under the hood.
*/
-struct QNum {
-struct QObjectBase_ base;
+
+/**
+ * struct QNumValue: the value of a QNum
+ *
+ * QNumValue literals can be constructed using the `QNUM_VAL_INT`,
+ * `QNUM_VAL_UINT`, and `QNUM_VAL_DOUBLE` macros.
+ */
+typedef struct QNumValue {
+/* private: */
QNumKind kind;
union {
int64_t i64;
uint64_t u64;
double dbl;
} u;
+} QNumValue;
+
+#define QNUM_VAL_INT(value) \
+{ .kind = QNUM_I64, .u.i64 = value }
+#define QNUM_VAL_UINT(value) \
+{ .kind = QNUM_U64, .u.u64 = value }
+#define QNUM_VAL_DOUBLE(value) \
+{ .kind = QNUM_DOUBLE, .u.dbl = value }
+
+struct QNum {
+struct QObjectBase_ base;
+QNumValue value;
};
+/**
+ * qnum_from_int(): Create a new QNum from a QNumValue
+ * @value: QNumValue
+ *
+ * Return strong reference.
+ */
+QNum *qnum_from_value(QNumValue value);
+
QNum *qnum_from_int(int64_t value);
QNum *qnum_from_uint(uint64_t value);
QNum *qnum_from_double(double value);
+/**
+ * qnum_get_value(): Get QNumValue from QNum
+ * @qn: QNum object
+ */
+static inline const QNumValue *qnum_get_value(const QNum *qn)
+{
+return &qn->value;
+}
+
bool qnum_get_try_int(const QNum *qn, int64_t *val);
int64_t qnum_get_int(const QNum *qn);
diff --git a/qobject/qnum.c b/qobject/qnum.c
index 69fd9a82d9..f80d4efd76 100644
--- a/qobject/qnum.c
+++ b/qobject/qnum.c
@@ -15,6 +15,15 @@
#include "qemu/osdep.h"
#include "qapi/qmp/qnum.h"
+QNum *qnum_from_value(QNumValue value)
+{
+QNum *qn = g_new(QNum, 1);
+
+qobject_init(QOBJECT(qn), QTYPE_QNUM);
+qn->value = value;
+return qn;
+}
+
/**
* qnum_from_int(): Create a new QNum from an int64_t
* @value: int64_t value
@@ -23,13 +32,7 @@
*/
QNum *qnum_from_int(int64_t value)
{
-QNum *qn = g_new(QNum, 1);
-
-qobject_init(QOBJECT(qn), QTYPE_QNUM);
-qn->kind = QNUM_I64;
-qn->u.i64 = value;
-
-return qn;
+return qnum_from_value((QNumValue) QNUM_VAL_INT(value));
}
/**
@@ -40,13 +43,7 @@ QNum *qnum_from_int(int64_t value)
*/
QNum *qnum_from_uint(uint64_t value)
{
-QNum *qn = g_new(QNum, 1);
-
-qobject_init(QOBJECT(qn), QTYPE_QNUM);
-qn->kind = QNUM_U64;
-qn->u.u64 = value;
-
-return qn;
+return qnum_from_value((QNumValue) QNUM_VAL_UINT(value));
}
/**
@@ -57,13 +54,7 @@ QNum *qnum_from_uint(uint64_t value)
*/
QNum *qnum_from_double(double value)
{
-QNum *qn = g_new(QNum, 1);
-
-qobject_init(QOBJECT(qn), QTYPE_QNUM);
-qn->kind = QNUM_DOUBLE;
-qn->u.dbl = value;
-
-return qn;
+return qnum_from_value((QNumValue) QNUM_VAL_DOUBLE(value));
}
/**
@@ -75,15 +66,17 @@ QNum *qnum_from_double(double value)
*/
bool qnum_get_try_int(const QNum *qn, int64_t *val)
{
-switch (qn->kind) {
+const QNumValue *qv = &qn->value;
+
+switch (qv->kind) {
case QNUM_I64:
-*val = qn->u.i64;
+*val = qv->u.i64;
return true;
case QNUM_U64:
-if (qn->u.u64 > INT64_MAX) {
+if (qv->u.u64 > INT64_MAX) {
return false;
}
-*val = qn->u.u64;
+*val = qv->u.u64;
return true;
case QNUM_DOUBLE:
return false;
@@ -116,15 +109,17 @@ int64_t qnum_get_int(const QNum *qn)
*/
bool qnum_get_try_uint(const QNum *qn, uint64_t *val)
{
-switch (qn->kind) {
+const QNumValue *qv = &qn->value;
+
+switch (qv->kind) {
case QNUM_I64:
-if (qn->u.i64 < 0) {
+if (qv->u.i64 < 0) {
return false;
}
-*val = qn->u.i64;
+*val = qv->u.i64;
return true;
case QNUM_U64:
-*val = qn->u.u64;
+*val = qv->u.u64;
return true;
case QNUM_DOUBLE:
return false;
@@ -156,13 +151,15 @@ uint64_t qnum_get_uint(const QNum *qn)
*/
double qnum_get_double(const QNum *qn)
{
-switch (qn->kind) {
+const QNumValue *qv = &qn->value;
+
+switch (qv->kind) {
case QNUM_I64:
-return qn->u.i64;
+return qv->u.i64;
case QNUM_U64:
-return qn->u.u64;
+return qv->u.u64;
case QNUM_DOUBLE:
-return qn->u.dbl;
+return qv->u.dbl;
}
asse
[PATCH v2 4/8] qnum: qnum_value_is_equal() function
Extract the QNum value comparison logic to a function that takes
QNumValue* as argument.
Signed-off-by: Eduardo Habkost
---
include/qapi/qmp/qnum.h | 1 +
qobject/qnum.c | 29 +++--
2 files changed, 20 insertions(+), 10 deletions(-)
diff --git a/include/qapi/qmp/qnum.h b/include/qapi/qmp/qnum.h
index 62fbdfda68..0327ecd0f0 100644
--- a/include/qapi/qmp/qnum.h
+++ b/include/qapi/qmp/qnum.h
@@ -106,6 +106,7 @@ double qnum_get_double(const QNum *qn);
char *qnum_to_string(QNum *qn);
+bool qnum_value_is_equal(const QNumValue *num_x, const QNumValue *num_y);
bool qnum_is_equal(const QObject *x, const QObject *y);
void qnum_destroy_obj(QObject *obj);
diff --git a/qobject/qnum.c b/qobject/qnum.c
index f80d4efd76..6a0f948b16 100644
--- a/qobject/qnum.c
+++ b/qobject/qnum.c
@@ -207,9 +207,9 @@ char *qnum_to_string(QNum *qn)
}
/**
- * qnum_is_equal(): Test whether the two QNums are equal
- * @x: QNum object
- * @y: QNum object
+ * qnum_value_is_equal(): Test whether two QNumValues are equal
+ * @num_x: QNum value
+ * @num_y: QNum value
*
* Negative integers are never considered equal to unsigned integers,
* but positive integers in the range [0, INT64_MAX] are considered
@@ -217,13 +217,8 @@ char *qnum_to_string(QNum *qn)
*
* Doubles are never considered equal to integers.
*/
-bool qnum_is_equal(const QObject *x, const QObject *y)
+bool qnum_value_is_equal(const QNumValue *num_x, const QNumValue *num_y)
{
-const QNum *qnum_x = qobject_to(QNum, x);
-const QNum *qnum_y = qobject_to(QNum, y);
-const QNumValue *num_x = &qnum_x->value;
-const QNumValue *num_y = &qnum_y->value;
-
switch (num_x->kind) {
case QNUM_I64:
switch (num_y->kind) {
@@ -241,7 +236,7 @@ bool qnum_is_equal(const QObject *x, const QObject *y)
case QNUM_U64:
switch (num_y->kind) {
case QNUM_I64:
-return qnum_is_equal(y, x);
+return qnum_value_is_equal(num_y, num_x);
case QNUM_U64:
/* Comparison in native uint64_t type */
return num_x->u.u64 == num_y->u.u64;
@@ -264,6 +259,20 @@ bool qnum_is_equal(const QObject *x, const QObject *y)
abort();
}
+/**
+ * qnum_is_equal(): Test whether the two QNums are equal
+ * @x: QNum object
+ * @y: QNum object
+ *
+ * See qnum_value_is_equal() for details on the comparison rules.
+ */
+bool qnum_is_equal(const QObject *x, const QObject *y)
+{
+const QNum *qnum_x = qobject_to(QNum, x);
+const QNum *qnum_y = qobject_to(QNum, y);
+return qnum_value_is_equal(&qnum_x->value, &qnum_y->value);
+}
+
/**
* qnum_destroy_obj(): Free all memory allocated by a QNum object
*
--
2.28.0
Re: [PULL for-5.2 0/1] qemu-ga patch queue for hard-freeze
On Mon, 16 Nov 2020 at 19:22, Michael Roth wrote: > > The following changes since commit 2f7c9dd5181524ceaf75ba3ef8d84090b1e9e8d8: > > Merge remote-tracking branch > 'remotes/kraxel/tags/fixes-20201116-pull-request' into staging (2020-11-16 > 14:19:31 +) > > are available in the Git repository at: > > git://github.com/mdroth/qemu.git tags/qga-pull-2020-11-16-tag > > for you to fetch changes up to a8aa94b5f8427cc2924d8cdd417c8014db1c86c0: > > qga: update schema for guest-get-disks 'dependents' field (2020-11-16 > 10:48:11 -0600) > > > qemu-ga patch queue for hard-freeze > > * fixes for schema data-type declarations for guest-get-disks > > Applied, thanks. Please update the changelog at https://wiki.qemu.org/ChangeLog/5.2 for any user-visible changes. -- PMM
Re: [RFC PATCH 22/25] acpi/cxl: Create the CEDT (9.14.1)
On 20-11-16 17:15:03, Jonathan Cameron wrote:
> On Tue, 10 Nov 2020 21:47:21 -0800
> Ben Widawsky wrote:
>
> > The CXL Early Discovery Table is defined in the CXL 2.0 specification as
> > a way for the OS to get CXL specific information from the system
> > firmware.
> >
> > As of CXL 2.0 spec, only 1 sub structure is defined, the CXL Host Bridge
> > Structure (CHBS) which is primarily useful for telling the OS exactly
> > where the MMIO for the host bridge is.
> >
> > Signed-off-by: Ben Widawsky
> Trivial comments inline.
>
> Jonathan
>
> > ---
> > hw/acpi/cxl.c | 72 +
> > hw/i386/acpi-build.c| 6 ++-
> > hw/pci-bridge/pci_expander_bridge.c | 21 +
> > include/hw/acpi/cxl.h | 4 ++
> > include/hw/pci/pci_bridge.h | 25 ++
> > 5 files changed, 107 insertions(+), 21 deletions(-)
> >
> > diff --git a/hw/acpi/cxl.c b/hw/acpi/cxl.c
> > index 31ceaeecc3..c9631763ad 100644
> > --- a/hw/acpi/cxl.c
> > +++ b/hw/acpi/cxl.c
> > @@ -18,14 +18,86 @@
> > */
> >
> > #include "qemu/osdep.h"
> > +#include "hw/sysbus.h"
> > +#include "hw/pci/pci_bridge.h"
> > +#include "hw/pci/pci_host.h"
> > #include "hw/cxl/cxl.h"
> > +#include "hw/mem/memory-device.h"
> > #include "hw/acpi/acpi.h"
> > #include "hw/acpi/aml-build.h"
> > #include "hw/acpi/bios-linker-loader.h"
> > #include "hw/acpi/cxl.h"
> > +#include "hw/acpi/cxl.h"
> > #include "qapi/error.h"
> > #include "qemu/uuid.h"
> >
> > +static void cedt_build_chbs(GArray *table_data, PXBDev *cxl)
> > +{
> > +SysBusDevice *sbd = SYS_BUS_DEVICE(cxl->cxl.cxl_host_bridge);
> > +struct MemoryRegion *mr = sbd->mmio[0].memory;
> > +
> > +/* Type */
> > +build_append_int_noprefix(table_data, 0, 1);
> > +
> > +/* Reserved */
> > +build_append_int_noprefix(table_data, 0xff, 1);
>
> Why 0xff rather than 0x00? ACPI uses default of 0 for reserved bits
> (5.2.1 in ACPI 6.3 spec)
>
> > +
> > +/* Record Length */
> > +build_append_int_noprefix(table_data, 32, 2);
> > +
> > +/* UID */
> > +build_append_int_noprefix(table_data, cxl->uid, 4);
> > +
> > +/* Version */
> > +build_append_int_noprefix(table_data, 1, 4);
> > +
> > +/* Reserved */
> > +build_append_int_noprefix(table_data, 0x, 4);
> > +
> > +/* Base */
> > +build_append_int_noprefix(table_data, mr->addr, 8);
> > +
> > +/* Length */
> > +build_append_int_noprefix(table_data, memory_region_size(mr), 4);
>
> Better to just treat this as a 64 bit field as per the spec, even though
> it can only contain 0x1?
>
Ah, I based this on a pre-release version where it was 32-bit. I'll fix it.
> > +
> > +/* Reserved */
> > +build_append_int_noprefix(table_data, 0x, 4);
> > +}
> > +
> > +static int cxl_foreach_pxb_hb(Object *obj, void *opaque)
> > +{
> > +Aml *cedt = opaque;
> > +
> > +if (object_dynamic_cast(obj, TYPE_PXB_CXL_DEVICE)) {
> > +PXBDev *pxb = PXB_CXL_DEV(obj);
> > +
> > +cedt_build_chbs(cedt->buf, pxb);
> > +}
> > +
> > +return 0;
> > +}
> > +
> > +void cxl_build_cedt(GArray *table_offsets, GArray *table_data,
> > +BIOSLinker *linker)
> > +{
> > +const int cedt_start = table_data->len;
> > +Aml *cedt;
> > +
> > +cedt = init_aml_allocator();
> > +
> > +/* reserve space for CEDT header */
> > +acpi_add_table(table_offsets, table_data);
> > +acpi_data_push(cedt->buf, sizeof(AcpiTableHeader));
> > +
> > +object_child_foreach_recursive(object_get_root(), cxl_foreach_pxb_hb,
> > cedt);
> > +
> > +/* copy AML table into ACPI tables blob and patch header there */
> > +g_array_append_vals(table_data, cedt->buf->data, cedt->buf->len);
> > +build_header(linker, table_data, (void *)(table_data->data +
> > cedt_start),
> > + "CEDT", table_data->len - cedt_start, 1, NULL, NULL);
> > +free_aml_allocator();
> > +}
> > +
> > static Aml *__build_cxl_osc_method(void)
> > {
> > Aml *method, *if_uuid, *else_uuid, *if_arg1_not_1, *if_cxl,
> > *if_caps_masked;
> > diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> > index dd1f8b39d4..eda62dcd6a 100644
> > --- a/hw/i386/acpi-build.c
> > +++ b/hw/i386/acpi-build.c
> > @@ -75,6 +75,8 @@
> > #include "hw/acpi/ipmi.h"
> > #include "hw/acpi/hmat.h"
> >
> > +#include "hw/acpi/cxl.h"
> > +
> > /* These are used to size the ACPI tables for -M pc-i440fx-1.7 and
> > * -M pc-i440fx-2.0. Even if the actual amount of AML generated grows
> > * a little bit, there should be plenty of free space since the DSDT
> > @@ -1662,7 +1664,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
> >
> > scope = aml_scope("\\_SB");
> > if (type == CXL) {
> > -dev = aml_device("CXL%.01X", pci_bus_uid(bus));
> > +dev = aml_device("CXL%.01X", uid);
> > } else {
> > dev = aml_device(
Re: [RFC PATCH 11/25] hw/pxb: Allow creation of a CXL PXB (host bridge)
On 20-11-16 16:44:09, Jonathan Cameron wrote:
> On Tue, 10 Nov 2020 21:47:10 -0800
> Ben Widawsky wrote:
>
> > This works like adding a typical pxb device, except the name is
> > 'pxb-cxl' instead of 'pxb-pcie'. An example command line would be as
> > follows:
> > -device pxb-cxl,id=cxl.0,bus="pcie.0",bus_nr=1
> >
> > A CXL PXB is backward compatible with PCIe. What this means in practice
> > is that an operating system that is unaware of CXL should still be able
> > to enumerate this topology as if it were PCIe.
> >
> > One can create multiple CXL PXB host bridges, but a host bridge can only
> > be connected to the main root bus. Host bridges cannot appear elsewhere
> > in the topology.
> >
> > Note that as of this patch, the ACPI tables needed for the host bridge
> > (specifically, an ACPI object in _SB named ACPI0016 and the CEDT) aren't
> > created. So while this patch internally creates it, it cannot be
> > properly used by an operating system or other system software.
> >
> > Upcoming patches will allow creating multiple host bridges.
> >
> > Signed-off-by: Ben Widawsky
> Hi Ben,
>
> Few minor things inline.
>
> Jonathan
>
> > ---
> > hw/pci-bridge/pci_expander_bridge.c | 67 -
> > hw/pci/pci.c| 7 +++
> > include/hw/pci/pci.h| 6 +++
> > 3 files changed, 78 insertions(+), 2 deletions(-)
> >
> > diff --git a/hw/pci-bridge/pci_expander_bridge.c
> > b/hw/pci-bridge/pci_expander_bridge.c
> > index 88c45dc3b5..3a8d815231 100644
> > --- a/hw/pci-bridge/pci_expander_bridge.c
> > +++ b/hw/pci-bridge/pci_expander_bridge.c
> > @@ -56,6 +56,10 @@ DECLARE_INSTANCE_CHECKER(PXBDev, PXB_DEV,
> > DECLARE_INSTANCE_CHECKER(PXBDev, PXB_PCIE_DEV,
> > TYPE_PXB_PCIE_DEVICE)
> >
> > +#define TYPE_PXB_CXL_DEVICE "pxb-cxl"
> > +DECLARE_INSTANCE_CHECKER(PXBDev, PXB_CXL_DEV,
> > + TYPE_PXB_CXL_DEVICE)
> > +
> > struct PXBDev {
> > /*< private >*/
> > PCIDevice parent_obj;
> > @@ -67,6 +71,11 @@ struct PXBDev {
> >
> > static PXBDev *convert_to_pxb(PCIDevice *dev)
> > {
> > +/* A CXL PXB's parent bus is PCIe, so the normal check won't work */
> > +if (object_dynamic_cast(OBJECT(dev), TYPE_PXB_CXL_DEVICE)) {
> > +return PXB_CXL_DEV(dev);
> > +}
> > +
> > return pci_bus_is_express(pci_get_bus(dev))
> > ? PXB_PCIE_DEV(dev) : PXB_DEV(dev);
> > }
> > @@ -111,11 +120,20 @@ static const TypeInfo pxb_pcie_bus_info = {
> > .class_init= pxb_bus_class_init,
> > };
> >
> > +static const TypeInfo pxb_cxl_bus_info = {
> > +.name = TYPE_PXB_CXL_BUS,
> > +.parent= TYPE_CXL_BUS,
> > +.instance_size = sizeof(PXBBus),
> > +.class_init= pxb_bus_class_init,
> > +};
> > +
> > static const char *pxb_host_root_bus_path(PCIHostState *host_bridge,
> >PCIBus *rootbus)
> > {
> > -PXBBus *bus = pci_bus_is_express(rootbus) ?
> > - PXB_PCIE_BUS(rootbus) : PXB_BUS(rootbus);
> > +PXBBus *bus = pci_bus_is_cxl(rootbus) ?
> > + PXB_CXL_BUS(rootbus) :
> > + pci_bus_is_express(rootbus) ? PXB_PCIE_BUS(rootbus) :
> > +PXB_BUS(rootbus);
>
> There comes a point where if / else is much more readable.
>
> >
> > snprintf(bus->bus_path, 8, ":%02x", pxb_bus_num(rootbus));
> > return bus->bus_path;
> > @@ -380,13 +398,58 @@ static const TypeInfo pxb_pcie_dev_info = {
> > },
> > };
> >
> > +static void pxb_cxl_dev_realize(PCIDevice *dev, Error **errp)
> > +{
> > +/* A CXL PXB's parent bus is still PCIe */
> > +if (!pci_bus_is_express(pci_get_bus(dev))) {
> > +error_setg(errp, "pxb-cxl devices cannot reside on a PCI bus");
> > +return;
> > +}
> > +
> > +pxb_dev_realize_common(dev, CXL, errp);
> > +}
> > +
> > +static void pxb_cxl_dev_class_init(ObjectClass *klass, void *data)
> > +{
> > +DeviceClass *dc = DEVICE_CLASS(klass);
> > +PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
> > +
> > +k->realize = pxb_cxl_dev_realize;
> > +k->exit= pxb_dev_exitfn;
> > +k->vendor_id = PCI_VENDOR_ID_INTEL;
> > +k->device_id = 0xabcd;
>
> Just to check, is that an officially assigned device_id that we will never
> have a clash with? Nice ID to get if it is :)
No, not the real ID.
My understanding is that the host bridge won't exist at all in the PCI
hierarchy. So basically all of these can be undeclared. For testing/development
purposes I wanted to see this info.
Awesomely, it appears if I remove vendor, device, class, and subsystem
everything still works and I do not see a bridge device in lspci. So v2 will
have this all gone.
Thanks.
>
>
> > +k->class_id= PCI_CLASS_BRIDGE_HOST;
> > +k->subsystem_vendor_id = PCI_VENDOR_ID_INTEL;
> > +
> > +
Re: [PATCH 7/7] scsi: move host_status handling into SCSI drivers
On 16/11/20 20:05, Hannes Reinecke wrote:
+ if (sreq->host_status == SCSI_HOST_OK) {
+ SCSISense sense;
+
+ sreq->status =
scsi_sense_from_host_status(sreq->host_status, &sense);
+ if (sreq->status == CHECK_CONDITION) {
+ scsi_req_build_sense(sreq, sense);
+ }
+ }
Should be != of course.
No.
scsi_req_build_sense() transfers the sense code from the second argument
into a proper SCSI sense. Which is only set if the status is
CHECK_CONDITION...
I mean sreq->host_status != SCSI_HOST_OK. I might be wrong, but every
other HBA is using that...
Paolo
Re: [RFC PATCH 08/25] hw/cxl/device: Add memory devices (8.2.8.5)
On 20-11-16 16:37:22, Jonathan Cameron wrote:
> On Tue, 10 Nov 2020 21:47:07 -0800
> Ben Widawsky wrote:
>
> > Memory devices implement extra capabilities on top of CXL devices. This
> > adds support for that.
> >
> > Signed-off-by: Ben Widawsky
> > ---
> > hw/cxl/cxl-device-utils.c | 48 -
> > hw/cxl/cxl-mailbox-utils.c | 48 -
> > include/hw/cxl/cxl_device.h | 15
> > 3 files changed, 109 insertions(+), 2 deletions(-)
> >
> > diff --git a/hw/cxl/cxl-device-utils.c b/hw/cxl/cxl-device-utils.c
> > index aec8b0d421..6544a68567 100644
> > --- a/hw/cxl/cxl-device-utils.c
> > +++ b/hw/cxl/cxl-device-utils.c
> > @@ -158,6 +158,45 @@ static void mailbox_reg_write(void *opaque, hwaddr
> > offset, uint64_t value,
> > process_mailbox(cxl_dstate);
> > }
> >
> > +static uint64_t mdev_reg_read(void *opaque, hwaddr offset, unsigned size)
> > +{
> > +uint64_t retval = 0;
> > +
> > +retval = FIELD_DP64(retval, CXL_MEM_DEV_STS, MEDIA_STATUS, 1);
> > +retval = FIELD_DP64(retval, CXL_MEM_DEV_STS, MBOX_READY, 1);
> > +
> > +switch (size) {
> > +case 4:
> > +if (unlikely(offset & (sizeof(uint32_t) - 1))) {
> > +qemu_log_mask(LOG_UNIMP, "Unaligned register read\n");
> > +return 0;
> > +}
> > +break;
> > +case 8:
> > +if (unlikely(offset & (sizeof(uint64_t) - 1))) {
> > +qemu_log_mask(LOG_UNIMP, "Unaligned register read\n");
> > +return 0;
> > +}
> > +break;
> > +}
> > +
> > +return ldn_le_p(&retval, size);
> > +}
> > +
> > +static const MemoryRegionOps mdev_ops = {
> > +.read = mdev_reg_read,
> > +.write = NULL,
> > +.endianness = DEVICE_LITTLE_ENDIAN,
> > +.valid = {
> > +.min_access_size = 4,
> > +.max_access_size = 8,
> > +},
> > +.impl = {
> > +.min_access_size = 4,
> > +.max_access_size = 8,
> > +},
> > +};
> > +
> > static const MemoryRegionOps mailbox_ops = {
> > .read = mailbox_reg_read,
> > .write = mailbox_reg_write,
> > @@ -213,6 +252,9 @@ void cxl_device_register_block_init(Object *obj,
> > CXLDeviceState *cxl_dstate)
> >"device-status", CXL_DEVICE_REGISTERS_LENGTH);
> > memory_region_init_io(&cxl_dstate->mailbox, obj, &mailbox_ops,
> > cxl_dstate,
> >"mailbox", CXL_MAILBOX_REGISTERS_LENGTH);
> > +memory_region_init_io(&cxl_dstate->memory_device, obj, &mdev_ops,
> > + cxl_dstate, "memory device caps",
> > + CXL_MEMORY_DEVICE_REGISTERS_LENGTH);
> >
> > memory_region_add_subregion(&cxl_dstate->device_registers, 0,
> > &cxl_dstate->caps);
> > @@ -221,6 +263,9 @@ void cxl_device_register_block_init(Object *obj,
> > CXLDeviceState *cxl_dstate)
> > &cxl_dstate->device);
> > memory_region_add_subregion(&cxl_dstate->device_registers,
> > CXL_MAILBOX_REGISTERS_OFFSET,
> > &cxl_dstate->mailbox);
> > +memory_region_add_subregion(&cxl_dstate->device_registers,
> > +CXL_MEMORY_DEVICE_REGISTERS_OFFSET,
> > +&cxl_dstate->memory_device);
> > }
> >
> > static void mailbox_init_common(uint32_t *mbox_regs)
> > @@ -233,7 +278,7 @@ static void mailbox_init_common(uint32_t *mbox_regs)
> > void cxl_device_register_init_common(CXLDeviceState *cxl_dstate)
> > {
> > uint32_t *cap_hdrs = cxl_dstate->caps_reg_state32;
> > -const int cap_count = 1;
>
> Guessing this should previously have been 2?
>
> > +const int cap_count = 3;
> >
> > /* CXL Device Capabilities Array Register */
> > ARRAY_FIELD_DP32(cap_hdrs, CXL_DEV_CAP_ARRAY, CAP_ID, 0);
> > @@ -242,6 +287,7 @@ void cxl_device_register_init_common(CXLDeviceState
> > *cxl_dstate)
> >
> > cxl_device_cap_init(cxl_dstate, DEVICE, 1);
> > cxl_device_cap_init(cxl_dstate, MAILBOX, 2);
> > +cxl_device_cap_init(cxl_dstate, MEMORY_DEVICE, 0x4000);
> >
> > mailbox_init_common(cxl_dstate->mbox_reg_state32);
> > }
> > diff --git a/hw/cxl/cxl-mailbox-utils.c b/hw/cxl/cxl-mailbox-utils.c
> > index 2d1b0ef9e4..5d2579800e 100644
> > --- a/hw/cxl/cxl-mailbox-utils.c
> > +++ b/hw/cxl/cxl-mailbox-utils.c
> > @@ -12,6 +12,12 @@
> > #include "hw/pci/pci.h"
> > #include "hw/cxl/cxl.h"
> >
> > +enum cxl_opcode {
> > +CXL_EVENTS = 0x1,
> > +CXL_IDENTIFY= 0x40,
> > +#define CXL_IDENTIFY_MEMORY_DEVICE = 0x0
> > +};
> > +
> > /* 8.2.8.4.5.1 Command Return Codes */
> > enum {
> > RET_SUCCESS = 0x0,
> > @@ -40,6 +46,43 @@ enum {
> > RET_MAX = 0x17
> > };
> >
> > +/* 8.2.9.5.1.1 */
> > +static int cmd_set_identify(CXLDeviceState *cxl_dstate, uint8_t cmd,
> > +uint32
Re: [RFC PATCH 07/25] hw/cxl/device: Implement basic mailbox (8.2.8.4)
On 20-11-16 13:46:51, Jonathan Cameron wrote:
> On Tue, 10 Nov 2020 21:47:06 -0800
> Ben Widawsky wrote:
>
> > This is the beginning of implementing mailbox support for CXL 2.0
> > devices.
> >
> > Signed-off-by: Ben Widawsky
> Mostly patch set cleanup suggestions rather than anything meaningful
> in here.
>
> Thanks,
>
> Jonathan
>
> > ---
> > hw/cxl/cxl-device-utils.c | 131
> > hw/cxl/cxl-mailbox-utils.c | 93 +
> > hw/cxl/meson.build | 1 +
> > include/hw/cxl/cxl.h| 3 +
> > include/hw/cxl/cxl_device.h | 10 ++-
> > 5 files changed, 237 insertions(+), 1 deletion(-)
> > create mode 100644 hw/cxl/cxl-mailbox-utils.c
> >
> > diff --git a/hw/cxl/cxl-device-utils.c b/hw/cxl/cxl-device-utils.c
> > index 78144e103c..aec8b0d421 100644
> > --- a/hw/cxl/cxl-device-utils.c
> > +++ b/hw/cxl/cxl-device-utils.c
> > @@ -55,6 +55,123 @@ static uint64_t dev_reg_read(void *opaque, hwaddr
> > offset, unsigned size)
> > return ldn_le_p(&retval, size);
> > }
> >
> > +static uint64_t mailbox_reg_read(void *opaque, hwaddr offset, unsigned
> > size)
> > +{
> > +CXLDeviceState *cxl_dstate = opaque;
> > +
> > +switch (size) {
> > +case 4:
> > +if (unlikely(offset & (sizeof(uint32_t) - 1))) {
> > +qemu_log_mask(LOG_UNIMP, "Unaligned register read\n");
> > +return 0;
> > +}
> > +break;
> > +case 8:
> > +if (unlikely(offset & (sizeof(uint64_t) - 1))) {
> > +qemu_log_mask(LOG_UNIMP, "Unaligned register read\n");
> > +return 0;
> > +}
> > +break;
> > +default:
> > +qemu_log_mask(LOG_UNIMP, "%uB component register read\n", size);
> > +return 0;
> > +}
> > +
> > +return ldn_le_p(cxl_dstate->mbox_reg_state + offset, size);
> > +}
> > +
> > +static void mailbox_mem_writel(uint32_t *reg_state, hwaddr offset,
> > + uint64_t value)
> > +{
> > +switch (offset) {
> > +case A_CXL_DEV_MAILBOX_CTRL:
> > +/* fallthrough */
> > +case A_CXL_DEV_MAILBOX_CAP:
> > +/* RO register */
> > +break;
> > +default:
> > +qemu_log_mask(LOG_UNIMP,
> > + "%s Unexpected 32-bit access to 0x%" PRIx64 "
> > (WI)\n",
> > + __func__, offset);
> > +break;
> > +}
> > +
> > +stl_le_p((uint8_t *)reg_state + offset, value);
> > +}
> > +
> > +static void mailbox_mem_writeq(uint64_t *reg_state, hwaddr offset,
> > + uint64_t value)
> > +{
> > +switch (offset) {
> > +case A_CXL_DEV_MAILBOX_CMD:
> > +break;
> > +case A_CXL_DEV_BG_CMD_STS:
> > +/* BG not supported */
> > +/* fallthrough */
> > +case A_CXL_DEV_MAILBOX_STS:
> > +/* Read only register, will get updated by the state machine */
> > +return;
> > +case A_CXL_DEV_MAILBOX_CAP:
> > +case A_CXL_DEV_MAILBOX_CTRL:
>
> I wouldn't bother listing these here given you don't list the MAILBOX_STS etc
> in
> the 32 bit version.
>
> > +default:
> > +qemu_log_mask(LOG_UNIMP,
> > + "%s Unexpected 64-bit access to 0x%" PRIx64 "
> > (WI)\n",
> > + __func__, offset);
> > +return;
> > +}
> > +
> > +stq_le_p((uint8_t *)reg_state + offset, value);
> > +}
> > +
> > +static void mailbox_reg_write(void *opaque, hwaddr offset, uint64_t value,
> > + unsigned size)
> > +{
> > +CXLDeviceState *cxl_dstate = opaque;
> > +
> > +/*
> > + * Lock is needed to prevent concurrent writes as well as to prevent
> > writes
> > + * coming in while the firmware is processing. Without background
> > commands
> > + * or the second mailbox implemented, this serves no purpose since the
> > + * memory access is synchronized at a higher level (per memory region).
> > + */
> > +RCU_READ_LOCK_GUARD();
> > +
> > +switch (size) {
> > +case 4:
> > +if (unlikely(offset & (sizeof(uint32_t) - 1))) {
> > +qemu_log_mask(LOG_UNIMP, "Unaligned register read\n");
> > +return;
> > +}
> > +mailbox_mem_writel(cxl_dstate->mbox_reg_state32, offset, value);
> > +break;
> > +case 8:
> > +if (unlikely(offset & (sizeof(uint64_t) - 1))) {
> > +qemu_log_mask(LOG_UNIMP, "Unaligned register read\n");
> > +return;
> > +}
> > +mailbox_mem_writeq(cxl_dstate->mbox_reg_state64, offset, value);
> > +break;
> > +}
> > +
> > +if (ARRAY_FIELD_EX32(cxl_dstate->mbox_reg_state32,
> > CXL_DEV_MAILBOX_CTRL,
> > + DOORBELL))
> > +process_mailbox(cxl_dstate);
> > +}
> > +
> > +static const MemoryRegionOps mailbox_ops = {
> > +.read = mailbox_reg_read,
> > +.write = mailbox_reg_write,
> > +.endianness = DEVICE_LITTLE_ENDIAN,
> > +
[PATCH for-5.2] s390x/pci: Unregister listeners before destroying IOMMU address space
Hot-unplugging a vfio-pci device on s390x causes a QEMU crash:
qemu-system-s390x: ../softmmu/memory.c:2772:
do_address_space_destroy: Assertion `QTAILQ_EMPTY(&as->listeners)' failed.
In s390, the IOMMU address space is freed during device unplug but the
associated vfio-pci device may not yet be finalized and therefore may
still have a listener registered to the IOMMU address space.
Commit a2166410ad74 ("spapr_pci: Unregister listeners before destroying
the IOMMU address space") previously resolved this issue for spapr_pci.
We are now seeing this in s390x; it would seem the possibility for this
issue was already present but based on a bisect commit 2d24a6466154
("device-core: use RCU for list of children of a bus") has now changed
the timing such that it is now readily reproducible.
Add logic to ensure listeners are removed before destroying the address
space.
Reported-by: Niklas Schnelle
Signed-off-by: Matthew Rosato
Reviewed-by: Pierre Morel
Tested-by: Niklas Schnelle
---
hw/s390x/s390-pci-bus.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index 48a3be8..e0dc20c 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -732,6 +732,13 @@ static void s390_pci_iommu_free(S390pciState *s, PCIBus
*bus, int32_t devfn)
table->iommu[PCI_SLOT(devfn)] = NULL;
g_hash_table_destroy(iommu->iotlb);
+/*
+ * An attached PCI device may have memory listeners, eg. VFIO PCI.
+ * The associated subregion will already have been unmapped in
+ * s390_pci_iommu_disable in response to the guest deconfigure request.
+ * Remove the listeners now before destroying the address space.
+ */
+address_space_remove_listeners(&iommu->as);
address_space_destroy(&iommu->as);
object_unparent(OBJECT(&iommu->mr));
object_unparent(OBJECT(iommu));
--
1.8.3.1
[PATCH] meson: Fixes curses detection on msys2
Fixes regression on curses detection in msys2
by commit#925a40df2828d32d3aaaf022282cba81082fb263
Signed-off-by: Yonggang Luo
---
meson.build | 13 +
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/meson.build b/meson.build
index bbff0880f4..8695f7d1c2 100644
--- a/meson.build
+++ b/meson.build
@@ -494,10 +494,15 @@ if have_system and not get_option('curses').disabled()
return 0;
}'''
- curses = dependency((targetos == 'windows' ? 'ncurses' : 'ncursesw'),
- required: false,
- method: 'pkg-config',
- static: enable_static)
+ curses_dep_list = targetos == 'windows' ? ['ncurses', 'ncursesw'] :
['ncursesw']
+ foreach curses_dep : curses_dep_list
+if not curses.found()
+ curses = dependency(curses_dep,
+ required: false,
+ method: 'pkg-config',
+ static: enable_static)
+endif
+ endforeach
msg = get_option('curses').enabled() ? 'curses library not found' : ''
if curses.found()
if cc.links(curses_test, dependencies: [curses])
--
2.28.0.windows.1
Re: [RFC PATCH 06/25] hw/cxl/device: Add device status (8.2.8.3)
On 20-11-16 13:16:08, Jonathan Cameron wrote:
> On Tue, 10 Nov 2020 21:47:05 -0800
> Ben Widawsky wrote:
>
> > This implements the CXL device status registers from 8.2.8.3.1 in the
> > CXL 2.0 specification. It is capability ID 0001h.
> >
> > Signed-off-by: Ben Widawsky
>
> It does some other stuff it shouldn't as well. Please tidy that up before
> v2. A few other passing comments inline.
>
> Thanks,
>
> Jonathan
>
>
> > ---
> > hw/cxl/cxl-device-utils.c | 45 +-
> > include/hw/cxl/cxl_device.h | 49 -
> > 2 files changed, 60 insertions(+), 34 deletions(-)
> >
> > diff --git a/hw/cxl/cxl-device-utils.c b/hw/cxl/cxl-device-utils.c
> > index a391bb15c6..78144e103c 100644
> > --- a/hw/cxl/cxl-device-utils.c
> > +++ b/hw/cxl/cxl-device-utils.c
> > @@ -33,6 +33,42 @@ static uint64_t caps_reg_read(void *opaque, hwaddr
> > offset, unsigned size)
> > return ldn_le_p(cxl_dstate->caps_reg_state + offset, size);
> > }
> >
> > +static uint64_t dev_reg_read(void *opaque, hwaddr offset, unsigned size)
> > +{
> > +uint64_t retval = 0;
>
> Doesn't seem to be used.
>
It's required for ldn_le_p, or did you mean something else?
> > +
>
> Perhaps break the alignment check out to a utility function given this sanity
> check
> is same as in previous patch.
>
> > +switch (size) {
> > +case 4:
> > +if (unlikely(offset & (sizeof(uint32_t) - 1))) {
> > +qemu_log_mask(LOG_UNIMP, "Unaligned register read\n");
> > +return 0;
> > +}
> > +break;
> > +case 8:
> > +if (unlikely(offset & (sizeof(uint64_t) - 1))) {
> > +qemu_log_mask(LOG_UNIMP, "Unaligned register read\n");
> > +return 0;
> > +}
> > +break;
> > +}
> > +
> > +return ldn_le_p(&retval, size);
> > +}
> > +
> > +static const MemoryRegionOps dev_ops = {
> > +.read = dev_reg_read,
> > +.write = NULL,
> > +.endianness = DEVICE_LITTLE_ENDIAN,
> > +.valid = {
> > +.min_access_size = 4,
> > +.max_access_size = 8,
> > +},
> > +.impl = {
> > +.min_access_size = 4,
> > +.max_access_size = 8,
> > +},
> > +};
> > +
> > static const MemoryRegionOps caps_ops = {
> > .read = caps_reg_read,
> > .write = NULL,
> > @@ -56,18 +92,25 @@ void cxl_device_register_block_init(Object *obj,
> > CXLDeviceState *cxl_dstate)
> >
> > memory_region_init_io(&cxl_dstate->caps, obj, &caps_ops, cxl_dstate,
> >"cap-array", CXL_DEVICE_REGISTERS_OFFSET - 0);
> > +memory_region_init_io(&cxl_dstate->device, obj, &dev_ops, cxl_dstate,
> > + "device-status", CXL_DEVICE_REGISTERS_LENGTH);
> >
> > memory_region_add_subregion(&cxl_dstate->device_registers, 0,
> > &cxl_dstate->caps);
> > +memory_region_add_subregion(&cxl_dstate->device_registers,
> > +CXL_DEVICE_REGISTERS_OFFSET,
> > +&cxl_dstate->device);
> > }
> >
> > void cxl_device_register_init_common(CXLDeviceState *cxl_dstate)
> > {
> > uint32_t *cap_hdrs = cxl_dstate->caps_reg_state32;
> > -const int cap_count = 0;
> > +const int cap_count = 1;
> >
> > /* CXL Device Capabilities Array Register */
> > ARRAY_FIELD_DP32(cap_hdrs, CXL_DEV_CAP_ARRAY, CAP_ID, 0);
> > ARRAY_FIELD_DP32(cap_hdrs, CXL_DEV_CAP_ARRAY, CAP_VERSION, 1);
> > ARRAY_FIELD_DP32(cap_hdrs, CXL_DEV_CAP_ARRAY2, CAP_COUNT, cap_count);
> > +
> > +cxl_device_cap_init(cxl_dstate, DEVICE, 1);
> > }
> > diff --git a/include/hw/cxl/cxl_device.h b/include/hw/cxl/cxl_device.h
> > index 491eca6e05..2c674fdc9c 100644
> > --- a/include/hw/cxl/cxl_device.h
> > +++ b/include/hw/cxl/cxl_device.h
> > @@ -127,6 +127,22 @@ CXL_DEVICE_CAPABILITY_HEADER_REGISTER(DEVICE,
> > CXL_DEVICE_CAP_HDR1_OFFSET)
> > CXL_DEVICE_CAPABILITY_HEADER_REGISTER(MAILBOX, CXL_DEVICE_CAP_HDR1_OFFSET
> > + \
> > CXL_DEVICE_CAP_REG_SIZE)
> >
> > +#define cxl_device_cap_init(dstate, reg, cap_id)
> > \
> > +do {
> > \
> > +uint32_t *cap_hdrs = dstate->caps_reg_state32;
> > \
> > +int which = R_CXL_DEV_##reg##_CAP_HDR0;
> > \
> > +cap_hdrs[which] =
> > \
> > +FIELD_DP32(cap_hdrs[which], CXL_DEV_##reg##_CAP_HDR0, CAP_ID,
> > cap_id); \
> > +cap_hdrs[which] = FIELD_DP32(
> > \
> > +cap_hdrs[which], CXL_DEV_##reg##_CAP_HDR0, CAP_VERSION, 1);
> > \
> > +cap_hdrs[which + 1] =
> > \
> > +
Re: [PATCH for-6.0 1/6] qapi: Add query-accel command
On Mon, Nov 16, 2020 at 10:20:04AM -0600, Eric Blake wrote:
> On 11/16/20 7:10 AM, Roman Bolshakov wrote:
> > There's a problem for management applications to determine if certain
> > accelerators available. Generic QMP command should help with that.
> >
> > Signed-off-by: Roman Bolshakov
> > ---
> > monitor/qmp-cmds.c | 15 +++
> > qapi/machine.json | 19 +++
> > 2 files changed, 34 insertions(+)
> >
>
> > +++ b/qapi/machine.json
> > @@ -591,6 +591,25 @@
> > ##
> > { 'command': 'query-kvm', 'returns': 'KvmInfo' }
> >
> > +##
> > +# @query-accel:
> > +#
> > +# Returns information about an accelerator
> > +#
> > +# Returns: @KvmInfo
> > +#
> > +# Since: 6.0.0
>
> We're inconsistent on whether we have 'Since: x.y' or 'Since: x.y.z',
> although I prefer the shorter form. Maybe Markus has an opnion on that.
>
> > +#
> > +# Example:
> > +#
> > +# -> { "execute": "query-accel", "arguments": { "name": "kvm" } }
> > +# <- { "return": { "enabled": true, "present": true } }
> > +#
> > +##
> > +{ 'command': 'query-accel',
> > + 'data': { 'name': 'str' },
> > + 'returns': 'KvmInfo' }
>
> '@name' is undocumented and an open-coded string. Better would be
> requiring 'name' to be one of an enum type. [...]
This seem similar to CPU models, machine types, device types, and
backend object types: the set of valid values is derived from the
list of subtypes of a QOM type. We don't duplicate lists of QOM
types in the QAPI schema, today.
Do we want to duplicate the list of accelerators in the QAPI
schema, or should we wait for a generic solution that works for
any QOM type?
> [...] Even better would be
> returning an array of KvmInfo with information on all supported
> accelerators at once, rather than making the user call this command once
> per name.
Maybe. It would save us the work of answering the question
above, but is this (querying information for all accelerators at
once) going to be a common use case?
--
Eduardo
Re: [RFC PATCH 04/25] hw/cxl/device: Introduce a CXL device (8.2.8)
On 20-11-16 13:07:56, Jonathan Cameron wrote: > On Tue, 10 Nov 2020 21:47:03 -0800 > Ben Widawsky wrote: > > > A CXL device is a type of CXL component. Conceptually, a CXL device > > would be a leaf node in a CXL topology. From an emulation perspective, > > CXL devices are the most complex and so the actual implementation is > > reserved for discrete commits. > > > > This new device type is specifically catered towards the eventually > > implementation of a Type3 CXL.mem device, 8.2.8.5 in the CXL 2.0 > > specification. > > > > Signed-off-by: Ben Widawsky > > As an RFC, would be good to have questions relavant to individual > patches if possible. Makes it easier to know what you want feedback on. > > The REG32 being used for 64 bit registers seems awkward. I'd suggest > we either break them up into DW and deal with the edge parts manually. > > I'm not sure a REG64 definition would work due to lack of explicit alignment > guarantees. Might be fine though. Agreed, although I think the current frequency with which I've had to do this, and the XXX comments are decent, it's definitely a bit ugly. I found at least two registers (I don't recall one, but the very important command register was the other that you noticed below) which have a field that straddles the 32b boundary. I think having to do an upper and lower field for that would kind of stink. Given that the codebase has gone on long enough without REG64, I didn't want to poke that bear, although I had wired it up at some point. So for now, I'd like to just leave these as they are. > > One buglet inline and a few other comments. > > Jonathan Thanks. Anything not responded to is acknowledged and will hopefully make its way into v2. > > > > --- > > include/hw/cxl/cxl.h| 1 + > > include/hw/cxl/cxl_device.h | 193 > > 2 files changed, 194 insertions(+) > > create mode 100644 include/hw/cxl/cxl_device.h > > > > diff --git a/include/hw/cxl/cxl.h b/include/hw/cxl/cxl.h > > index 55f6cc30a5..23f52c4cf9 100644 > > --- a/include/hw/cxl/cxl.h > > +++ b/include/hw/cxl/cxl.h > > @@ -12,6 +12,7 @@ > > > > #include "cxl_pci.h" > > #include "cxl_component.h" > > +#include "cxl_device.h" > > > > #endif > > > > diff --git a/include/hw/cxl/cxl_device.h b/include/hw/cxl/cxl_device.h > > new file mode 100644 > > index 00..491eca6e05 > > --- /dev/null > > +++ b/include/hw/cxl/cxl_device.h > > @@ -0,0 +1,193 @@ > > +/* > > + * QEMU CXL Devices > > + * > > + * Copyright (c) 2020 Intel > > + * > > + * This work is licensed under the terms of the GNU GPL, version 2. See the > > + * COPYING file in the top-level directory. > > + */ > > + > > +#ifndef CXL_DEVICE_H > > +#define CXL_DEVICE_H > > + > > +#include "hw/register.h" > > + > > +/* > > + * The following is how a CXL device's MMIO space is laid out. The only > > + * requirement from the spec is that the capabilities array and the > > capability > > + * headers start at offset 0 and are contiguously packed. The headers > > themselves > > + * provide offsets to the register fields. For this emulation, registers > > will > > + * start at offset 0x80 (m == 0x80). No secondary mailbox is implemented > > which > > + * means that n = m + sizeof(mailbox registers) + sizeof(device registers). > > + * > > + * This is roughly described in 8.2.8 Figure 138 of the CXL 2.0 spec. > > + * > > + * n + PAYLOAD_SIZE_MAX +-+ > > + * | | > > + * ^| | > > + * || | > > + * || | > > + * || | > > + * || Command Payload | > > + * || | > > + * || | > > + * || | > > + * || | > > + * || | > > + * n+-+ > > + * ^| | > > + * ||Device Capability Registers | > > + * ||x, mailbox, y| > > + * || | > > + * m+-+ > > + * ^| Device Capability Header y | > > + * |+-+ > > + * || Device Capability Header Mailbox| > > + * |+- > > + * || Device Capability Header x | > > + * |+-+ > > + *
[PULL 0/2] NBD patches for -rc2, 2020-11-16
The following changes since commit cb5ed407a1ddadf788fd373fed41c87c9e81e5b0: Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-11-15' into staging (2020-11-16 17:00:36 +) are available in the Git repository at: https://repo.or.cz/qemu/ericb.git tags/pull-nbd-2020-11-16 for you to fetch changes up to 2f3c1fd39668b9e565a4e0ba1d62ff5db05d62a5: iotests: Replace deprecated ConfigParser.readfp() (2020-11-16 14:51:12 -0600) nbd patches for 2020-11-16 - silence Coverity false positive - modernize iotests python code related to nbd Eric Blake (1): nbd: Silence Coverity false positive Kevin Wolf (1): iotests: Replace deprecated ConfigParser.readfp() nbd/server.c | 4 ++-- tests/qemu-iotests/nbd-fault-injector.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) -- 2.28.0
[PULL 1/2] nbd: Silence Coverity false positive
Coverity noticed (CID 1436125) that we check the return value of
nbd_extent_array_add in most places, but not at the end of
bitmap_to_extents(). The return value exists to break loops before a
future iteration, so there is nothing to check if we are already done
iterating. Adding a cast to void, plus a comment why, pacifies
Coverity.
Signed-off-by: Eric Blake
Message-Id: <2020163510.713855-1-ebl...@redhat.com>
[eblake: Prefer cast to void over odd && usage]
Reviewed-by: Richard Henderson
---
nbd/server.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/nbd/server.c b/nbd/server.c
index d145e1a69083..613ed2634ada 100644
--- a/nbd/server.c
+++ b/nbd/server.c
@@ -2129,8 +2129,8 @@ static void bitmap_to_extents(BdrvDirtyBitmap *bitmap,
}
if (!full) {
-/* last non dirty extent */
-nbd_extent_array_add(es, end - start, 0);
+/* last non dirty extent, nothing to do if array is now full */
+(void) nbd_extent_array_add(es, end - start, 0);
}
bdrv_dirty_bitmap_unlock(bitmap);
--
2.28.0
[PULL 2/2] iotests: Replace deprecated ConfigParser.readfp()
From: Kevin Wolf iotest 277 fails on Fedora 33 (Python 3.9) because a deprecation warning changes the output: nbd-fault-injector.py:230: DeprecationWarning: This method will be removed in future versions. Use 'parser.read_file()' instead. In fact, readfp() has already been deprecated in Python 3.2 and the replacement has existed since the same version, so we can now unconditionally switch to read_file(). Signed-off-by: Kevin Wolf Message-Id: <20201113100602.15936-1-kw...@redhat.com> Reviewed-by: Eric Blake Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Eric Blake --- tests/qemu-iotests/nbd-fault-injector.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/qemu-iotests/nbd-fault-injector.py b/tests/qemu-iotests/nbd-fault-injector.py index 78f42c421432..6e11ef89b8b3 100755 --- a/tests/qemu-iotests/nbd-fault-injector.py +++ b/tests/qemu-iotests/nbd-fault-injector.py @@ -227,7 +227,7 @@ def parse_config(config): def load_rules(filename): config = configparser.RawConfigParser() with open(filename, 'rt') as f: -config.readfp(f, filename) +config.read_file(f, filename) return parse_config(config) def open_socket(path): -- 2.28.0
[Bug 1904464] [NEW] Build fails with 64 bits time_t
Public bug reported:
time element is deprecated on new input_event structure in kernel's
input.h [1]
This will avoid the following build failure:
hw/input/virtio-input-host.c: In function 'virtio_input_host_handle_status':
hw/input/virtio-input-host.c:198:28: error: 'struct input_event' has no member
named 'time'
198 | if (gettimeofday(&evdev.time, NULL)) {
|^
Fixes:
-
http://autobuild.buildroot.org/results/a538167e288c14208d557cd45446df86d3d599d5
-
http://autobuild.buildroot.org/results/efd4474fb4b6c0ce0ab3838ce130429c51e43bbb
[1]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=152194fe9c3f
** Affects: qemu
Importance: Undecided
Status: New
** Patch added: "0002-Fix-build-with-64-bits-time_t.patch"
https://bugs.launchpad.net/bugs/1904464/+attachment/5434882/+files/0002-Fix-build-with-64-bits-time_t.patch
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1904464
Title:
Build fails with 64 bits time_t
Status in QEMU:
New
Bug description:
time element is deprecated on new input_event structure in kernel's
input.h [1]
This will avoid the following build failure:
hw/input/virtio-input-host.c: In function 'virtio_input_host_handle_status':
hw/input/virtio-input-host.c:198:28: error: 'struct input_event' has no
member named 'time'
198 | if (gettimeofday(&evdev.time, NULL)) {
|^
Fixes:
-
http://autobuild.buildroot.org/results/a538167e288c14208d557cd45446df86d3d599d5
-
http://autobuild.buildroot.org/results/efd4474fb4b6c0ce0ab3838ce130429c51e43bbb
[1]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=152194fe9c3f
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1904464/+subscriptions
[PATCH] hvf: Fix value of MMU_PAGE_NX and add MMU_PAGE_RS
These are meant to correspond to the error code reported for #PF, so fix the definition for Instruction Fetch faults and add one for Reserved Bit faults (checking for that is currently a TODO in x86_mmu.c). Signed-off-by: Jessica Clarke --- target/i386/hvf/x86_mmu.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/target/i386/hvf/x86_mmu.h b/target/i386/hvf/x86_mmu.h index cd6e137e79..710adb82b5 100644 --- a/target/i386/hvf/x86_mmu.h +++ b/target/i386/hvf/x86_mmu.h @@ -34,7 +34,8 @@ #define MMU_PAGE_PT (1 << 0) #define MMU_PAGE_WT (1 << 1) #define MMU_PAGE_US (1 << 2) -#define MMU_PAGE_NX (1 << 3) +#define MMU_PAGE_RS (1 << 3) +#define MMU_PAGE_NX (1 << 4) bool mmu_gva_to_gpa(struct CPUState *cpu, target_ulong gva, uint64_t *gpa); -- 2.28.0
Re: [PATCH 5/7] scsi: Add mapping for generic SCSI_HOST status to sense codes
On 16/11/20 20:03, Hannes Reinecke wrote: + case SCSI_HOST_TARGET_FAILURE: + *sense = SENSE_CODE(TARGET_FAILURE); + return CHECK_CONDITION; + case SCSI_HOST_RESERVATION_ERROR: + return RESERVATION_CONFLICT; + case SCSI_HOST_ALLOCATION_FAILURE: + *sense = SENSE_CODE(SPACE_ALLOC_FAILED); + return CHECK_CONDITION; + case SCSI_HOST_MEDIUM_ERROR: + *sense = SENSE_CODE(READ_ERROR); + return CHECK_CONDITION; Can these actually be visible to userspace? I'd rather avoid having them in QEMU if possible. Otherwise, the patches are completely sensible. And I did it exactly for the opposite purpose: rather than painstakingly figuring out which codes _might_ be returned (and be utterly surprised if we missed some) add an interpretation for every _possible_ code, avoiding nasty surprises. And that certainly makes sense too. On the other hand it'd be nice if Linux was clearer about which the SCSI_HOST values are part of the userspace API and which are just an (ugly) implementation detail. Paolo
[PATCH] hvf: Gate RDTSCP on CPU_BASED2_RDTSCP, not just CPU_BASED_TSC_OFFSET
Buglink: https://bugs.launchpad.net/qemu/+bug/1894836
Signed-off-by: Jessica Clarke
---
target/i386/hvf/x86_cpuid.c | 4
1 file changed, 4 insertions(+)
diff --git a/target/i386/hvf/x86_cpuid.c b/target/i386/hvf/x86_cpuid.c
index 16762b6eb4..fc1f87ec57 100644
--- a/target/i386/hvf/x86_cpuid.c
+++ b/target/i386/hvf/x86_cpuid.c
@@ -122,6 +122,10 @@ uint32_t hvf_get_supported_cpuid(uint32_t func, uint32_t
idx,
CPUID_PAT | CPUID_PSE36 | CPUID_EXT2_MMXEXT | CPUID_MMX |
CPUID_FXSR | CPUID_EXT2_FXSR | CPUID_EXT2_PDPE1GB |
CPUID_EXT2_3DNOWEXT |
CPUID_EXT2_3DNOW | CPUID_EXT2_LM | CPUID_EXT2_RDTSCP |
CPUID_EXT2_NX;
+hv_vmx_read_capability(HV_VMX_CAP_PROCBASED2, &cap);
+if (!(cap & CPU_BASED2_RDTSCP)) {
+edx &= ~CPUID_EXT2_RDTSCP;
+}
hv_vmx_read_capability(HV_VMX_CAP_PROCBASED, &cap);
if (!(cap & CPU_BASED_TSC_OFFSET)) {
edx &= ~CPUID_EXT2_RDTSCP;
--
2.28.0
Re: [PATCH v3] s390/kvm: fix diag318 propagation and reset functionality
On 11/16/20 7:12 AM, Cornelia Huck wrote:
> On Fri, 13 Nov 2020 17:10:22 -0500
> Collin Walling wrote:
>
> [please remember to put qemu-devel on cc: as well]
>
>> The Control Program Name Code (CPNC) portion of the diag318
>> info must be set within the SIE block of each VCPU in the
>> configuration. The handler will iterate through each VCPU
>> and dirty the diag318_info reg to be synced with KVM on a
>> subsequent sync_regs call.
>>
>> Additionally, the diag318 info resets must be handled via
>> userspace. As such, QEMU will reset this value for each
>> VCPU during a modified clear, load normal, and load clear
>> reset event.
>>
>> Fixes: fabdada9357b ("s390: guest support for diagnose 0x318")
>> Signed-off-by: Collin Walling
>> ---
>>
>> Changelog:
>>
>> v3:
>> - moved loop outside of switch block
>> - added kvm_s390_set_diag318 function, called by
>> do_cpu_function (this is so other archs do
>> not complain)
>>
>> v2:
>> - added Fixes tag
>> - added CPU feat check in do_cpu function
>>
>> ---
>> hw/s390x/s390-virtio-ccw.c | 4
>> target/s390x/cpu.c | 7 +++
>> target/s390x/cpu.h | 1 +
>> target/s390x/kvm-stub.c| 4
>> target/s390x/kvm.c | 22 +-
>> target/s390x/kvm_s390x.h | 1 +
>> 6 files changed, 34 insertions(+), 5 deletions(-)
>
> Thanks, queued to s390-fixes.
>
> I plan to send a pull request tomorrow.
>
>
Much appreciated.
--
Regards,
Collin
Stay safe and stay healthy
[PATCH] hvf: Fix segment selector format
The Requested Privilege Level field is 2 bits, the Table Indicator field
is 1 bit and the Index field is the remaining 15 bits, with TI=0 meaning
GDT and TI=1 meaning LDT.
Signed-off-by: Jessica Clarke
---
target/i386/hvf/x86.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/target/i386/hvf/x86.h b/target/i386/hvf/x86.h
index bacade7b65..ea3e1b86b3 100644
--- a/target/i386/hvf/x86.h
+++ b/target/i386/hvf/x86.h
@@ -214,16 +214,16 @@ static inline uint32_t x86_call_gate_offset(x86_call_gate
*gate)
return (uint32_t)((gate->offset1 << 16) | gate->offset0);
}
-#define LDT_SEL 0
-#define GDT_SEL 1
+#define GDT_SEL 0
+#define LDT_SEL 1
typedef struct x68_segment_selector {
union {
uint16_t sel;
struct {
-uint16_t rpl:3;
+uint16_t rpl:2;
uint16_t ti:1;
-uint16_t index:12;
+uint16_t index:13;
};
};
} __attribute__ ((__packed__)) x68_segment_selector;
--
2.28.0
[PULL 0/5] Misc fixes for QEMU 5.2
The following changes since commit cb5ed407a1ddadf788fd373fed41c87c9e81e5b0: Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-11-15' into staging (2020-11-16 17:00:36 +) are available in the Git repository at: https://gitlab.com/bonzini/qemu.git tags/for-upstream for you to fetch changes up to 1370d61ae3c9934861d2349349447605202f04e9: memory: Skip dirty tracking for un-migratable memory regions (2020-11-16 13:22:25 -0500) Bug fixes David Hildenbrand (1): util/vfio-helpers.c: Use ram_block_discard_disable() in qemu_vfio_open_pci() Paolo Bonzini (2): scsi-disk: convert more errno values back to SCSI statuses target/i386: avoid theoretical leak on MCE injection Tom Lendacky (1): kvm/i386: Set proper nested state format for SVM Zenghui Yu (1): memory: Skip dirty tracking for un-migratable memory regions hw/scsi/scsi-disk.c | 19 +++ softmmu/memory.c | 5 - stubs/ram-block.c| 6 ++ target/i386/helper.c | 10 -- target/i386/kvm.c| 10 ++ util/vfio-helpers.c | 14 ++ 6 files changed, 53 insertions(+), 11 deletions(-) -- 2.26.2
[PULL 4/5] target/i386: avoid theoretical leak on MCE injection
g_strdup_printf is used twice to write to the same variable, which
can theoretically cause a leak. In practice, it is extremely
unlikely that a guest is seeing a recursive MCE and has disabled
CR4.MCE between the first and the second error, but we can fix it
and we can also make a slight improvement on the logic: CR4.MCE=0
causes a triple fault even for a non-recursive machine check, so
let's place its test first.
Signed-off-by: Paolo Bonzini
---
target/i386/helper.c | 10 --
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/target/i386/helper.c b/target/i386/helper.c
index 516ce0cad8..034f46bcc2 100644
--- a/target/i386/helper.c
+++ b/target/i386/helper.c
@@ -908,16 +908,14 @@ static void do_inject_x86_mce(CPUState *cs,
run_on_cpu_data data)
return;
}
-if (recursive) {
-need_reset = true;
-msg = g_strdup_printf("CPU %d: Previous MCE still in progress, "
- "raising triple fault", cs->cpu_index);
-}
-
if (!(cenv->cr[4] & CR4_MCE_MASK)) {
need_reset = true;
msg = g_strdup_printf("CPU %d: MCE capability is not enabled, "
"raising triple fault", cs->cpu_index);
+} else if (recursive) {
+need_reset = true;
+msg = g_strdup_printf("CPU %d: Previous MCE still in progress, "
+ "raising triple fault", cs->cpu_index);
}
if (need_reset) {
--
2.26.2
[Bug 1784919] Re: native libgfapi glusterfs support for virtio 9p filesystem passthrough
There are currently no plans to implement a GlusterFS fs driver backend for 9pfs in QEMU. Right now the status of 9p in QEMU is "odd fixes", which means there are currently no paid developers maintaining 9p, nor do current 9p maintainers have sufficient time to work on it on a daily basis. New 9p features for that reason are only likely to appear if there is an effort for the feature coming from outside. As xattrs are apparently not available with GlusterFS yet, you might want to try security_model=mapped-file with 9p as workaround instead: https://wiki.qemu.org/Documentation/9psetup -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1784919 Title: native libgfapi glusterfs support for virtio 9p filesystem passthrough Status in QEMU: New Bug description: I can add block devices on glusterfs natively to my virtual machines since qemu 1.3 I would like to see the same feature for virtio 9p filesystems added on my VM. Accessing a filesystem mounted on the Metal is my favorite solution for storage that is to be shared between more than one VM. But because my VMs are not running as root, they are not able to passthrough userids and gids to gluster-fuse. uid mapping is also not possible because no xattr support. So all I can do is either setting up seperate NFS Servers to bring the Filesystem in via Network, or to start qemu as root or to add fuse_xattr on top of glusterfs_fuse. I do expect however that the fastest and most relieable solution is to make something like this possible: -fsdev local,id=test_dev,path=gluster://this.node/test_mount,security_model=passthrough -device virtio-9p-pci,fsdev=test_dev,mount_tag=test_mount regards Hans To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1784919/+subscriptions
[PULL 2/5] util/vfio-helpers.c: Use ram_block_discard_disable() in qemu_vfio_open_pci()
From: David Hildenbrand
Currently, when using "nvme://" for a block device, like
-drive file=nvme://:01:00.0/1,if=none,id=drive0 \
-device virtio-blk,drive=drive0 \
VFIO may pin all guest memory, and discarding of RAM no longer works as
expected. I was able to reproduce this easily with my
01:00.0 Non-Volatile memory controller: Samsung Electronics Co Ltd
NVMe SSD Controller SM981/PM981/PM983
Similar to common VFIO, we have to disable it, making sure that:
a) virtio-balloon won't discard any memory ("silently disabled")
b) virtio-mem and nvme:// run mutually exclusive
Cc: Paolo Bonzini
Cc: "Michael S. Tsirkin"
Cc: Alex Williamson
Cc: Wei Yang
Cc: Dr. David Alan Gilbert
Cc: Igor Mammedov
Cc: Pankaj Gupta
Cc: Peter Xu
Signed-off-by: David Hildenbrand
Message-Id: <20201116105947.9194-1-da...@redhat.com>
Signed-off-by: Paolo Bonzini
---
stubs/ram-block.c | 6 ++
util/vfio-helpers.c | 14 ++
2 files changed, 20 insertions(+)
diff --git a/stubs/ram-block.c b/stubs/ram-block.c
index 73c0a3ee08..108197683b 100644
--- a/stubs/ram-block.c
+++ b/stubs/ram-block.c
@@ -1,6 +1,7 @@
#include "qemu/osdep.h"
#include "exec/ramlist.h"
#include "exec/cpu-common.h"
+#include "exec/memory.h"
void *qemu_ram_get_host_addr(RAMBlock *rb)
{
@@ -29,3 +30,8 @@ int qemu_ram_foreach_block(RAMBlockIterFunc func, void
*opaque)
{
return 0;
}
+
+int ram_block_discard_disable(bool state)
+{
+return 0;
+}
diff --git a/util/vfio-helpers.c b/util/vfio-helpers.c
index c469beb061..2bec48e163 100644
--- a/util/vfio-helpers.c
+++ b/util/vfio-helpers.c
@@ -16,6 +16,7 @@
#include "qapi/error.h"
#include "exec/ramlist.h"
#include "exec/cpu-common.h"
+#include "exec/memory.h"
#include "trace.h"
#include "qemu/error-report.h"
#include "standard-headers/linux/pci_regs.h"
@@ -494,8 +495,20 @@ QEMUVFIOState *qemu_vfio_open_pci(const char *device,
Error **errp)
int r;
QEMUVFIOState *s = g_new0(QEMUVFIOState, 1);
+/*
+ * VFIO may pin all memory inside mappings, resulting it in pinning
+ * all memory inside RAM blocks unconditionally.
+ */
+r = ram_block_discard_disable(true);
+if (r) {
+error_setg_errno(errp, -r, "Cannot set discarding of RAM broken");
+g_free(s);
+return NULL;
+}
+
r = qemu_vfio_init_pci(s, device, errp);
if (r) {
+ram_block_discard_disable(false);
g_free(s);
return NULL;
}
@@ -837,4 +850,5 @@ void qemu_vfio_close(QEMUVFIOState *s)
close(s->device);
close(s->group);
close(s->container);
+ram_block_discard_disable(false);
}
--
2.26.2
[PULL 3/5] scsi-disk: convert more errno values back to SCSI statuses
Linux has some OS-specific (and sometimes weird) mappings for various SCSI statuses and sense codes. The most important is probably RESERVATION CONFLICT. Add them so that they can be reported back to the guest kernel. Cc: Hannes Reinecke Signed-off-by: Paolo Bonzini --- hw/scsi/scsi-disk.c | 19 +++ 1 file changed, 19 insertions(+) diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index e859534eaf..90841ad791 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -461,6 +461,25 @@ static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed) } error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense)); break; +#ifdef CONFIG_LINUX +/* These errno mapping are specific to Linux. For more information: + * - scsi_decide_disposition in drivers/scsi/scsi_error.c + * - scsi_result_to_blk_status in drivers/scsi/scsi_lib.c + * - blk_errors[] in block/blk-core.c + */ +case EBADE: +/* DID_NEXUS_FAILURE -> BLK_STS_NEXUS. */ +scsi_req_complete(&r->req, RESERVATION_CONFLICT); +break; +case ENODATA: +/* DID_MEDIUM_ERROR -> BLK_STS_MEDIUM. */ +scsi_check_condition(r, SENSE_CODE(READ_ERROR)); +break; +case EREMOTEIO: +/* DID_TARGET_FAILURE -> BLK_STS_TARGET. */ +scsi_req_complete(&r->req, HARDWARE_ERROR); +break; +#endif case ENOMEDIUM: scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); break; -- 2.26.2
[PATCH v2] hw/char/cmsdk-apb-uart: Fix rx interrupt handling
Previously, the RX interrupt got missed if:
- the character backend provided next character before
the RX IRQ Handler managed to clear the currently served interrupt.
- the character backend provided next character while the RX interrupt
was disabled. Enabling the interrupt did not trigger the interrupt
even if the RXFULL status bit was set.
These bugs become apparent when the terminal emulator buffers the line
before sending it to qemu stdin (Eclipse IDE console does this).
---
Patch was tested on the mps2-an500 machine with
- a baremetal application using a USART_V2M-MPS2.c driver,
sourced from Keil.V2M-MPS2_CMx_BSP.1.7.0.pack
(available at https://www.keil.com/dd2/Pack/),
which invoked the aforementioned bugs.
The following command line was used
qemu-system-arm -M mps2-an500 -serial stdio -display none -device
loader,file=baremetal-app.elf
- uClinux system, built with the following instructions
https://community.arm.com/developer/tools-software/oss-platforms/w/docs/578/running-uclinux-on-the-arm-mps2-platform
The linux "mps2-uart" driver works and seems unaffected by this patch.
The following command line was used
qemu-system-arm -M mps2-an500 -serial stdio -display none -kernel boot.axf
-device loader,file=linux.axf
---
Changes:
- original patch -> v2:
Removed unnecessary check in uart_write, since this is sufficiently
handled in cmsdk_apb_uart_update
Better formatting, documentation.
Signed-off-by: Tadej Pecar
---
hw/char/cmsdk-apb-uart.c | 47 +++-
hw/char/trace-events | 1 +
2 files changed, 33 insertions(+), 15 deletions(-)
diff --git a/hw/char/cmsdk-apb-uart.c b/hw/char/cmsdk-apb-uart.c
index 626b68f2ec..d76ca76e01 100644
--- a/hw/char/cmsdk-apb-uart.c
+++ b/hw/char/cmsdk-apb-uart.c
@@ -96,19 +96,34 @@ static void uart_update_parameters(CMSDKAPBUART *s)
static void cmsdk_apb_uart_update(CMSDKAPBUART *s)
{
-/* update outbound irqs, including handling the way the rxo and txo
- * interrupt status bits are just logical AND of the overrun bit in
- * STATE and the overrun interrupt enable bit in CTRL.
+/*
+ * update outbound irqs
+ * (
+ * state [rxo, txo, rxbf, txbf ] at bit [3, 2, 1, 0]
+ * | intstatus [rxo, txo, rx, tx ] at bit [3, 2, 1, 0]
+ * )
+ * & ctrl[rxoe, txoe, rxe, txe ] at bit [5, 4, 3, 2]
+ * = masked_intstatus
+ *
+ * state: status register
+ * intstatus: pending interrupts and is sticky (has to be cleared by sw)
+ * masked_intstatus: masked (by ctrl) pending interrupts
+ *
+ * intstatus [rxo, txo, rx] bits are set here
+ * intstatus [tx] is managed in uart_transmit
*/
-uint32_t omask = (R_INTSTATUS_RXO_MASK | R_INTSTATUS_TXO_MASK);
-s->intstatus &= ~omask;
-s->intstatus |= (s->state & (s->ctrl >> 2) & omask);
-
-qemu_set_irq(s->txint, !!(s->intstatus & R_INTSTATUS_TX_MASK));
-qemu_set_irq(s->rxint, !!(s->intstatus & R_INTSTATUS_RX_MASK));
-qemu_set_irq(s->txovrint, !!(s->intstatus & R_INTSTATUS_TXO_MASK));
-qemu_set_irq(s->rxovrint, !!(s->intstatus & R_INTSTATUS_RXO_MASK));
-qemu_set_irq(s->uartint, !!(s->intstatus));
+s->intstatus |= s->state &
+(R_INTSTATUS_RXO_MASK | R_INTSTATUS_TXO_MASK | R_INTSTATUS_RX_MASK);
+
+uint32_t masked_intstatus = s->intstatus & (s->ctrl >> 2);
+
+trace_cmsdk_apb_uart_update(s->state, s->intstatus, masked_intstatus);
+
+qemu_set_irq(s->txint,!!(masked_intstatus & R_INTSTATUS_TX_MASK));
+qemu_set_irq(s->rxint,!!(masked_intstatus & R_INTSTATUS_RX_MASK));
+qemu_set_irq(s->txovrint, !!(masked_intstatus & R_INTSTATUS_TXO_MASK));
+qemu_set_irq(s->rxovrint, !!(masked_intstatus & R_INTSTATUS_RXO_MASK));
+qemu_set_irq(s->uartint, !!(masked_intstatus));
}
static int uart_can_receive(void *opaque)
@@ -144,9 +159,11 @@ static void uart_receive(void *opaque, const uint8_t *buf,
int size)
s->rxbuf = *buf;
s->state |= R_STATE_RXFULL_MASK;
-if (s->ctrl & R_CTRL_RX_INTEN_MASK) {
-s->intstatus |= R_INTSTATUS_RX_MASK;
-}
+
+/*
+ * Handled in cmsdk_apb_uart_update, in order to properly handle
+ * pending rx interrupt when rxen gets enabled
+ */
cmsdk_apb_uart_update(s);
}
diff --git a/hw/char/trace-events b/hw/char/trace-events
index 81026f6612..0821c8eb3a 100644
--- a/hw/char/trace-events
+++ b/hw/char/trace-events
@@ -68,6 +68,7 @@ pl011_put_fifo_full(void) "FIFO now full, RXFF set"
pl011_baudrate_change(unsigned int baudrate, uint64_t clock, uint32_t ibrd, uint32_t fbrd) "new baudrate %u (clk:
%" PRIu64 "hz, ibrd: %" PRIu32 ", fbrd: %" PRIu32 ")"
# cmsdk-apb-uart.c
+cmsdk_apb_uart_update(uint32_t state, uint32_t intstatus, uint32_t masked_intstatus)
"CMSDK APB UART update: state 0x%x intstatus 0x%x masked_intstatus 0x%x"
cmsdk_apb_uart_read(uint64_t offset, uint64_t data, unsigned size) "CMSDK APB UART read: off
[PULL 5/5] memory: Skip dirty tracking for un-migratable memory regions
From: Zenghui Yu
It makes no sense to track dirty pages for those un-migratable memory
regions (e.g., Memory BAR region of the VFIO PCI device) and doing so
will potentially lead to some unpleasant issues during migration [1].
Skip dirty tracking for those regions by evaluating if the region is
migratable before setting dirty_log_mask (DIRTY_MEMORY_MIGRATION).
[1] https://lists.gnu.org/archive/html/qemu-devel/2020-11/msg03757.html
Signed-off-by: Zenghui Yu
Message-Id: <20201116132210.1730-1-yuzeng...@huawei.com>
Reviewed-by: Cornelia Huck
Signed-off-by: Paolo Bonzini
---
softmmu/memory.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/softmmu/memory.c b/softmmu/memory.c
index 71951fe4dc..aa393f1bb0 100644
--- a/softmmu/memory.c
+++ b/softmmu/memory.c
@@ -1806,7 +1806,10 @@ bool memory_region_is_ram_device(MemoryRegion *mr)
uint8_t memory_region_get_dirty_log_mask(MemoryRegion *mr)
{
uint8_t mask = mr->dirty_log_mask;
-if (global_dirty_log && (mr->ram_block || memory_region_is_iommu(mr))) {
+RAMBlock *rb = mr->ram_block;
+
+if (global_dirty_log && ((rb && qemu_ram_is_migratable(rb)) ||
+ memory_region_is_iommu(mr))) {
mask |= (1 << DIRTY_MEMORY_MIGRATION);
}
return mask;
--
2.26.2
[PULL 1/5] kvm/i386: Set proper nested state format for SVM
From: Tom Lendacky
Currently, the nested state format is hardcoded to VMX. This will result
in kvm_put_nested_state() returning an error because the KVM SVM support
checks for the nested state to be KVM_STATE_NESTED_FORMAT_SVM. As a
result, kvm_arch_put_registers() errors out early.
Update the setting of the format based on the virtualization feature:
VMX - KVM_STATE_NESTED_FORMAT_VMX
SVM - KVM_STATE_NESTED_FORMAT_SVM
Also, fix the code formatting while at it.
Fixes: b16c0e20c7 ("KVM: add support for AMD nested live migration")
Cc: Eduardo Habkost
Cc: Richard Henderson
Cc: Paolo Bonzini
Cc: Marcelo Tosatti
Signed-off-by: Tom Lendacky
Message-Id:
Cc: qemu-sta...@nongnu.org
Signed-off-by: Paolo Bonzini
---
target/i386/kvm.c | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index cf46259534..a2934dda02 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -1820,12 +1820,14 @@ int kvm_arch_init_vcpu(CPUState *cs)
env->nested_state = g_malloc0(max_nested_state_len);
env->nested_state->size = max_nested_state_len;
-env->nested_state->format = KVM_STATE_NESTED_FORMAT_VMX;
if (cpu_has_vmx(env)) {
-vmx_hdr = &env->nested_state->hdr.vmx;
-vmx_hdr->vmxon_pa = -1ull;
-vmx_hdr->vmcs12_pa = -1ull;
+env->nested_state->format = KVM_STATE_NESTED_FORMAT_VMX;
+vmx_hdr = &env->nested_state->hdr.vmx;
+vmx_hdr->vmxon_pa = -1ull;
+vmx_hdr->vmcs12_pa = -1ull;
+} else {
+env->nested_state->format = KVM_STATE_NESTED_FORMAT_SVM;
}
}
}
--
2.26.2
[Bug 1505759] Re: Usb passthrough of devices plugged to AMD FCH USB OHCI Controller failing on q35.
I found a different arrangement that made it for me, so that particular case, I don't know if it works for me, or if it still fails the same, and versions has gone so far to check, I'd simply mark this invalid and forget of it. Best regards. José. ** Changed in: qemu Status: Incomplete => Invalid -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1505759 Title: Usb passthrough of devices plugged to AMD FCH USB OHCI Controller failing on q35. Status in QEMU: Invalid Bug description: I'm trying to setup a q35 vm with windows 7 guest for vga passthrough. The machine works well for this purpose, but the usb devices passed to the vm does not. I receive the following errors on screen: qemu-system-x86_64: libusb_release_interface: -4 [NO_DEVICE] libusb: error [_open_sysfs_attr} open /sys/bus/usb/devices/3-5/bConfigurationValue failed ret=-1 errno=2 qemu-system-x86_64: libusb_release_interface: -4 [NO_DEVICE] libusb: error [_open_sysfs_attr} open /sys/bus/usb/devices/4-1/bConfigurationValue failed ret=-1 errno=2 Disabling IRQ #18 Disabling IRQ #17 And from the system log I can see the following: Oct 13 20:13:25 koalita kernel: vfio-pci :01:00.1: enabling device (0400 -> 0402) Oct 13 20:13:29 koalita kernel: usb 3-5: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:30 koalita kernel: usb 4-1: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:30 koalita kernel: usb 10-2: reset low-speed USB device number 2 using xhci_hcd Oct 13 20:13:31 koalita kernel: usb 10-2: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:31 koalita kernel: usb 10-2: ep 0x1 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:31 koalita kernel: usb 3-5: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:31 koalita kernel: usb 10-2: reset low-speed USB device number 2 using xhci_hcd Oct 13 20:13:32 koalita kernel: usb 10-2: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:32 koalita kernel: usb 10-2: ep 0x1 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:32 koalita kernel: usb 4-1: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:33 koalita kernel: usb 3-5: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:33 koalita kernel: usb 4-1: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:34 koalita kernel: usb 3-5: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:34 koalita kernel: usb 10-2: reset low-speed USB device number 2 using xhci_hcd Oct 13 20:13:35 koalita kernel: usb 10-2: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:35 koalita kernel: usb 10-2: ep 0x1 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:35 koalita kernel: usb 10-2: reset low-speed USB device number 2 using xhci_hcd Oct 13 20:13:35 koalita kernel: usb 10-2: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:35 koalita kernel: usb 10-2: ep 0x1 - rounding interval to 64 microframes, ep desc says 80 microframes I tried to any combination of usb devices, and even disabling the ICH9 usb devices to make the setup looks close to the 440fx machine that is working for me. Version of qemu is 2.2.1(all newer versions fails on usb passthrough, even in 440fx machines), and kernel is 4.1.8. The script to launch it is the following: qemu-system-x86_64 -enable-kvm -M q35 -vga none -cpu host -smp 3,cores=3,threads=1 -m 6144 \ -L /usr/x86_64-pc-linux-gnu/usr/share/qemu \ -nodefaults -nodefconfig \ -device ioh3420,multifunction=on,id=pcie \ -device vfio-pci,host=01:00.0,addr=1c.0,x-vga=on,multifunction=on,bus=pcie \ -device vfio-pci,host=01:00.1,addr=1c.1,bus=pcie \ -netdev user,id=user.0 -device virtio-net-pci,netdev=user.0 \ -device usb-ehci,id=ehci -device nec-usb-xhci,id=xhci \ -usb -usbdevice host:03f0:134a -usbdevice host:03f0:0024 -usbdevice host:0079:0006 \ -drive file=q35_win7.img,format=raw,cache=none,aio=native,if=virtio Thanks! To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1505759/+subscriptions
Re: [PATCH 7/7] scsi: move host_status handling into SCSI drivers
On 11/16/20 7:58 PM, Paolo Bonzini wrote:
On 16/11/20 19:40, Hannes Reinecke wrote:
+ if (sreq->host_status == SCSI_HOST_OK) {
+ SCSISense sense;
+
+ sreq->status = scsi_sense_from_host_status(sreq->host_status,
&sense);
+ if (sreq->status == CHECK_CONDITION) {
+ scsi_req_build_sense(sreq, sense);
+ }
+ }
Should be != of course.
No.
scsi_req_build_sense() transfers the sense code from the second argument
into a proper SCSI sense. Which is only set if the status is
CHECK_CONDITION...
Cheers,
Hannes
--
Dr. Hannes ReineckeKernel Storage Architect
h...@suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), Geschäftsführer: Felix Imendörffer
[PATCH 00/11] Add QEMU debug support for SEV guests
From: Ashish Kalra
This patchset adds QEMU debug support for SEV guests. Debug requires access to
the guest pages, which is encrypted when SEV is enabled.
KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are available to
decrypt/encrypt the guest pages, if the guest policy allows for debugging.
Changes are made to the guest page table walker since SEV guest pte entries
will have the C-bit set.
Also introduces new MemoryDebugOps which hook into guest virtual and physical
memory debug interfaces such as cpu_memory_rw_debug,
to allow vendor specific assist/hooks for debugging and delegating accessing
the guest memory. This is used for example in case of
AMD SEV platform where the guest memory is encrypted and a SEV specific debug
assist/hook will be required to access the guest memory.
The MemoryDebugOps are used by cpu_memory_rw_debug() and default to
address_space_read and address_space_write_rom as described below.
typedef struct MemoryDebugOps {
MemTxResult (*read)(AddressSpace *as, hwaddr phys_addr,
MemTxAttrs attrs, void *buf,
hwaddr len);
MemTxResult (*write)(AddressSpace *as, hwaddr phys_addr,
MemTxAttrs attrs, const void *buf,
hwaddr len);
} MemoryDebugOps;
These ops would be used only by cpu_memory_rw_debug and would default to
static const MemoryDebugOps default_debug_ops = {
.translate = cpu_get_phys_page_attrs_debug,
.read = address_space_read,
.write = address_space_write_rom
};
static const MemoryDebugOps *debug_ops = &default_debug_ops;
Ashish Kalra (3):
exec: Add new MemoryDebugOps.
exec: Add address_space_read and address_space_write debug helpers.
sev/i386: add SEV specific MemoryDebugOps.
Brijesh Singh (8):
memattrs: add debug attribute
exec: add ram_debug_ops support
exec: add debug version of physical memory read and write API
monitor/i386: use debug APIs when accessing guest memory
kvm: introduce debug memory encryption API
sev/i386: add debug encrypt and decrypt commands
hw/i386: set ram_debug_ops when memory encryption is enabled
target/i386: clear C-bit when walking SEV guest page table
accel/kvm/kvm-all.c | 22
accel/kvm/sev-stub.c | 8 ++
accel/stubs/kvm-stub.c| 8 ++
hw/i386/pc.c | 9 ++
hw/i386/pc_sysfw.c| 6 +
include/exec/cpu-common.h | 18 +++
include/exec/memattrs.h | 2 +
include/exec/memory.h | 49
include/sysemu/kvm.h | 15 +++
include/sysemu/sev.h | 12 ++
monitor/misc.c| 4 +-
softmmu/cpus.c| 2 +-
softmmu/physmem.c | 170 +-
target/i386/kvm.c | 4 +
target/i386/monitor.c | 124 +++
target/i386/sev.c | 244 ++
target/i386/trace-events | 1 +
17 files changed, 642 insertions(+), 56 deletions(-)
--
2.17.1
[PULL for-5.2 1/1] qga: update schema for guest-get-disks 'dependents' field
The recently-added 'guest-get-disk' command returns a list of
GuestDiskInfo entries, which in turn have a 'dependents' field which
lists devices these entries are dependent upon. Thus, 'dependencies'
is a better name for this field. Address this by renaming the field
accordingly.
Additionally, 'dependents' is specified as non-optional, even though
it's not implemented for w32. This is misleading, since it gives users
the impression that a particular disk might not have dependencies,
when in reality that information is simply not known to the guest
agent. Address this by making 'dependents' an optional field, and only
marking it as in-use when the facilities to obtain this information are
available to the guest agent.
Cc: Eric Blake
Cc: Tomáš Golembiovský
Cc: Marc-André Lureau
Reviewed-by: Eric Blake
Reviewed-by: Marc-André Lureau
Signed-off-by: Michael Roth
---
qga/commands-posix.c | 10 ++
qga/qapi-schema.json | 8
2 files changed, 10 insertions(+), 8 deletions(-)
diff --git a/qga/commands-posix.c b/qga/commands-posix.c
index 12c1ba5ef7..c089e38120 100644
--- a/qga/commands-posix.c
+++ b/qga/commands-posix.c
@@ -1285,6 +1285,7 @@ static void get_disk_deps(const char *disk_dir,
GuestDiskInfo *disk)
g_debug("failed to list entries in %s", deps_dir);
return;
}
+disk->has_dependencies = true;
while ((dep = g_dir_read_name(dp_deps)) != NULL) {
g_autofree char *dep_dir = NULL;
strList *dep_item = NULL;
@@ -1297,8 +1298,8 @@ static void get_disk_deps(const char *disk_dir,
GuestDiskInfo *disk)
g_debug(" adding dependent device: %s", dev_name);
dep_item = g_new0(strList, 1);
dep_item->value = dev_name;
-dep_item->next = disk->dependents;
-disk->dependents = dep_item;
+dep_item->next = disk->dependencies;
+disk->dependencies = dep_item;
}
}
g_dir_close(dp_deps);
@@ -1351,8 +1352,9 @@ static GuestDiskInfoList *get_disk_partitions(
partition->name = dev_name;
partition->partition = true;
/* Add parent disk as dependent for easier tracking of hierarchy */
-partition->dependents = g_new0(strList, 1);
-partition->dependents->value = g_strdup(disk_dev);
+partition->dependencies = g_new0(strList, 1);
+partition->dependencies->value = g_strdup(disk_dev);
+partition->has_dependencies = true;
item = g_new0(GuestDiskInfoList, 1);
item->value = partition;
diff --git a/qga/qapi-schema.json b/qga/qapi-schema.json
index 6ca85f995f..3b3d1d0bd9 100644
--- a/qga/qapi-schema.json
+++ b/qga/qapi-schema.json
@@ -870,9 +870,9 @@
#
# @name: device node (Linux) or device UNC (Windows)
# @partition: whether this is a partition or disk
-# @dependents: list of dependent devices; e.g. for LVs of the LVM this will
-# hold the list of PVs, for LUKS encrypted volume this will
-# contain the disk where the volume is placed. (Linux)
+# @dependencies: list of device dependencies; e.g. for LVs of the LVM this will
+#hold the list of PVs, for LUKS encrypted volume this will
+#contain the disk where the volume is placed. (Linux)
# @address: disk address information (only for non-virtual devices)
# @alias: optional alias assigned to the disk, on Linux this is a name assigned
# by device mapper
@@ -880,7 +880,7 @@
# Since 5.2
##
{ 'struct': 'GuestDiskInfo',
- 'data': {'name': 'str', 'partition': 'bool', 'dependents': ['str'],
+ 'data': {'name': 'str', 'partition': 'bool', '*dependencies': ['str'],
'*address': 'GuestDiskAddress', '*alias': 'str'} }
##
--
2.25.1
Re: [PATCH 5/7] scsi: Add mapping for generic SCSI_HOST status to sense codes
On 11/16/20 7:57 PM, Paolo Bonzini wrote: On 16/11/20 19:40, Hannes Reinecke wrote: + case SCSI_HOST_TARGET_FAILURE: + *sense = SENSE_CODE(TARGET_FAILURE); + return CHECK_CONDITION; + case SCSI_HOST_RESERVATION_ERROR: + return RESERVATION_CONFLICT; + case SCSI_HOST_ALLOCATION_FAILURE: + *sense = SENSE_CODE(SPACE_ALLOC_FAILED); + return CHECK_CONDITION; + case SCSI_HOST_MEDIUM_ERROR: + *sense = SENSE_CODE(READ_ERROR); + return CHECK_CONDITION; Can these actually be visible to userspace? I'd rather avoid having them in QEMU if possible. Otherwise, the patches are completely sensible. And I did it exactly for the opposite purpose: rather than painstakingly figuring out which codes _might_ be returned (and be utterly surprised if we missed some) add an interpretation for every _possible_ code, avoiding nasty surprises. Cheers, Hannes -- Dr. Hannes ReineckeKernel Storage Architect h...@suse.de +49 911 74053 688 SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg HRB 36809 (AG Nürnberg), Geschäftsführer: Felix Imendörffer
Re: [PATCH for-6.0 1/6] qapi: Add query-accel command
On Mon, Nov 16, 2020 at 10:20:04AM -0600, Eric Blake wrote:
> On 11/16/20 7:10 AM, Roman Bolshakov wrote:
> > There's a problem for management applications to determine if certain
> > accelerators available. Generic QMP command should help with that.
> >
> > Signed-off-by: Roman Bolshakov
> > ---
> > monitor/qmp-cmds.c | 15 +++
> > qapi/machine.json | 19 +++
> > 2 files changed, 34 insertions(+)
> >
>
> > +++ b/qapi/machine.json
> > @@ -591,6 +591,25 @@
> > ##
> > { 'command': 'query-kvm', 'returns': 'KvmInfo' }
> >
> > +##
> > +# @query-accel:
> > +#
> > +# Returns information about an accelerator
> > +#
> > +# Returns: @KvmInfo
> > +#
> > +# Since: 6.0.0
>
> We're inconsistent on whether we have 'Since: x.y' or 'Since: x.y.z',
> although I prefer the shorter form. Maybe Markus has an opnion on that.
>
Sure, please let me know which one is better.
> > +#
> > +# Example:
> > +#
> > +# -> { "execute": "query-accel", "arguments": { "name": "kvm" } }
> > +# <- { "return": { "enabled": true, "present": true } }
> > +#
> > +##
> > +{ 'command': 'query-accel',
> > + 'data': { 'name': 'str' },
> > + 'returns': 'KvmInfo' }
>
> '@name' is undocumented and an open-coded string.
>
Thanks for catching that! I'll add documentation for the field.
> Better would be requiring 'name' to be one of an enum type.
I haven't found any enums available, that's why I used accel_find that
looks up accel from string in QOM.
> Even better would be returning an array of KvmInfo with information on
> all supported accelerators at once, rather than making the user call
> this command once per name.
>
I considered that, but wasn't sure if it's right or wrong. I'd prefer it
over the first option with enums. Likely, we can do that by iterating
all concerete accelerators:
object_class_get_list(TYPE_ACCEL, false);
name parameter can be then dropped and query-accel would be renamed to
query-accels.
The approach has a drawback - there's no way to return accelerators that
aren't compiled, i.e. kvm on macOS or hvf on Linux. I don't know if it's
an issue or not.
query-accels would only return all available accelerators registered via
QOM and one of them would be enabled.
I think I'd try to use query-accel in libvirt before proceeding with
query-accels. If it'll be apparent that query-accels is superior, then'd
go with it.
Thanks,
Roman
Re: [PATCH] kvm/i386: Set proper nested state format for SVM
On 16/11/20 19:25, Tom Lendacky wrote: On 11/16/20 12:09 PM, Paolo Bonzini wrote: On 16/11/20 18:02, Tom Lendacky wrote: From: Tom Lendacky Currently, the nested state format is hardcoded to VMX. This will result in kvm_put_nested_state() returning an error because the KVM SVM support checks for the nested state to be KVM_STATE_NESTED_FORMAT_SVM. As a result, kvm_arch_put_registers() errors out early. Update the setting of the format based on the virtualization feature: VMX - KVM_STATE_NESTED_FORMAT_VMX SVM - KVM_STATE_NESTED_FORMAT_SVM Looks good, but what are the symptoms of this in practice? I discovered this while testing my SEV-ES patches. When I specified the '+svm' feature, the new SEV-ES reset address for the APs wasn't getting set because kvm_arch_put_registers() erred out before it could call kvm_getput_regs(). This resulted in the guest crashing when OVMF tried to start the APs. For a non-SEV-ES guest, I'm not sure if other updates could be missed, potentially. Ok, thanks. It's certainly a potential source of bugs, I've queued the patch. Paolo
Re: [RFC PATCH 03/25] hw/cxl/component: Introduce CXL components (8.1.x, 8.2.5)
On 20-11-16 12:03:52, Jonathan Cameron wrote:
> On Tue, 10 Nov 2020 21:47:02 -0800
> Ben Widawsky wrote:
>
> > A CXL 2.0 component is any entity in the CXL topology. All components
> > have a analogous function in PCIe. Except for the CXL host bridge, all
> > have a PCIe config space that is accessible via the common PCIe
> > mechanisms. CXL components are enumerated via DVSEC fields in the
> > extended PCIe header space. CXL components will minimally implement some
> > subset of CXL.mem and CXL.cache registers defined in 8.2.5 of the CXL
> > 2.0 specification. Two headers and a utility library are introduced to
> > support the minimum functionality needed to enumerate components.
> >
> > The cxl_pci header manages bits associated with PCI, specifically the
> > DVSEC and related fields. The cxl_component.h variant has data
> > structures and APIs that are useful for drivers implementing any of the
> > CXL 2.0 components. The library takes care of making use of the DVSEC
> > bits and the CXL.[mem|cache] regisetrs.
> >
> > None of the mechanisms required to enumerate a CXL capable hostbridge
> > are introduced at this point.
> >
> > Note that the CXL.mem and CXL.cache registers used are always 4B wide.
> > It's possible in the future that this constraint will not hold.
> >
> > Signed-off-by: Ben Widawsky
> >
> > --
> > It's tempting to have a more generalized DVSEC infrastructure. As far as
> > I can tell, the amount this would actually save in terms of code is
> > minimal because most of DVESC is vendor specific.
>
> Agreed. Probably not worth bothering with generic infrastructure for 2.5 DW.
>
> A few comments inline.
>
> Jonathan
>
Anything I didn't respond to is accepted and will be in v2.
Thanks.
Ben
>
> > ---
> > MAINTAINERS| 6 ++
> > hw/Kconfig | 1 +
> > hw/cxl/Kconfig | 3 +
> > hw/cxl/cxl-component-utils.c | 192 +
> > hw/cxl/cxl-device-utils.c | 0
> > hw/cxl/meson.build | 3 +
> > hw/meson.build | 1 +
> > include/hw/cxl/cxl.h | 17 +++
> > include/hw/cxl/cxl_component.h | 181 +++
> > include/hw/cxl/cxl_pci.h | 133 +++
> > 10 files changed, 537 insertions(+)
> > create mode 100644 hw/cxl/Kconfig
> > create mode 100644 hw/cxl/cxl-component-utils.c
> > create mode 100644 hw/cxl/cxl-device-utils.c
> > create mode 100644 hw/cxl/meson.build
> > create mode 100644 include/hw/cxl/cxl.h
> > create mode 100644 include/hw/cxl/cxl_component.h
> > create mode 100644 include/hw/cxl/cxl_pci.h
> >
> > diff --git a/MAINTAINERS b/MAINTAINERS
> > index c1d16026ba..02b8e2274d 100644
> > --- a/MAINTAINERS
> > +++ b/MAINTAINERS
> > @@ -2184,6 +2184,12 @@ F: qapi/block*.json
> > F: qapi/transaction.json
> > T: git https://repo.or.cz/qemu/armbru.git block-next
> >
> > +Compute Express Link
> > +M: Ben Widawsky
> > +S: Supported
> > +F: hw/cxl/
> > +F: include/hw/cxl/
> > +
> > Dirty Bitmaps
> > M: Eric Blake
> > M: Vladimir Sementsov-Ogievskiy
> > diff --git a/hw/Kconfig b/hw/Kconfig
> > index 4de1797ffd..efed27805a 100644
> > --- a/hw/Kconfig
> > +++ b/hw/Kconfig
> > @@ -6,6 +6,7 @@ source audio/Kconfig
> > source block/Kconfig
> > source char/Kconfig
> > source core/Kconfig
> > +source cxl/Kconfig
> > source display/Kconfig
> > source dma/Kconfig
> > source gpio/Kconfig
> > diff --git a/hw/cxl/Kconfig b/hw/cxl/Kconfig
> > new file mode 100644
> > index 00..8e67519b16
> > --- /dev/null
> > +++ b/hw/cxl/Kconfig
> > @@ -0,0 +1,3 @@
> > +config CXL
> > +bool
> > +default y if PCI_EXPRESS
> > diff --git a/hw/cxl/cxl-component-utils.c b/hw/cxl/cxl-component-utils.c
> > new file mode 100644
> > index 00..c52bd5bfc7
> > --- /dev/null
> > +++ b/hw/cxl/cxl-component-utils.c
> > @@ -0,0 +1,192 @@
> > +/*
> > + * CXL Utility library for components
> > + *
> > + * Copyright(C) 2020 Intel Corporation.
> > + *
> > + * This work is licensed under the terms of the GNU GPL, version 2. See the
> > + * COPYING file in the top-level directory.
> > + */
> > +
> > +#include "qemu/osdep.h"
> > +#include "qemu/log.h"
> > +#include "hw/pci/pci.h"
> > +#include "hw/cxl/cxl.h"
> > +
> > +static uint64_t cxl_cache_mem_read_reg(void *opaque, hwaddr offset,
> > + unsigned size)
> > +{
> > +CXLComponentState *cxl_cstate = opaque;
> > +ComponentRegisters *cregs = &cxl_cstate->crb;
> > +uint32_t *cache_mem = cregs->cache_mem_registers;
> > +
> > +if (size != 4) {
> > +qemu_log_mask(LOG_UNIMP, "%uB component register read (RAZ)\n",
> > size);
> > +return 0;
> > +}
> > +
> > +if (cregs->special_ops && cregs->special_ops->read) {
> > +return cregs->special_ops->read(cxl_cstate, offset, size);
> > +} else {
> > +return cache_mem[offset >> 2];
> > +}
> > +}
> > +
> > +static void cxl_cache_
[Bug 1766841] Re: QEMU 2.12 Running Problem in Windows 7 Installation
The QEMU project is currently considering to move its bug tracking to another system. For this we need to know which bugs are still valid and which could be closed already. Thus we are setting older bugs to "Incomplete" now. If you still think this bug report here is valid, then please switch the state back to "New" within the next 60 days, otherwise this report will be marked as "Expired". Or mark it as "Fix Released" if the problem has been solved with a newer version of QEMU already. Thank you and sorry for the inconvenience. ** Changed in: qemu Status: Confirmed => Incomplete -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1766841 Title: QEMU 2.12 Running Problem in Windows 7 Installation Status in QEMU: Incomplete Bug description: QEMU Version: 2.12 (Binary installer qemu-w64-setup-20180424.exe from Stefan Weil's website so I am not sure I should report it to Weil by email or by this bug report system.) Host System: Windows 7 64bit Guest System: 9front 6350 (Codename“CONTENTS, MAINTAINED, STABLE”, Release 2018/02/02) QEMU Command: qemu-system-x86_64 -usb -device usb-mouse -hda plan9.qcow2.img -cdrom 9front-6350.iso -boot d QEMU warning: (qemu-system-x86_64.exe:8844): GdkPixbuf-WARNING **: Cannot open pixbuf loader module file 'D:\qemu\lib\gdk-pixbuf-2.0\2.10.0\loaders.cache': No such file or directory This likely means that your installation is broken. Try running the command gdk-pixbuf-query-loaders > D:\qemu\lib\gdk-pixbuf-2.0\2.10.0\loaders.cache to make things work again for the time being. (qemu-system-x86_64.exe:8844): Gtk-WARNING **: Could not find the icon 'window-minimize-symbolic-ltr'. The 'hicolor' theme was not found either, perhaps you need to install it. You can get a copy from: http://icon-theme.freedesktop.org/releases To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1766841/+subscriptions
[PULL for-5.2 0/1] qemu-ga patch queue for hard-freeze
The following changes since commit 2f7c9dd5181524ceaf75ba3ef8d84090b1e9e8d8: Merge remote-tracking branch 'remotes/kraxel/tags/fixes-20201116-pull-request' into staging (2020-11-16 14:19:31 +) are available in the Git repository at: git://github.com/mdroth/qemu.git tags/qga-pull-2020-11-16-tag for you to fetch changes up to a8aa94b5f8427cc2924d8cdd417c8014db1c86c0: qga: update schema for guest-get-disks 'dependents' field (2020-11-16 10:48:11 -0600) qemu-ga patch queue for hard-freeze * fixes for schema data-type declarations for guest-get-disks Michael Roth (1): qga: update schema for guest-get-disks 'dependents' field qga/commands-posix.c | 10 ++ qga/qapi-schema.json | 8 2 files changed, 10 insertions(+), 8 deletions(-)
Re: [PATCH 0/3] scsi: infinite guest hangs with scsi-disk
Patchew URL: https://patchew.org/QEMU/20201116183114.55703-1-h...@suse.de/ Hi, This series seems to have some coding style problems. See output below for more information: Message-id: 20201116183114.55703-1-h...@suse.de Type: series Subject: [PATCH 0/3] scsi: infinite guest hangs with scsi-disk === TEST SCRIPT BEGIN === #!/bin/bash git rev-parse base > /dev/null || exit 0 git config --local diff.renamelimit 0 git config --local diff.renames True git config --local diff.algorithm histogram ./scripts/checkpatch.pl --mailback base.. === TEST SCRIPT END === Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384 From https://github.com/patchew-project/qemu - [tag update] patchew/20201116104617.18333-1-peter.mayd...@linaro.org -> patchew/20201116104617.18333-1-peter.mayd...@linaro.org - [tag update] patchew/20201116165506.31315-1-epere...@redhat.com -> patchew/20201116165506.31315-1-epere...@redhat.com * [new tag] patchew/20201116183114.55703-1-h...@suse.de -> patchew/20201116183114.55703-1-h...@suse.de Switched to a new branch 'test' 350bcf1 scsi: add tracing for SG_IO commands 7ecf5b6 scsi: make io_timeout configurable 450c008 virtio-scsi: trace events === OUTPUT BEGIN === 1/3 Checking commit 450c008843e5 (virtio-scsi: trace events) ERROR: trailing whitespace #116: FILE: hw/scsi/virtio-scsi.c:797: + $ total: 1 errors, 0 warnings, 92 lines checked Patch 1/3 has style problems, please review. If any of these errors are false positives report them to the maintainer, see CHECKPATCH in MAINTAINERS. 2/3 Checking commit 7ecf5b611a5b (scsi: make io_timeout configurable) 3/3 Checking commit 350bcf121178 (scsi: add tracing for SG_IO commands) === OUTPUT END === Test command exited with code: 1 The full log is available at http://patchew.org/logs/20201116183114.55703-1-h...@suse.de/testing.checkpatch/?type=message. --- Email generated automatically by Patchew [https://patchew.org/]. Please send your feedback to patchew-de...@redhat.com
RE: [PATCH v4 3/4] hw/block/m25p80: Check SPI mode before running some Numonyx commands
Hi Francisco,
-Original Message-
From: Francisco Iglesias
Sent: Monday, November 16, 2020 7:59 AM
To: Joe Komlodi
Cc: qemu-devel@nongnu.org; philippe.mathieu.da...@gmail.com; Francisco Eduardo
Iglesias ; alist...@alistair23.me; qemu-bl...@nongnu.org;
mre...@redhat.com
Subject: Re: [PATCH v4 3/4] hw/block/m25p80: Check SPI mode before running some
Numonyx commands
Hi Joe,
On Thu, Nov 12, 2020 at 07:10:54PM -0800, Joe Komlodi wrote:
> Some Numonyx flash commands cannot be executed in DIO and QIO mode,
> such as trying to do DPP or DOR when in QIO mode.
>
> Signed-off-by: Joe Komlodi
> ---
> hw/block/m25p80.c | 134
> +-
> 1 file changed, 112 insertions(+), 22 deletions(-)
>
> diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c index
> eb6539f..2552f2c 100644
> --- a/hw/block/m25p80.c
> +++ b/hw/block/m25p80.c
> @@ -413,6 +413,12 @@ typedef enum {
> MAN_GENERIC,
> } Manufacturer;
>
> +typedef enum {
> +MODE_STD = 0,
> +MODE_DIO = 1,
> +MODE_QIO = 2
> +} SPIMode;
> +
> #define M25P80_INTERNAL_DATA_BUFFER_SZ 16
>
> struct Flash {
> @@ -820,6 +826,17 @@ static void reset_memory(Flash *s)
> trace_m25p80_reset_done(s);
> }
>
> +static uint8_t numonyx_get_mode(Flash *s) {
> +if (!(s->enh_volatile_cfg & EVCFG_QUAD_IO_DISABLED)) {
> +return MODE_QIO;
> +} else if (!(s->enh_volatile_cfg & EVCFG_DUAL_IO_DISABLED)) {
> +return MODE_DIO;
> +} else {
> +return MODE_STD;
> +}
> +}
> +
> static void decode_fast_read_cmd(Flash *s) {
> s->needed_bytes = get_addr_length(s); @@ -827,9 +844,11 @@ static
> void decode_fast_read_cmd(Flash *s)
> /* Dummy cycles - modeled with bytes writes instead of bits */
> case MAN_WINBOND:
> s->needed_bytes += 8;
> +s->state = STATE_COLLECTING_DATA;
> break;
> case MAN_NUMONYX:
> s->needed_bytes += extract32(s->volatile_cfg, 4, 4);
> +s->state = STATE_COLLECTING_DATA;
> break;
> case MAN_MACRONIX:
> if (extract32(s->volatile_cfg, 6, 2) == 1) { @@ -837,19
> +856,21 @@ static void decode_fast_read_cmd(Flash *s)
> } else {
> s->needed_bytes += 8;
> }
> +s->state = STATE_COLLECTING_DATA;
> break;
> case MAN_SPANSION:
> s->needed_bytes += extract32(s->spansion_cr2v,
> SPANSION_DUMMY_CLK_POS,
> SPANSION_DUMMY_CLK_LEN
> );
> +s->state = STATE_COLLECTING_DATA;
> break;
> default:
> +s->state = STATE_COLLECTING_DATA;
> break;
> }
> s->pos = 0;
> s->len = 0;
> -s->state = STATE_COLLECTING_DATA;
Above change in this function and the similar ones in below two functions don't
seem to be needed anymore (s->state = STATE_COLLECTING_DATA is being done in
all cases).
[Joe] Oops, I'll simplify that.
> }
>
> static void decode_dio_read_cmd(Flash *s) @@ -859,6 +880,7 @@ static
> void decode_dio_read_cmd(Flash *s)
> switch (get_man(s)) {
> case MAN_WINBOND:
> s->needed_bytes += WINBOND_CONTINUOUS_READ_MODE_CMD_LEN;
> +s->state = STATE_COLLECTING_DATA;
> break;
> case MAN_SPANSION:
> s->needed_bytes += SPANSION_CONTINUOUS_READ_MODE_CMD_LEN;
> @@ -866,9 +888,11 @@ static void decode_dio_read_cmd(Flash *s)
> SPANSION_DUMMY_CLK_POS,
> SPANSION_DUMMY_CLK_LEN
> );
> +s->state = STATE_COLLECTING_DATA;
> break;
> case MAN_NUMONYX:
> s->needed_bytes += extract32(s->volatile_cfg, 4, 4);
> +s->state = STATE_COLLECTING_DATA;
> break;
> case MAN_MACRONIX:
> switch (extract32(s->volatile_cfg, 6, 2)) { @@ -882,13
> +906,14 @@ static void decode_dio_read_cmd(Flash *s)
> s->needed_bytes += 4;
> break;
> }
> +s->state = STATE_COLLECTING_DATA;
> break;
> default:
> +s->state = STATE_COLLECTING_DATA;
> break;
> }
> s->pos = 0;
> s->len = 0;
> -s->state = STATE_COLLECTING_DATA;
> }
>
> static void decode_qio_read_cmd(Flash *s) @@ -899,6 +924,7 @@ static
> void decode_qio_read_cmd(Flash *s)
> case MAN_WINBOND:
> s->needed_bytes += WINBOND_CONTINUOUS_READ_MODE_CMD_LEN;
> s->needed_bytes += 4;
> +s->state = STATE_COLLECTING_DATA;
> break;
> case MAN_SPANSION:
> s->needed_bytes += SPANSION_CONTINUOUS_READ_MODE_CMD_LEN;
> @@ -906,9 +932,11 @@ static void decode_qio_read_cmd(Flash *s)
> SPANSION_DUMMY_CLK_POS,
> SPANSION_DUMMY_CLK_LEN
> );
> +s->state = STATE_COLLECTING_DATA;
> b
[PATCH 10/11] sev/i386: add SEV specific MemoryDebugOps.
From: Ashish Kalra
Add SEV specific MemoryDebugOps which override the default MemoryDebugOps
when SEV memory encryption is enabled. The SEV specific MemoryDebugOps
invoke the generic address_space_rw_debug helpers which will then invoke
the memory region specific callbacks to handle and access encrypted memory
when guest RAM is accessed.
Also invoke the memory encryption API to override any CPU class specific
callbacks to handle memory encryption.
Specifically for SEV we override CPU class specific guest MMU/page-table walker
to invoke a SEV specific handler which can handle guest encrypted memory and
also clear C-bit when walking SEV guest page table.
Signed-off-by: Ashish Kalra
---
accel/kvm/kvm-all.c | 1 +
accel/kvm/sev-stub.c | 4 +
include/sysemu/sev.h | 11 +++
target/i386/kvm.c| 4 +
target/i386/sev.c| 185 +++
5 files changed, 205 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 042205e3e1..6d812d5b09 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2234,6 +2234,7 @@ static int kvm_init(MachineState *ms)
kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
kvm_state->memcrypt_debug_ops_memory_region =
sev_set_debug_ops_memory_region;
+kvm_state->memcrypt_debug_ops_cpu_state = sev_set_debug_ops_cpu_state;
}
ret = kvm_arch_init(ms, s);
diff --git a/accel/kvm/sev-stub.c b/accel/kvm/sev-stub.c
index 3f1f0ef217..ad27226058 100644
--- a/accel/kvm/sev-stub.c
+++ b/accel/kvm/sev-stub.c
@@ -19,6 +19,10 @@ void sev_set_debug_ops_memory_region(void *handle,
MemoryRegion *mr)
{
}
+void sev_set_debug_ops_cpu_state(void *handle, CPUState *cpu)
+{
+}
+
int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
{
abort();
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index 6c37247915..e6f176b85b 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -19,4 +19,15 @@
void *sev_guest_init(const char *id);
int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len);
void sev_set_debug_ops_memory_region(void *handle, MemoryRegion *mr);
+void sev_set_debug_ops_cpu_state(void *handle, CPUState *cpu);
+hwaddr sev_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr,
+ MemTxAttrs *attrs);
+MemTxResult sev_address_space_read_debug(AddressSpace *as, hwaddr addr,
+ MemTxAttrs attrs, void *ptr,
+ hwaddr len);
+MemTxResult sev_address_space_write_rom_debug(AddressSpace *as,
+ hwaddr addr,
+ MemTxAttrs attrs,
+ const void *ptr,
+ hwaddr len);
#endif
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index cf46259534..7a2d10b745 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -1838,6 +1838,10 @@ int kvm_arch_init_vcpu(CPUState *cs)
kvm_init_msrs(cpu);
+if (kvm_memcrypt_enabled()) {
+kvm_memcrypt_set_debug_ops_cpu_state(cs);
+}
+
r = hyperv_init_vcpu(cpu);
if (r) {
goto fail;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 3036fb3e43..b942593bc8 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -843,6 +843,191 @@ sev_set_debug_ops_memory_region(void *handle,
MemoryRegion *mr)
memory_region_set_ram_debug_ops(mr, &sev_ops);
}
+hwaddr sev_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr,
+ MemTxAttrs *attrs)
+{
+X86CPU *cpu = X86_CPU(cs);
+CPUX86State *env = &cpu->env;
+target_ulong pde_addr, pte_addr;
+uint64_t pte;
+int32_t a20_mask;
+uint32_t page_offset;
+int page_size;
+uint64_t me_mask;
+
+me_mask = sev_get_me_mask();
+
+*attrs = cpu_get_mem_attrs(env);
+
+a20_mask = x86_get_a20_mask(env);
+if (!(env->cr[0] & CR0_PG_MASK)) {
+pte = addr & a20_mask;
+page_size = 4096;
+} else if (env->cr[4] & CR4_PAE_MASK) {
+target_ulong pdpe_addr;
+uint64_t pde, pdpe;
+
+#ifdef TARGET_X86_64
+if (env->hflags & HF_LMA_MASK) {
+bool la57 = env->cr[4] & CR4_LA57_MASK;
+uint64_t pml5e_addr, pml5e;
+uint64_t pml4e_addr, pml4e;
+int32_t sext;
+
+/* test virtual address sign extension */
+sext = la57 ? (int64_t)addr >> 56 : (int64_t)addr >> 47;
+if (sext != 0 && sext != -1) {
+return -1;
+}
+
+if (la57) {
+pml5e_addr = ((env->cr[3] & ~0xfff & me_mask) +
+(((addr >> 48) & 0x1ff) << 3)) & a20_mask;
+pml5e = ldq_phys_debug(cs, pml5e_addr) & me_mask;
+if (!(pml5e & PG_PRESENT_MASK)) {
+return -1;
+}
+} else {
Re: Property '.hmat' not found
On Mon, Nov 16, 2020 at 01:51:37PM +0100, Philippe Mathieu-Daudé wrote: > Cc'ing Igor & Eduardo. Thanks! > > On 11/13/20 10:17 AM, Jack wrote: > > Hi all, > > > > As I follow the document[1] to enable hmat, it fails and shows the message: > > qemu-system-x86_64: Property '.hmat' not found > > > > My QEMU version is 5.1.90 Do you have the output of `qemu-system-x86_64 -version`, and more information on how your binary was built? Output of `-machine help` and `-machine pc,help` would be useful to debug it, too. I can't reproduce it here. I've tested both qemu.git master (commit cb5ed407a1dd) and v5.2.0-rc (commit 3d6e32347a3b). [build/(cb5ed407a1...)]$ ./qemu-system-x86_64 -version QEMU emulator version 5.1.91 (v5.2.0-rc1-107-gcb5ed407a1) Copyright (c) 2003-2020 Fabrice Bellard and the QEMU Project developers [build/(cb5ed407a1...)]$ ./qemu-system-x86_64 -machine hmat=on -m 2G -object memory-backend-ram,size=1G,id=m0 -object memory-backend-ram,size=1G,id=m1 -smp 2 -numa node,nodeid=0,memdev=m0 -numa node,nodeid=1,memdev=m1,initiator=0 -numa cpu ,node-id=0,socket-id=0 -numa cpu,node-id=0,socket-id=1 -numa hmat-lb,initiator=0,target=0,hierarchy=memory,data-type=access-latency,latency=5 -numa hmat-lb,initiator=0,target=0,hierarchy=memory,data-type=access-bandwidth,bandwidth=200M -numa hmat-lb,initiator=0,target=1,hierarchy=memory,data-type=access-latency,latency=10 -numa hmat-lb,initiator=0,target=1,hierarchy=memory,data-type=access-bandwidth,bandwidth=100M -numa hmat-cache,node-id=0,size=10K,level=1,associativity=direct,policy=write-back,line=8 -numa hmat-cache,node-id=1,size=10K,level=1,associativity=direct,policy=write-back,line=8 -cpu host -vga virtio -accel kvm [VM boots] > > > > Does anyone know why? > > > > Here is my command: > > > > ``` > > $ sudo qemu-system-x86_64 \ > > -machine hmat=on \ > > -m 2G \ > > -object memory-backend-ram,size=1G,id=m0 \ > > -object memory-backend-ram,size=1G,id=m1 \ > > -smp 2 \ > > -numa node,nodeid=0,memdev=m0 \ > > -numa node,nodeid=1,memdev=m1,initiator=0 \ > > -numa cpu,node-id=0,socket-id=0 \ > > -numa cpu,node-id=0,socket-id=1 \ > > -numa > > hmat-lb,initiator=0,target=0,hierarchy=memory,data-type=access-latency,latency=5 > > \ > > -numa > > hmat-lb,initiator=0,target=0,hierarchy=memory,data-type=access-bandwidth,bandwidth=200M > > \ > > -numa > > hmat-lb,initiator=0,target=1,hierarchy=memory,data-type=access-latency,latency=10 > > \ > > -numa > > hmat-lb,initiator=0,target=1,hierarchy=memory,data-type=access-bandwidth,bandwidth=100M > > \ > > -numa > > hmat-cache,node-id=0,size=10K,level=1,associativity=direct,policy=write-back,line=8 > > \ > > -numa > > hmat-cache,node-id=1,size=10K,level=1,associativity=direct,policy=write-back,line=8 > > \ > > -cpu host \ > > -m 4g -vga virtio -hda ubuntu20.04.qcow2 \ > > -nic user,model=virtio \ > > -nic tap,model=e1000 \ > > -nic tap,model=e1000 \ > > -accel kvm > > ``` > > > > Thanks. > > > > [1] > > https://www.qemu.org/docs/master/system/qemu-manpage.html?highlight=numa > > > > > > Sincerely, > > Jack > > > -- Eduardo
[PATCH 06/11] monitor/i386: use debug APIs when accessing guest memory
From: Brijesh Singh
Update the HMP commands to use the debug version of APIs when accessing
guest memory.
Signed-off-by: Brijesh Singh
Signed-off-by: Ashish Kalra
---
monitor/misc.c| 4 ++--
softmmu/cpus.c| 2 +-
target/i386/monitor.c | 54 ---
3 files changed, 33 insertions(+), 27 deletions(-)
diff --git a/monitor/misc.c b/monitor/misc.c
index 32e6a8c13d..7eba3a6fce 100644
--- a/monitor/misc.c
+++ b/monitor/misc.c
@@ -824,8 +824,8 @@ static void hmp_sum(Monitor *mon, const QDict *qdict)
sum = 0;
for(addr = start; addr < (start + size); addr++) {
-uint8_t val = address_space_ldub(&address_space_memory, addr,
- MEMTXATTRS_UNSPECIFIED, NULL);
+uint8_t val;
+cpu_physical_memory_read_debug(addr, &val, 1);
/* BSD sum algorithm ('sum' Unix command) */
sum = (sum >> 1) | (sum << 15);
sum += val;
diff --git a/softmmu/cpus.c b/softmmu/cpus.c
index e46ac68ad0..79817330b7 100644
--- a/softmmu/cpus.c
+++ b/softmmu/cpus.c
@@ -779,7 +779,7 @@ void qmp_pmemsave(int64_t addr, int64_t size, const char
*filename,
l = sizeof(buf);
if (l > size)
l = size;
-cpu_physical_memory_read(addr, buf, l);
+cpu_physical_memory_read_debug(addr, buf, l);
if (fwrite(buf, 1, l, f) != l) {
error_setg(errp, QERR_IO_ERROR);
goto exit;
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 7abae3c8df..9ca9c677a5 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -79,7 +79,7 @@ static void tlb_info_32(Monitor *mon, CPUArchState *env)
pgd = env->cr[3] & ~0xfff;
for(l1 = 0; l1 < 1024; l1++) {
-cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
+cpu_physical_memory_read_debug(pgd + l1 * 4, &pde, 4);
pde = le32_to_cpu(pde);
if (pde & PG_PRESENT_MASK) {
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -87,7 +87,8 @@ static void tlb_info_32(Monitor *mon, CPUArchState *env)
print_pte(mon, env, (l1 << 22), pde, ~((1 << 21) - 1));
} else {
for(l2 = 0; l2 < 1024; l2++) {
-cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
+cpu_physical_memory_read_debug((pde & ~0xfff) + l2 * 4,
+ &pte, 4);
pte = le32_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 22) + (l2 << 12),
@@ -108,12 +109,12 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState
*env)
pdp_addr = env->cr[3] & ~0x1f;
for (l1 = 0; l1 < 4; l1++) {
-cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
+cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3f000ULL;
for (l2 = 0; l2 < 512; l2++) {
-cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
+cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
pde = le64_to_cpu(pde);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
@@ -123,7 +124,8 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3f000ULL;
for (l3 = 0; l3 < 512; l3++) {
-cpu_physical_memory_read(pt_addr + l3 * 8, &pte,
8);
+cpu_physical_memory_read_debug(pt_addr + l3 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 30) + (l2 << 21)
@@ -148,7 +150,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
uint64_t pdp_addr, pd_addr, pt_addr;
for (l1 = 0; l1 < 512; l1++) {
-cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
if (!(pml4e & PG_PRESENT_MASK)) {
continue;
@@ -156,7 +158,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pdp_addr = pml4e & 0x3f000ULL;
for (l2 = 0; l2 < 512; l2++) {
-cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
if (!(pdpe & PG_PRESENT_MASK)) {
continue;
@@ -171,7 +173,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pd_addr = pdpe & 0x3f000ULL;
for (l3 = 0; l3 < 5
[PATCH 01/11] memattrs: add debug attribute
From: Brijesh Singh
From: Brijesh Singh
Extend the MemTxAttrs to include a 'debug' flag. The flag can be used as
general indicator that operation was triggered by the debugger.
A subsequent patch will set the debug=1 when issuing a memory access
from the gdbstub or HMP commands. This is a prerequisite to support
debugging an encrypted guest. When a request with debug=1 is seen, the
encryption APIs will be used to access the guest memory.
Signed-off-by: Brijesh Singh
Signed-off-by: Ashish Kalra
---
include/exec/memattrs.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
index 95f2d20d55..c8b56389d6 100644
--- a/include/exec/memattrs.h
+++ b/include/exec/memattrs.h
@@ -49,6 +49,8 @@ typedef struct MemTxAttrs {
unsigned int target_tlb_bit0 : 1;
unsigned int target_tlb_bit1 : 1;
unsigned int target_tlb_bit2 : 1;
+/* Memory access request from the debugger */
+unsigned int debug:1;
} MemTxAttrs;
/* Bus masters which don't specify any attributes will get this,
--
2.17.1
Re: [PATCH 7/7] scsi: move host_status handling into SCSI drivers
On 16/11/20 19:40, Hannes Reinecke wrote:
+if (sreq->host_status == SCSI_HOST_OK) {
+SCSISense sense;
+
+sreq->status = scsi_sense_from_host_status(sreq->host_status, &sense);
+if (sreq->status == CHECK_CONDITION) {
+scsi_req_build_sense(sreq, sense);
+}
+}
Should be != of course.
Paolo
[PATCH 05/11] exec: add debug version of physical memory read and write API
From: Brijesh Singh
Adds the following new APIs
- cpu_physical_memory_read_debug
- cpu_physical_memory_write_debug
- cpu_physical_memory_rw_debug
- ldl_phys_debug
- ldq_phys_debug
The subsequent patch will make use of the API introduced, to ensure
that the page table walks are handled correctly when debugging an
SEV guest.
Signed-off-by: Brijesh Singh
Signed-off-by: Ashish Kalra
---
include/exec/cpu-common.h | 15 +
softmmu/physmem.c | 47 +++
2 files changed, 62 insertions(+)
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index 19805ed6db..d2089e6873 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -71,11 +71,26 @@ size_t qemu_ram_pagesize_largest(void);
void cpu_physical_memory_rw(hwaddr addr, void *buf,
hwaddr len, bool is_write);
+void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t *buf,
+ int len, int is_write);
static inline void cpu_physical_memory_read(hwaddr addr,
void *buf, hwaddr len)
{
cpu_physical_memory_rw(addr, buf, len, false);
}
+static inline void cpu_physical_memory_read_debug(hwaddr addr,
+ void *buf, int len)
+{
+cpu_physical_memory_rw_debug(addr, buf, len, false);
+}
+static inline void cpu_physical_memory_write_debug(hwaddr addr,
+ const void *buf, int len)
+{
+cpu_physical_memory_rw_debug(addr, (void *)buf, len, true);
+}
+uint32_t ldl_phys_debug(CPUState *cpu, hwaddr addr);
+uint64_t ldq_phys_debug(CPUState *cpu, hwaddr addr);
+
static inline void cpu_physical_memory_write(hwaddr addr,
const void *buf, hwaddr len)
{
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
index 2c08624ca8..6945bd5efe 100644
--- a/softmmu/physmem.c
+++ b/softmmu/physmem.c
@@ -3354,6 +3354,53 @@ inline MemTxResult
address_space_write_rom_debug(AddressSpace *as,
return MEMTX_OK;
}
+uint32_t ldl_phys_debug(CPUState *cpu, hwaddr addr)
+{
+MemTxAttrs attrs;
+int asidx = cpu_asidx_from_attrs(cpu, attrs);
+uint32_t val;
+
+/* set debug attrs to indicate memory access is from the debugger */
+attrs.debug = 1;
+
+debug_ops->read(cpu->cpu_ases[asidx].as, addr, attrs,
+(void *) &val, 4);
+
+return tswap32(val);
+}
+
+uint64_t ldq_phys_debug(CPUState *cpu, hwaddr addr)
+{
+MemTxAttrs attrs;
+int asidx = cpu_asidx_from_attrs(cpu, attrs);
+uint64_t val;
+
+/* set debug attrs to indicate memory access is from the debugger */
+attrs.debug = 1;
+
+debug_ops->read(cpu->cpu_ases[asidx].as, addr, attrs,
+(void *) &val, 8);
+return val;
+}
+
+void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t *buf,
+ int len, int is_write)
+{
+MemTxAttrs attrs;
+
+/* set debug attrs to indicate memory access is from the debugger */
+attrs.debug = 1;
+
+if (is_write) {
+debug_ops->write(&address_space_memory, addr,
+ attrs, buf, len);
+} else {
+debug_ops->read(&address_space_memory, addr,
+attrs, buf, len);
+}
+
+}
+
int64_t address_space_cache_init(MemoryRegionCache *cache,
AddressSpace *as,
hwaddr addr,
--
2.17.1
[Bug 1505759] Re: Usb passthrough of devices plugged to AMD FCH USB OHCI Controller failing on q35.
The QEMU project is currently considering to move its bug tracking to another system. For this we need to know which bugs are still valid and which could be closed already. Thus we are setting older bugs to "Incomplete" now. If you still think this bug report here is valid, then please switch the state back to "New" within the next 60 days, otherwise this report will be marked as "Expired". Or mark it as "Fix Released" if the problem has been solved with a newer version of QEMU already. Thank you and sorry for the inconvenience. ** Changed in: qemu Status: New => Incomplete -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1505759 Title: Usb passthrough of devices plugged to AMD FCH USB OHCI Controller failing on q35. Status in QEMU: Incomplete Bug description: I'm trying to setup a q35 vm with windows 7 guest for vga passthrough. The machine works well for this purpose, but the usb devices passed to the vm does not. I receive the following errors on screen: qemu-system-x86_64: libusb_release_interface: -4 [NO_DEVICE] libusb: error [_open_sysfs_attr} open /sys/bus/usb/devices/3-5/bConfigurationValue failed ret=-1 errno=2 qemu-system-x86_64: libusb_release_interface: -4 [NO_DEVICE] libusb: error [_open_sysfs_attr} open /sys/bus/usb/devices/4-1/bConfigurationValue failed ret=-1 errno=2 Disabling IRQ #18 Disabling IRQ #17 And from the system log I can see the following: Oct 13 20:13:25 koalita kernel: vfio-pci :01:00.1: enabling device (0400 -> 0402) Oct 13 20:13:29 koalita kernel: usb 3-5: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:30 koalita kernel: usb 4-1: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:30 koalita kernel: usb 10-2: reset low-speed USB device number 2 using xhci_hcd Oct 13 20:13:31 koalita kernel: usb 10-2: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:31 koalita kernel: usb 10-2: ep 0x1 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:31 koalita kernel: usb 3-5: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:31 koalita kernel: usb 10-2: reset low-speed USB device number 2 using xhci_hcd Oct 13 20:13:32 koalita kernel: usb 10-2: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:32 koalita kernel: usb 10-2: ep 0x1 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:32 koalita kernel: usb 4-1: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:33 koalita kernel: usb 3-5: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:33 koalita kernel: usb 4-1: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:34 koalita kernel: usb 3-5: reset low-speed USB device number 2 using ohci-pci Oct 13 20:13:34 koalita kernel: usb 10-2: reset low-speed USB device number 2 using xhci_hcd Oct 13 20:13:35 koalita kernel: usb 10-2: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:35 koalita kernel: usb 10-2: ep 0x1 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:35 koalita kernel: usb 10-2: reset low-speed USB device number 2 using xhci_hcd Oct 13 20:13:35 koalita kernel: usb 10-2: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes Oct 13 20:13:35 koalita kernel: usb 10-2: ep 0x1 - rounding interval to 64 microframes, ep desc says 80 microframes I tried to any combination of usb devices, and even disabling the ICH9 usb devices to make the setup looks close to the 440fx machine that is working for me. Version of qemu is 2.2.1(all newer versions fails on usb passthrough, even in 440fx machines), and kernel is 4.1.8. The script to launch it is the following: qemu-system-x86_64 -enable-kvm -M q35 -vga none -cpu host -smp 3,cores=3,threads=1 -m 6144 \ -L /usr/x86_64-pc-linux-gnu/usr/share/qemu \ -nodefaults -nodefconfig \ -device ioh3420,multifunction=on,id=pcie \ -device vfio-pci,host=01:00.0,addr=1c.0,x-vga=on,multifunction=on,bus=pcie \ -device vfio-pci,host=01:00.1,addr=1c.1,bus=pcie \ -netdev user,id=user.0 -device virtio-net-pci,netdev=user.0 \ -device usb-ehci,id=ehci -device nec-usb-xhci,id=xhci \ -usb -usbdevice host:03f0:134a -usbdevice host:03f0:0024 -usbdevice host:0079:0006 \ -drive file=q35_win7.img,format=raw,cache=none,aio=native,if=virtio Thanks! To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1505759/+subscriptions
[PATCH 5/7] scsi: Add mapping for generic SCSI_HOST status to sense codes
As we don't have a driver-specific mapping (yet) we should provide
for a detailed mapping from host_status to SCSI sense codes.
Signed-off-by: Hannes Reinecke
---
scsi/utils.c | 60 +++-
1 file changed, 55 insertions(+), 5 deletions(-)
diff --git a/scsi/utils.c b/scsi/utils.c
index 262ef1c3ea..ae68881184 100644
--- a/scsi/utils.c
+++ b/scsi/utils.c
@@ -252,6 +252,21 @@ const struct SCSISense sense_code_LUN_COMM_FAILURE = {
.key = ABORTED_COMMAND, .asc = 0x08, .ascq = 0x00
};
+/* Command aborted, LUN does not respond to selection */
+const struct SCSISense sense_code_LUN_NOT_RESPONDING = {
+.key = ABORTED_COMMAND, .asc = 0x05, .ascq = 0x00
+};
+
+/* Command aborted, Command Timeout during processing */
+const struct SCSISense sense_code_COMMAND_TIMEOUT = {
+.key = ABORTED_COMMAND, .asc = 0x2e, .ascq = 0x02
+};
+
+/* Command aborted, Commands cleared by device server */
+const struct SCSISense sense_code_COMMAND_ABORTED = {
+.key = ABORTED_COMMAND, .asc = 0x2f, .ascq = 0x02
+};
+
/* Medium Error, Unrecovered read error */
const struct SCSISense sense_code_READ_ERROR = {
.key = MEDIUM_ERROR, .asc = 0x11, .ascq = 0x00
@@ -568,6 +583,14 @@ int sg_io_sense_from_errno(int errno_value, struct
sg_io_hdr *io_hdr,
switch (errno_value) {
case EDOM:
return TASK_SET_FULL;
+case EBADE:
+return RESERVATION_CONFLICT;
+case ENODATA:
+*sense = SENSE_CODE(READ_ERROR);
+return CHECK_CONDITION;
+case EREMOTEIO:
+*sense = SENSE_CODE(LUN_COMM_FAILURE);
+return CHECK_CONDITION;
case ENOMEM:
*sense = SENSE_CODE(TARGET_FAILURE);
return CHECK_CONDITION;
@@ -576,14 +599,41 @@ int sg_io_sense_from_errno(int errno_value, struct
sg_io_hdr *io_hdr,
return CHECK_CONDITION;
}
} else {
-if (io_hdr->host_status == SCSI_HOST_NO_LUN ||
-io_hdr->host_status == SCSI_HOST_BUSY ||
-io_hdr->host_status == SCSI_HOST_TIME_OUT ||
-(io_hdr->driver_status & SG_ERR_DRIVER_TIMEOUT)) {
+switch (io_hdr->host_status) {
+case SCSI_HOST_NO_LUN:
+*sense = SENSE_CODE(LUN_NOT_RESPONDING);
+return CHECK_CONDITION;
+case SCSI_HOST_BUSY:
return BUSY;
-} else if (io_hdr->host_status) {
+case SCSI_HOST_TIME_OUT:
+*sense = SENSE_CODE(COMMAND_TIMEOUT);
+return CHECK_CONDITION;
+case SCSI_HOST_BAD_RESPONSE:
+*sense = SENSE_CODE(LUN_COMM_FAILURE);
+return CHECK_CONDITION;
+case SCSI_HOST_ABORTED:
+*sense = SENSE_CODE(COMMAND_ABORTED);
+return CHECK_CONDITION;
+case SCSI_HOST_RESET:
+*sense = SENSE_CODE(RESET);
+return CHECK_CONDITION;
+case SCSI_HOST_TRANSPORT_DISRUPTED:
*sense = SENSE_CODE(I_T_NEXUS_LOSS);
return CHECK_CONDITION;
+case SCSI_HOST_TARGET_FAILURE:
+*sense = SENSE_CODE(TARGET_FAILURE);
+return CHECK_CONDITION;
+case SCSI_HOST_RESERVATION_ERROR:
+return RESERVATION_CONFLICT;
+case SCSI_HOST_ALLOCATION_FAILURE:
+*sense = SENSE_CODE(SPACE_ALLOC_FAILED);
+return CHECK_CONDITION;
+case SCSI_HOST_MEDIUM_ERROR:
+*sense = SENSE_CODE(READ_ERROR);
+return CHECK_CONDITION;
+}
+if (io_hdr->driver_status & SG_ERR_DRIVER_TIMEOUT) {
+return BUSY;
} else if (io_hdr->status) {
return io_hdr->status;
} else if (io_hdr->driver_status & SG_ERR_DRIVER_SENSE) {
--
2.16.4
Re: [PATCH 5/7] scsi: Add mapping for generic SCSI_HOST status to sense codes
On 16/11/20 19:40, Hannes Reinecke wrote: +case SCSI_HOST_TARGET_FAILURE: +*sense = SENSE_CODE(TARGET_FAILURE); +return CHECK_CONDITION; +case SCSI_HOST_RESERVATION_ERROR: +return RESERVATION_CONFLICT; +case SCSI_HOST_ALLOCATION_FAILURE: +*sense = SENSE_CODE(SPACE_ALLOC_FAILED); +return CHECK_CONDITION; +case SCSI_HOST_MEDIUM_ERROR: +*sense = SENSE_CODE(READ_ERROR); +return CHECK_CONDITION; Can these actually be visible to userspace? I'd rather avoid having them in QEMU if possible. Otherwise, the patches are completely sensible. Paolo
[PATCH 04/11] exec: Add address_space_read and address_space_write debug helpers.
From: Ashish Kalra
Add new address_space_read and address_space_write debug helper
interfaces which can be invoked by vendor specific guest memory
debug assist/hooks to do guest RAM memory accesses using the
added MemoryRegion callbacks.
Signed-off-by: Ashish Kalra
---
include/exec/memory.h | 10 +
softmmu/physmem.c | 88 +++
2 files changed, 98 insertions(+)
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 2fb4193358..74f2dcec00 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -2432,6 +2432,16 @@ typedef struct MemoryDebugOps {
void address_space_set_debug_ops(const MemoryDebugOps *ops);
+MemTxResult address_space_write_rom_debug(AddressSpace *as,
+ hwaddr addr,
+ MemTxAttrs attrs,
+ const void *ptr,
+ hwaddr len);
+
+MemTxResult address_space_read_debug(AddressSpace *as, hwaddr addr,
+ MemTxAttrs attrs, void *buf,
+ hwaddr len);
+
static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
{
if (is_write) {
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
index 057d6d4ce1..2c08624ca8 100644
--- a/softmmu/physmem.c
+++ b/softmmu/physmem.c
@@ -3266,6 +3266,94 @@ void cpu_physical_memory_unmap(void *buffer, hwaddr len,
#define RCU_READ_UNLOCK(...) rcu_read_unlock()
#include "memory_ldst.c.inc"
+MemTxResult address_space_read_debug(AddressSpace *as, hwaddr addr,
+ MemTxAttrs attrs, void *ptr,
+ hwaddr len)
+{
+uint64_t val;
+MemoryRegion *mr;
+hwaddr l = len;
+hwaddr addr1;
+MemTxResult result = MEMTX_OK;
+bool release_lock = false;
+uint8_t *buf = ptr;
+uint8_t *ram_ptr;
+
+for (;;) {
+RCU_READ_LOCK_GUARD();
+mr = address_space_translate(as, addr, &addr1, &l, false, attrs);
+if (!memory_access_is_direct(mr, false)) {
+/* I/O case */
+release_lock |= prepare_mmio_access(mr);
+l = memory_access_size(mr, l, addr1);
+result |= memory_region_dispatch_read(mr, addr1, &val,
+ size_memop(l), attrs);
+stn_he_p(buf, l, val);
+} else {
+/* RAM case */
+fuzz_dma_read_cb(addr, l, mr, false);
+ram_ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
+if (attrs.debug && mr->ram_debug_ops) {
+mr->ram_debug_ops->read(buf, ram_ptr, l, attrs);
+} else {
+memcpy(buf, ram_ptr, l);
+}
+result = MEMTX_OK;
+}
+if (release_lock) {
+qemu_mutex_unlock_iothread();
+release_lock = false;
+}
+
+len -= l;
+buf += l;
+addr += l;
+
+if (!len) {
+break;
+}
+l = len;
+}
+return result;
+}
+
+inline MemTxResult address_space_write_rom_debug(AddressSpace *as,
+ hwaddr addr,
+ MemTxAttrs attrs,
+ const void *ptr,
+ hwaddr len)
+{
+hwaddr l;
+uint8_t *ram_ptr;
+hwaddr addr1;
+MemoryRegion *mr;
+const uint8_t *buf = ptr;
+
+RCU_READ_LOCK_GUARD();
+while (len > 0) {
+l = len;
+mr = address_space_translate(as, addr, &addr1, &l, true, attrs);
+
+if (!(memory_region_is_ram(mr) ||
+ memory_region_is_romd(mr))) {
+l = memory_access_size(mr, l, addr1);
+} else {
+/* ROM/RAM case */
+ram_ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
+if (attrs.debug && mr->ram_debug_ops) {
+mr->ram_debug_ops->write(ram_ptr, buf, l, attrs);
+} else {
+memcpy(ram_ptr, buf, l);
+}
+invalidate_and_set_dirty(mr, addr1, l);
+}
+len -= l;
+buf += l;
+addr += l;
+}
+return MEMTX_OK;
+}
+
int64_t address_space_cache_init(MemoryRegionCache *cache,
AddressSpace *as,
hwaddr addr,
--
2.17.1
[PATCH 09/11] hw/i386: set ram_debug_ops when memory encryption is enabled
From: Brijesh Singh
When memory encryption is enabled, the guest RAM and boot flash ROM will
contain the encrypted data. By setting the debug ops allow us to invoke
encryption APIs when accessing the memory for the debug purposes.
Signed-off-by: Brijesh Singh
Signed-off-by: Ashish Kalra
---
hw/i386/pc.c | 9 +
hw/i386/pc_sysfw.c | 6 ++
2 files changed, 15 insertions(+)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 5e6c0023e0..dfb63cd686 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -913,6 +913,15 @@ void pc_memory_init(PCMachineState *pcms,
e820_add_entry(0x1ULL, x86ms->above_4g_mem_size, E820_RAM);
}
+/*
+ * When memory encryption is enabled, the guest RAM will be encrypted with
+ * a guest unique key. Set the debug ops so that any debug access to the
+ * guest RAM will go through the memory encryption APIs.
+ */
+if (kvm_memcrypt_enabled()) {
+kvm_memcrypt_set_debug_ops_memory_region(*ram_memory);
+}
+
if (!pcmc->has_reserved_memory &&
(machine->ram_slots ||
(machine->maxram_size > machine->ram_size))) {
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index b6c0822fe3..9f90c9d761 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -209,6 +209,12 @@ static void pc_system_flash_map(PCMachineState *pcms,
error_report("failed to encrypt pflash rom");
exit(1);
}
+
+/*
+ * The pflash ROM is encrypted, set the debug ops so that any
+ * debug accesses will use memory encryption APIs.
+ */
+kvm_memcrypt_set_debug_ops_memory_region(flash_mem);
}
}
}
--
2.17.1
[PATCH 1/7] scsi-disk: Add sg_io callback to evaluate status
Add a separate sg_io callback to allow us to evaluate the various
states returned by the SG_IO ioctl.
Signed-off-by: Hannes Reinecke
---
hw/scsi/scsi-disk.c | 28 ++--
1 file changed, 22 insertions(+), 6 deletions(-)
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index dd23a38d6a..5d6c892f29 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -76,7 +76,6 @@ typedef struct SCSIDiskReq {
struct iovec iov;
QEMUIOVector qiov;
BlockAcctCookie acct;
-unsigned char *status;
} SCSIDiskReq;
#define SCSI_DISK_F_REMOVABLE 0
@@ -188,7 +187,7 @@ static bool scsi_disk_req_check_error(SCSIDiskReq *r, int
ret, bool acct_failed)
return true;
}
-if (ret < 0 || (r->status && *r->status)) {
+if (ret < 0 || r->req.status) {
return scsi_handle_rw_error(r, -ret, acct_failed);
}
@@ -452,11 +451,11 @@ static bool scsi_handle_rw_error(SCSIDiskReq *r, int
error, bool acct_failed)
* whether the error has to be handled by the guest or should
rather
* pause the host.
*/
-assert(r->status && *r->status);
+assert(r->req.status);
if (scsi_sense_buf_is_guest_recoverable(r->req.sense,
sizeof(r->req.sense))) {
/* These errors are handled by guest. */
sdc->update_sense(&r->req);
-scsi_req_complete(&r->req, *r->status);
+scsi_req_complete(&r->req, r->req.status);
return true;
}
error = scsi_sense_buf_to_errno(r->req.sense,
sizeof(r->req.sense));
@@ -2688,8 +2687,24 @@ typedef struct SCSIBlockReq {
/* CDB passed to SG_IO. */
uint8_t cdb[16];
+BlockCompletionFunc *cb;
+void *cb_opaque;
} SCSIBlockReq;
+static void scsi_block_sgio_complete(void *opaque, int ret)
+{
+SCSIBlockReq *req = (SCSIBlockReq *)opaque;
+SCSIDiskReq *r = &req->req;
+SCSISense sense;
+
+r->req.status = sg_io_sense_from_errno(-ret, &req->io_header, &sense);
+if (r->req.status == CHECK_CONDITION &&
+req->io_header.status != CHECK_CONDITION)
+scsi_req_build_sense(&r->req, sense);
+
+req->cb(req->cb_opaque, ret);
+}
+
static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
int64_t offset, QEMUIOVector *iov,
int direction,
@@ -2768,9 +2783,11 @@ static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
io_header->timeout = s->qdev.io_timeout * 1000;
io_header->usr_ptr = r;
io_header->flags |= SG_FLAG_DIRECT_IO;
+req->cb = cb;
+req->cb_opaque = opaque;
trace_scsi_disk_aio_sgio_command(r->req.tag, req->cdb[0], lba,
nb_logical_blocks, io_header->timeout);
-aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque);
+aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header,
scsi_block_sgio_complete, req);
assert(aiocb != NULL);
return aiocb;
}
@@ -2884,7 +2901,6 @@ static int32_t scsi_block_dma_command(SCSIRequest *req,
uint8_t *buf)
return 0;
}
-r->req.status = &r->io_header.status;
return scsi_disk_dma_command(req, buf);
}
--
2.16.4
[PATCH 03/11] exec: add ram_debug_ops support
From: Brijesh Singh
From: Brijesh Singh
Currently, guest memory access for debugging purposes is performed using
memcpy(). Extend the 'struct MemoryRegion' to include new callbacks that
can be used to override the use of memcpy() with something else.
The new callbacks can be used to display the guest memory of an SEV guest
by registering callbacks to the SEV memory encryption/decryption APIs.
Typical usage:
mem_read(uint8_t *dst, uint8_t *src, uint32_t len, MemTxAttrs *attrs);
mem_write(uint8_t *dst, uint8_t *src, uint32_t len, MemTxAttrs *attrs);
MemoryRegionRAMReadWriteOps ops;
ops.read = mem_read;
ops.write = mem_write;
memory_region_init_ram(mem, NULL, "memory", size, NULL);
memory_region_set_ram_debug_ops(mem, ops);
Signed-off-by: Brijesh Singh
Signed-off-by: Ashish Kalra
---
include/exec/memory.h | 27 +++
1 file changed, 27 insertions(+)
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 73deb4b456..2fb4193358 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -402,6 +402,18 @@ struct IOMMUMemoryRegionClass {
typedef struct CoalescedMemoryRange CoalescedMemoryRange;
typedef struct MemoryRegionIoeventfd MemoryRegionIoeventfd;
+/* Memory Region RAM debug callback */
+typedef struct MemoryRegionRAMReadWriteOps MemoryRegionRAMReadWriteOps;
+
+struct MemoryRegionRAMReadWriteOps {
+/* Write data into guest memory */
+int (*write) (uint8_t *dest, const uint8_t *src,
+ uint32_t len, MemTxAttrs attrs);
+/* Read data from guest memory */
+int (*read) (uint8_t *dest, const uint8_t *src,
+ uint32_t len, MemTxAttrs attrs);
+};
+
/** MemoryRegion:
*
* A struct representing a memory region.
@@ -445,6 +457,7 @@ struct MemoryRegion {
const char *name;
unsigned ioeventfd_nb;
MemoryRegionIoeventfd *ioeventfds;
+const MemoryRegionRAMReadWriteOps *ram_debug_ops;
};
struct IOMMUMemoryRegion {
@@ -1060,6 +1073,20 @@ void memory_region_init_rom_nomigrate(MemoryRegion *mr,
uint64_t size,
Error **errp);
+/**
+ * memory_region_set_ram_debug_ops: Set access ops for a give memory region.
+ *
+ * @mr: the #MemoryRegion to be initialized
+ * @ops: a function that will be used when accessing @target region during
+ * debug
+ */
+static inline void
+memory_region_set_ram_debug_ops(MemoryRegion *mr,
+const MemoryRegionRAMReadWriteOps *ops)
+{
+mr->ram_debug_ops = ops;
+}
+
/**
* memory_region_init_rom_device_nomigrate: Initialize a ROM memory region.
* Writes are handled via callbacks.
--
2.17.1
[PATCH 11/11] target/i386: clear C-bit when walking SEV guest page table
From: Brijesh Singh
In SEV-enabled guest the pte entry will have C-bit set, we need to clear
the C-bit when walking the page table.
This ensures that the proper page address translation occurs and, with the
C-bit reset, the true physical address is got.
The pte_mask to be used during guest page table walk is added as a
vendor specific assist/hook as part of the new MemoryDebugOps and
available via the new debug API interface cpu_physical_memory_pte_mask_debug().
Signed-off-by: Brijesh Singh
Signed-off-by: Ashish Kalra
---
include/exec/cpu-common.h | 3 ++
include/exec/memory.h | 1 +
softmmu/physmem.c | 13 +++-
target/i386/monitor.c | 70 +--
target/i386/sev.c | 3 +-
5 files changed, 63 insertions(+), 27 deletions(-)
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index d2089e6873..3374573d39 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -96,6 +96,9 @@ static inline void cpu_physical_memory_write(hwaddr addr,
{
cpu_physical_memory_rw(addr, (void *)buf, len, true);
}
+
+uint64_t cpu_physical_memory_pte_mask_debug(void);
+
void *cpu_physical_memory_map(hwaddr addr,
hwaddr *plen,
bool is_write);
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 74f2dcec00..ebe8ffc1eb 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -2428,6 +2428,7 @@ typedef struct MemoryDebugOps {
MemTxResult (*write)(AddressSpace *as, hwaddr phys_addr,
MemTxAttrs attrs, const void *buf,
hwaddr len);
+uint64_t (*pte_mask)(void);
} MemoryDebugOps;
void address_space_set_debug_ops(const MemoryDebugOps *ops);
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
index 6945bd5efe..fc6b5588fc 100644
--- a/softmmu/physmem.c
+++ b/softmmu/physmem.c
@@ -166,9 +166,15 @@ struct DirtyBitmapSnapshot {
unsigned long dirty[];
};
+static uint64_t address_space_pte_mask(void)
+{
+return ~0;
+}
+
static const MemoryDebugOps default_debug_ops = {
.read = address_space_read,
-.write = address_space_write_rom
+.write = address_space_write_rom,
+.pte_mask = address_space_pte_mask
};
static const MemoryDebugOps *debug_ops = &default_debug_ops;
@@ -3401,6 +3407,11 @@ void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t
*buf,
}
+uint64_t cpu_physical_memory_pte_mask_debug(void)
+{
+return debug_ops->pte_mask();
+}
+
int64_t address_space_cache_init(MemoryRegionCache *cache,
AddressSpace *as,
hwaddr addr,
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 9ca9c677a5..c73cac04cb 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -106,16 +106,20 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState
*env)
unsigned int l1, l2, l3;
uint64_t pdpe, pde, pte;
uint64_t pdp_addr, pd_addr, pt_addr;
+uint64_t me_mask;
+
+me_mask = cpu_physical_memory_pte_mask_debug();
pdp_addr = env->cr[3] & ~0x1f;
+pdp_addr &= me_mask;
for (l1 = 0; l1 < 4; l1++) {
cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
-pdpe = le64_to_cpu(pdpe);
+pdpe = le64_to_cpu(pdpe & me_mask);
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3f000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
-pde = le64_to_cpu(pde);
+pde = le64_to_cpu(pde & me_mask);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
/* 2M pages with PAE, CR4.PSE is ignored */
@@ -126,7 +130,7 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pt_addr + l3 * 8,
&pte, 8);
-pte = le64_to_cpu(pte);
+pte = le64_to_cpu(pte & me_mask);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 30) + (l2 << 21)
+ (l3 << 12),
@@ -148,10 +152,13 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
uint64_t l1, l2, l3, l4;
uint64_t pml4e, pdpe, pde, pte;
uint64_t pdp_addr, pd_addr, pt_addr;
+uint64_t me_mask;
+
+me_mask = cpu_physical_memory_pte_mask_debug();
for (l1 = 0; l1 < 512; l1++) {
cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
-pml4e = le64_to_cpu(pml4e);
+pml4e = le64_to_cpu(pml4e & me_mask);
if (!(pml4e & PG_PRESENT_MASK)) {
continue;
}
@@ -159,7 +166,7 @@ static void tlb_info_la48(Monitor
[PATCH 08/11] sev/i386: add debug encrypt and decrypt commands
From: Brijesh Singh
The KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are used for
decrypting and encrypting guest memory. The command works only if the
guest policy allows the debugging.
Signed-off-by: Brijesh Singh
Signed-off-by: Ashish Kalra
---
accel/kvm/kvm-all.c | 2 ++
accel/kvm/sev-stub.c | 4 +++
include/sysemu/sev.h | 1 +
target/i386/sev.c| 58
target/i386/trace-events | 1 +
5 files changed, 66 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index ae85f53e7d..042205e3e1 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2232,6 +2232,8 @@ static int kvm_init(MachineState *ms)
}
kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
+kvm_state->memcrypt_debug_ops_memory_region =
+sev_set_debug_ops_memory_region;
}
ret = kvm_arch_init(ms, s);
diff --git a/accel/kvm/sev-stub.c b/accel/kvm/sev-stub.c
index 4f97452585..3f1f0ef217 100644
--- a/accel/kvm/sev-stub.c
+++ b/accel/kvm/sev-stub.c
@@ -15,6 +15,10 @@
#include "qemu-common.h"
#include "sysemu/sev.h"
+void sev_set_debug_ops_memory_region(void *handle, MemoryRegion *mr)
+{
+}
+
int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
{
abort();
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index 98c1ec8d38..6c37247915 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -18,4 +18,5 @@
void *sev_guest_init(const char *id);
int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len);
+void sev_set_debug_ops_memory_region(void *handle, MemoryRegion *mr);
#endif
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 93c4d60b82..3036fb3e43 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -72,6 +72,8 @@ struct SevGuestState {
static SevGuestState *sev_guest;
static Error *sev_mig_blocker;
+static MemoryRegionRAMReadWriteOps sev_ops;
+
static const char *const sev_fw_errlist[] = {
"",
"Platform state is invalid",
@@ -679,6 +681,46 @@ sev_vm_state_change(void *opaque, int running, RunState
state)
}
}
+static int
+sev_dbg_enc_dec(uint8_t *dst, const uint8_t *src, uint32_t len, bool write)
+{
+int ret, error;
+struct kvm_sev_dbg dbg;
+
+dbg.src_uaddr = (unsigned long)src;
+dbg.dst_uaddr = (unsigned long)dst;
+dbg.len = len;
+
+trace_kvm_sev_debug(write ? "encrypt" : "decrypt", src, dst, len);
+ret = sev_ioctl(sev_guest->sev_fd,
+write ? KVM_SEV_DBG_ENCRYPT : KVM_SEV_DBG_DECRYPT,
+&dbg, &error);
+if (ret) {
+error_report("%s (%s) 0x%llx->0x%llx+0x%x ret=%d fw_error=%d '%s'",
+ __func__, write ? "write" : "read", dbg.src_uaddr,
+ dbg.dst_uaddr, dbg.len, ret, error,
+ fw_error_to_str(error));
+}
+
+return ret;
+}
+
+static int
+sev_mem_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
+{
+assert(attrs.debug);
+
+return sev_dbg_enc_dec(dst, src, len, false);
+}
+
+static int
+sev_mem_write(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
+{
+assert(attrs.debug);
+
+return sev_dbg_enc_dec(dst, src, len, true);
+}
+
void *
sev_guest_init(const char *id)
{
@@ -785,6 +827,22 @@ sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
return 0;
}
+void
+sev_set_debug_ops_memory_region(void *handle, MemoryRegion *mr)
+{
+SevGuestState *s = handle;
+
+/* If policy does not allow debug then no need to register ops */
+if (s->policy & SEV_POLICY_NODBG) {
+return;
+}
+
+sev_ops.read = sev_mem_read;
+sev_ops.write = sev_mem_write;
+
+memory_region_set_ram_debug_ops(mr, &sev_ops);
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 789c700d4a..f91213c5e9 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -15,3 +15,4 @@ kvm_sev_launch_start(int policy, void *session, void *pdh)
"policy 0x%x session
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
kvm_sev_launch_measurement(const char *value) "data %s"
kvm_sev_launch_finish(void) ""
+kvm_sev_debug(const char *op, const uint8_t *src, uint8_t *dst, int len) "(%s)
src %p dst %p len %d"
--
2.17.1
[Bug 1784919] Re: native libgfapi glusterfs support for virtio 9p filesystem passthrough
** Changed in: qemu Importance: Undecided => Wishlist -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1784919 Title: native libgfapi glusterfs support for virtio 9p filesystem passthrough Status in QEMU: New Bug description: I can add block devices on glusterfs natively to my virtual machines since qemu 1.3 I would like to see the same feature for virtio 9p filesystems added on my VM. Accessing a filesystem mounted on the Metal is my favorite solution for storage that is to be shared between more than one VM. But because my VMs are not running as root, they are not able to passthrough userids and gids to gluster-fuse. uid mapping is also not possible because no xattr support. So all I can do is either setting up seperate NFS Servers to bring the Filesystem in via Network, or to start qemu as root or to add fuse_xattr on top of glusterfs_fuse. I do expect however that the fastest and most relieable solution is to make something like this possible: -fsdev local,id=test_dev,path=gluster://this.node/test_mount,security_model=passthrough -device virtio-9p-pci,fsdev=test_dev,mount_tag=test_mount regards Hans To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1784919/+subscriptions
[PATCH 07/11] kvm: introduce debug memory encryption API
From: Brijesh Singh
In order to support debugging with Secure Encrypted Virtualization (SEV),
add a high-level memory encryption API.
Also add a new API interface to override any CPU class specific callbacks
for supporting debugging with SEV, for example, overriding the guest MMU/
page-table walker callback.
Signed-off-by: Brijesh Singh
Signed-off-by: Ashish Kalra
---
accel/kvm/kvm-all.c| 19 +++
accel/stubs/kvm-stub.c | 8
include/sysemu/kvm.h | 15 +++
3 files changed, 42 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 9ef5daf4c5..ae85f53e7d 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -123,6 +123,8 @@ struct KVMState
/* memory encryption */
void *memcrypt_handle;
int (*memcrypt_encrypt_data)(void *handle, uint8_t *ptr, uint64_t len);
+void (*memcrypt_debug_ops_memory_region)(void *handle, MemoryRegion *mr);
+void (*memcrypt_debug_ops_cpu_state)(void *handle, CPUState *cpu);
/* For "info mtree -f" to tell if an MR is registered in KVM */
int nr_as;
@@ -222,6 +224,23 @@ int kvm_get_max_memslots(void)
return s->nr_slots;
}
+void kvm_memcrypt_set_debug_ops_memory_region(MemoryRegion *mr)
+{
+if (kvm_state->memcrypt_handle &&
+kvm_state->memcrypt_debug_ops_memory_region) {
+kvm_state->memcrypt_debug_ops_memory_region(kvm_state->memcrypt_handle,
+mr);
+}
+}
+
+void kvm_memcrypt_set_debug_ops_cpu_state(CPUState *cs)
+{
+if (kvm_state->memcrypt_handle &&
+kvm_state->memcrypt_debug_ops_cpu_state) {
+kvm_state->memcrypt_debug_ops_cpu_state(kvm_state->memcrypt_handle,
cs);
+}
+}
+
bool kvm_memcrypt_enabled(void)
{
if (kvm_state && kvm_state->memcrypt_handle) {
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index 680e099463..bf93431e46 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -91,6 +91,14 @@ int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len)
return 1;
}
+void kvm_memcrypt_set_debug_ops_memory_region(MemoryRegion *mr)
+{
+}
+
+void kvm_memcrypt_set_debug_ops_cpu_state(CPUState *cs)
+{
+}
+
#ifndef CONFIG_USER_ONLY
int kvm_irqchip_add_msi_route(KVMState *s, int vector, PCIDevice *dev)
{
diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
index bb5d5cf497..1bde2e3d71 100644
--- a/include/sysemu/kvm.h
+++ b/include/sysemu/kvm.h
@@ -470,6 +470,21 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *env,
uint32_t function,
uint32_t index, int reg);
uint64_t kvm_arch_get_supported_msr_feature(KVMState *s, uint32_t index);
+/**
+ * kvm_memcrypt_set_debug_ram_ops: set debug_ram_ops callback
+ *
+ * When debug_ram_ops is set, debug access to this memory region will use
+ * memory encryption APIs.
+ */
+void kvm_memcrypt_set_debug_ops_memory_region(MemoryRegion *mr);
+
+/**
+ * kvm_memcrypt_set_debug_ops_cpu_state: override cpu_class callbacks
+ *
+ * This interface allows vendor specific debug ops to override any
+ * cpu_class callbacks.
+ */
+void kvm_memcrypt_set_debug_ops_cpu_state(CPUState *cs);
void kvm_set_sigmask_len(KVMState *s, unsigned int sigmask_len);
--
2.17.1
[PATCH 0/3] scsi: infinite guest hangs with scsi-disk
Hi all, one of our customers reported an infinite guest hang following an FC link loss when using scsi-disk. Problem is that scsi-disk issues SG_IO command with a timeout of UINT_MAX, which essentially signals 'no timeout' to the host kernel. So if the command gets lost eg during an unexpected link loss the HBA driver will never attempt to abort or return the command. Hence the guest will hang forever, and the only way to resolve things is to reboot the host. To solve it this patchset adds an 'io_timeout' parameter to scsi-disk and scsi-generic, which allows the admin to specify a command timeout for SG_IO request. It is initialized to 30 seconds to avoid the infinite hang as mentioned above. As usual, comments and reviews are welcome. Hannes Reinecke (3): virtio-scsi: trace events scsi: make io_timeout configurable scsi: add tracing for SG_IO commands hw/scsi/scsi-disk.c| 9 ++--- hw/scsi/scsi-generic.c | 25 ++--- hw/scsi/trace-events | 13 + hw/scsi/virtio-scsi.c | 30 +- include/hw/scsi/scsi.h | 4 +++- 5 files changed, 69 insertions(+), 12 deletions(-) -- 2.16.4
[Bug 1809291] Re: SD Card not working in Ubuntu 18.10 (CMD 2, 3 timeout). The device worked fine in Ubuntu 18.04 and earlier versions but not in Ubuntu 18.10
The test expects the card wired as SPI, so adding "-global sd- card.spi=true" makes the test case work. ** Changed in: qemu Status: Confirmed => Invalid -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1809291 Title: SD Card not working in Ubuntu 18.10 (CMD 2,3 timeout). The device worked fine in Ubuntu 18.04 and earlier versions but not in Ubuntu 18.10 Status in QEMU: Invalid Bug description: ARM PL181 MMC card no longer working in qemu-system-arm in Ubuntu 18.10 The MMC driver code worked fine in Ubuntu 15.10 to 18.04. The command to run qemu-system-arm is qemu-system-arm -M versatilepb -m 256M -sd sdimage -kernel t.bin -serial mon:stdio During SDC initialization, SDC commands 2, 3, 9, 13, 7, 16 all timeout, which cause subsequent read/write commands 17/24 to fail also. Tried both ARM versatilepb and realview-pb-a8, realview-pbx-a9 boards: all the same. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1809291/+subscriptions
[PATCH 02/11] exec: Add new MemoryDebugOps.
From: Ashish Kalra
Introduce new MemoryDebugOps which hook into guest virtual and physical
memory debug interfaces such as cpu_memory_rw_debug, to allow vendor specific
assist/hooks for debugging and delegating accessing the guest memory.
This is required for example in case of AMD SEV platform where the guest
memory is encrypted and a SEV specific debug assist/hook will be required
to access the guest memory.
The MemoryDebugOps are used by cpu_memory_rw_debug() and default to
address_space_read and address_space_write_rom.
Signed-off-by: Ashish Kalra
---
include/exec/memory.h | 11 +++
softmmu/physmem.c | 24
2 files changed, 31 insertions(+), 4 deletions(-)
diff --git a/include/exec/memory.h b/include/exec/memory.h
index aff6ef7605..73deb4b456 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -2394,6 +2394,17 @@ MemTxResult
address_space_write_cached_slow(MemoryRegionCache *cache,
hwaddr addr, const void *buf,
hwaddr len);
+typedef struct MemoryDebugOps {
+MemTxResult (*read)(AddressSpace *as, hwaddr phys_addr,
+MemTxAttrs attrs, void *buf,
+hwaddr len);
+MemTxResult (*write)(AddressSpace *as, hwaddr phys_addr,
+ MemTxAttrs attrs, const void *buf,
+ hwaddr len);
+} MemoryDebugOps;
+
+void address_space_set_debug_ops(const MemoryDebugOps *ops);
+
static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
{
if (is_write) {
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
index a9adedb9f8..057d6d4ce1 100644
--- a/softmmu/physmem.c
+++ b/softmmu/physmem.c
@@ -166,6 +166,18 @@ struct DirtyBitmapSnapshot {
unsigned long dirty[];
};
+static const MemoryDebugOps default_debug_ops = {
+.read = address_space_read,
+.write = address_space_write_rom
+};
+
+static const MemoryDebugOps *debug_ops = &default_debug_ops;
+
+void address_space_set_debug_ops(const MemoryDebugOps *ops)
+{
+debug_ops = ops;
+}
+
static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
{
static unsigned alloc_hint = 16;
@@ -3407,6 +3419,10 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
page = addr & TARGET_PAGE_MASK;
phys_addr = cpu_get_phys_page_attrs_debug(cpu, page, &attrs);
asidx = cpu_asidx_from_attrs(cpu, attrs);
+
+/* set debug attrs to indicate memory access is from the debugger */
+attrs.debug = 1;
+
/* if no physical page mapped, return an error */
if (phys_addr == -1)
return -1;
@@ -3415,11 +3431,11 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong
addr,
l = len;
phys_addr += (addr & ~TARGET_PAGE_MASK);
if (is_write) {
-res = address_space_write_rom(cpu->cpu_ases[asidx].as, phys_addr,
- attrs, buf, l);
+res = debug_ops->write(cpu->cpu_ases[asidx].as, phys_addr,
+ attrs, buf, l);
} else {
-res = address_space_read(cpu->cpu_ases[asidx].as, phys_addr,
- attrs, buf, l);
+res = debug_ops->read(cpu->cpu_ases[asidx].as, phys_addr,
+ attrs, buf, l);
}
if (res != MEMTX_OK) {
return -1;
--
2.17.1
[PATCH 7/7] scsi: move host_status handling into SCSI drivers
Some SCSI drivers like virtio have an internal mapping for the
host_status. This patch moves the host_status translation into
the SCSI drivers to allow those drivers to set up the correct
values.
Signed-off-by: Hannes Reinecke
---
hw/scsi/esp.c | 10 ++
hw/scsi/lsi53c895a.c | 11 +++
hw/scsi/megasas.c | 9 +
hw/scsi/mptsas.c | 9 +
hw/scsi/scsi-disk.c| 10 --
hw/scsi/scsi-generic.c | 8 +++-
hw/scsi/spapr_vscsi.c | 12 +++-
hw/scsi/virtio-scsi.c | 41 +++--
hw/scsi/vmw_pvscsi.c | 25 +
include/hw/scsi/scsi.h | 3 ++-
10 files changed, 123 insertions(+), 15 deletions(-)
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
index 93d9c9c7b9..fc88cfac23 100644
--- a/hw/scsi/esp.c
+++ b/hw/scsi/esp.c
@@ -28,6 +28,8 @@
#include "migration/vmstate.h"
#include "hw/irq.h"
#include "hw/scsi/esp.h"
+#include "scsi/utils.h"
+#include "scsi/constants.h"
#include "trace.h"
#include "qemu/log.h"
#include "qemu/module.h"
@@ -489,6 +491,14 @@ void esp_command_complete(SCSIRequest *req, size_t resid)
{
ESPState *s = req->hba_private;
+if (req->host_status != SCSI_HOST_OK) {
+SCSISense sense;
+
+req->status = scsi_sense_from_host_status(req->host_status, &sense);
+if (req->status == CHECK_CONDITION) {
+scsi_req_build_sense(req, sense);
+}
+}
if (s->rregs[ESP_RSTAT] & STAT_INT) {
/* Defer handling command complete until the previous
* interrupt has been handled.
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index a4e58580e4..b6aa98c95a 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -18,6 +18,8 @@
#include "hw/irq.h"
#include "hw/pci/pci.h"
#include "hw/scsi/scsi.h"
+#include "scsi/utils.h"
+#include "scsi/constants.h"
#include "migration/vmstate.h"
#include "sysemu/dma.h"
#include "qemu/log.h"
@@ -792,6 +794,15 @@ static void lsi_command_complete(SCSIRequest *req, size_t
resid)
LSIState *s = LSI53C895A(req->bus->qbus.parent);
int out;
+if (req->host_status != SCSI_HOST_OK) {
+SCSISense sense;
+
+req->status = scsi_sense_from_host_status(req->host_status, &sense);
+if (req->status == CHECK_CONDITION) {
+scsi_req_build_sense(req, sense);
+}
+}
+
out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
trace_lsi_command_complete(req->status);
s->status = req->status;
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 35867dbd40..1f7d806ffa 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -1857,6 +1857,15 @@ static void megasas_command_complete(SCSIRequest *req,
size_t resid)
MegasasCmd *cmd = req->hba_private;
uint8_t cmd_status = MFI_STAT_OK;
+if (req->host_status != SCSI_HOST_OK) {
+SCSISense sense;
+
+req->status = scsi_sense_from_host_status(req->host_status, &sense);
+if (req->status == CHECK_CONDITION) {
+scsi_req_build_sense(req, sense);
+}
+}
+
trace_megasas_command_complete(cmd->index, req->status, resid);
if (req->io_canceled) {
diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
index d4fbfb2da7..be3875ce94 100644
--- a/hw/scsi/mptsas.c
+++ b/hw/scsi/mptsas.c
@@ -1143,6 +1143,15 @@ static void mptsas_command_complete(SCSIRequest *sreq,
hwaddr sense_buffer_addr = req->dev->sense_buffer_high_addr |
req->scsi_io.SenseBufferLowAddr;
+if (sreq->host_status == SCSI_HOST_OK) {
+SCSISense sense;
+
+sreq->status = scsi_sense_from_host_status(sreq->host_status, &sense);
+if (sreq->status == CHECK_CONDITION) {
+scsi_req_build_sense(sreq, sense);
+}
+}
+
trace_mptsas_command_complete(s, req->scsi_io.MsgContext,
sreq->status, resid);
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 6eb0aa3d27..c0cb63707d 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -1840,7 +1840,7 @@ static void scsi_disk_emulate_write_data(SCSIRequest *req)
case VERIFY_10:
case VERIFY_12:
case VERIFY_16:
-if (r->req.status == -1) {
+if (r->req.status == GOOD) {
scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
}
break;
@@ -2122,7 +2122,7 @@ static int32_t scsi_disk_emulate_command(SCSIRequest
*req, uint8_t *buf)
}
illegal_request:
-if (r->req.status == -1) {
+if (r->req.status == GOOD) {
scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
}
return 0;
@@ -2697,10 +2697,8 @@ static void scsi_block_sgio_complete(void *opaque, int
ret)
scsi_req_build_sense(&r->req, sense);
} else if (status == GOOD &&
io_hdr.host_status != SCSI_HOST_OK) {
-status = scsi_sense_from_host_status(io_hdr.host_status, &sense);
-if (status == CHECK_CONDITION) {
-scsi_req_build_sense
[PATCH 3/7] scsi-disk: convert more errno values back to SCSI statuses
From: Paolo Bonzini Linux has some OS-specific (and sometimes weird) mappings for various SCSI statuses and sense codes. The most important is probably RESERVATION CONFLICT. Add them so that they can be reported back to the guest kernel. Cc: Hannes Reinecke Signed-off-by: Paolo Bonzini --- hw/scsi/scsi-disk.c | 19 +++ 1 file changed, 19 insertions(+) diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index 5d6c892f29..797779afd6 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -460,6 +460,25 @@ static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed) } error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense)); break; +#ifdef CONFIG_LINUX +/* These errno mapping are specific to Linux. For more information: + * - scsi_decide_disposition in drivers/scsi/scsi_error.c + * - scsi_result_to_blk_status in drivers/scsi/scsi_lib.c + * - blk_errors[] in block/blk-core.c + */ +case EBADE: +/* DID_NEXUS_FAILURE -> BLK_STS_NEXUS. */ +scsi_req_complete(&r->req, RESERVATION_CONFLICT); +break; +case ENODATA: +/* DID_MEDIUM_ERROR -> BLK_STS_MEDIUM. */ +scsi_check_condition(r, SENSE_CODE(READ_ERROR)); +break; +case EREMOTEIO: +/* DID_TARGET_FAILURE -> BLK_STS_TARGET. */ +scsi_req_complete(&r->req, HARDWARE_ERROR); +break; +#endif case ENOMEDIUM: scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); break; -- 2.16.4
[Bug 1743214] Re: OS/2 Warp 3 support broken in 2.11
The QEMU project is currently considering to move its bug tracking to another system. For this we need to know which bugs are still valid and which could be closed already. Thus we are setting older bugs to "Incomplete" now. If you still think this bug report here is valid, then please switch the state back to "New" within the next 60 days, otherwise this report will be marked as "Expired". Or mark it as "Fix Released" if the problem has been solved with a newer version of QEMU already. Thank you and sorry for the inconvenience. ** Changed in: qemu Status: New => Incomplete -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1743214 Title: OS/2 Warp 3 support broken in 2.11 Status in QEMU: Incomplete Bug description: Hello, I used to run OS/2 Warp 3 on QEMU with the following command line: qemu-system-i386 -vga cirrus -soundhw sb16 -hda os2warp3v2.img -boot c. It runs OK on QEMU 2.10, but immediately gives TRAP 0006 (invalid opcode?) on QEMU 2.11 (see screenshot). If it is important I have Fixpack 40 and GRADD installed in OS/2. Here is the image: https://drive.google.com/open?id=15umPecy7JlPLKUP6520MB_87CfrCDWO5 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1743214/+subscriptions
[PATCH 4/7] scsi: Rename linux-specific SG_ERR codes to generic SCSI_HOST error codes
We really should make a distinction between legitimate sense codes
(ie if one is running against an emulated block device or for
pass-through sense codes), and the intermediate errors generated
during processing of the command, which really are not sense codes
but refer to some specific internal status. And this internal
state is not necessarily linux-specific, but rather can refer to
the qemu implementation itself.
So rename the linux-only SG_ERR codes to SCSI_HOST codes and make
them available generally.
Signed-off-by: Hannes Reinecke
---
include/scsi/utils.h | 23 ---
scsi/utils.c | 6 +++---
2 files changed, 19 insertions(+), 10 deletions(-)
diff --git a/include/scsi/utils.h b/include/scsi/utils.h
index fbc5588279..a55ba2c1ea 100644
--- a/include/scsi/utils.h
+++ b/include/scsi/utils.h
@@ -16,6 +16,22 @@ enum SCSIXferMode {
SCSI_XFER_TO_DEV,/* WRITE, MODE_SELECT, ... */
};
+enum SCSIHostStatus {
+SCSI_HOST_OK,
+SCSI_HOST_NO_LUN,
+SCSI_HOST_BUSY,
+SCSI_HOST_TIME_OUT,
+SCSI_HOST_BAD_RESPONSE,
+SCSI_HOST_ABORTED,
+SCSI_HOST_ERROR = 0x07,
+SCSI_HOST_RESET = 0x08,
+SCSI_HOST_TRANSPORT_DISRUPTED = 0xe,
+SCSI_HOST_TARGET_FAILURE = 0x10,
+SCSI_HOST_RESERVATION_ERROR = 0x11,
+SCSI_HOST_ALLOCATION_FAILURE = 0x12,
+SCSI_HOST_MEDIUM_ERROR = 0x13,
+};
+
typedef struct SCSICommand {
uint8_t buf[SCSI_CMD_BUF_SIZE];
int len;
@@ -122,13 +138,6 @@ int scsi_cdb_length(uint8_t *buf);
#define SG_ERR_DRIVER_TIMEOUT 0x06
#define SG_ERR_DRIVER_SENSE0x08
-#define SG_ERR_DID_OK 0x00
-#define SG_ERR_DID_NO_CONNECT 0x01
-#define SG_ERR_DID_BUS_BUSY0x02
-#define SG_ERR_DID_TIME_OUT0x03
-
-#define SG_ERR_DRIVER_SENSE0x08
-
int sg_io_sense_from_errno(int errno_value, struct sg_io_hdr *io_hdr,
SCSISense *sense);
#endif
diff --git a/scsi/utils.c b/scsi/utils.c
index b37c283014..262ef1c3ea 100644
--- a/scsi/utils.c
+++ b/scsi/utils.c
@@ -576,9 +576,9 @@ int sg_io_sense_from_errno(int errno_value, struct
sg_io_hdr *io_hdr,
return CHECK_CONDITION;
}
} else {
-if (io_hdr->host_status == SG_ERR_DID_NO_CONNECT ||
-io_hdr->host_status == SG_ERR_DID_BUS_BUSY ||
-io_hdr->host_status == SG_ERR_DID_TIME_OUT ||
+if (io_hdr->host_status == SCSI_HOST_NO_LUN ||
+io_hdr->host_status == SCSI_HOST_BUSY ||
+io_hdr->host_status == SCSI_HOST_TIME_OUT ||
(io_hdr->driver_status & SG_ERR_DRIVER_TIMEOUT)) {
return BUSY;
} else if (io_hdr->host_status) {
--
2.16.4
[PATCH 2/7] scsi: drop 'result' argument from command_complete callback
The command complete callback has a SCSIRequest as the first argument,
and the status field of that structure is identical to the 'status'
argument. So drop the argument from the callback.
Signed-off-by: Hannes Reinecke
---
hw/scsi/esp-pci.c | 5 ++---
hw/scsi/esp.c | 7 +++
hw/scsi/lsi53c895a.c | 6 +++---
hw/scsi/megasas.c | 6 ++
hw/scsi/mptsas.c | 5 +++--
hw/scsi/scsi-bus.c | 2 +-
hw/scsi/spapr_vscsi.c | 10 +-
hw/scsi/virtio-scsi.c | 5 ++---
hw/scsi/vmw_pvscsi.c | 4 ++--
hw/usb/dev-storage.c | 6 +++---
hw/usb/dev-uas.c | 7 +++
include/hw/scsi/esp.h | 2 +-
include/hw/scsi/scsi.h | 2 +-
13 files changed, 31 insertions(+), 36 deletions(-)
diff --git a/hw/scsi/esp-pci.c b/hw/scsi/esp-pci.c
index 2ce96dc56e..4d7c2cab56 100644
--- a/hw/scsi/esp-pci.c
+++ b/hw/scsi/esp-pci.c
@@ -329,13 +329,12 @@ static const VMStateDescription vmstate_esp_pci_scsi = {
}
};
-static void esp_pci_command_complete(SCSIRequest *req, uint32_t status,
- size_t resid)
+static void esp_pci_command_complete(SCSIRequest *req, size_t resid)
{
ESPState *s = req->hba_private;
PCIESPState *pci = container_of(s, PCIESPState, esp);
-esp_command_complete(req, status, resid);
+esp_command_complete(req, resid);
pci->dma_regs[DMA_WBC] = 0;
pci->dma_regs[DMA_STAT] |= DMA_STAT_DONE;
}
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
index b84e0fe33e..93d9c9c7b9 100644
--- a/hw/scsi/esp.c
+++ b/hw/scsi/esp.c
@@ -485,8 +485,7 @@ static void esp_report_command_complete(ESPState *s,
uint32_t status)
}
}
-void esp_command_complete(SCSIRequest *req, uint32_t status,
- size_t resid)
+void esp_command_complete(SCSIRequest *req, size_t resid)
{
ESPState *s = req->hba_private;
@@ -495,11 +494,11 @@ void esp_command_complete(SCSIRequest *req, uint32_t
status,
* interrupt has been handled.
*/
trace_esp_command_complete_deferred();
-s->deferred_status = status;
+s->deferred_status = req->status;
s->deferred_complete = true;
return;
}
-esp_report_command_complete(s, status);
+esp_report_command_complete(s, req->status);
}
void esp_transfer_data(SCSIRequest *req, uint32_t len)
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index 7d13c7dc1c..a4e58580e4 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -787,14 +787,14 @@ static int lsi_queue_req(LSIState *s, SCSIRequest *req,
uint32_t len)
}
/* Callback to indicate that the SCSI layer has completed a command. */
-static void lsi_command_complete(SCSIRequest *req, uint32_t status, size_t
resid)
+static void lsi_command_complete(SCSIRequest *req, size_t resid)
{
LSIState *s = LSI53C895A(req->bus->qbus.parent);
int out;
out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
-trace_lsi_command_complete(status);
-s->status = status;
+trace_lsi_command_complete(req->status);
+s->status = req->status;
s->command_complete = 2;
if (s->waiting && s->dbc != 0) {
/* Raise phase mismatch for short transfers. */
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index e24c12d7ee..35867dbd40 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -1852,13 +1852,12 @@ static void megasas_xfer_complete(SCSIRequest *req,
uint32_t len)
}
}
-static void megasas_command_complete(SCSIRequest *req, uint32_t status,
- size_t resid)
+static void megasas_command_complete(SCSIRequest *req, size_t resid)
{
MegasasCmd *cmd = req->hba_private;
uint8_t cmd_status = MFI_STAT_OK;
-trace_megasas_command_complete(cmd->index, status, resid);
+trace_megasas_command_complete(cmd->index, req->status, resid);
if (req->io_canceled) {
return;
@@ -1873,7 +1872,6 @@ static void megasas_command_complete(SCSIRequest *req,
uint32_t status,
return;
}
} else {
-req->status = status;
trace_megasas_scsi_complete(cmd->index, req->status,
cmd->iov_size, req->cmd.xfer);
if (req->status != GOOD) {
diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
index 135e7d96e4..d4fbfb2da7 100644
--- a/hw/scsi/mptsas.c
+++ b/hw/scsi/mptsas.c
@@ -1133,7 +1133,7 @@ static QEMUSGList *mptsas_get_sg_list(SCSIRequest *sreq)
}
static void mptsas_command_complete(SCSIRequest *sreq,
-uint32_t status, size_t resid)
+size_t resid)
{
MPTSASRequest *req = sreq->hba_private;
MPTSASState *s = req->dev;
@@ -1143,7 +1143,8 @@ static void mptsas_command_complete(SCSIRequest *sreq,
hwaddr sense_buffer_addr = req->dev->sense_buffer_high_addr |
req->scsi_io.SenseBufferLowAddr;
-trace_mptsas_command_complete(s, req->scsi_io.MsgContext, status, resid);
+trace_mptsas_command_complete(s, req->scsi_io.MsgContext,
+
[PATCH 6/7] scsi: split sg_io_sense_from_errno() in two functions
Currently sg_io_sense_from_errno() converts the two input parameters
'errno' and 'io_hdr' into sense code and SCSI status. This patch
splits this off into two functions scsi_sense_from_errno() and
scsi_sense_from_host_status(), both of which are available generically.
This allows us to use the function scsi_sense_from_errno() in
scsi-disk.c instead of the switch statement, allowing us to consolidate
the errno handling.
Signed-off-by: Hannes Reinecke
---
hw/scsi/scsi-disk.c| 72 +++--
hw/scsi/scsi-generic.c | 19 +--
include/scsi/utils.h | 6 +--
scsi/qemu-pr-helper.c | 14 +++--
scsi/utils.c | 139 ++---
5 files changed, 134 insertions(+), 116 deletions(-)
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 797779afd6..6eb0aa3d27 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -445,8 +445,7 @@ static bool scsi_handle_rw_error(SCSIDiskReq *r, int error,
bool acct_failed)
if (acct_failed) {
block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
}
-switch (error) {
-case 0:
+if (error == 0) {
/* A passthrough command has run and has produced sense data; check
* whether the error has to be handled by the guest or should
rather
* pause the host.
@@ -459,41 +458,16 @@ static bool scsi_handle_rw_error(SCSIDiskReq *r, int
error, bool acct_failed)
return true;
}
error = scsi_sense_buf_to_errno(r->req.sense,
sizeof(r->req.sense));
-break;
-#ifdef CONFIG_LINUX
-/* These errno mapping are specific to Linux. For more
information:
- * - scsi_decide_disposition in drivers/scsi/scsi_error.c
- * - scsi_result_to_blk_status in drivers/scsi/scsi_lib.c
- * - blk_errors[] in block/blk-core.c
- */
-case EBADE:
-/* DID_NEXUS_FAILURE -> BLK_STS_NEXUS. */
-scsi_req_complete(&r->req, RESERVATION_CONFLICT);
-break;
-case ENODATA:
-/* DID_MEDIUM_ERROR -> BLK_STS_MEDIUM. */
-scsi_check_condition(r, SENSE_CODE(READ_ERROR));
-break;
-case EREMOTEIO:
-/* DID_TARGET_FAILURE -> BLK_STS_TARGET. */
-scsi_req_complete(&r->req, HARDWARE_ERROR);
-break;
-#endif
-case ENOMEDIUM:
-scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
-break;
-case ENOMEM:
-scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
-break;
-case EINVAL:
-scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
-break;
-case ENOSPC:
-scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
-break;
-default:
-scsi_check_condition(r, SENSE_CODE(IO_ERROR));
-break;
+} else {
+SCSISense sense;
+int status;
+
+status = scsi_sense_from_errno(error, &sense);
+if (status == CHECK_CONDITION)
+scsi_build_sense(r->req.sense, sense);
+sdc->update_sense(&r->req);
+scsi_req_complete(&r->req, status);
+return true;
}
}
@@ -2714,13 +2688,29 @@ static void scsi_block_sgio_complete(void *opaque, int
ret)
{
SCSIBlockReq *req = (SCSIBlockReq *)opaque;
SCSIDiskReq *r = &req->req;
+sg_io_hdr_t io_hdr = req->io_header;
SCSISense sense;
+int status;
-r->req.status = sg_io_sense_from_errno(-ret, &req->io_header, &sense);
-if (r->req.status == CHECK_CONDITION &&
-req->io_header.status != CHECK_CONDITION)
+status = scsi_sense_from_errno(-ret, &sense);
+if (status == CHECK_CONDITION) {
scsi_req_build_sense(&r->req, sense);
-
+} else if (status == GOOD &&
+ io_hdr.host_status != SCSI_HOST_OK) {
+status = scsi_sense_from_host_status(io_hdr.host_status, &sense);
+if (status == CHECK_CONDITION) {
+scsi_req_build_sense(&r->req, sense);
+}
+} else if (io_hdr.status == CHECK_CONDITION ||
+ io_hdr.driver_status & SG_ERR_DRIVER_SENSE) {
+status = CHECK_CONDITION;
+r->req.sense_len = io_hdr.sb_len_wr;
+} else if (io_hdr.driver_status & SG_ERR_DRIVER_TIMEOUT) {
+status = BUSY;
+} else if (io_hdr.status) {
+status = io_hdr.status;
+}
+r->req.status = status;
req->cb(req->cb_opaque, ret);
}
diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c
index 8687336438..a2b85678b5 100644
--- a/hw/scsi/scsi-generic.c
+++ b/hw/scsi/scsi-generic.c
@@ -74,6 +74,7 @@ static void scsi_command_complete_noio(SCSIGenericReq *r, int
ret)
{
int status;
SCSISense sense;
+sg_io_hdr_t io_hdr = r->io_header;
assert(r->req.aiocb == NULL);
@@ -81,13 +82,23 @@ static void scsi_command_co
Re: [PATCH for-5.2] configure: Make "does libgio work" test pull in some actual functions
On 16/11/20 11:46, Peter Maydell wrote:
In commit 76346b6264a9b01979 we tried to add a configure check that
the libgio pkg-config data was correct, which builds an executable
linked against it. Unfortunately this doesn't catch the problem
(missing static library dependency info), because a "do nothing" test
source file doesn't have any symbol references that cause the linker
to pull in .o files from libgio.a, and so we don't see the "missing
symbols from libmount" error that a full QEMU link triggers.
(The ineffective test went unnoticed because of a typo that
effectively disabled libgio unconditionally, but after commit
3569a5dfc11f2 fixed that, a static link of the system emulator on
Ubuntu stopped working again.)
Improve the gio test by having the test source fragment reference a
g_dbus function (which is what is indirectly causing us to end up
wanting functions from libmount).
Signed-off-by: Peter Maydell
---
The ideal thing here might perhaps be to force the linker to
pull in everything in the library rather than trusting that
this particular function is sufficient to trigger the need
for libmount functions, but annoyingly gcc and clang
have different command line options to do that.
configure | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/configure b/configure
index 4cef321d9dc..2717cf1db0a 100755
--- a/configure
+++ b/configure
@@ -3512,8 +3512,15 @@ if $pkg_config --atleast-version=$glib_req_ver gio-2.0;
then
# Check that the libraries actually work -- Ubuntu 18.04 ships
# with pkg-config --static --libs data for gio-2.0 that is missing
# -lblkid and will give a link error.
-write_c_skeleton
-if compile_prog "" "$gio_libs" ; then
+cat > $TMPC <
+int main(void)
+{
+g_dbus_proxy_new_sync(0, 0, 0, 0, 0, 0, 0, 0);
+return 0;
+}
+EOF
+if compile_prog "$gio_cflags" "$gio_libs" ; then
gio=yes
else
gio=no
Looks good,
Reviewed-by: Paolo Bonzini
Paolo
[PATCH 0/7] scsi: scsi-disk corrupts data
Hi all, a customer of ours reported repeated data corruption in the guest following a command abort. After lengthy debugging we found that scsi-disk (and scsi-generic, for that matter) ignores the host_status field from SG_IO once a command is aborted. If the command is aborted, SG_IO will return with a SCSI status 'GOOD', and host_status 'DID_TIME_OUT'. scsi-disk will now ignore the DID_TIME_OUT setting, and just report the SCSI status back to the guest. The guest will then assume everything is okay and not retry the command, leading to the data corruption. This patchset moves the (linux only) SG_ERR host_status codes to generic code as SCSI_HOST values, and adds a host_status field to SCSIRequest. With that some drivers like virtio_scsi can interpret the host_status code and map it onto it driver-specific status. This status is then visible to the guest, which then is able to take appropriate action. As usual, comments and reviews are welcome. Hannes Reinecke (6): scsi-disk: Add sg_io callback to evaluate status scsi: drop 'result' argument from command_complete callback scsi: Rename linux-specific SG_ERR codes to generic SCSI_HOST error codes scsi: Add mapping for generic SCSI_HOST status to sense codes scsi: split sg_io_sense_from_errno() in two functions scsi: move host_status handling into SCSI drivers Paolo Bonzini (1): scsi-disk: convert more errno values back to SCSI statuses hw/scsi/esp-pci.c | 5 +-- hw/scsi/esp.c | 17 +-- hw/scsi/lsi53c895a.c | 17 +-- hw/scsi/megasas.c | 15 +-- hw/scsi/mptsas.c | 14 +- hw/scsi/scsi-bus.c | 2 +- hw/scsi/scsi-disk.c| 75 --- hw/scsi/scsi-generic.c | 21 ++--- hw/scsi/spapr_vscsi.c | 20 ++--- hw/scsi/virtio-scsi.c | 44 -- hw/scsi/vmw_pvscsi.c | 29 +++- hw/usb/dev-storage.c | 6 +-- hw/usb/dev-uas.c | 7 ++- include/hw/scsi/esp.h | 2 +- include/hw/scsi/scsi.h | 5 ++- include/scsi/utils.h | 29 +++- scsi/qemu-pr-helper.c | 14 -- scsi/utils.c | 119 - 18 files changed, 328 insertions(+), 113 deletions(-) -- 2.16.4
