[PATCH v2 1/2] hw/misc: Implementating dummy AST2600 I3C model

[Troy Lee]

Introduce a dummy AST2600 I3C model.

Aspeed 2600 SDK enables I3C support by default.  The I3C driver will try
to reset the device controller and setup through device address table
register.  This dummy model response these register with default value
listed on ast2600v10 datasheet chapter 54.2.  If the device address
table register doesn't set correctly, it will cause guest machine kernel
panic due to reference to invalid address.

v2:
- Split i3c model into i3c and i3c_device
- Create 6x i3c devices
- Using register fields macro

Signed-off-by: Troy Lee 
---
 hw/misc/aspeed_i3c.c | 410 +++
 hw/misc/meson.build  |   1 +
 hw/misc/trace-events |   6 +
 include/hw/misc/aspeed_i3c.h |  57 +
 4 files changed, 474 insertions(+)
 create mode 100644 hw/misc/aspeed_i3c.c
 create mode 100644 include/hw/misc/aspeed_i3c.h

diff --git a/hw/misc/aspeed_i3c.c b/hw/misc/aspeed_i3c.c
new file mode 100644
index 00..16a4f2d4e4
--- /dev/null
+++ b/hw/misc/aspeed_i3c.c
@@ -0,0 +1,410 @@
+/*
+ * ASPEED I3C Controller
+ *
+ * Copyright (C) 2021 ASPEED Technology Inc.
+ *
+ * This code is licensed under the GPL version 2 or later.  See
+ * the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "qemu/error-report.h"
+#include "hw/misc/aspeed_i3c.h"
+#include "hw/registerfields.h"
+#include "hw/qdev-properties.h"
+#include "qapi/error.h"
+#include "migration/vmstate.h"
+#include "trace.h"
+
+/* I3C Controller Registers */
+REG32(I3C1_REG0, 0x10)
+REG32(I3C1_REG1, 0x14)
+FIELD(I3C1_REG1, I2C_MODE,  0,  1)
+FIELD(I3C1_REG1, SA_EN, 15, 1)
+REG32(I3C2_REG0, 0x20)
+REG32(I3C2_REG1, 0x24)
+FIELD(I3C2_REG1, I2C_MODE,  0,  1)
+FIELD(I3C2_REG1, SA_EN, 15, 1)
+REG32(I3C3_REG0, 0x30)
+REG32(I3C3_REG1, 0x34)
+FIELD(I3C3_REG1, I2C_MODE,  0,  1)
+FIELD(I3C3_REG1, SA_EN, 15, 1)
+REG32(I3C4_REG0, 0x40)
+REG32(I3C4_REG1, 0x44)
+FIELD(I3C4_REG1, I2C_MODE,  0,  1)
+FIELD(I3C4_REG1, SA_EN, 15, 1)
+REG32(I3C5_REG0, 0x50)
+REG32(I3C5_REG1, 0x54)
+FIELD(I3C5_REG1, I2C_MODE,  0,  1)
+FIELD(I3C5_REG1, SA_EN, 15, 1)
+REG32(I3C6_REG0, 0x60)
+REG32(I3C6_REG1, 0x64)
+FIELD(I3C6_REG1, I2C_MODE,  0,  1)
+FIELD(I3C6_REG1, SA_EN, 15, 1)
+
+/* I3C Device Registers */
+REG32(DEVICE_CTRL,  0x00)
+REG32(DEVICE_ADDR,  0x04)
+REG32(HW_CAPABILITY,0x08)
+REG32(COMMAND_QUEUE_PORT,   0x0c)
+REG32(RESPONSE_QUEUE_PORT,  0x10)
+REG32(RX_TX_DATA_PORT,  0x14)
+REG32(IBI_QUEUE_STATUS, 0x18)
+REG32(IBI_QUEUE_DATA,   0x18)
+REG32(QUEUE_THLD_CTRL,  0x1c)
+REG32(DATA_BUFFER_THLD_CTRL,0x20)
+REG32(IBI_QUEUE_CTRL,   0x24)
+REG32(IBI_MR_REQ_REJECT,0x2c)
+REG32(IBI_SIR_REQ_REJECT,   0x30)
+REG32(RESET_CTRL,   0x34)
+REG32(SLV_EVENT_CTRL,   0x38)
+REG32(INTR_STATUS,  0x3c)
+REG32(INTR_STATUS_EN,   0x40)
+REG32(INTR_SIGNAL_EN,   0x44)
+REG32(INTR_FORCE,   0x48)
+REG32(QUEUE_STATUS_LEVEL,   0x4c)
+REG32(DATA_BUFFER_STATUS_LEVEL, 0x50)
+REG32(PRESENT_STATE,0x54)
+REG32(CCC_DEVICE_STATUS,0x58)
+REG32(DEVICE_ADDR_TABLE_POINTER,0x5c)
+FIELD(DEVICE_ADDR_TABLE_POINTER, DEPTH, 16, 16)
+FIELD(DEVICE_ADDR_TABLE_POINTER, ADDR,  0,  16)
+REG32(DEV_CHAR_TABLE_POINTER,   0x60)
+REG32(VENDOR_SPECIFIC_REG_POINTER,  0x6c)
+REG32(SLV_MIPI_PID_VALUE,   0x70)
+REG32(SLV_PID_VALUE,0x74)
+REG32(SLV_CHAR_CTRL,0x78)
+REG32(SLV_MAX_LEN,  0x7c)
+REG32(MAX_READ_TURNAROUND,  0x80)
+REG32(MAX_DATA_SPEED,   0x84)
+REG32(SLV_DEBUG_STATUS, 0x88)
+REG32(SLV_INTR_REQ, 0x8c)
+REG32(DEVICE_CTRL_EXTENDED, 0xb0)
+REG32(SCL_I3C_OD_TIMING,0xb4)
+REG32(SCL_I3C_PP_TIMING,0xb8)
+REG32(SCL_I2C_FM_TIMING,0xbc)
+REG32(SCL_I2C_FMP_TIMING,   0xc0)
+REG32(SCL_EXT_LCNT_TIMING,  0xc8)
+REG32(SCL_EXT_TERMN_LCNT_TIMING,0xcc)
+REG32(BUS_FREE_TIMING,  0xd4)
+REG32(BUS_IDLE_TIMING,  0xd8)
+REG32(I3C_VER_ID,   0xe0)
+REG32(I3C_VER_TYPE, 0xe4)
+REG32(EXTENDED_CAPABILITY,  0xe8)
+REG32(SLAVE_CONFIG, 0xec)
+
+static uint64_t aspeed_i3c_device_read(void *opaque, hwaddr offset,
+   unsigned size)
+{
+AspeedI3CDevice *s = ASPEED_I3C_DEVICE(opaque);
+uint32_t addr = offset >> 2;
+uint64_t value;
+
+switch (addr) {
+case R_COMMAND_QUEUE_PORT:
+value = 0;
+break;
+default:
+value = s->regs[addr];
+break;
+}
+
+trace_aspeed_i3c_device_read(s->id, offset, value);
+
+return value;
+}
+
+static void aspeed_i3c_device_write(void 

[PATCH v2] scsi-generic: replace logical block count of response of READ CAPACITY

[Lin Ma]

While using SCSI passthrough, Following scenario makes qemu doesn't
realized the capacity change of remote scsi target:
1. online resize the scsi target.
2. issue 'rescan-scsi-bus.sh -s ...' in host.
3. issue 'rescan-scsi-bus.sh -s ...' in vm.

In above scenario I used to experienced errors while accessing the
additional disk space in vm. I think the reasonable operations should
be:
1. online resize the scsi target.
2. issue 'rescan-scsi-bus.sh -s ...' in host.
3. issue 'block_resize' via qmp to notify qemu.
4. issue 'rescan-scsi-bus.sh -s ...' in vm.

The errors disappear once I notify qemu by block_resize via qmp.

So this patch replaces the number of logical blocks of READ CAPACITY
response from scsi target by qemu's bs->total_sectors. If the user in
vm wants to access the additional disk space, The administrator of
host must notify qemu once resizeing the scsi target.

Bonus is that domblkinfo of libvirt can reflect the consistent capacity
information between host and vm in case of missing block_resize in qemu.
E.g:
...

  
  
  
  
  
  

...

Before:
1. online resize the scsi target.
2. host:~  # rescan-scsi-bus.sh -s /dev/sdc
3. guest:~ # rescan-scsi-bus.sh -s /dev/sda
4  host:~  # virsh domblkinfo --domain $DOMAIN --human --device sda
Capacity:   4.000 GiB
Allocation: 0.000 B
Physical:   8.000 GiB

5. guest:~ # lsblk /dev/sda
NAME   MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda  8:00   8G  0 disk
└─sda1   8:10   2G  0 part

After:
1. online resize the scsi target.
2. host:~  # rescan-scsi-bus.sh -s /dev/sdc
3. guest:~ # rescan-scsi-bus.sh -s /dev/sda
4  host:~  # virsh domblkinfo --domain $DOMAIN --human --device sda
Capacity:   4.000 GiB
Allocation: 0.000 B
Physical:   8.000 GiB

5. guest:~ # lsblk /dev/sda
NAME   MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda  8:00   4G  0 disk
└─sda1   8:10   2G  0 part

Signed-off-by: Lin Ma 
Reviewed-by: Philippe Mathieu-Daudé 
---
 hw/scsi/scsi-generic.c | 18 --
 hw/scsi/trace-events   |  1 +
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c
index 0306ccc7b1..c9b08a9926 100644
--- a/hw/scsi/scsi-generic.c
+++ b/hw/scsi/scsi-generic.c
@@ -256,6 +256,18 @@ static int 
scsi_generic_emulate_block_limits(SCSIGenericReq *r, SCSIDevice *s)
 return r->buflen;
 }
 
+static void refresh_max_lba(SCSIDevice *s)
+{
+BlockBackend *blk = s->conf.blk;
+BlockDriverState *bs = blk_bs(blk);
+uint64_t max_lba = bs->total_sectors - 1;
+
+if (max_lba != s->max_lba) {
+trace_scsi_generic_max_lba_refreshed(s->max_lba, max_lba);
+s->max_lba = max_lba;
+}
+}
+
 static void scsi_read_complete(void * opaque, int ret)
 {
 SCSIGenericReq *r = (SCSIGenericReq *)opaque;
@@ -315,11 +327,13 @@ static void scsi_read_complete(void * opaque, int ret)
 if (r->req.cmd.buf[0] == READ_CAPACITY_10 &&
 (ldl_be_p(>buf[0]) != 0xU || s->max_lba == 0)) {
 s->blocksize = ldl_be_p(>buf[4]);
-s->max_lba = ldl_be_p(>buf[0]) & 0xULL;
+refresh_max_lba(s);
+stl_be_p(>buf[0], s->max_lba);
 } else if (r->req.cmd.buf[0] == SERVICE_ACTION_IN_16 &&
(r->req.cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
 s->blocksize = ldl_be_p(>buf[8]);
-s->max_lba = ldq_be_p(>buf[0]);
+refresh_max_lba(s);
+stq_be_p(>buf[0], s->max_lba);
 }
 blk_set_guest_block_size(s->conf.blk, s->blocksize);
 
diff --git a/hw/scsi/trace-events b/hw/scsi/trace-events
index ae8551f279..44d064a656 100644
--- a/hw/scsi/trace-events
+++ b/hw/scsi/trace-events
@@ -352,3 +352,4 @@ scsi_generic_realize_blocksize(int blocksize) "block size 
%d"
 scsi_generic_aio_sgio_command(uint32_t tag, uint8_t cmd, uint32_t timeout) 
"generic aio sgio: tag=0x%x cmd=0x%x timeout=%u"
 scsi_generic_ioctl_sgio_command(uint8_t cmd, uint32_t timeout) "generic ioctl 
sgio: cmd=0x%x timeout=%u"
 scsi_generic_ioctl_sgio_done(uint8_t cmd, int ret, uint8_t status, uint8_t 
host_status) "generic ioctl sgio: cmd=0x%x ret=%d status=0x%x host_status=0x%x"
+scsi_generic_max_lba_refreshed(uint64_t old_max_lba, uint64_t new_max_lba) 
"old max_lba %" PRIu64 ",new max_lba %" PRIu64
-- 
2.26.2

Re: [PATCH 2/2] hw: timer: ibex_timer: update/add reg address

[Bin Meng]

On Mon, Jan 10, 2022 at 2:13 PM Alistair Francis
 wrote:
>
> From: Wilfred Mallawa 
>
> The following changes:
> 1. Fixes the incorrectly set CTRL register address. As
> per [1] https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table
>
> The CTRL register is @ 0x04.
>
> This was found when attempting to fixup a bug where a timer_interrupt
> was not serviced on TockOS-OpenTitan.
>
> 2. Adds ALERT_TEST register as documented on [1], adding repective
>switch cases to error handle and later implement functionality.
>
> Signed-off-by: Wilfred Mallawa 
> ---
>  hw/timer/ibex_timer.c | 11 ++-
>  1 file changed, 10 insertions(+), 1 deletion(-)
>

Reviewed-by: Bin Meng 

Re: [PATCH v4 11/11] hw/riscv: virt: Add PMU DT node to the device tree

[Bin Meng]

On Fri, Jan 7, 2022 at 10:27 AM Atish Patra  wrote:
>
> Qemu virt machine can support few cache events and cycle/instret counters.
> It also supports counter overflow for these events.
>
> Add a DT node so that OpenSBI/Linux kernel is aware of the virt machine
> capabilities. There are some dummy nodes added for testing as well.
>
> Signed-off-by: Atish Patra 
> Signed-off-by: Atish Patra 
> ---
>  hw/riscv/virt.c| 38 ++
>  target/riscv/pmu.c | 45 +
>  target/riscv/pmu.h |  1 +
>  3 files changed, 84 insertions(+)
>
> diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
> index 3af074148ef4..99154199091c 100644
> --- a/hw/riscv/virt.c
> +++ b/hw/riscv/virt.c
> @@ -28,6 +28,7 @@
>  #include "hw/qdev-properties.h"
>  #include "hw/char/serial.h"
>  #include "target/riscv/cpu.h"
> +#include "target/riscv/pmu.h"
>  #include "hw/riscv/riscv_hart.h"
>  #include "hw/riscv/virt.h"
>  #include "hw/riscv/boot.h"
> @@ -406,6 +407,33 @@ static void create_fdt_socket_plic(RISCVVirtState *s,
>  g_free(plic_cells);
>  }
>
> +static void create_fdt_socket_pmu(RISCVVirtState *s,
> +  int socket, uint32_t *phandle,
> +  uint32_t *intc_phandles)
> +{
> +int cpu;
> +char *pmu_name;
> +uint32_t *pmu_cells;
> +MachineState *mc = MACHINE(s);
> +RISCVCPU hart = s->soc[socket].harts[0];
> +
> +pmu_cells = g_new0(uint32_t, s->soc[socket].num_harts * 2);
> +
> +for (cpu = 0; cpu < s->soc[socket].num_harts; cpu++) {
> +pmu_cells[cpu * 2 + 0] = cpu_to_be32(intc_phandles[cpu]);
> +pmu_cells[cpu * 2 + 1] = cpu_to_be32(IRQ_PMU_OVF);
> +}
> +
> +pmu_name = g_strdup_printf("/soc/pmu");
> +qemu_fdt_add_subnode(mc->fdt, pmu_name);
> +qemu_fdt_setprop_string(mc->fdt, pmu_name, "compatible", "riscv,pmu");
> +riscv_pmu_generate_fdt_node(mc->fdt, hart.cfg.pmu_num, pmu_name);
> +
> +g_free(pmu_name);
> +g_free(pmu_cells);
> +}
> +
> +
>  static void create_fdt_sockets(RISCVVirtState *s, const MemMapEntry *memmap,
> bool is_32_bit, uint32_t *phandle,
> uint32_t *irq_mmio_phandle,
> @@ -417,12 +445,20 @@ static void create_fdt_sockets(RISCVVirtState *s, const 
> MemMapEntry *memmap,
>  uint32_t *intc_phandles;
>  MachineState *mc = MACHINE(s);
>  uint32_t xplic_phandles[MAX_NODES];
> +RISCVCPU hart;
>
>  qemu_fdt_add_subnode(mc->fdt, "/cpus");
>  qemu_fdt_setprop_cell(mc->fdt, "/cpus", "timebase-frequency",
>RISCV_ACLINT_DEFAULT_TIMEBASE_FREQ);
>  qemu_fdt_setprop_cell(mc->fdt, "/cpus", "#size-cells", 0x0);
>  qemu_fdt_setprop_cell(mc->fdt, "/cpus", "#address-cells", 0x1);
> +
> +/* Add the node for isa extensions discovery */
> +qemu_fdt_add_subnode(mc->fdt, "/cpus/riscv,isa-ext");

Looks like the ongoing discussion does not support this idea
https://lore.kernel.org/linux-riscv/20211224211632.1698523-1-ati...@rivosinc.com/

> +hart = s->soc[0].harts[0];
> +if (hart.cfg.ext_sscof) {
> +qemu_fdt_setprop(mc->fdt, "/cpus/riscv,isa-ext", "sscofpmf", NULL, 
> 0);
> +}
>  qemu_fdt_add_subnode(mc->fdt, "/cpus/cpu-map");
>
>  for (socket = (riscv_socket_count(mc) - 1); socket >= 0; socket--) {
> @@ -445,6 +481,8 @@ static void create_fdt_sockets(RISCVVirtState *s, const 
> MemMapEntry *memmap,
>  create_fdt_socket_plic(s, memmap, socket, phandle,
>  intc_phandles, xplic_phandles);
>
> +create_fdt_socket_pmu(s, socket, phandle, intc_phandles);
> +
>  g_free(intc_phandles);
>  g_free(clust_name);
>  }
> diff --git a/target/riscv/pmu.c b/target/riscv/pmu.c
> index 15f161059fb7..b58a09c85616 100644
> --- a/target/riscv/pmu.c
> +++ b/target/riscv/pmu.c
> @@ -19,11 +19,56 @@
>  #include "qemu/osdep.h"
>  #include "cpu.h"
>  #include "pmu.h"
> +#include "sysemu/device_tree.h"
>
>  #define RISCV_TIMEBASE_FREQ 10 /* 1Ghz */
>  #define MAKE_32BIT_MASK(shift, length) \
>  (((uint32_t)(~0UL) >> (32 - (length))) << (shift))
>
> +/**
> + * To keep it simple, any event can be mapped to any programmable counters in
> + * QEMU. The generic cycle & instruction count events can also be monitored
> + * using programmable counters. In that case, mcycle & minstret must continue
> + * to provide the correct value as well. Hetergenous PMU per hart is not

typo of Heterogeneous

> + * supported yet. Thus, number of counters are same across all harts.
> + */
> +void riscv_pmu_generate_fdt_node(void *fdt, int num_ctrs, char *pmu_name)
> +{
> +uint32_t fdt_event_ctr_map[20] = {};
> +uint32_t cmask;
> +
> +/* All the programmable counters can map to any event */
> +cmask = MAKE_32BIT_MASK(3, num_ctrs);
> +
> +   /* SBI_PMU_HW_CPU_CYCLES */
> +   fdt_event_ctr_map[0] = cpu_to_be32(0x0001);
> +   fdt_event_ctr_map[1] = 

[PATCH v2 2/2] hw/arm/aspeed_ast2600: create i3c instance

[Troy Lee]

This patch includes i3c instance in ast2600 soc.

v2: Rebase to mainline QEMU

Signed-off-by: Troy Lee 
---
 hw/arm/aspeed_ast2600.c | 19 ++-
 include/hw/arm/aspeed_soc.h |  3 +++
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/hw/arm/aspeed_ast2600.c b/hw/arm/aspeed_ast2600.c
index e33483fb5d..36aa31601a 100644
--- a/hw/arm/aspeed_ast2600.c
+++ b/hw/arm/aspeed_ast2600.c
@@ -29,7 +29,7 @@ static const hwaddr aspeed_soc_ast2600_memmap[] = {
 [ASPEED_DEV_PWM]   = 0x1E61,
 [ASPEED_DEV_FMC]   = 0x1E62,
 [ASPEED_DEV_SPI1]  = 0x1E63,
-[ASPEED_DEV_SPI2]  = 0x1E641000,
+[ASPEED_DEV_SPI2]  = 0x1E631000,
 [ASPEED_DEV_EHCI1] = 0x1E6A1000,
 [ASPEED_DEV_EHCI2] = 0x1E6A3000,
 [ASPEED_DEV_MII1]  = 0x1E65,
@@ -61,6 +61,7 @@ static const hwaddr aspeed_soc_ast2600_memmap[] = {
 [ASPEED_DEV_UART1] = 0x1E783000,
 [ASPEED_DEV_UART5] = 0x1E784000,
 [ASPEED_DEV_VUART] = 0x1E787000,
+[ASPEED_DEV_I3C]   = 0x1E7A,
 [ASPEED_DEV_SDRAM] = 0x8000,
 };
 
@@ -108,6 +109,7 @@ static const int aspeed_soc_ast2600_irqmap[] = {
 [ASPEED_DEV_ETH4]  = 33,
 [ASPEED_DEV_KCS]   = 138,   /* 138 -> 142 */
 [ASPEED_DEV_DP]= 62,
+[ASPEED_DEV_I3C]   = 102,   /* 102 -> 107 */
 };
 
 static qemu_irq aspeed_soc_get_irq(AspeedSoCState *s, int ctrl)
@@ -223,6 +225,8 @@ static void aspeed_soc_ast2600_init(Object *obj)
 
 snprintf(typename, sizeof(typename), "aspeed.hace-%s", socname);
 object_initialize_child(obj, "hace", >hace, typename);
+
+object_initialize_child(obj, "i3c", >i3c, TYPE_ASPEED_I3C);
 }
 
 /*
@@ -523,6 +527,19 @@ static void aspeed_soc_ast2600_realize(DeviceState *dev, 
Error **errp)
 sysbus_mmio_map(SYS_BUS_DEVICE(>hace), 0, sc->memmap[ASPEED_DEV_HACE]);
 sysbus_connect_irq(SYS_BUS_DEVICE(>hace), 0,
aspeed_soc_get_irq(s, ASPEED_DEV_HACE));
+/* I3C */
+if (!sysbus_realize(SYS_BUS_DEVICE(>i3c), errp)) {
+return;
+}
+sysbus_mmio_map(SYS_BUS_DEVICE(>i3c), 0, sc->memmap[ASPEED_DEV_I3C]);
+sysbus_connect_irq(SYS_BUS_DEVICE(>i3c), 0,
+   aspeed_soc_get_irq(s, ASPEED_DEV_I3C));
+for (i = 0; i < ASPEED_I3C_NR_DEVICES; i++) {
+qemu_irq irq = qdev_get_gpio_in(DEVICE(>a7mpcore),
+sc->irqmap[ASPEED_DEV_I3C] + i);
+/* The AST2600 I3C controller has one IRQ per bus. */
+sysbus_connect_irq(SYS_BUS_DEVICE(>i3c.devices[i]), 0, irq);
+}
 }
 
 static void aspeed_soc_ast2600_class_init(ObjectClass *oc, void *data)
diff --git a/include/hw/arm/aspeed_soc.h b/include/hw/arm/aspeed_soc.h
index 18fb7eed46..cae9906684 100644
--- a/include/hw/arm/aspeed_soc.h
+++ b/include/hw/arm/aspeed_soc.h
@@ -21,6 +21,7 @@
 #include "hw/timer/aspeed_timer.h"
 #include "hw/rtc/aspeed_rtc.h"
 #include "hw/i2c/aspeed_i2c.h"
+#include "hw/misc/aspeed_i3c.h"
 #include "hw/ssi/aspeed_smc.h"
 #include "hw/misc/aspeed_hace.h"
 #include "hw/watchdog/wdt_aspeed.h"
@@ -51,6 +52,7 @@ struct AspeedSoCState {
 AspeedRtcState rtc;
 AspeedTimerCtrlState timerctrl;
 AspeedI2CState i2c;
+AspeedI3CState i3c;
 AspeedSCUState scu;
 AspeedHACEState hace;
 AspeedXDMAState xdma;
@@ -141,6 +143,7 @@ enum {
 ASPEED_DEV_HACE,
 ASPEED_DEV_DPMCU,
 ASPEED_DEV_DP,
+ASPEED_DEV_I3C,
 };
 
 #endif /* ASPEED_SOC_H */
-- 
2.25.1

Re: [PATCH v4 07/11] target/riscv: Support mcycle/minstret write operation

[Bin Meng]

On Fri, Jan 7, 2022 at 10:14 AM Atish Patra  wrote:
>
> From: Atish Patra 
>
> mcycle/minstret are actually WARL registers and can be written with any
> given value. With SBI PMU extension, it will be used to store a initial
> value provided from supervisor OS. The Qemu also need prohibit the counter
> increment if mcountinhibit is set.
>
> Support mcycle/minstret through generic counter infrastructure.
>
> Signed-off-by: Atish Patra 
> Signed-off-by: Atish Patra 
> ---
>  target/riscv/cpu.h   |  24 +--
>  target/riscv/csr.c   | 144 ++-
>  target/riscv/machine.c   |  26 ++-
>  target/riscv/meson.build |   1 +
>  target/riscv/pmu.c   |  32 +
>  target/riscv/pmu.h   |  28 
>  6 files changed, 200 insertions(+), 55 deletions(-)
>  create mode 100644 target/riscv/pmu.c
>  create mode 100644 target/riscv/pmu.h
>
> diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
> index 39edc948d703..5fe9c51b38c7 100644
> --- a/target/riscv/cpu.h
> +++ b/target/riscv/cpu.h
> @@ -101,7 +101,7 @@ typedef struct CPURISCVState CPURISCVState;
>  #endif
>
>  #define RV_VLEN_MAX 1024
> -#define RV_MAX_MHPMEVENTS 29
> +#define RV_MAX_MHPMEVENTS 32
>  #define RV_MAX_MHPMCOUNTERS 32
>
>  FIELD(VTYPE, VLMUL, 0, 3)
> @@ -112,6 +112,19 @@ FIELD(VTYPE, VEDIV, 8, 2)
>  FIELD(VTYPE, RESERVED, 10, sizeof(target_ulong) * 8 - 11)
>  FIELD(VTYPE, VILL, sizeof(target_ulong) * 8 - 1, 1)
>
> +typedef struct PMUCTRState PMUCTRState;

This 'typedef' can be merged into the definition below


> +struct PMUCTRState {
> +/* Current value of a counter */
> +target_ulong mhpmcounter_val;
> +/* Current value of a counter in RV32*/
> +target_ulong mhpmcounterh_val;
> +/* Snapshot values of counter */
> +target_ulong mhpmcounter_prev;
> +/* Snapshort value of a counter in RV32 */
> +target_ulong mhpmcounterh_prev;
> +bool started;
> +};
> +
>  struct CPURISCVState {
>  target_ulong gpr[32];
>  uint64_t fpr[32]; /* assume both F and D extensions */
> @@ -226,13 +239,10 @@ struct CPURISCVState {
>
>  target_ulong mcountinhibit;
>
> -/* PMU counter configured values */
> -target_ulong mhpmcounter_val[RV_MAX_MHPMCOUNTERS];
> -
> -/* for RV32 */
> -target_ulong mhpmcounterh_val[RV_MAX_MHPMCOUNTERS];
> +/* PMU counter state */
> +PMUCTRState pmu_ctrs[RV_MAX_MHPMCOUNTERS];
>
> -/* PMU event selector configured values */
> +/* PMU event selector configured values. First three are unused*/
>  target_ulong mhpmevent_val[RV_MAX_MHPMEVENTS];
>
>  target_ulong sscratch;
> diff --git a/target/riscv/csr.c b/target/riscv/csr.c
> index 58a9550bd898..d4449ada557c 100644
> --- a/target/riscv/csr.c
> +++ b/target/riscv/csr.c
> @@ -20,6 +20,7 @@
>  #include "qemu/osdep.h"
>  #include "qemu/log.h"
>  #include "cpu.h"
> +#include "pmu.h"
>  #include "qemu/main-loop.h"
>  #include "exec/exec-all.h"
>
> @@ -461,41 +462,33 @@ static int write_vcsr(CPURISCVState *env, int csrno, 
> target_ulong val)
>  }
>
>  /* User Timers and Counters */
> -static RISCVException read_instret(CPURISCVState *env, int csrno,
> -   target_ulong *val)
> +static target_ulong get_icount_ticks(bool brv32)

I would use 'rv32' instead of 'brv32'

>  {
> +int64_t val;
> +target_ulong result;
> +
>  #if !defined(CONFIG_USER_ONLY)
>  if (icount_enabled()) {
> -*val = icount_get();
> +val = icount_get();
>  } else {
> -*val = cpu_get_host_ticks();
> +val = cpu_get_host_ticks();
>  }
>  #else
> -*val = cpu_get_host_ticks();
> +val = cpu_get_host_ticks();
>  #endif
>
> -return RISCV_EXCP_NONE;
> -}
> -
> -static RISCVException read_instreth(CPURISCVState *env, int csrno,
> -target_ulong *val)
> -{
> -#if !defined(CONFIG_USER_ONLY)
> -if (icount_enabled()) {
> -*val = icount_get() >> 32;
> +if (brv32) {
> +result = val >> 32;
>  } else {
> -*val = cpu_get_host_ticks() >> 32;
> +result = val;
>  }
> -#else
> -*val = cpu_get_host_ticks() >> 32;
> -#endif
>
> -return RISCV_EXCP_NONE;
> +return result;
>  }
>
>  static int read_mhpmevent(CPURISCVState *env, int csrno, target_ulong *val)
>  {
> -int evt_index = csrno - CSR_MHPMEVENT3;
> +int evt_index = csrno - CSR_MCOUNTINHIBIT;
>
>  *val = env->mhpmevent_val[evt_index];
>
> @@ -504,7 +497,7 @@ static int read_mhpmevent(CPURISCVState *env, int csrno, 
> target_ulong *val)
>
>  static int write_mhpmevent(CPURISCVState *env, int csrno, target_ulong val)
>  {
> -int evt_index = csrno - CSR_MHPMEVENT3;
> +int evt_index = csrno - CSR_MCOUNTINHIBIT;
>
>  env->mhpmevent_val[evt_index] = val;
>
> @@ -513,52 +506,99 @@ static int write_mhpmevent(CPURISCVState *env, int 
> csrno, target_ulong val)
>
>  static int write_mhpmcounter(CPURISCVState *env, int csrno, target_ulong val)
>  {
> -int ctr_index 

[PULL 10/10] Revert "virtio: introduce macro IRTIO_CONFIG_IRQ_IDX"

[Michael S. Tsirkin]

This reverts commit bf1d85c166c19af95dbd27b1faba1d2909732323.
---
 include/hw/virtio/virtio.h |  3 ---
 hw/display/vhost-user-gpu.c|  6 --
 hw/net/virtio-net.c| 10 ++
 hw/virtio/vhost-user-fs.c  |  6 --
 hw/virtio/vhost-vsock-common.c |  6 --
 hw/virtio/virtio-crypto.c  |  6 --
 6 files changed, 2 insertions(+), 35 deletions(-)

diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
index 605ea79c90..8bab9cfb75 100644
--- a/include/hw/virtio/virtio.h
+++ b/include/hw/virtio/virtio.h
@@ -67,9 +67,6 @@ typedef struct VirtQueueElement
 
 #define VIRTIO_NO_VECTOR 0x
 
-/* special index value used internally for config irqs */
-#define VIRTIO_CONFIG_IRQ_IDX -1
-
 #define TYPE_VIRTIO_DEVICE "virtio-device"
 OBJECT_DECLARE_TYPE(VirtIODevice, VirtioDeviceClass, VIRTIO_DEVICE)
 
diff --git a/hw/display/vhost-user-gpu.c b/hw/display/vhost-user-gpu.c
index d4a440e815..09818231bd 100644
--- a/hw/display/vhost-user-gpu.c
+++ b/hw/display/vhost-user-gpu.c
@@ -485,9 +485,6 @@ vhost_user_gpu_guest_notifier_pending(VirtIODevice *vdev, 
int idx)
 {
 VhostUserGPU *g = VHOST_USER_GPU(vdev);
 
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return false;
-}
 return vhost_virtqueue_pending(>vhost->dev, idx);
 }
 
@@ -496,9 +493,6 @@ vhost_user_gpu_guest_notifier_mask(VirtIODevice *vdev, int 
idx, bool mask)
 {
 VhostUserGPU *g = VHOST_USER_GPU(vdev);
 
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return;
-}
 vhost_virtqueue_mask(>vhost->dev, vdev, idx, mask);
 }
 
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 5e03c0dd14..cf8ab0f8af 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -3168,9 +3168,6 @@ static bool 
virtio_net_guest_notifier_pending(VirtIODevice *vdev, int idx)
 VirtIONet *n = VIRTIO_NET(vdev);
 NetClientState *nc = qemu_get_subqueue(n->nic, vq2q(idx));
 assert(n->vhost_started);
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return false;
-}
 return vhost_net_virtqueue_pending(get_vhost_net(nc->peer), idx);
 }
 
@@ -3180,11 +3177,8 @@ static void virtio_net_guest_notifier_mask(VirtIODevice 
*vdev, int idx,
 VirtIONet *n = VIRTIO_NET(vdev);
 NetClientState *nc = qemu_get_subqueue(n->nic, vq2q(idx));
 assert(n->vhost_started);
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return;
-}
-
-vhost_net_virtqueue_mask(get_vhost_net(nc->peer), vdev, idx, mask);
+vhost_net_virtqueue_mask(get_vhost_net(nc->peer),
+ vdev, idx, mask);
 }
 
 static void virtio_net_set_config_size(VirtIONet *n, uint64_t host_features)
diff --git a/hw/virtio/vhost-user-fs.c b/hw/virtio/vhost-user-fs.c
index 9b0349922e..c595957983 100644
--- a/hw/virtio/vhost-user-fs.c
+++ b/hw/virtio/vhost-user-fs.c
@@ -161,9 +161,6 @@ static void vuf_guest_notifier_mask(VirtIODevice *vdev, int 
idx,
 {
 VHostUserFS *fs = VHOST_USER_FS(vdev);
 
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return;
-}
 vhost_virtqueue_mask(>vhost_dev, vdev, idx, mask);
 }
 
@@ -171,9 +168,6 @@ static bool vuf_guest_notifier_pending(VirtIODevice *vdev, 
int idx)
 {
 VHostUserFS *fs = VHOST_USER_FS(vdev);
 
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return false;
-}
 return vhost_virtqueue_pending(>vhost_dev, idx);
 }
 
diff --git a/hw/virtio/vhost-vsock-common.c b/hw/virtio/vhost-vsock-common.c
index d1b9c027b6..3f3771274e 100644
--- a/hw/virtio/vhost-vsock-common.c
+++ b/hw/virtio/vhost-vsock-common.c
@@ -125,9 +125,6 @@ static void 
vhost_vsock_common_guest_notifier_mask(VirtIODevice *vdev, int idx,
 {
 VHostVSockCommon *vvc = VHOST_VSOCK_COMMON(vdev);
 
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return;
-}
 vhost_virtqueue_mask(>vhost_dev, vdev, idx, mask);
 }
 
@@ -136,9 +133,6 @@ static bool 
vhost_vsock_common_guest_notifier_pending(VirtIODevice *vdev,
 {
 VHostVSockCommon *vvc = VHOST_VSOCK_COMMON(vdev);
 
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return false;
-}
 return vhost_virtqueue_pending(>vhost_dev, idx);
 }
 
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 1d5192f8b4..54f9bbb789 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -948,9 +948,6 @@ static void virtio_crypto_guest_notifier_mask(VirtIODevice 
*vdev, int idx,
 
 assert(vcrypto->vhost_started);
 
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return;
-}
 cryptodev_vhost_virtqueue_mask(vdev, queue, idx, mask);
 }
 
@@ -961,9 +958,6 @@ static bool 
virtio_crypto_guest_notifier_pending(VirtIODevice *vdev, int idx)
 
 assert(vcrypto->vhost_started);
 
-if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return false;
-}
 return cryptodev_vhost_virtqueue_pending(vdev, queue, idx);
 }
 
-- 
MST

[PATCH v2 0/2] Aspeed I3C device model

[Troy Lee]

This series of patch introduce a dummy implemenation of aspeed i3c
model, and it provide just enough information for guest machine.
However, the driver probing is still failed, but it will not cause
kernel panic.

v2:
- Split i3c model into i3c and i3c_device
- Create 6x i3c devices
- Using register fields macro
- Rebase to mainline QEMU

Troy Lee (2):
  hw/misc: Implementating dummy AST2600 I3C model
  hw/arm/aspeed_ast2600: create i3c instance

 hw/arm/aspeed_ast2600.c  |  19 +-
 hw/misc/aspeed_i3c.c | 410 +++
 hw/misc/meson.build  |   1 +
 hw/misc/trace-events |   6 +
 include/hw/arm/aspeed_soc.h  |   3 +
 include/hw/misc/aspeed_i3c.h |  57 +
 6 files changed, 495 insertions(+), 1 deletion(-)
 create mode 100644 hw/misc/aspeed_i3c.c
 create mode 100644 include/hw/misc/aspeed_i3c.h

-- 
2.25.1

[PULL 09/10] Revert "virtio-pci: decouple notifier from interrupt process"

[Michael S. Tsirkin]

This reverts commit e3480ef81f6fb61cc9c04e3b5be8b7e84484fc05.
---
 hw/virtio/virtio-pci.c | 88 +++---
 1 file changed, 31 insertions(+), 57 deletions(-)

diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 4bdb6e5694..750aa47ec1 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -704,41 +704,29 @@ static void 
kvm_virtio_pci_vq_vector_release(VirtIOPCIProxy *proxy,
 }
 
 static int kvm_virtio_pci_irqfd_use(VirtIOPCIProxy *proxy,
- EventNotifier *n,
+ unsigned int queue_no,
  unsigned int vector)
 {
 VirtIOIRQFD *irqfd = >vector_irqfd[vector];
+VirtIODevice *vdev = virtio_bus_get_device(>bus);
+VirtQueue *vq = virtio_get_queue(vdev, queue_no);
+EventNotifier *n = virtio_queue_get_guest_notifier(vq);
 return kvm_irqchip_add_irqfd_notifier_gsi(kvm_state, n, NULL, irqfd->virq);
 }
 
 static void kvm_virtio_pci_irqfd_release(VirtIOPCIProxy *proxy,
-  EventNotifier *n ,
+  unsigned int queue_no,
   unsigned int vector)
 {
+VirtIODevice *vdev = virtio_bus_get_device(>bus);
+VirtQueue *vq = virtio_get_queue(vdev, queue_no);
+EventNotifier *n = virtio_queue_get_guest_notifier(vq);
 VirtIOIRQFD *irqfd = >vector_irqfd[vector];
 int ret;
 
 ret = kvm_irqchip_remove_irqfd_notifier_gsi(kvm_state, n, irqfd->virq);
 assert(ret == 0);
 }
-static int virtio_pci_get_notifier(VirtIOPCIProxy *proxy, int queue_no,
-  EventNotifier **n, unsigned int *vector)
-{
-VirtIODevice *vdev = virtio_bus_get_device(>bus);
-VirtQueue *vq;
-
-if (queue_no == VIRTIO_CONFIG_IRQ_IDX) {
-return -1;
-} else {
-if (!virtio_queue_get_num(vdev, queue_no)) {
-return -1;
-}
-*vector = virtio_queue_vector(vdev, queue_no);
-vq = virtio_get_queue(vdev, queue_no);
-*n = virtio_queue_get_guest_notifier(vq);
-}
-return 0;
-}
 
 static int kvm_virtio_pci_vector_use(VirtIOPCIProxy *proxy, int nvqs)
 {
@@ -747,15 +735,12 @@ static int kvm_virtio_pci_vector_use(VirtIOPCIProxy 
*proxy, int nvqs)
 VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(vdev);
 unsigned int vector;
 int ret, queue_no;
-EventNotifier *n;
+
 for (queue_no = 0; queue_no < nvqs; queue_no++) {
 if (!virtio_queue_get_num(vdev, queue_no)) {
 break;
 }
-ret = virtio_pci_get_notifier(proxy, queue_no, , );
-if (ret < 0) {
-break;
-}
+vector = virtio_queue_vector(vdev, queue_no);
 if (vector >= msix_nr_vectors_allocated(dev)) {
 continue;
 }
@@ -767,7 +752,7 @@ static int kvm_virtio_pci_vector_use(VirtIOPCIProxy *proxy, 
int nvqs)
  * Otherwise, delay until unmasked in the frontend.
  */
 if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) {
-ret = kvm_virtio_pci_irqfd_use(proxy, n, vector);
+ret = kvm_virtio_pci_irqfd_use(proxy, queue_no, vector);
 if (ret < 0) {
 kvm_virtio_pci_vq_vector_release(proxy, vector);
 goto undo;
@@ -783,11 +768,7 @@ undo:
 continue;
 }
 if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) {
-ret = virtio_pci_get_notifier(proxy, queue_no, , );
-if (ret < 0) {
-break;
-}
-kvm_virtio_pci_irqfd_release(proxy, n, vector);
+kvm_virtio_pci_irqfd_release(proxy, queue_no, vector);
 }
 kvm_virtio_pci_vq_vector_release(proxy, vector);
 }
@@ -801,16 +782,12 @@ static void kvm_virtio_pci_vector_release(VirtIOPCIProxy 
*proxy, int nvqs)
 unsigned int vector;
 int queue_no;
 VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(vdev);
-EventNotifier *n;
-int ret ;
+
 for (queue_no = 0; queue_no < nvqs; queue_no++) {
 if (!virtio_queue_get_num(vdev, queue_no)) {
 break;
 }
-ret = virtio_pci_get_notifier(proxy, queue_no, , );
-if (ret < 0) {
-break;
-}
+vector = virtio_queue_vector(vdev, queue_no);
 if (vector >= msix_nr_vectors_allocated(dev)) {
 continue;
 }
@@ -818,20 +795,21 @@ static void kvm_virtio_pci_vector_release(VirtIOPCIProxy 
*proxy, int nvqs)
  * Otherwise, it was cleaned when masked in the frontend.
  */
 if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) {
-kvm_virtio_pci_irqfd_release(proxy, n, vector);
+kvm_virtio_pci_irqfd_release(proxy, queue_no, vector);
 }
 kvm_virtio_pci_vq_vector_release(proxy, vector);
 }
 }
 
-static int virtio_pci_one_vector_unmask(VirtIOPCIProxy *proxy,
+static int 

[PULL 08/10] Revert "virtio-pci: decouple the single vector from the interrupt process"

[Michael S. Tsirkin]

This reverts commit 316011b8a74e777eb3ba03171cd701a291c28867.
---
 hw/virtio/virtio-pci.c | 163 +++--
 1 file changed, 74 insertions(+), 89 deletions(-)

diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 7201cf3dc1..4bdb6e5694 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -677,6 +677,7 @@ static uint32_t virtio_read_config(PCIDevice *pci_dev,
 }
 
 static int kvm_virtio_pci_vq_vector_use(VirtIOPCIProxy *proxy,
+unsigned int queue_no,
 unsigned int vector)
 {
 VirtIOIRQFD *irqfd = >vector_irqfd[vector];
@@ -739,103 +740,87 @@ static int virtio_pci_get_notifier(VirtIOPCIProxy 
*proxy, int queue_no,
 return 0;
 }
 
-static int kvm_virtio_pci_vector_use_one(VirtIOPCIProxy *proxy, int queue_no)
-{
-unsigned int vector;
-int ret;
-EventNotifier *n;
-PCIDevice *dev = >pci_dev;
-VirtIODevice *vdev = virtio_bus_get_device(>bus);
-VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(vdev);
-
-ret = virtio_pci_get_notifier(proxy, queue_no, , );
-if (ret < 0) {
-return ret;
-}
-if (vector >= msix_nr_vectors_allocated(dev)) {
-return 0;
-}
-ret = kvm_virtio_pci_vq_vector_use(proxy, vector);
-if (ret < 0) {
-goto undo;
-}
-/*
- * If guest supports masking, set up irqfd now.
- * Otherwise, delay until unmasked in the frontend.
- */
-if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) {
-ret = kvm_virtio_pci_irqfd_use(proxy, n, vector);
-if (ret < 0) {
-kvm_virtio_pci_vq_vector_release(proxy, vector);
-goto undo;
-}
-}
-
-return 0;
-undo:
-
-vector = virtio_queue_vector(vdev, queue_no);
-if (vector >= msix_nr_vectors_allocated(dev)) {
-return ret;
-}
-if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) {
-ret = virtio_pci_get_notifier(proxy, queue_no, , );
-if (ret < 0) {
-return ret;
-}
-kvm_virtio_pci_irqfd_release(proxy, n, vector);
-}
-return ret;
-}
 static int kvm_virtio_pci_vector_use(VirtIOPCIProxy *proxy, int nvqs)
 {
-int queue_no;
-int ret = 0;
-VirtIODevice *vdev = virtio_bus_get_device(>bus);
-
-for (queue_no = 0; queue_no < nvqs; queue_no++) {
-if (!virtio_queue_get_num(vdev, queue_no)) {
-return -1;
-}
-ret = kvm_virtio_pci_vector_use_one(proxy, queue_no);
-}
-return ret;
-}
-
-
-static void kvm_virtio_pci_vector_release_one(VirtIOPCIProxy *proxy,
-  int queue_no)
-{
-VirtIODevice *vdev = virtio_bus_get_device(>bus);
-unsigned int vector;
-EventNotifier *n;
-int ret;
-VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(vdev);
 PCIDevice *dev = >pci_dev;
-
-ret = virtio_pci_get_notifier(proxy, queue_no, , );
-if (ret < 0) {
-return;
-}
-if (vector >= msix_nr_vectors_allocated(dev)) {
-return;
-}
-if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) {
-kvm_virtio_pci_irqfd_release(proxy, n, vector);
-}
-kvm_virtio_pci_vq_vector_release(proxy, vector);
-}
-
-static void kvm_virtio_pci_vector_release(VirtIOPCIProxy *proxy, int nvqs)
-{
-int queue_no;
 VirtIODevice *vdev = virtio_bus_get_device(>bus);
-
+VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(vdev);
+unsigned int vector;
+int ret, queue_no;
+EventNotifier *n;
 for (queue_no = 0; queue_no < nvqs; queue_no++) {
 if (!virtio_queue_get_num(vdev, queue_no)) {
 break;
 }
-kvm_virtio_pci_vector_release_one(proxy, queue_no);
+ret = virtio_pci_get_notifier(proxy, queue_no, , );
+if (ret < 0) {
+break;
+}
+if (vector >= msix_nr_vectors_allocated(dev)) {
+continue;
+}
+ret = kvm_virtio_pci_vq_vector_use(proxy, queue_no, vector);
+if (ret < 0) {
+goto undo;
+}
+/* If guest supports masking, set up irqfd now.
+ * Otherwise, delay until unmasked in the frontend.
+ */
+if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) {
+ret = kvm_virtio_pci_irqfd_use(proxy, n, vector);
+if (ret < 0) {
+kvm_virtio_pci_vq_vector_release(proxy, vector);
+goto undo;
+}
+}
+}
+return 0;
+
+undo:
+while (--queue_no >= 0) {
+vector = virtio_queue_vector(vdev, queue_no);
+if (vector >= msix_nr_vectors_allocated(dev)) {
+continue;
+}
+if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) {
+ret = virtio_pci_get_notifier(proxy, queue_no, , );
+if (ret < 0) {
+break;
+}
+kvm_virtio_pci_irqfd_release(proxy, n, 

Re: [PATCH] virtio-pci: fix up config interrupt handling

[Cédric Le Goater]

On 1/9/22 18:49, Michael S. Tsirkin wrote:

Fixes a couple of issues with irqfd use by config interrupt:
- Rearrange initialization so cleanup happens in the reverse order
- Don't use irqfd for config when not in use for data path
I am not sure this is a complete fix though: I think we
are better off limiting the effect to vdpa devices
with config interrupt support. Or even bypass irqfd
for config completely and inject into KVM using ioctl?
The advantage would be less FDs used.
This would mean mostly reverting the patchset though.

Fixes: d5d24d859c ("virtio-pci: add support for configure interrupt")
Cc: "Cindy Lu" 
Signed-off-by: Michael S. Tsirkin 


On a KVM guest with vhost, I am still seeing at reboot an issue :/

../hw/pci/msix.c:622: msix_unset_vector_notifiers: Assertion 
`dev->msix_vector_use_notifier && dev->msix_vector_release_notifier'


C.


---
  hw/virtio/virtio-pci.c | 12 +++-
  1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 98fb5493ae..b77cd69f97 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1130,15 +1130,15 @@ static int virtio_pci_set_guest_notifiers(DeviceState 
*d, int nvqs, bool assign)
  proxy->vector_irqfd =
  g_malloc0(sizeof(*proxy->vector_irqfd) *
msix_nr_vectors_allocated(>pci_dev));
+r = kvm_virtio_pci_vector_config_use(proxy);
+if (r < 0) {
+goto config_error;
+}
  r = kvm_virtio_pci_vector_use(proxy, nvqs);
  if (r < 0) {
  goto config_assign_error;
  }
  }
-r = kvm_virtio_pci_vector_config_use(proxy);
-if (r < 0) {
-goto config_error;
-}
  r = msix_set_vector_notifiers(>pci_dev, 
virtio_pci_vector_unmask,
virtio_pci_vector_mask,
virtio_pci_vector_poll);
@@ -1155,7 +1155,9 @@ notifiers_error:
  kvm_virtio_pci_vector_release(proxy, nvqs);
  }
  config_error:
-kvm_virtio_pci_vector_config_release(proxy);
+if (with_irqfd) {
+kvm_virtio_pci_vector_config_release(proxy);
+}
  config_assign_error:
  virtio_pci_set_guest_notifier(d, VIRTIO_CONFIG_IRQ_IDX, !assign,
with_irqfd);

[PULL 05/10] Revert "virtio: add support for configure interrupt"

[Michael S. Tsirkin]

This reverts commit 081f864f56307551f59c5e934e3f30a7290d0faa.
---
 include/hw/virtio/virtio.h |  4 
 hw/virtio/virtio.c | 29 -
 2 files changed, 33 deletions(-)

diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
index d78088d872..605ea79c90 100644
--- a/include/hw/virtio/virtio.h
+++ b/include/hw/virtio/virtio.h
@@ -111,7 +111,6 @@ struct VirtIODevice
 bool use_guest_notifier_mask;
 AddressSpace *dma_as;
 QLIST_HEAD(, VirtQueue) *vector_queues;
-EventNotifier config_notifier;
 };
 
 struct VirtioDeviceClass {
@@ -314,14 +313,11 @@ uint16_t virtio_get_queue_index(VirtQueue *vq);
 EventNotifier *virtio_queue_get_guest_notifier(VirtQueue *vq);
 void virtio_queue_set_guest_notifier_fd_handler(VirtQueue *vq, bool assign,
 bool with_irqfd);
-void virtio_config_set_guest_notifier_fd_handler(VirtIODevice *vdev,
- bool assign, bool with_irqfd);
 int virtio_device_start_ioeventfd(VirtIODevice *vdev);
 int virtio_device_grab_ioeventfd(VirtIODevice *vdev);
 void virtio_device_release_ioeventfd(VirtIODevice *vdev);
 bool virtio_device_ioeventfd_enabled(VirtIODevice *vdev);
 EventNotifier *virtio_queue_get_host_notifier(VirtQueue *vq);
-EventNotifier *virtio_config_get_guest_notifier(VirtIODevice *vdev);
 void virtio_queue_set_host_notifier_enabled(VirtQueue *vq, bool enabled);
 void virtio_queue_host_notifier_read(EventNotifier *n);
 void virtio_queue_aio_set_host_notifier_handler(VirtQueue *vq, AioContext *ctx,
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 971e59a663..5d18868d7d 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -3494,14 +3494,7 @@ static void 
virtio_queue_guest_notifier_read(EventNotifier *n)
 virtio_irq(vq);
 }
 }
-static void virtio_config_guest_notifier_read(EventNotifier *n)
-{
-VirtIODevice *vdev = container_of(n, VirtIODevice, config_notifier);
 
-if (event_notifier_test_and_clear(n)) {
-virtio_notify_config(vdev);
-}
-}
 void virtio_queue_set_guest_notifier_fd_handler(VirtQueue *vq, bool assign,
 bool with_irqfd)
 {
@@ -3518,23 +3511,6 @@ void 
virtio_queue_set_guest_notifier_fd_handler(VirtQueue *vq, bool assign,
 }
 }
 
-void virtio_config_set_guest_notifier_fd_handler(VirtIODevice *vdev,
- bool assign, bool with_irqfd)
-{
-EventNotifier *n;
-n = >config_notifier;
-if (assign && !with_irqfd) {
-event_notifier_set_handler(n, virtio_config_guest_notifier_read);
-} else {
-event_notifier_set_handler(n, NULL);
-}
-if (!assign) {
-/* Test and clear notifier before closing it,*/
-/* in case poll callback didn't have time to run. */
-virtio_config_guest_notifier_read(n);
-}
-}
-
 EventNotifier *virtio_queue_get_guest_notifier(VirtQueue *vq)
 {
 return >guest_notifier;
@@ -3608,11 +3584,6 @@ EventNotifier *virtio_queue_get_host_notifier(VirtQueue 
*vq)
 return >host_notifier;
 }
 
-EventNotifier *virtio_config_get_guest_notifier(VirtIODevice *vdev)
-{
-return >config_notifier;
-}
-
 void virtio_queue_set_host_notifier_enabled(VirtQueue *vq, bool enabled)
 {
 vq->host_notifier_enabled = enabled;
-- 
MST

[PULL 04/10] Revert "vhost: add support for configure interrupt"

[Michael S. Tsirkin]

This reverts commit f7220a7ce21604a4bc6260ccca4dc9068c1f27f2.
---
 include/hw/virtio/vhost.h |  4 ---
 hw/virtio/vhost.c | 76 ---
 2 files changed, 80 deletions(-)

diff --git a/include/hw/virtio/vhost.h b/include/hw/virtio/vhost.h
index b0f3b78987..58a73e7b7a 100644
--- a/include/hw/virtio/vhost.h
+++ b/include/hw/virtio/vhost.h
@@ -29,7 +29,6 @@ struct vhost_virtqueue {
 unsigned long long used_phys;
 unsigned used_size;
 EventNotifier masked_notifier;
-EventNotifier masked_config_notifier;
 struct vhost_dev *dev;
 };
 
@@ -38,7 +37,6 @@ typedef unsigned long vhost_log_chunk_t;
 #define VHOST_LOG_BITS (8 * sizeof(vhost_log_chunk_t))
 #define VHOST_LOG_CHUNK (VHOST_LOG_PAGE * VHOST_LOG_BITS)
 #define VHOST_INVALID_FEATURE_BIT   (0xff)
-#define VHOST_QUEUE_NUM_CONFIG_INR 0
 
 struct vhost_log {
 unsigned long long size;
@@ -118,8 +116,6 @@ int vhost_dev_start(struct vhost_dev *hdev, VirtIODevice 
*vdev);
 void vhost_dev_stop(struct vhost_dev *hdev, VirtIODevice *vdev);
 int vhost_dev_enable_notifiers(struct vhost_dev *hdev, VirtIODevice *vdev);
 void vhost_dev_disable_notifiers(struct vhost_dev *hdev, VirtIODevice *vdev);
-bool vhost_config_pending(struct vhost_dev *hdev);
-void vhost_config_mask(struct vhost_dev *hdev, VirtIODevice *vdev, bool mask);
 
 /* Test and clear masked event pending status.
  * Should be called after unmask to avoid losing events.
diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
index cbf3b792da..7b03efccec 100644
--- a/hw/virtio/vhost.c
+++ b/hw/virtio/vhost.c
@@ -1554,67 +1554,6 @@ void vhost_virtqueue_mask(struct vhost_dev *hdev, 
VirtIODevice *vdev, int n,
 }
 }
 
-bool vhost_config_pending(struct vhost_dev *hdev)
-{
-assert(hdev->vhost_ops);
-if ((hdev->started == false) ||
-(hdev->vhost_ops->vhost_set_config_call == NULL)) {
-return false;
-}
-
-EventNotifier *notifier =
->vqs[VHOST_QUEUE_NUM_CONFIG_INR].masked_config_notifier;
-return event_notifier_test_and_clear(notifier);
-}
-
-void vhost_config_mask(struct vhost_dev *hdev, VirtIODevice *vdev, bool mask)
-{
-int fd;
-int r;
-EventNotifier *notifier =
->vqs[VHOST_QUEUE_NUM_CONFIG_INR].masked_config_notifier;
-EventNotifier *config_notifier = >config_notifier;
-assert(hdev->vhost_ops);
-
-if ((hdev->started == false) ||
-(hdev->vhost_ops->vhost_set_config_call == NULL)) {
-return;
-}
-if (mask) {
-assert(vdev->use_guest_notifier_mask);
-fd = event_notifier_get_fd(notifier);
-} else {
-fd = event_notifier_get_fd(config_notifier);
-}
-r = hdev->vhost_ops->vhost_set_config_call(hdev, fd);
-if (r < 0) {
-VHOST_OPS_DEBUG(r, "vhost_set_config_call failed");
-}
-}
-
-static void vhost_stop_config_intr(struct vhost_dev *dev)
-{
-int fd = -1;
-assert(dev->vhost_ops);
-if (dev->vhost_ops->vhost_set_config_call) {
-dev->vhost_ops->vhost_set_config_call(dev, fd);
-}
-}
-
-static void vhost_start_config_intr(struct vhost_dev *dev)
-{
-int r;
-
-assert(dev->vhost_ops);
-int fd = event_notifier_get_fd(>vdev->config_notifier);
-if (dev->vhost_ops->vhost_set_config_call) {
-r = dev->vhost_ops->vhost_set_config_call(dev, fd);
-if (!r) {
-event_notifier_set(>vdev->config_notifier);
-}
-}
-}
-
 uint64_t vhost_get_features(struct vhost_dev *hdev, const int *feature_bits,
 uint64_t features)
 {
@@ -1827,16 +1766,6 @@ int vhost_dev_start(struct vhost_dev *hdev, VirtIODevice 
*vdev)
 }
 }
 
-r = event_notifier_init(
->vqs[VHOST_QUEUE_NUM_CONFIG_INR].masked_config_notifier, 0);
-if (r < 0) {
-return r;
-}
-event_notifier_test_and_clear(
->vqs[VHOST_QUEUE_NUM_CONFIG_INR].masked_config_notifier);
-if (!vdev->use_guest_notifier_mask) {
-vhost_config_mask(hdev, vdev, true);
-}
 if (hdev->log_enabled) {
 uint64_t log_base;
 
@@ -1869,7 +1798,6 @@ int vhost_dev_start(struct vhost_dev *hdev, VirtIODevice 
*vdev)
 vhost_device_iotlb_miss(hdev, vq->used_phys, true);
 }
 }
-vhost_start_config_intr(hdev);
 return 0;
 fail_log:
 vhost_log_put(hdev, false);
@@ -1895,9 +1823,6 @@ void vhost_dev_stop(struct vhost_dev *hdev, VirtIODevice 
*vdev)
 
 /* should only be called after backend is connected */
 assert(hdev->vhost_ops);
-event_notifier_test_and_clear(
->vqs[VHOST_QUEUE_NUM_CONFIG_INR].masked_config_notifier);
-event_notifier_test_and_clear(>config_notifier);
 
 if (hdev->vhost_ops->vhost_dev_start) {
 hdev->vhost_ops->vhost_dev_start(hdev, false);
@@ -1915,7 +1840,6 @@ void vhost_dev_stop(struct vhost_dev *hdev, VirtIODevice 
*vdev)
 }
 memory_listener_unregister(>iommu_listener);
 }
-vhost_stop_config_intr(hdev);
 vhost_log_put(hdev, true);
 

[PULL 07/10] Revert "vhost: introduce new VhostOps vhost_set_config_call"

[Michael S. Tsirkin]

This reverts commit 88062372340d33090b7f089ed3b1a00f530a8914.
---
 include/hw/virtio/vhost-backend.h | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/include/hw/virtio/vhost-backend.h 
b/include/hw/virtio/vhost-backend.h
index ff34eb7c8a..81bf3109f8 100644
--- a/include/hw/virtio/vhost-backend.h
+++ b/include/hw/virtio/vhost-backend.h
@@ -126,8 +126,6 @@ typedef int (*vhost_get_device_id_op)(struct vhost_dev 
*dev, uint32_t *dev_id);
 
 typedef bool (*vhost_force_iommu_op)(struct vhost_dev *dev);
 
-typedef int (*vhost_set_config_call_op)(struct vhost_dev *dev,
-   int fd);
 typedef struct VhostOps {
 VhostBackendType backend_type;
 vhost_backend_init vhost_backend_init;
@@ -173,7 +171,6 @@ typedef struct VhostOps {
 vhost_vq_get_addr_op  vhost_vq_get_addr;
 vhost_get_device_id_op vhost_get_device_id;
 vhost_force_iommu_op vhost_force_iommu;
-vhost_set_config_call_op vhost_set_config_call;
 } VhostOps;
 
 int vhost_backend_update_device_iotlb(struct vhost_dev *dev,
-- 
MST

[PULL 01/10] Revert "virtio-pci: add support for configure interrupt"

[Michael S. Tsirkin]

This reverts commit d5d24d859c3957ea1674d0e102f96439cdbfe93a.
---
 hw/virtio/virtio-pci.h |  4 +-
 hw/virtio/virtio-pci.c | 92 ++
 2 files changed, 13 insertions(+), 83 deletions(-)

diff --git a/hw/virtio/virtio-pci.h b/hw/virtio/virtio-pci.h
index b704acc5a8..2446dcd9ae 100644
--- a/hw/virtio/virtio-pci.h
+++ b/hw/virtio/virtio-pci.h
@@ -251,7 +251,5 @@ void virtio_pci_types_register(const 
VirtioPCIDeviceTypeInfo *t);
  * @fixed_queues.
  */
 unsigned virtio_pci_optimal_num_queues(unsigned fixed_queues);
-void virtio_pci_set_guest_notifier_fd_handler(VirtIODevice *vdev, VirtQueue 
*vq,
-  int n, bool assign,
-  bool with_irqfd);
+
 #endif
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 98fb5493ae..7201cf3dc1 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -727,8 +727,7 @@ static int virtio_pci_get_notifier(VirtIOPCIProxy *proxy, 
int queue_no,
 VirtQueue *vq;
 
 if (queue_no == VIRTIO_CONFIG_IRQ_IDX) {
-*n = virtio_config_get_guest_notifier(vdev);
-*vector = vdev->config_vector;
+return -1;
 } else {
 if (!virtio_queue_get_num(vdev, queue_no)) {
 return -1;
@@ -803,10 +802,6 @@ static int kvm_virtio_pci_vector_use(VirtIOPCIProxy 
*proxy, int nvqs)
 return ret;
 }
 
-static int kvm_virtio_pci_vector_config_use(VirtIOPCIProxy *proxy)
-{
-return kvm_virtio_pci_vector_use_one(proxy, VIRTIO_CONFIG_IRQ_IDX);
-}
 
 static void kvm_virtio_pci_vector_release_one(VirtIOPCIProxy *proxy,
   int queue_no)
@@ -844,11 +839,6 @@ static void kvm_virtio_pci_vector_release(VirtIOPCIProxy 
*proxy, int nvqs)
 }
 }
 
-static void kvm_virtio_pci_vector_config_release(VirtIOPCIProxy *proxy)
-{
-kvm_virtio_pci_vector_release_one(proxy, VIRTIO_CONFIG_IRQ_IDX);
-}
-
 static int virtio_pci_one_vector_unmask(VirtIOPCIProxy *proxy,
unsigned int queue_no,
unsigned int vector,
@@ -930,17 +920,9 @@ static int virtio_pci_vector_unmask(PCIDevice *dev, 
unsigned vector,
 }
 vq = virtio_vector_next_queue(vq);
 }
-/* unmask config intr */
-n = virtio_config_get_guest_notifier(vdev);
-ret = virtio_pci_one_vector_unmask(proxy, VIRTIO_CONFIG_IRQ_IDX, vector,
-   msg, n);
-if (ret < 0) {
-goto undo_config;
-}
+
 return 0;
-undo_config:
-n = virtio_config_get_guest_notifier(vdev);
-virtio_pci_one_vector_mask(proxy, VIRTIO_CONFIG_IRQ_IDX, vector, n);
+
 undo:
 vq = virtio_vector_first_queue(vdev, vector);
 while (vq && unmasked >= 0) {
@@ -974,8 +956,6 @@ static void virtio_pci_vector_mask(PCIDevice *dev, unsigned 
vector)
 }
 vq = virtio_vector_next_queue(vq);
 }
-n = virtio_config_get_guest_notifier(vdev);
-virtio_pci_one_vector_mask(proxy, VIRTIO_CONFIG_IRQ_IDX, vector, n);
 }
 
 static void virtio_pci_vector_poll(PCIDevice *dev,
@@ -1007,34 +987,6 @@ static void virtio_pci_vector_poll(PCIDevice *dev,
 msix_set_pending(dev, vector);
 }
 }
-/* poll the config intr */
-ret = virtio_pci_get_notifier(proxy, VIRTIO_CONFIG_IRQ_IDX, ,
-  );
-if (ret < 0) {
-return;
-}
-if (vector < vector_start || vector >= vector_end ||
-!msix_is_masked(dev, vector)) {
-return;
-}
-if (k->guest_notifier_pending) {
-if (k->guest_notifier_pending(vdev, VIRTIO_CONFIG_IRQ_IDX)) {
-msix_set_pending(dev, vector);
-}
-} else if (event_notifier_test_and_clear(notifier)) {
-msix_set_pending(dev, vector);
-}
-}
-
-void virtio_pci_set_guest_notifier_fd_handler(VirtIODevice *vdev, VirtQueue 
*vq,
-  int n, bool assign,
-  bool with_irqfd)
-{
-if (n == VIRTIO_CONFIG_IRQ_IDX) {
-virtio_config_set_guest_notifier_fd_handler(vdev, assign, with_irqfd);
-} else {
-virtio_queue_set_guest_notifier_fd_handler(vq, assign, with_irqfd);
-}
 }
 
 static int virtio_pci_set_guest_notifier(DeviceState *d, int n, bool assign,
@@ -1043,25 +995,17 @@ static int virtio_pci_set_guest_notifier(DeviceState *d, 
int n, bool assign,
 VirtIOPCIProxy *proxy = to_virtio_pci_proxy(d);
 VirtIODevice *vdev = virtio_bus_get_device(>bus);
 VirtioDeviceClass *vdc = VIRTIO_DEVICE_GET_CLASS(vdev);
-VirtQueue *vq = NULL;
-EventNotifier *notifier = NULL;
-
-if (n == VIRTIO_CONFIG_IRQ_IDX) {
-notifier = virtio_config_get_guest_notifier(vdev);
-} else {
-vq = virtio_get_queue(vdev, n);
-notifier = virtio_queue_get_guest_notifier(vq);
-}
+VirtQueue *vq = virtio_get_queue(vdev, n);
+EventNotifier *notifier = 

[PULL 06/10] Revert "vhost-vdpa: add support for config interrupt"

[Michael S. Tsirkin]

This reverts commit 634f7c89fbd78f57d00d5d6b39c0ade9df1fe27f.
---
 hw/virtio/vhost-vdpa.c | 7 ---
 hw/virtio/trace-events | 1 -
 2 files changed, 8 deletions(-)

diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
index ac0cb575fb..04ea43704f 100644
--- a/hw/virtio/vhost-vdpa.c
+++ b/hw/virtio/vhost-vdpa.c
@@ -734,12 +734,6 @@ static int vhost_vdpa_set_vring_call(struct vhost_dev *dev,
 trace_vhost_vdpa_set_vring_call(dev, file->index, file->fd);
 return vhost_vdpa_call(dev, VHOST_SET_VRING_CALL, file);
 }
-static int vhost_vdpa_set_config_call(struct vhost_dev *dev,
-   int fd)
-{
-trace_vhost_vdpa_set_config_call(dev, fd);
-return vhost_vdpa_call(dev, VHOST_VDPA_SET_CONFIG_CALL, );
-}
 
 static int vhost_vdpa_get_features(struct vhost_dev *dev,
  uint64_t *features)
@@ -810,5 +804,4 @@ const VhostOps vdpa_ops = {
 .vhost_get_device_id = vhost_vdpa_get_device_id,
 .vhost_vq_get_addr = vhost_vdpa_vq_get_addr,
 .vhost_force_iommu = vhost_vdpa_force_iommu,
-.vhost_set_config_call = vhost_vdpa_set_config_call,
 };
diff --git a/hw/virtio/trace-events b/hw/virtio/trace-events
index 595ce015ff..f7ad6be5fb 100644
--- a/hw/virtio/trace-events
+++ b/hw/virtio/trace-events
@@ -53,7 +53,6 @@ vhost_vdpa_get_features(void *dev, uint64_t features) "dev: 
%p features: 0x%"PRI
 vhost_vdpa_set_owner(void *dev) "dev: %p"
 vhost_vdpa_vq_get_addr(void *dev, void *vq, uint64_t desc_user_addr, uint64_t 
avail_user_addr, uint64_t used_user_addr) "dev: %p vq: %p desc_user_addr: 
0x%"PRIx64" avail_user_addr: 0x%"PRIx64" used_user_addr: 0x%"PRIx64
 vhost_vdpa_get_iova_range(void *dev, uint64_t first, uint64_t last) "dev: %p 
first: 0x%"PRIx64" last: 0x%"PRIx64
-vhost_vdpa_set_config_call(void *dev, int fd)"dev: %p fd: %d"
 
 # virtio.c
 virtqueue_alloc_element(void *elem, size_t sz, unsigned in_num, unsigned 
out_num) "elem %p size %zd in_num %u out_num %u"
-- 
MST

[PULL 02/10] Revert "virtio-mmio: add support for configure interrupt"

[Michael S. Tsirkin]

This reverts commit d48185f1a40d4e4ed2fa2873a42b2a5eb8748256.
---
 hw/virtio/virtio-mmio.c | 27 ---
 1 file changed, 27 deletions(-)

diff --git a/hw/virtio/virtio-mmio.c b/hw/virtio/virtio-mmio.c
index 809132018b..72da12fea5 100644
--- a/hw/virtio/virtio-mmio.c
+++ b/hw/virtio/virtio-mmio.c
@@ -673,30 +673,7 @@ static int virtio_mmio_set_guest_notifier(DeviceState *d, 
int n, bool assign,
 
 return 0;
 }
-static int virtio_mmio_set_config_guest_notifier(DeviceState *d, bool assign)
-{
-VirtIOMMIOProxy *proxy = VIRTIO_MMIO(d);
-VirtIODevice *vdev = virtio_bus_get_device(>bus);
-VirtioDeviceClass *vdc = VIRTIO_DEVICE_GET_CLASS(vdev);
-bool with_irqfd = false;
-EventNotifier *notifier = virtio_config_get_guest_notifier(vdev);
-int r = 0;
 
-if (assign) {
-r = event_notifier_init(notifier, 0);
-if (r < 0) {
-return r;
-}
-virtio_config_set_guest_notifier_fd_handler(vdev, assign, with_irqfd);
-} else {
-virtio_config_set_guest_notifier_fd_handler(vdev, assign, with_irqfd);
-event_notifier_cleanup(notifier);
-}
-if (vdc->guest_notifier_mask && vdev->use_guest_notifier_mask) {
-vdc->guest_notifier_mask(vdev, VIRTIO_CONFIG_IRQ_IDX, !assign);
-}
-return r;
-}
 static int virtio_mmio_set_guest_notifiers(DeviceState *d, int nvqs,
bool assign)
 {
@@ -718,10 +695,6 @@ static int virtio_mmio_set_guest_notifiers(DeviceState *d, 
int nvqs,
 goto assign_error;
 }
 }
-r = virtio_mmio_set_config_guest_notifier(d, assign);
-if (r < 0) {
-goto assign_error;
-}
 
 return 0;
 
-- 
MST

[PULL 00/10] virtio: revert config interrupt changes

[Michael S. Tsirkin]

The following changes since commit ca745d2277496464b54fd832c15c45d0227325bb:

  tests: acpi: Add updated TPM related tables (2022-01-07 19:30:13 -0500)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream

for you to fetch changes up to ab9f51a29ca84cfcecc2d18574794b650ce4bb28:

  Revert "virtio: introduce macro IRTIO_CONFIG_IRQ_IDX" (2022-01-10 00:47:56 
-0500)


virtio: revert config interrupt changes

Lots of fallout from config interrupt changes. Author wants to rework
the patches. Let's revert quickly so others don't suffer meanwhile.

Signed-off-by: Michael S. Tsirkin 


Michael S. Tsirkin (10):
  Revert "virtio-pci: add support for configure interrupt"
  Revert "virtio-mmio: add support for configure interrupt"
  Revert "virtio-net: add support for configure interrupt"
  Revert "vhost: add support for configure interrupt"
  Revert "virtio: add support for configure interrupt"
  Revert "vhost-vdpa: add support for config interrupt"
  Revert "vhost: introduce new VhostOps vhost_set_config_call"
  Revert "virtio-pci: decouple the single vector from the interrupt process"
  Revert "virtio-pci: decouple notifier from interrupt process"
  Revert "virtio: introduce macro IRTIO_CONFIG_IRQ_IDX"

 hw/virtio/virtio-pci.h|   4 +-
 include/hw/virtio/vhost-backend.h |   3 -
 include/hw/virtio/vhost.h |   4 -
 include/hw/virtio/virtio.h|   7 -
 include/net/vhost_net.h   |   2 -
 hw/display/vhost-user-gpu.c   |   6 -
 hw/net/vhost_net-stub.c   |   9 --
 hw/net/vhost_net.c|   9 --
 hw/net/virtio-net.c   |  10 +-
 hw/virtio/vhost-user-fs.c |   6 -
 hw/virtio/vhost-vdpa.c|   7 -
 hw/virtio/vhost-vsock-common.c|   6 -
 hw/virtio/vhost.c |  76 --
 hw/virtio/virtio-crypto.c |   6 -
 hw/virtio/virtio-mmio.c   |  27 
 hw/virtio/virtio-pci.c| 303 --
 hw/virtio/virtio.c|  29 
 hw/virtio/trace-events|   1 -
 18 files changed, 100 insertions(+), 415 deletions(-)

[PULL 03/10] Revert "virtio-net: add support for configure interrupt"

[Michael S. Tsirkin]

This reverts commit 497679d51087090d5a22fd265d1b96cf92d49d9d.
---
 include/net/vhost_net.h | 2 --
 hw/net/vhost_net-stub.c | 9 -
 hw/net/vhost_net.c  | 9 -
 hw/net/virtio-net.c | 4 ++--
 4 files changed, 2 insertions(+), 22 deletions(-)

diff --git a/include/net/vhost_net.h b/include/net/vhost_net.h
index fc37498550..387e913e4e 100644
--- a/include/net/vhost_net.h
+++ b/include/net/vhost_net.h
@@ -39,8 +39,6 @@ int vhost_net_set_config(struct vhost_net *net, const uint8_t 
*data,
 bool vhost_net_virtqueue_pending(VHostNetState *net, int n);
 void vhost_net_virtqueue_mask(VHostNetState *net, VirtIODevice *dev,
   int idx, bool mask);
-bool vhost_net_config_pending(VHostNetState *net);
-void vhost_net_config_mask(VHostNetState *net, VirtIODevice *dev, bool mask);
 int vhost_net_notify_migration_done(VHostNetState *net, char* mac_addr);
 VHostNetState *get_vhost_net(NetClientState *nc);
 
diff --git a/hw/net/vhost_net-stub.c b/hw/net/vhost_net-stub.c
index 126ee35b70..89d71cfb8e 100644
--- a/hw/net/vhost_net-stub.c
+++ b/hw/net/vhost_net-stub.c
@@ -101,12 +101,3 @@ int vhost_net_set_mtu(struct vhost_net *net, uint16_t mtu)
 {
 return 0;
 }
-
-bool vhost_net_config_pending(VHostNetState *net)
-{
-return false;
-}
-
-void vhost_net_config_mask(VHostNetState *net, VirtIODevice *dev, bool mask)
-{
-}
diff --git a/hw/net/vhost_net.c b/hw/net/vhost_net.c
index 9c9fd0a73f..30379d2ca4 100644
--- a/hw/net/vhost_net.c
+++ b/hw/net/vhost_net.c
@@ -457,15 +457,6 @@ void vhost_net_virtqueue_mask(VHostNetState *net, 
VirtIODevice *dev,
 vhost_virtqueue_mask(>dev, dev, idx, mask);
 }
 
-bool vhost_net_config_pending(VHostNetState *net)
-{
-return vhost_config_pending(>dev);
-}
-
-void vhost_net_config_mask(VHostNetState *net, VirtIODevice *dev, bool mask)
-{
-vhost_config_mask(>dev, dev, mask);
-}
 VHostNetState *get_vhost_net(NetClientState *nc)
 {
 VHostNetState *vhost_net = 0;
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 5806a50c8d..5e03c0dd14 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -3169,7 +3169,7 @@ static bool 
virtio_net_guest_notifier_pending(VirtIODevice *vdev, int idx)
 NetClientState *nc = qemu_get_subqueue(n->nic, vq2q(idx));
 assert(n->vhost_started);
 if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-return vhost_net_config_pending(get_vhost_net(nc->peer));
+return false;
 }
 return vhost_net_virtqueue_pending(get_vhost_net(nc->peer), idx);
 }
@@ -3181,9 +3181,9 @@ static void virtio_net_guest_notifier_mask(VirtIODevice 
*vdev, int idx,
 NetClientState *nc = qemu_get_subqueue(n->nic, vq2q(idx));
 assert(n->vhost_started);
 if (idx == VIRTIO_CONFIG_IRQ_IDX) {
-vhost_net_config_mask(get_vhost_net(nc->peer), vdev, mask);
 return;
 }
+
 vhost_net_virtqueue_mask(get_vhost_net(nc->peer), vdev, idx, mask);
 }
 
-- 
MST

Re: [RFC 01/10] virtio: get class_id and pci device id by the virtio id

[Michael S. Tsirkin]

On Mon, Jan 10, 2022 at 06:27:05AM +, Longpeng (Mike, Cloud Infrastructure 
Service Product Dept.) wrote:
> 
> 
> > -Original Message-
> > From: Michael S. Tsirkin [mailto:m...@redhat.com]
> > Sent: Monday, January 10, 2022 1:43 PM
> > To: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> > 
> > Cc: stefa...@redhat.com; jasow...@redhat.com; sgarz...@redhat.com;
> > coh...@redhat.com; pbonz...@redhat.com; Gonglei (Arei)
> > ; Yechuan ; Huangzhichao
> > ; qemu-devel@nongnu.org
> > Subject: Re: [RFC 01/10] virtio: get class_id and pci device id by the 
> > virtio
> > id
> > 
> > On Wed, Jan 05, 2022 at 08:58:51AM +0800, Longpeng(Mike) wrote:
> > > From: Longpeng 
> > >
> > > Add helpers to get the "Transitional PCI Device ID" and "class_id" of the
> > > deivce which is specificed by the "Virtio Device ID".
> > 
> > ton of typos here.
> > 
> 
> Will fix all in the V2.
> 
> > > These helpers will be used to build the generic vDPA device later.
> > >
> > > Signed-off-by: Longpeng 
> > > ---
> > >  hw/virtio/virtio-pci.c | 93 ++
> > >  hw/virtio/virtio-pci.h |  4 ++
> > >  2 files changed, 97 insertions(+)
> > >
> > > diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> > > index 750aa47ec1..843085c4ea 100644
> > > --- a/hw/virtio/virtio-pci.c
> > > +++ b/hw/virtio/virtio-pci.c
> > > @@ -19,6 +19,7 @@
> > >
> > >  #include "exec/memop.h"
> > >  #include "standard-headers/linux/virtio_pci.h"
> > > +#include "standard-headers/linux/virtio_ids.h"
> > >  #include "hw/boards.h"
> > >  #include "hw/virtio/virtio.h"
> > >  #include "migration/qemu-file-types.h"
> > > @@ -213,6 +214,95 @@ static int virtio_pci_load_queue(DeviceState *d, int 
> > > n,
> > QEMUFile *f)
> > >  return 0;
> > >  }
> > >
> > > +typedef struct VirtIOPCIIDInfo {
> > > +uint16_t vdev_id; /* virtio id */
> > > +uint16_t pdev_id; /* pci device id */
> > > +uint16_t class_id;
> > > +} VirtIOPCIIDInfo;
> > 
> > 
> > if this is transitional as comment says make it explicit
> > in the names and comments.
> > 
> 
> OK.
> 
> > > +
> > > +static const VirtIOPCIIDInfo virtio_pci_id_info[] = {
> > > +{
> > > +.vdev_id = VIRTIO_ID_NET,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_NET,
> > > +.class_id = PCI_CLASS_NETWORK_ETHERNET,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_BLOCK,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_BLOCK,
> > > +.class_id = PCI_CLASS_STORAGE_SCSI,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_CONSOLE,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_CONSOLE,
> > > +.class_id = PCI_CLASS_COMMUNICATION_OTHER,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_SCSI,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_SCSI,
> > > +.class_id = PCI_CLASS_STORAGE_SCSI,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_9P,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_9P,
> > > +.class_id = PCI_BASE_CLASS_NETWORK,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_VSOCK,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_VSOCK,
> > > +.class_id = PCI_CLASS_COMMUNICATION_OTHER,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_IOMMU,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_IOMMU,
> > > +.class_id = PCI_CLASS_OTHERS,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_MEM,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_MEM,
> > > +.class_id = PCI_CLASS_OTHERS,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_PMEM,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_PMEM,
> > > +.class_id = PCI_CLASS_OTHERS,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_RNG,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_RNG,
> > > +.class_id = PCI_CLASS_OTHERS,
> > > +},
> > > +{
> > > +.vdev_id = VIRTIO_ID_BALLOON,
> > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_BALLOON,
> > > +.class_id = PCI_CLASS_OTHERS,
> > > +},
> > > +};
> > > +
> > 
> > 
> > this is the list from the spec:
> > 
> > 
> > So this is the list from the spec:
> > 
> > 0x1000 network card
> > 0x1001 block device
> > 0x1002 memory ballooning (traditional)
> > 0x1003 console
> > 0x1004 SCSI host
> > 0x1005 entropy source
> > 0x1009 9P transport
> > 
> 
> Why the following device IDs are introduced? They are non
> transitional devices.
> 
> #define PCI_DEVICE_ID_VIRTIO_VSOCK   0x1012
> #define PCI_DEVICE_ID_VIRTIO_PMEM0x1013
> #define PCI_DEVICE_ID_VIRTIO_IOMMU   0x1014
> #define PCI_DEVICE_ID_VIRTIO_MEM 0x1015

Just a single place to put these things.
E.g. vsock id is used in more than 1 place.

> > 
> > I'd drop all the rest, use the algorithm for non transitional.
> > And when class is other I'd just not include it in the array,
> > make this the default.
> > 
> > 
> > 
> > > +static VirtIOPCIIDInfo virtio_pci_get_id_info(uint16_t 

Re: [PATCH v3 7/7] target/riscv: rvk: expose zbk* and zk* properties

[Alistair Francis]

On Fri, Dec 31, 2021 at 12:32 AM liweiwei  wrote:
>
> Signed-off-by: liweiwei 
> Signed-off-by: wangjunqiang 
> ---
>  target/riscv/cpu.c | 13 +
>  1 file changed, 13 insertions(+)
>
> diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
> index 961c5f4334..6575ec8cfa 100644
> --- a/target/riscv/cpu.c
> +++ b/target/riscv/cpu.c
> @@ -668,6 +668,19 @@ static Property riscv_cpu_properties[] = {
>  DEFINE_PROP_BOOL("zbb", RISCVCPU, cfg.ext_zbb, true),
>  DEFINE_PROP_BOOL("zbc", RISCVCPU, cfg.ext_zbc, true),
>  DEFINE_PROP_BOOL("zbs", RISCVCPU, cfg.ext_zbs, true),
> +DEFINE_PROP_BOOL("x-zbkb", RISCVCPU, cfg.ext_zbkb, false),
> +DEFINE_PROP_BOOL("x-zbkc", RISCVCPU, cfg.ext_zbkc, false),
> +DEFINE_PROP_BOOL("x-zbkx", RISCVCPU, cfg.ext_zbkx, false),
> +DEFINE_PROP_BOOL("x-zk", RISCVCPU, cfg.ext_zk, false),
> +DEFINE_PROP_BOOL("x-zkn", RISCVCPU, cfg.ext_zkn, false),
> +DEFINE_PROP_BOOL("x-zknd", RISCVCPU, cfg.ext_zknd, false),
> +DEFINE_PROP_BOOL("x-zkne", RISCVCPU, cfg.ext_zkne, false),
> +DEFINE_PROP_BOOL("x-zknh", RISCVCPU, cfg.ext_zknh, false),
> +DEFINE_PROP_BOOL("x-zkr", RISCVCPU, cfg.ext_zkr, false),
> +DEFINE_PROP_BOOL("x-zks", RISCVCPU, cfg.ext_zks, false),
> +DEFINE_PROP_BOOL("x-zksed", RISCVCPU, cfg.ext_zksed, false),
> +DEFINE_PROP_BOOL("x-zksh", RISCVCPU, cfg.ext_zksh, false),
> +DEFINE_PROP_BOOL("x-zkt", RISCVCPU, cfg.ext_zkt, false),

These are ratified specs, so these don't need to be marked as
experimental, you can drop the "x-".

Alistair

>  DEFINE_PROP_BOOL("x-h", RISCVCPU, cfg.ext_h, false),
>  DEFINE_PROP_BOOL("x-j", RISCVCPU, cfg.ext_j, false),
>  /* ePMP 0.9.3 */
> --
> 2.17.1
>
>

Re: [PATCH v4 10/12] target/riscv: Add kvm_riscv_get/put_regs_timer

[Alistair Francis]

On Mon, Jan 10, 2022 at 11:54 AM Yifei Jiang via  wrote:
>
> Add kvm_riscv_get/put_regs_timer to synchronize virtual time context
> from KVM.
>
> To set register of RISCV_TIMER_REG(state) will occur a error from KVM
> on kvm_timer_state == 0. It's better to adapt in KVM, but it doesn't matter
> that adaping in QEMU.
>
> Signed-off-by: Yifei Jiang 
> Signed-off-by: Mingwang Li 
> Reviewed-by: Anup Patel 

Acked-by: Alistair Francis 

Alistair

> ---
>  target/riscv/cpu.h |  7 +
>  target/riscv/kvm.c | 72 ++
>  2 files changed, 79 insertions(+)
>
> diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
> index 5f54fae7cc..9eceded96c 100644
> --- a/target/riscv/cpu.h
> +++ b/target/riscv/cpu.h
> @@ -261,6 +261,13 @@ struct CPURISCVState {
>
>  hwaddr kernel_addr;
>  hwaddr fdt_addr;
> +
> +/* kvm timer */
> +bool kvm_timer_dirty;
> +uint64_t kvm_timer_time;
> +uint64_t kvm_timer_compare;
> +uint64_t kvm_timer_state;
> +uint64_t kvm_timer_frequency;
>  };
>
>  OBJECT_DECLARE_TYPE(RISCVCPU, RISCVCPUClass,
> diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
> index ded2a8c29d..b1f1d55f29 100644
> --- a/target/riscv/kvm.c
> +++ b/target/riscv/kvm.c
> @@ -40,6 +40,7 @@
>  #include "kvm_riscv.h"
>  #include "sbi_ecall_interface.h"
>  #include "chardev/char-fe.h"
> +#include "migration/migration.h"
>
>  static uint64_t kvm_riscv_reg_id(CPURISCVState *env, uint64_t type, uint64_t 
> idx)
>  {
> @@ -64,6 +65,9 @@ static uint64_t kvm_riscv_reg_id(CPURISCVState *env, 
> uint64_t type, uint64_t idx
>  #define RISCV_CSR_REG(env, name)  kvm_riscv_reg_id(env, KVM_REG_RISCV_CSR, \
>   KVM_REG_RISCV_CSR_REG(name))
>
> +#define RISCV_TIMER_REG(env, name)  kvm_riscv_reg_id(env, 
> KVM_REG_RISCV_TIMER, \
> + KVM_REG_RISCV_TIMER_REG(name))
> +
>  #define RISCV_FP_F_REG(env, idx)  kvm_riscv_reg_id(env, KVM_REG_RISCV_FP_F, 
> idx)
>
>  #define RISCV_FP_D_REG(env, idx)  kvm_riscv_reg_id(env, KVM_REG_RISCV_FP_D, 
> idx)
> @@ -84,6 +88,22 @@ static uint64_t kvm_riscv_reg_id(CPURISCVState *env, 
> uint64_t type, uint64_t idx
>  } \
>  } while(0)
>
> +#define KVM_RISCV_GET_TIMER(cs, env, name, reg) \
> +do { \
> +int ret = kvm_get_one_reg(cs, RISCV_TIMER_REG(env, name), ); \
> +if (ret) { \
> +abort(); \
> +} \
> +} while(0)
> +
> +#define KVM_RISCV_SET_TIMER(cs, env, name, reg) \
> +do { \
> +int ret = kvm_set_one_reg(cs, RISCV_TIMER_REG(env, time), ); \
> +if (ret) { \
> +abort(); \
> +} \
> +} while (0)
> +
>  static int kvm_riscv_get_regs_core(CPUState *cs)
>  {
>  int ret = 0;
> @@ -235,6 +255,58 @@ static int kvm_riscv_put_regs_fp(CPUState *cs)
>  return ret;
>  }
>
> +static void kvm_riscv_get_regs_timer(CPUState *cs)
> +{
> +CPURISCVState *env = _CPU(cs)->env;
> +
> +if (env->kvm_timer_dirty) {
> +return;
> +}
> +
> +KVM_RISCV_GET_TIMER(cs, env, time, env->kvm_timer_time);
> +KVM_RISCV_GET_TIMER(cs, env, compare, env->kvm_timer_compare);
> +KVM_RISCV_GET_TIMER(cs, env, state, env->kvm_timer_state);
> +KVM_RISCV_GET_TIMER(cs, env, frequency, env->kvm_timer_frequency);
> +
> +env->kvm_timer_dirty = true;
> +}
> +
> +static void kvm_riscv_put_regs_timer(CPUState *cs)
> +{
> +uint64_t reg;
> +CPURISCVState *env = _CPU(cs)->env;
> +
> +if (!env->kvm_timer_dirty) {
> +return;
> +}
> +
> +KVM_RISCV_SET_TIMER(cs, env, time, env->kvm_timer_time);
> +KVM_RISCV_SET_TIMER(cs, env, compare, env->kvm_timer_compare);
> +
> +/*
> + * To set register of RISCV_TIMER_REG(state) will occur a error from KVM
> + * on env->kvm_timer_state == 0, It's better to adapt in KVM, but it
> + * doesn't matter that adaping in QEMU now.
> + * TODO If KVM changes, adapt here.
> + */
> +if (env->kvm_timer_state) {
> +KVM_RISCV_SET_TIMER(cs, env, state, env->kvm_timer_state);
> +}
> +
> +/*
> + * For now, migration will not work between Hosts with different timer
> + * frequency. Therefore, we should check whether they are the same here
> + * during the migration.
> + */
> +if (migration_is_running(migrate_get_current()->state)) {
> +KVM_RISCV_GET_TIMER(cs, env, frequency, reg);
> +if (reg != env->kvm_timer_frequency) {
> +error_report("Dst Hosts timer frequency != Src Hosts");
> +}
> +}
> +
> +env->kvm_timer_dirty = false;
> +}
>
>  const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
>  KVM_CAP_LAST_INFO
> --
> 2.19.1
>
>

Re: [PATCH v4 08/12] target/riscv: Handle KVM_EXIT_RISCV_SBI exit

[Alistair Francis]

On Mon, Jan 10, 2022 at 11:49 AM Yifei Jiang via  wrote:
>
> Use char-fe to handle console sbi call, which implement early
> console io while apply 'earlycon=sbi' into kernel parameters.
>
> Signed-off-by: Yifei Jiang 
> Signed-off-by: Mingwang Li 
> Reviewed-by: Anup Patel 

Reviewed-by: Alistair Francis 

Alistair

> ---
>  target/riscv/kvm.c | 42 -
>  target/riscv/sbi_ecall_interface.h | 72 ++
>  2 files changed, 113 insertions(+), 1 deletion(-)
>  create mode 100644 target/riscv/sbi_ecall_interface.h
>
> diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
> index 0027f11f45..ded2a8c29d 100644
> --- a/target/riscv/kvm.c
> +++ b/target/riscv/kvm.c
> @@ -38,6 +38,8 @@
>  #include "qemu/log.h"
>  #include "hw/loader.h"
>  #include "kvm_riscv.h"
> +#include "sbi_ecall_interface.h"
> +#include "chardev/char-fe.h"
>
>  static uint64_t kvm_riscv_reg_id(CPURISCVState *env, uint64_t type, uint64_t 
> idx)
>  {
> @@ -365,9 +367,47 @@ bool kvm_arch_stop_on_emulation_error(CPUState *cs)
>  return true;
>  }
>
> +static int kvm_riscv_handle_sbi(CPUState *cs, struct kvm_run *run)
> +{
> +int ret = 0;
> +unsigned char ch;
> +switch (run->riscv_sbi.extension_id) {
> +case SBI_EXT_0_1_CONSOLE_PUTCHAR:
> +ch = run->riscv_sbi.args[0];
> +qemu_chr_fe_write(serial_hd(0)->be, , sizeof(ch));
> +break;
> +case SBI_EXT_0_1_CONSOLE_GETCHAR:
> +ret = qemu_chr_fe_read_all(serial_hd(0)->be, , sizeof(ch));
> +if (ret == sizeof(ch)) {
> +run->riscv_sbi.args[0] = ch;
> +} else {
> +run->riscv_sbi.args[0] = -1;
> +}
> +break;
> +default:
> +qemu_log_mask(LOG_UNIMP,
> +  "%s: un-handled SBI EXIT, specific reasons is %lu\n",
> +  __func__, run->riscv_sbi.extension_id);
> +ret = -1;
> +break;
> +}
> +return ret;
> +}
> +
>  int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
>  {
> -return 0;
> +int ret = 0;
> +switch (run->exit_reason) {
> +case KVM_EXIT_RISCV_SBI:
> +ret = kvm_riscv_handle_sbi(cs, run);
> +break;
> +default:
> +qemu_log_mask(LOG_UNIMP, "%s: un-handled exit reason %d\n",
> +  __func__, run->exit_reason);
> +ret = -1;
> +break;
> +}
> +return ret;
>  }
>
>  void kvm_riscv_reset_vcpu(RISCVCPU *cpu)
> diff --git a/target/riscv/sbi_ecall_interface.h 
> b/target/riscv/sbi_ecall_interface.h
> new file mode 100644
> index 00..fb1a3fa8f2
> --- /dev/null
> +++ b/target/riscv/sbi_ecall_interface.h
> @@ -0,0 +1,72 @@
> +/*
> + * SPDX-License-Identifier: BSD-2-Clause
> + *
> + * Copyright (c) 2019 Western Digital Corporation or its affiliates.
> + *
> + * Authors:
> + *   Anup Patel 
> + */
> +
> +#ifndef __SBI_ECALL_INTERFACE_H__
> +#define __SBI_ECALL_INTERFACE_H__
> +
> +/* clang-format off */
> +
> +/* SBI Extension IDs */
> +#define SBI_EXT_0_1_SET_TIMER   0x0
> +#define SBI_EXT_0_1_CONSOLE_PUTCHAR 0x1
> +#define SBI_EXT_0_1_CONSOLE_GETCHAR 0x2
> +#define SBI_EXT_0_1_CLEAR_IPI   0x3
> +#define SBI_EXT_0_1_SEND_IPI0x4
> +#define SBI_EXT_0_1_REMOTE_FENCE_I  0x5
> +#define SBI_EXT_0_1_REMOTE_SFENCE_VMA   0x6
> +#define SBI_EXT_0_1_REMOTE_SFENCE_VMA_ASID 0x7
> +#define SBI_EXT_0_1_SHUTDOWN0x8
> +#define SBI_EXT_BASE0x10
> +#define SBI_EXT_TIME0x54494D45
> +#define SBI_EXT_IPI 0x735049
> +#define SBI_EXT_RFENCE  0x52464E43
> +#define SBI_EXT_HSM 0x48534D
> +
> +/* SBI function IDs for BASE extension*/
> +#define SBI_EXT_BASE_GET_SPEC_VERSION   0x0
> +#define SBI_EXT_BASE_GET_IMP_ID 0x1
> +#define SBI_EXT_BASE_GET_IMP_VERSION0x2
> +#define SBI_EXT_BASE_PROBE_EXT  0x3
> +#define SBI_EXT_BASE_GET_MVENDORID  0x4
> +#define SBI_EXT_BASE_GET_MARCHID0x5
> +#define SBI_EXT_BASE_GET_MIMPID 0x6
> +
> +/* SBI function IDs for TIME extension*/
> +#define SBI_EXT_TIME_SET_TIMER  0x0
> +
> +/* SBI function IDs for IPI extension*/
> +#define SBI_EXT_IPI_SEND_IPI0x0
> +
> +/* SBI function IDs for RFENCE extension*/
> +#define SBI_EXT_RFENCE_REMOTE_FENCE_I   0x0
> +#define SBI_EXT_RFENCE_REMOTE_SFENCE_VMA0x1
> +#define SBI_EXT_RFENCE_REMOTE_SFENCE_VMA_ASID  0x2
> +#define SBI_EXT_RFENCE_REMOTE_HFENCE_GVMA   0x3
> +#define SBI_EXT_RFENCE_REMOTE_HFENCE_GVMA_VMID 0x4
> +#define SBI_EXT_RFENCE_REMOTE_HFENCE_VVMA   0x5
> +#define SBI_EXT_RFENCE_REMOTE_HFENCE_VVMA_ASID 0x6
> +
> +/* SBI function IDs for HSM extension */
> +#define SBI_EXT_HSM_HART_START  0x0
> +#define SBI_EXT_HSM_HART_STOP   0x1
> +#define SBI_EXT_HSM_HART_GET_STATUS 0x2
> +
> +#define SBI_HSM_HART_STATUS_STARTED 0x0
> +#define SBI_HSM_HART_STATUS_STOPPED 0x1
> +#define 

Re: [PULL SUBSYSTEM qemu-pseries] pseries: Update SLOF firmware image

[Cédric Le Goater]

On 1/10/22 06:04, Alexey Kardashevskiy wrote:

The following changes since commit 0625c7760d5451d7436ef0738f763c6bb5141919:

   target/ppc: do not call hreg_compute_hflags() in helper_store_mmcr0() 
(2022-01-04 07:55:35 +0100)

are available in the Git repository at:

   g...@github.com:aik/qemu.git tags/qemu-slof-20220110

for you to fetch changes up to 1c127fa8e2ff2b034ebf8e50faea2bbc5136afd2:

   pseries: Update SLOF firmware image (2022-01-10 15:31:14 +1100)


Alexey Kardashevskiy (1):
   pseries: Update SLOF firmware image

  pc-bios/README   |   2 +-
  pc-bios/slof.bin | Bin 991920 -> 992384 bytes
  roms/SLOF|   2 +-
  3 files changed, 2 insertions(+), 2 deletions(-)


*** Note: this is not for master, this is for pseries

The only change is that SLOF is compiled with -mcpu=power5
to make it work on PPC970 too.


P5+ also. See below.

Thanks,

C.


  root@vm24:~# dmesg
  [0.00] hash-mmu: Page sizes from device-tree:
  [0.00] hash-mmu: base_shift=12: shift=12, sllp=0x, 
avpnm=0x, tlbiel=1, penc=0
  [0.00] Relocation on exceptions not supported
  [0.00] Page orders: linear mapping = 12, virtual = 12, io = 12, 
vmemmap = 12
  [0.00] hash-mmu: Initializing hash mmu with SLB
  [0.00] Linux version 5.15.0-2-powerpc64 
(debian-ker...@lists.debian.org) (gcc-11 (Debian 11.2.0-13) 11.2.0, GNU ld (GNU 
Binutils for Debian) 2.37) #1 SMP Debian 5.15.5-2 (2021-12-18)
  [0.00] Found initrd at 0xc3e0:0xc59d559e
  ...
  
  root@vm24:~# cat /proc/cpuinfo

  processor : 0
  cpu   : POWER5+ (gs)
  clock : 1000.00MHz
  revision  : 2.1 (pvr 003b 0201)
  
  processor	: 1

  cpu   : POWER5+ (gs)
  clock : 1000.00MHz
  revision  : 2.1 (pvr 003b 0201)
  
  processor	: 2

  cpu   : POWER5+ (gs)
  clock : 1000.00MHz
  revision  : 2.1 (pvr 003b 0201)
  
  processor	: 3

  cpu   : POWER5+ (gs)
  clock : 1000.00MHz
  revision  : 2.1 (pvr 003b 0201)
  
  timebase	: 51200

  platform  : pSeries
  model : IBM pSeries (emulated by qemu)
  machine   : CHRP IBM pSeries (emulated by qemu)
  MMU   : Hash
  root@vm24:~# lspci
  00:01.0 SCSI storage controller: Red Hat, Inc. Virtio SCSI
  00:02.0 Ethernet controller: Red Hat, Inc. Virtio network device
  00:04.0 USB controller: Red Hat, Inc. QEMU XHCI Host Controller (rev 01)
  00:05.0 Unclassified device [00ff]: Red Hat, Inc. Virtio RNG
  00:09.0 Unclassified device [00ff]: Red Hat, Inc. Virtio memory balloon
  

Re: [PATCH v4 04/11] target/riscv: pmu: Make number of counters configurable

[Alistair Francis]

On Fri, Jan 7, 2022 at 12:19 PM Atish Patra  wrote:
>
> The RISC-V privilege specification provides flexibility to implement
> any number of counters from 29 programmable counters. However, the QEMU
> implements all the counters.
>
> Make it configurable through pmu config parameter which now will indicate
> how many programmable counters should be implemented by the cpu.
>
> Signed-off-by: Atish Patra 
> Signed-off-by: Atish Patra 

Reviewed-by: Alistair Francis 

Alistair

> ---
>  target/riscv/cpu.c |  2 +-
>  target/riscv/cpu.h |  2 +-
>  target/riscv/csr.c | 96 ++
>  3 files changed, 65 insertions(+), 35 deletions(-)
>
> diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
> index df87489f6d87..9448c4335347 100644
> --- a/target/riscv/cpu.c
> +++ b/target/riscv/cpu.c
> @@ -627,7 +627,7 @@ static Property riscv_cpu_properties[] = {
>  DEFINE_PROP_BOOL("s", RISCVCPU, cfg.ext_s, true),
>  DEFINE_PROP_BOOL("u", RISCVCPU, cfg.ext_u, true),
>  DEFINE_PROP_BOOL("v", RISCVCPU, cfg.ext_v, false),
> -DEFINE_PROP_BOOL("pmu", RISCVCPU, cfg.ext_pmu, true),
> +DEFINE_PROP_UINT8("pmu-num", RISCVCPU, cfg.pmu_num, 16),
>  DEFINE_PROP_BOOL("Zifencei", RISCVCPU, cfg.ext_ifencei, true),
>  DEFINE_PROP_BOOL("Zicsr", RISCVCPU, cfg.ext_icsr, true),
>  DEFINE_PROP_BOOL("Zfh", RISCVCPU, cfg.ext_zfh, false),
> diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
> index 16d0b4f139ee..b353770596e8 100644
> --- a/target/riscv/cpu.h
> +++ b/target/riscv/cpu.h
> @@ -312,12 +312,12 @@ struct RISCVCPU {
>  bool ext_zbb;
>  bool ext_zbc;
>  bool ext_zbs;
> -bool ext_pmu;
>  bool ext_ifencei;
>  bool ext_icsr;
>  bool ext_zfh;
>  bool ext_zfhmin;
>
> +uint8_t pmu_num;
>  char *priv_spec;
>  char *user_spec;
>  char *bext_spec;
> diff --git a/target/riscv/csr.c b/target/riscv/csr.c
> index a6e856b896a9..e31c27e270a2 100644
> --- a/target/riscv/csr.c
> +++ b/target/riscv/csr.c
> @@ -58,15 +58,45 @@ static RISCVException vs(CPURISCVState *env, int csrno)
>  return RISCV_EXCP_ILLEGAL_INST;
>  }
>
> +static RISCVException mctr(CPURISCVState *env, int csrno)
> +{
> +#if !defined(CONFIG_USER_ONLY)
> +CPUState *cs = env_cpu(env);
> +RISCVCPU *cpu = RISCV_CPU(cs);
> +int ctr_index;
> +int base_csrno = CSR_MHPMCOUNTER3;
> +
> +if ((riscv_cpu_mxl(env) == MXL_RV32) && csrno >= CSR_MCYCLEH) {
> +/* Offset for RV32 mhpmcounternh counters */
> +base_csrno += 0x80;
> +}
> +ctr_index = csrno - base_csrno;
> +if (!cpu->cfg.pmu_num || ctr_index >= cpu->cfg.pmu_num) {
> +/* The PMU is not enabled or counter is out of range*/
> +return RISCV_EXCP_ILLEGAL_INST;
> +}
> +
> +#endif
> +return RISCV_EXCP_NONE;
> +}
> +
>  static RISCVException ctr(CPURISCVState *env, int csrno)
>  {
>  #if !defined(CONFIG_USER_ONLY)
>  CPUState *cs = env_cpu(env);
>  RISCVCPU *cpu = RISCV_CPU(cs);
>  int ctr_index;
> +int base_csrno = CSR_HPMCOUNTER3;
> +bool rv32 = riscv_cpu_mxl(env) == MXL_RV32 ? true : false;
> +
> +if (rv32 && csrno >= CSR_CYCLEH) {
> +/* Offset for RV32 hpmcounternh counters */
> +base_csrno += 0x80;
> +}
> +ctr_index = csrno - base_csrno;
>
> -if (!cpu->cfg.ext_pmu) {
> -/* The PMU extension is not enabled */
> +if (!cpu->cfg.pmu_num || ctr_index >= (cpu->cfg.pmu_num)) {
> +/* No counter is enabled in PMU or the counter is out of range */
>  return RISCV_EXCP_ILLEGAL_INST;
>  }
>
> @@ -94,7 +124,7 @@ static RISCVException ctr(CPURISCVState *env, int csrno)
>  }
>  break;
>  }
> -if (riscv_cpu_is_32bit(env)) {
> +if (rv32) {
>  switch (csrno) {
>  case CSR_CYCLEH:
>  if (!get_field(env->mcounteren, COUNTEREN_CY)) {
> @@ -149,7 +179,7 @@ static RISCVException ctr(CPURISCVState *env, int csrno)
>  }
>  break;
>  }
> -if (riscv_cpu_mxl(env) == MXL_RV32) {
> +if (rv32) {
>  switch (csrno) {
>  case CSR_CYCLEH:
>  if (!get_field(env->hcounteren, COUNTEREN_CY) &&
> @@ -2060,35 +2090,35 @@ riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = {
>  [CSR_HPMCOUNTER30]   = { "hpmcounter30",   ctr,read_zero },
>  [CSR_HPMCOUNTER31]   = { "hpmcounter31",   ctr,read_zero },
>
> -[CSR_MHPMCOUNTER3]   = { "mhpmcounter3",   any,read_zero },
> -[CSR_MHPMCOUNTER4]   = { "mhpmcounter4",   any,read_zero },
> -[CSR_MHPMCOUNTER5]   = { "mhpmcounter5",   any,read_zero },
> -[CSR_MHPMCOUNTER6]   = { "mhpmcounter6",   any,read_zero },
> -[CSR_MHPMCOUNTER7]   = { "mhpmcounter7",   any,read_zero },
> -[CSR_MHPMCOUNTER8]   = { "mhpmcounter8",   any,read_zero },
> -[CSR_MHPMCOUNTER9]   = { "mhpmcounter9",   any,read_zero 

Re: [PATCH] softmmu/device_tree: Silence compiler warning with --enable-sanitizers

[Alistair Francis]

On Fri, Jan 7, 2022 at 11:41 PM Thomas Huth  wrote:
>
> If I configure my build with --enable-sanitizers, my GCC (v8.5.0)
> complains:
>
> .../softmmu/device_tree.c: In function ‘qemu_fdt_add_path’:
> .../softmmu/device_tree.c:560:18: error: ‘retval’ may be used uninitialized
>  in this function [-Werror=maybe-uninitialized]
>  int namelen, retval;
>   ^~
>
> It's a false warning since the while loop is always executed at least
> once (p has to be non-NULL, otherwise the derefence in the if-statement
> earlier will crash). Thus let's switch to a do-while loop here instead
> to make the compiler happy in all cases.
>
> Signed-off-by: Thomas Huth 

Thanks!

Applied to riscv-to-apply.next

If anyone else (trivial maybe?) wants to take this feel free to as
well, otherwise I'll just take this via the RISC-V tree.

Alistair

> ---
>  softmmu/device_tree.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/softmmu/device_tree.c b/softmmu/device_tree.c
> index 3965c834ca..9e96f5ecd5 100644
> --- a/softmmu/device_tree.c
> +++ b/softmmu/device_tree.c
> @@ -564,7 +564,7 @@ int qemu_fdt_add_path(void *fdt, const char *path)
>  return -1;
>  }
>
> -while (p) {
> +do {
>  name = p + 1;
>  p = strchr(name, '/');
>  namelen = p != NULL ? p - name : strlen(name);
> @@ -584,7 +584,7 @@ int qemu_fdt_add_path(void *fdt, const char *path)
>  }
>
>  parent = retval;
> -}
> +} while (p);
>
>  return retval;
>  }
> --
> 2.27.0
>
>

RE: [RFC 01/10] virtio: get class_id and pci device id by the virtio id

[longpeng2--- via]

> -Original Message-
> From: Michael S. Tsirkin [mailto:m...@redhat.com]
> Sent: Monday, January 10, 2022 1:43 PM
> To: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> 
> Cc: stefa...@redhat.com; jasow...@redhat.com; sgarz...@redhat.com;
> coh...@redhat.com; pbonz...@redhat.com; Gonglei (Arei)
> ; Yechuan ; Huangzhichao
> ; qemu-devel@nongnu.org
> Subject: Re: [RFC 01/10] virtio: get class_id and pci device id by the virtio
> id
> 
> On Wed, Jan 05, 2022 at 08:58:51AM +0800, Longpeng(Mike) wrote:
> > From: Longpeng 
> >
> > Add helpers to get the "Transitional PCI Device ID" and "class_id" of the
> > deivce which is specificed by the "Virtio Device ID".
> 
> ton of typos here.
> 

Will fix all in the V2.

> > These helpers will be used to build the generic vDPA device later.
> >
> > Signed-off-by: Longpeng 
> > ---
> >  hw/virtio/virtio-pci.c | 93 ++
> >  hw/virtio/virtio-pci.h |  4 ++
> >  2 files changed, 97 insertions(+)
> >
> > diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> > index 750aa47ec1..843085c4ea 100644
> > --- a/hw/virtio/virtio-pci.c
> > +++ b/hw/virtio/virtio-pci.c
> > @@ -19,6 +19,7 @@
> >
> >  #include "exec/memop.h"
> >  #include "standard-headers/linux/virtio_pci.h"
> > +#include "standard-headers/linux/virtio_ids.h"
> >  #include "hw/boards.h"
> >  #include "hw/virtio/virtio.h"
> >  #include "migration/qemu-file-types.h"
> > @@ -213,6 +214,95 @@ static int virtio_pci_load_queue(DeviceState *d, int n,
> QEMUFile *f)
> >  return 0;
> >  }
> >
> > +typedef struct VirtIOPCIIDInfo {
> > +uint16_t vdev_id; /* virtio id */
> > +uint16_t pdev_id; /* pci device id */
> > +uint16_t class_id;
> > +} VirtIOPCIIDInfo;
> 
> 
> if this is transitional as comment says make it explicit
> in the names and comments.
> 

OK.

> > +
> > +static const VirtIOPCIIDInfo virtio_pci_id_info[] = {
> > +{
> > +.vdev_id = VIRTIO_ID_NET,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_NET,
> > +.class_id = PCI_CLASS_NETWORK_ETHERNET,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_BLOCK,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_BLOCK,
> > +.class_id = PCI_CLASS_STORAGE_SCSI,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_CONSOLE,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_CONSOLE,
> > +.class_id = PCI_CLASS_COMMUNICATION_OTHER,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_SCSI,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_SCSI,
> > +.class_id = PCI_CLASS_STORAGE_SCSI,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_9P,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_9P,
> > +.class_id = PCI_BASE_CLASS_NETWORK,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_VSOCK,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_VSOCK,
> > +.class_id = PCI_CLASS_COMMUNICATION_OTHER,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_IOMMU,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_IOMMU,
> > +.class_id = PCI_CLASS_OTHERS,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_MEM,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_MEM,
> > +.class_id = PCI_CLASS_OTHERS,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_PMEM,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_PMEM,
> > +.class_id = PCI_CLASS_OTHERS,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_RNG,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_RNG,
> > +.class_id = PCI_CLASS_OTHERS,
> > +},
> > +{
> > +.vdev_id = VIRTIO_ID_BALLOON,
> > +.pdev_id = PCI_DEVICE_ID_VIRTIO_BALLOON,
> > +.class_id = PCI_CLASS_OTHERS,
> > +},
> > +};
> > +
> 
> 
> this is the list from the spec:
> 
> 
> So this is the list from the spec:
> 
> 0x1000 network card
> 0x1001 block device
> 0x1002 memory ballooning (traditional)
> 0x1003 console
> 0x1004 SCSI host
> 0x1005 entropy source
> 0x1009 9P transport
> 

Why the following device IDs are introduced? They are non
transitional devices.

#define PCI_DEVICE_ID_VIRTIO_VSOCK   0x1012
#define PCI_DEVICE_ID_VIRTIO_PMEM0x1013
#define PCI_DEVICE_ID_VIRTIO_IOMMU   0x1014
#define PCI_DEVICE_ID_VIRTIO_MEM 0x1015

> 
> I'd drop all the rest, use the algorithm for non transitional.
> And when class is other I'd just not include it in the array,
> make this the default.
> 
> 
> 
> > +static VirtIOPCIIDInfo virtio_pci_get_id_info(uint16_t vdev_id)
> > +{
> > +VirtIOPCIIDInfo info = {};
> > +int i;
> > +
> > +for (i = 0; i < ARRAY_SIZE(virtio_pci_id_info); i++) {
> > +if (virtio_pci_id_info[i].vdev_id == vdev_id) {
> > +info = virtio_pci_id_info[i];
> > +break;
> > +}
> > +}
> > +
> > +return info;
> > +}
> > +
> > +uint16_t virtio_pci_get_pci_devid(uint16_t device_id)
> > +{
> > +return virtio_pci_get_id_info(device_id).pdev_id;
> > +}
> > +
> > +uint16_t 

Re: [PATCH 2/2] hw: timer: ibex_timer: update/add reg address

[Alistair Francis]

On Mon, Jan 10, 2022 at 4:13 PM Alistair Francis
 wrote:
>
> From: Wilfred Mallawa 
>
> The following changes:
> 1. Fixes the incorrectly set CTRL register address. As
> per [1] https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table
>
> The CTRL register is @ 0x04.
>
> This was found when attempting to fixup a bug where a timer_interrupt
> was not serviced on TockOS-OpenTitan.
>
> 2. Adds ALERT_TEST register as documented on [1], adding repective
>switch cases to error handle and later implement functionality.
>
> Signed-off-by: Wilfred Mallawa 

Reviewed-by: Alistair Francis 
Tested-by: Alistair Francis 

Alistair

> ---
>  hw/timer/ibex_timer.c | 11 ++-
>  1 file changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/hw/timer/ibex_timer.c b/hw/timer/ibex_timer.c
> index 66e1f8e48c..096588ac8a 100644
> --- a/hw/timer/ibex_timer.c
> +++ b/hw/timer/ibex_timer.c
> @@ -34,7 +34,9 @@
>  #include "target/riscv/cpu.h"
>  #include "migration/vmstate.h"
>
> -REG32(CTRL, 0x00)
> +REG32(ALERT_TEST, 0x00)
> +FIELD(ALERT_TEST, FATAL_FAULT, 0, 1)
> +REG32(CTRL, 0x04)
>  FIELD(CTRL, ACTIVE, 0, 1)
>  REG32(CFG0, 0x100)
>  FIELD(CFG0, PRESCALE, 0, 12)
> @@ -143,6 +145,10 @@ static uint64_t ibex_timer_read(void *opaque, hwaddr 
> addr,
>  uint64_t retvalue = 0;
>
>  switch (addr >> 2) {
> +case R_ALERT_TEST:
> +qemu_log_mask(LOG_GUEST_ERROR,
> +"Attempted to read ALERT_TEST, a write only 
> register");
> +break;
>  case R_CTRL:
>  retvalue = s->timer_ctrl;
>  break;
> @@ -186,6 +192,9 @@ static void ibex_timer_write(void *opaque, hwaddr addr,
>  uint32_t val = val64;
>
>  switch (addr >> 2) {
> +case R_ALERT_TEST:
> +qemu_log_mask(LOG_UNIMP, "Alert triggering not supported");
> +break;
>  case R_CTRL:
>  s->timer_ctrl = val;
>  break;
> --
> 2.34.1
>

Re: [PATCH 1/2] riscv: opentitan: fixup plic stride len

[Alistair Francis]

On Mon, Jan 10, 2022 at 4:13 PM Alistair Francis
 wrote:
>
> From: Wilfred Mallawa 
>
> The following change was made to rectify incorrectly set stride length
> on the PLIC. Where it should be 32bit and not 24bit (0x18). This was
> discovered whilst attempting to fix a bug where a timer_interrupt was
> not serviced on TockOS-OpenTitan.
>
> Signed-off-by: Wilfred Mallawa 

Reviewed-by: Alistair Francis 
Tested-by: Alistair Francis 

Alistair

> ---
>  hw/riscv/opentitan.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/riscv/opentitan.c b/hw/riscv/opentitan.c
> index c531450b9f..5144845567 100644
> --- a/hw/riscv/opentitan.c
> +++ b/hw/riscv/opentitan.c
> @@ -160,7 +160,7 @@ static void lowrisc_ibex_soc_realize(DeviceState 
> *dev_soc, Error **errp)
>  qdev_prop_set_uint32(DEVICE(>plic), "priority-base", 0x00);
>  qdev_prop_set_uint32(DEVICE(>plic), "pending-base", 0x1000);
>  qdev_prop_set_uint32(DEVICE(>plic), "enable-base", 0x2000);
> -qdev_prop_set_uint32(DEVICE(>plic), "enable-stride", 0x18);
> +qdev_prop_set_uint32(DEVICE(>plic), "enable-stride", 32);
>  qdev_prop_set_uint32(DEVICE(>plic), "context-base", 0x20);
>  qdev_prop_set_uint32(DEVICE(>plic), "context-stride", 8);
>  qdev_prop_set_uint32(DEVICE(>plic), "aperture-size", 
> memmap[IBEX_DEV_PLIC].size);
> --
> 2.34.1
>

Re: [PATCH v2 0/2] Introduce camera subsystem

[zhenwei pi]

Hi, Peter & Daniel

Sorry about that I'm not clear enough to add a new subsystem into QEMU, 
could you give me more hint?


On 1/6/22 4:53 PM, zhenwei pi wrote:

v1 -> v2:
   [missing CC qemu-devel@nongnu.org, resend]
   Separate v1 patch set into 2 parts:
 Introduce camera subsystem (this one).
 USB desc fix and UVC.
   Add maintainer infomation.

v1:
1, The full picture of this patch set:
+-+   ++ +---+
|UVC(done)|   |virtio(TODO)| |other HW device|
+-+   ++ +---+
  | | |
  |++ |
 ++camera(done)+-+
   ++---+
|
  +-+-+
  | | |
   +--+--+ ++-++--+--+
   |builtin(done)| |v4l2(done)||other drivers|
   +-+ +--++-+

With this patch set, We can run a desktop VM (Ex Ubuntu-2004), several camera
APPs(cheese, kamoso, guvcview and qcam) work fine.

Some works still in working:
   1, hot-plug
   2, compat with live migration
   3, several actions defined in UVC SPEC

Zhenwei Pi (2):
   camera: Introduce camera subsystem and builtin driver
   camera: v4l2: Introduce v4l2 camera driver

  MAINTAINERS |   7 +
  camera/builtin.c| 717 
  camera/camera-int.h |  19 ++
  camera/camera.c | 522 +
  camera/meson.build  |  20 ++
  camera/trace-events |  28 ++
  camera/trace.h  |   1 +
  camera/v4l2.c   | 637 +++
  include/camera/camera.h | 238 +
  meson.build |  20 +-
  meson_options.txt   |   3 +
  qapi/camera.json| 101 ++
  qapi/meson.build|   1 +
  qapi/qapi-schema.json   |   1 +
  qemu-options.hx |  13 +
  softmmu/vl.c|   4 +
  16 files changed, 2331 insertions(+), 1 deletion(-)
  create mode 100644 camera/builtin.c
  create mode 100644 camera/camera-int.h
  create mode 100644 camera/camera.c
  create mode 100644 camera/meson.build
  create mode 100644 camera/trace-events
  create mode 100644 camera/trace.h
  create mode 100644 camera/v4l2.c
  create mode 100644 include/camera/camera.h
  create mode 100644 qapi/camera.json



--
zhenwei pi

Re: [PATCH] hw: timer: ibex_timer: Fixup reading w/o register

[Alistair Francis]

On Mon, Jan 10, 2022 at 3:16 PM Alistair Francis
 wrote:
>
> From: Wilfred Mallawa 
>
> This change fixes a bug where a write only register is read.
> As per https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table
> the 'INTR_TEST0' register is write only.
>
> Signed-off-by: Wilfred Mallawa 

Thanks for the patch!

Reviewed-by: Alistair Francis 

Alistair

> ---
>  hw/timer/ibex_timer.c | 14 +-
>  include/hw/timer/ibex_timer.h |  1 -
>  2 files changed, 5 insertions(+), 10 deletions(-)
>
> diff --git a/hw/timer/ibex_timer.c b/hw/timer/ibex_timer.c
> index 66e1f8e48c..826c38b653 100644
> --- a/hw/timer/ibex_timer.c
> +++ b/hw/timer/ibex_timer.c
> @@ -130,7 +130,6 @@ static void ibex_timer_reset(DeviceState *dev)
>  s->timer_compare_upper0 = 0x;
>  s->timer_intr_enable = 0x;
>  s->timer_intr_state = 0x;
> -s->timer_intr_test = 0x;
>
>  ibex_timer_update_irqs(s);
>  }
> @@ -168,7 +167,8 @@ static uint64_t ibex_timer_read(void *opaque, hwaddr addr,
>  retvalue = s->timer_intr_state;
>  break;
>  case R_INTR_TEST:
> -retvalue = s->timer_intr_test;
> +qemu_log_mask(LOG_GUEST_ERROR,
> +  "Attempted to read INTR_TEST, a write only register");
>  break;
>  default:
>  qemu_log_mask(LOG_GUEST_ERROR,
> @@ -215,10 +215,7 @@ static void ibex_timer_write(void *opaque, hwaddr addr,
>  s->timer_intr_state &= ~val;
>  break;
>  case R_INTR_TEST:
> -s->timer_intr_test = val;
> -if (s->timer_intr_enable &
> -s->timer_intr_test &
> -R_INTR_ENABLE_IE_0_MASK) {
> +if (s->timer_intr_enable & val & R_INTR_ENABLE_IE_0_MASK) {
>  s->timer_intr_state |= R_INTR_STATE_IS_0_MASK;
>  qemu_set_irq(s->irq, true);
>  }
> @@ -247,8 +244,8 @@ static int ibex_timer_post_load(void *opaque, int 
> version_id)
>
>  static const VMStateDescription vmstate_ibex_timer = {
>  .name = TYPE_IBEX_TIMER,
> -.version_id = 1,
> -.minimum_version_id = 1,
> +.version_id = 2,
> +.minimum_version_id = 2,
>  .post_load = ibex_timer_post_load,
>  .fields = (VMStateField[]) {
>  VMSTATE_UINT32(timer_ctrl, IbexTimerState),
> @@ -257,7 +254,6 @@ static const VMStateDescription vmstate_ibex_timer = {
>  VMSTATE_UINT32(timer_compare_upper0, IbexTimerState),
>  VMSTATE_UINT32(timer_intr_enable, IbexTimerState),
>  VMSTATE_UINT32(timer_intr_state, IbexTimerState),
> -VMSTATE_UINT32(timer_intr_test, IbexTimerState),
>  VMSTATE_END_OF_LIST()
>  }
>  };
> diff --git a/include/hw/timer/ibex_timer.h b/include/hw/timer/ibex_timer.h
> index b6f69b38ee..1a0a28d5fa 100644
> --- a/include/hw/timer/ibex_timer.h
> +++ b/include/hw/timer/ibex_timer.h
> @@ -43,7 +43,6 @@ struct IbexTimerState {
>  uint32_t timer_compare_upper0;
>  uint32_t timer_intr_enable;
>  uint32_t timer_intr_state;
> -uint32_t timer_intr_test;
>
>  uint32_t timebase_freq;
>
> --
> 2.34.1
>

[PATCH 1/2] riscv: opentitan: fixup plic stride len

[Alistair Francis]

From: Wilfred Mallawa 

The following change was made to rectify incorrectly set stride length
on the PLIC. Where it should be 32bit and not 24bit (0x18). This was
discovered whilst attempting to fix a bug where a timer_interrupt was
not serviced on TockOS-OpenTitan.

Signed-off-by: Wilfred Mallawa 
---
 hw/riscv/opentitan.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/riscv/opentitan.c b/hw/riscv/opentitan.c
index c531450b9f..5144845567 100644
--- a/hw/riscv/opentitan.c
+++ b/hw/riscv/opentitan.c
@@ -160,7 +160,7 @@ static void lowrisc_ibex_soc_realize(DeviceState *dev_soc, 
Error **errp)
 qdev_prop_set_uint32(DEVICE(>plic), "priority-base", 0x00);
 qdev_prop_set_uint32(DEVICE(>plic), "pending-base", 0x1000);
 qdev_prop_set_uint32(DEVICE(>plic), "enable-base", 0x2000);
-qdev_prop_set_uint32(DEVICE(>plic), "enable-stride", 0x18);
+qdev_prop_set_uint32(DEVICE(>plic), "enable-stride", 32);
 qdev_prop_set_uint32(DEVICE(>plic), "context-base", 0x20);
 qdev_prop_set_uint32(DEVICE(>plic), "context-stride", 8);
 qdev_prop_set_uint32(DEVICE(>plic), "aperture-size", 
memmap[IBEX_DEV_PLIC].size);
-- 
2.34.1

[PATCH 2/2] hw: timer: ibex_timer: update/add reg address

[Alistair Francis]

From: Wilfred Mallawa 

The following changes:
1. Fixes the incorrectly set CTRL register address. As
per [1] https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table

The CTRL register is @ 0x04.

This was found when attempting to fixup a bug where a timer_interrupt
was not serviced on TockOS-OpenTitan.

2. Adds ALERT_TEST register as documented on [1], adding repective
   switch cases to error handle and later implement functionality.

Signed-off-by: Wilfred Mallawa 
---
 hw/timer/ibex_timer.c | 11 ++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/hw/timer/ibex_timer.c b/hw/timer/ibex_timer.c
index 66e1f8e48c..096588ac8a 100644
--- a/hw/timer/ibex_timer.c
+++ b/hw/timer/ibex_timer.c
@@ -34,7 +34,9 @@
 #include "target/riscv/cpu.h"
 #include "migration/vmstate.h"
 
-REG32(CTRL, 0x00)
+REG32(ALERT_TEST, 0x00)
+FIELD(ALERT_TEST, FATAL_FAULT, 0, 1)
+REG32(CTRL, 0x04)
 FIELD(CTRL, ACTIVE, 0, 1)
 REG32(CFG0, 0x100)
 FIELD(CFG0, PRESCALE, 0, 12)
@@ -143,6 +145,10 @@ static uint64_t ibex_timer_read(void *opaque, hwaddr addr,
 uint64_t retvalue = 0;
 
 switch (addr >> 2) {
+case R_ALERT_TEST:
+qemu_log_mask(LOG_GUEST_ERROR,
+"Attempted to read ALERT_TEST, a write only register");
+break;
 case R_CTRL:
 retvalue = s->timer_ctrl;
 break;
@@ -186,6 +192,9 @@ static void ibex_timer_write(void *opaque, hwaddr addr,
 uint32_t val = val64;
 
 switch (addr >> 2) {
+case R_ALERT_TEST:
+qemu_log_mask(LOG_UNIMP, "Alert triggering not supported");
+break;
 case R_CTRL:
 s->timer_ctrl = val;
 break;
-- 
2.34.1

Re: [PATCH] hw: timer: ibex_timer: Fixup reading w/o register

[Bin Meng]

On Mon, Jan 10, 2022 at 1:16 PM Alistair Francis
 wrote:
>
> From: Wilfred Mallawa 
>
> This change fixes a bug where a write only register is read.
> As per https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table
> the 'INTR_TEST0' register is write only.
>
> Signed-off-by: Wilfred Mallawa 
> ---
>  hw/timer/ibex_timer.c | 14 +-
>  include/hw/timer/ibex_timer.h |  1 -
>  2 files changed, 5 insertions(+), 10 deletions(-)
>

Reviewed-by: Bin Meng 

Re: [RFC 01/10] virtio: get class_id and pci device id by the virtio id

[Michael S. Tsirkin]

On Wed, Jan 05, 2022 at 08:58:51AM +0800, Longpeng(Mike) wrote:
> From: Longpeng 
> 
> Add helpers to get the "Transitional PCI Device ID" and "class_id" of the
> deivce which is specificed by the "Virtio Device ID".

ton of typos here.

> These helpers will be used to build the generic vDPA device later.
> 
> Signed-off-by: Longpeng 
> ---
>  hw/virtio/virtio-pci.c | 93 ++
>  hw/virtio/virtio-pci.h |  4 ++
>  2 files changed, 97 insertions(+)
> 
> diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> index 750aa47ec1..843085c4ea 100644
> --- a/hw/virtio/virtio-pci.c
> +++ b/hw/virtio/virtio-pci.c
> @@ -19,6 +19,7 @@
>  
>  #include "exec/memop.h"
>  #include "standard-headers/linux/virtio_pci.h"
> +#include "standard-headers/linux/virtio_ids.h"
>  #include "hw/boards.h"
>  #include "hw/virtio/virtio.h"
>  #include "migration/qemu-file-types.h"
> @@ -213,6 +214,95 @@ static int virtio_pci_load_queue(DeviceState *d, int n, 
> QEMUFile *f)
>  return 0;
>  }
>  
> +typedef struct VirtIOPCIIDInfo {
> +uint16_t vdev_id; /* virtio id */
> +uint16_t pdev_id; /* pci device id */
> +uint16_t class_id;
> +} VirtIOPCIIDInfo;


if this is transitional as comment says make it explicit
in the names and comments.

> +
> +static const VirtIOPCIIDInfo virtio_pci_id_info[] = {
> +{
> +.vdev_id = VIRTIO_ID_NET,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_NET,
> +.class_id = PCI_CLASS_NETWORK_ETHERNET,
> +},
> +{
> +.vdev_id = VIRTIO_ID_BLOCK,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_BLOCK,
> +.class_id = PCI_CLASS_STORAGE_SCSI,
> +},
> +{
> +.vdev_id = VIRTIO_ID_CONSOLE,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_CONSOLE,
> +.class_id = PCI_CLASS_COMMUNICATION_OTHER,
> +},
> +{
> +.vdev_id = VIRTIO_ID_SCSI,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_SCSI,
> +.class_id = PCI_CLASS_STORAGE_SCSI,
> +},
> +{
> +.vdev_id = VIRTIO_ID_9P,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_9P,
> +.class_id = PCI_BASE_CLASS_NETWORK,
> +},
> +{
> +.vdev_id = VIRTIO_ID_VSOCK,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_VSOCK,
> +.class_id = PCI_CLASS_COMMUNICATION_OTHER,
> +},
> +{
> +.vdev_id = VIRTIO_ID_IOMMU,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_IOMMU,
> +.class_id = PCI_CLASS_OTHERS,
> +},
> +{
> +.vdev_id = VIRTIO_ID_MEM,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_MEM,
> +.class_id = PCI_CLASS_OTHERS,
> +},
> +{
> +.vdev_id = VIRTIO_ID_PMEM,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_PMEM,
> +.class_id = PCI_CLASS_OTHERS,
> +},
> +{
> +.vdev_id = VIRTIO_ID_RNG,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_RNG,
> +.class_id = PCI_CLASS_OTHERS,
> +},
> +{
> +.vdev_id = VIRTIO_ID_BALLOON,
> +.pdev_id = PCI_DEVICE_ID_VIRTIO_BALLOON,
> +.class_id = PCI_CLASS_OTHERS,
> +},
> +};
> +


this is the list from the spec:


So this is the list from the spec:

0x1000 network card
0x1001 block device
0x1002 memory ballooning (traditional)
0x1003 console
0x1004 SCSI host
0x1005 entropy source
0x1009 9P transport


I'd drop all the rest, use the algorithm for non transitional.
And when class is other I'd just not include it in the array,
make this the default.



> +static VirtIOPCIIDInfo virtio_pci_get_id_info(uint16_t vdev_id)
> +{
> +VirtIOPCIIDInfo info = {};
> +int i;
> +
> +for (i = 0; i < ARRAY_SIZE(virtio_pci_id_info); i++) {
> +if (virtio_pci_id_info[i].vdev_id == vdev_id) {
> +info = virtio_pci_id_info[i];
> +break;
> +}
> +}
> +
> +return info;
> +}
> +
> +uint16_t virtio_pci_get_pci_devid(uint16_t device_id)
> +{
> +return virtio_pci_get_id_info(device_id).pdev_id;
> +}
> +
> +uint16_t virtio_pci_get_class_id(uint16_t device_id)
> +{
> +return virtio_pci_get_id_info(device_id).class_id;
> +}
> +
>  static bool virtio_pci_ioeventfd_enabled(DeviceState *d)
>  {
>  VirtIOPCIProxy *proxy = to_virtio_pci_proxy(d);
> @@ -1674,6 +1764,9 @@ static void virtio_pci_device_plugged(DeviceState *d, 
> Error **errp)
>   * is set to PCI_SUBVENDOR_ID_REDHAT_QUMRANET by default.
>   */
>  pci_set_word(config + PCI_SUBSYSTEM_ID, virtio_bus_get_vdev_id(bus));
> +if (proxy->pdev_id) {
> +pci_config_set_device_id(config, proxy->pdev_id);
> +}
>  } else {
>  /* pure virtio-1.0 */
>  pci_set_word(config + PCI_VENDOR_ID,
> diff --git a/hw/virtio/virtio-pci.h b/hw/virtio/virtio-pci.h
> index 2446dcd9ae..06aa59436e 100644
> --- a/hw/virtio/virtio-pci.h
> +++ b/hw/virtio/virtio-pci.h
> @@ -146,6 +146,7 @@ struct VirtIOPCIProxy {
>  bool disable_modern;
>  bool ignore_backend_features;
>  OnOffAuto disable_legacy;
> +uint16_t pdev_id;
>  uint32_t class_code;
>  uint32_t 

[PATCH] hw: timer: ibex_timer: Fixup reading w/o register

[Alistair Francis]

From: Wilfred Mallawa 

This change fixes a bug where a write only register is read.
As per https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table
the 'INTR_TEST0' register is write only.

Signed-off-by: Wilfred Mallawa 
---
 hw/timer/ibex_timer.c | 14 +-
 include/hw/timer/ibex_timer.h |  1 -
 2 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/hw/timer/ibex_timer.c b/hw/timer/ibex_timer.c
index 66e1f8e48c..826c38b653 100644
--- a/hw/timer/ibex_timer.c
+++ b/hw/timer/ibex_timer.c
@@ -130,7 +130,6 @@ static void ibex_timer_reset(DeviceState *dev)
 s->timer_compare_upper0 = 0x;
 s->timer_intr_enable = 0x;
 s->timer_intr_state = 0x;
-s->timer_intr_test = 0x;
 
 ibex_timer_update_irqs(s);
 }
@@ -168,7 +167,8 @@ static uint64_t ibex_timer_read(void *opaque, hwaddr addr,
 retvalue = s->timer_intr_state;
 break;
 case R_INTR_TEST:
-retvalue = s->timer_intr_test;
+qemu_log_mask(LOG_GUEST_ERROR,
+  "Attempted to read INTR_TEST, a write only register");
 break;
 default:
 qemu_log_mask(LOG_GUEST_ERROR,
@@ -215,10 +215,7 @@ static void ibex_timer_write(void *opaque, hwaddr addr,
 s->timer_intr_state &= ~val;
 break;
 case R_INTR_TEST:
-s->timer_intr_test = val;
-if (s->timer_intr_enable &
-s->timer_intr_test &
-R_INTR_ENABLE_IE_0_MASK) {
+if (s->timer_intr_enable & val & R_INTR_ENABLE_IE_0_MASK) {
 s->timer_intr_state |= R_INTR_STATE_IS_0_MASK;
 qemu_set_irq(s->irq, true);
 }
@@ -247,8 +244,8 @@ static int ibex_timer_post_load(void *opaque, int 
version_id)
 
 static const VMStateDescription vmstate_ibex_timer = {
 .name = TYPE_IBEX_TIMER,
-.version_id = 1,
-.minimum_version_id = 1,
+.version_id = 2,
+.minimum_version_id = 2,
 .post_load = ibex_timer_post_load,
 .fields = (VMStateField[]) {
 VMSTATE_UINT32(timer_ctrl, IbexTimerState),
@@ -257,7 +254,6 @@ static const VMStateDescription vmstate_ibex_timer = {
 VMSTATE_UINT32(timer_compare_upper0, IbexTimerState),
 VMSTATE_UINT32(timer_intr_enable, IbexTimerState),
 VMSTATE_UINT32(timer_intr_state, IbexTimerState),
-VMSTATE_UINT32(timer_intr_test, IbexTimerState),
 VMSTATE_END_OF_LIST()
 }
 };
diff --git a/include/hw/timer/ibex_timer.h b/include/hw/timer/ibex_timer.h
index b6f69b38ee..1a0a28d5fa 100644
--- a/include/hw/timer/ibex_timer.h
+++ b/include/hw/timer/ibex_timer.h
@@ -43,7 +43,6 @@ struct IbexTimerState {
 uint32_t timer_compare_upper0;
 uint32_t timer_intr_enable;
 uint32_t timer_intr_state;
-uint32_t timer_intr_test;
 
 uint32_t timebase_freq;
 
-- 
2.34.1

[PULL SUBSYSTEM qemu-pseries] pseries: Update SLOF firmware image

[Alexey Kardashevskiy]

The following changes since commit 0625c7760d5451d7436ef0738f763c6bb5141919:

  target/ppc: do not call hreg_compute_hflags() in helper_store_mmcr0() 
(2022-01-04 07:55:35 +0100)

are available in the Git repository at:

  g...@github.com:aik/qemu.git tags/qemu-slof-20220110

for you to fetch changes up to 1c127fa8e2ff2b034ebf8e50faea2bbc5136afd2:

  pseries: Update SLOF firmware image (2022-01-10 15:31:14 +1100)


Alexey Kardashevskiy (1):
  pseries: Update SLOF firmware image

 pc-bios/README   |   2 +-
 pc-bios/slof.bin | Bin 991920 -> 992384 bytes
 roms/SLOF|   2 +-
 3 files changed, 2 insertions(+), 2 deletions(-)


*** Note: this is not for master, this is for pseries

The only change is that SLOF is compiled with -mcpu=power5
to make it work on PPC970 too.

[PULL 08/13] net/vmnet: add vmnet backends to qapi/net

[Jason Wang]

From: Vladislav Yaroshchuk 

The vmnet framework is an API for virtual machines to read and write
packets.

The API allows a Guest OS interface to be in host mode or shared
mode. Interfaces in host mode can communicate with the native host
system and other interfaces running in host mode. In shared mode, the
network interface can send and receive packets to the Internet, the
native host, and other interfaces running in sharing mode.

Create separate netdevs for each vmnet operating mode:

- vmnet-host
- vmnet-shared
- vmnet-bridged

Signed-off-by: Vladislav Yaroshchuk 
Signed-off-by: Jason Wang 
---
 net/clients.h   |  11 +
 net/meson.build |   7 +++
 net/net.c   |  10 
 net/vmnet-bridged.m |  25 ++
 net/vmnet-common.m  |  19 
 net/vmnet-host.c|  24 ++
 net/vmnet-shared.c  |  25 ++
 net/vmnet_int.h |  25 ++
 qapi/net.json   | 132 +++-
 9 files changed, 276 insertions(+), 2 deletions(-)
 create mode 100644 net/vmnet-bridged.m
 create mode 100644 net/vmnet-common.m
 create mode 100644 net/vmnet-host.c
 create mode 100644 net/vmnet-shared.c
 create mode 100644 net/vmnet_int.h

diff --git a/net/clients.h b/net/clients.h
index 92f9b59..c915778 100644
--- a/net/clients.h
+++ b/net/clients.h
@@ -63,4 +63,15 @@ int net_init_vhost_user(const Netdev *netdev, const char 
*name,
 
 int net_init_vhost_vdpa(const Netdev *netdev, const char *name,
 NetClientState *peer, Error **errp);
+#ifdef CONFIG_VMNET
+int net_init_vmnet_host(const Netdev *netdev, const char *name,
+  NetClientState *peer, Error **errp);
+
+int net_init_vmnet_shared(const Netdev *netdev, const char *name,
+  NetClientState *peer, Error **errp);
+
+int net_init_vmnet_bridged(const Netdev *netdev, const char *name,
+  NetClientState *peer, Error **errp);
+#endif /* CONFIG_VMNET */
+
 #endif /* QEMU_NET_CLIENTS_H */
diff --git a/net/meson.build b/net/meson.build
index 847bc2a..00a88c4 100644
--- a/net/meson.build
+++ b/net/meson.build
@@ -42,4 +42,11 @@ softmmu_ss.add(when: 'CONFIG_POSIX', if_true: 
files(tap_posix))
 softmmu_ss.add(when: 'CONFIG_WIN32', if_true: files('tap-win32.c'))
 softmmu_ss.add(when: 'CONFIG_VHOST_NET_VDPA', if_true: files('vhost-vdpa.c'))
 
+vmnet_files = files(
+  'vmnet-common.m',
+  'vmnet-bridged.m',
+  'vmnet-host.c',
+  'vmnet-shared.c'
+)
+softmmu_ss.add(when: vmnet, if_true: vmnet_files)
 subdir('can')
diff --git a/net/net.c b/net/net.c
index f0d14db..1dbb64b 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1021,6 +1021,11 @@ static int (* const 
net_client_init_fun[NET_CLIENT_DRIVER__MAX])(
 #ifdef CONFIG_L2TPV3
 [NET_CLIENT_DRIVER_L2TPV3]= net_init_l2tpv3,
 #endif
+#ifdef CONFIG_VMNET
+[NET_CLIENT_DRIVER_VMNET_HOST] = net_init_vmnet_host,
+[NET_CLIENT_DRIVER_VMNET_SHARED] = net_init_vmnet_shared,
+[NET_CLIENT_DRIVER_VMNET_BRIDGED] = net_init_vmnet_bridged,
+#endif /* CONFIG_VMNET */
 };
 
 
@@ -1107,6 +1112,11 @@ void show_netdevs(void)
 #ifdef CONFIG_VHOST_VDPA
 "vhost-vdpa",
 #endif
+#ifdef CONFIG_VMNET
+"vmnet-host",
+"vmnet-shared",
+"vmnet-bridged",
+#endif
 };
 
 qemu_printf("Available netdev backend types:\n");
diff --git a/net/vmnet-bridged.m b/net/vmnet-bridged.m
new file mode 100644
index 000..4e42a90
--- /dev/null
+++ b/net/vmnet-bridged.m
@@ -0,0 +1,25 @@
+/*
+ * vmnet-bridged.m
+ *
+ * Copyright(c) 2021 Vladislav Yaroshchuk 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/qapi-types-net.h"
+#include "vmnet_int.h"
+#include "clients.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+
+#include 
+
+int net_init_vmnet_bridged(const Netdev *netdev, const char *name,
+   NetClientState *peer, Error **errp)
+{
+  error_setg(errp, "vmnet-bridged is not implemented yet");
+  return -1;
+}
diff --git a/net/vmnet-common.m b/net/vmnet-common.m
new file mode 100644
index 000..f949eb6
--- /dev/null
+++ b/net/vmnet-common.m
@@ -0,0 +1,19 @@
+/*
+ * vmnet-common.m - network client wrapper for Apple vmnet.framework
+ *
+ * Copyright(c) 2021 Vladislav Yaroshchuk 
+ * Copyright(c) 2021 Phillip Tennen 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/qapi-types-net.h"
+#include "vmnet_int.h"
+#include "clients.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+
+#include 
diff --git a/net/vmnet-host.c b/net/vmnet-host.c
new file mode 100644
index 000..4a5ef99
--- /dev/null
+++ b/net/vmnet-host.c
@@ -0,0 +1,24 @@
+/*
+ * vmnet-host.c
+ *
+ * Copyright(c) 2021 Vladislav Yaroshchuk 
+ *
+ * This work is licensed 

[PULL 07/13] net/vmnet: add vmnet dependency and customizable option

[Jason Wang]

From: Vladislav Yaroshchuk 

Signed-off-by: Vladislav Yaroshchuk 
Signed-off-by: Jason Wang 
---
 meson.build   | 4 
 meson_options.txt | 2 ++
 scripts/meson-buildoptions.sh | 3 +++
 3 files changed, 9 insertions(+)

diff --git a/meson.build b/meson.build
index c1b1db1..1a381ee 100644
--- a/meson.build
+++ b/meson.build
@@ -496,6 +496,8 @@ if cocoa.found() and get_option('gtk').enabled()
   error('Cocoa and GTK+ cannot be enabled at the same time')
 endif
 
+vmnet = dependency('appleframeworks', modules: 'vmnet', required: 
get_option('vmnet'))
+
 seccomp = not_found
 if not get_option('seccomp').auto() or have_system or have_tools
   seccomp = dependency('libseccomp', version: '>=2.3.0',
@@ -1492,6 +1494,7 @@ config_host_data.set('CONFIG_SECCOMP', seccomp.found())
 config_host_data.set('CONFIG_SNAPPY', snappy.found())
 config_host_data.set('CONFIG_USB_LIBUSB', libusb.found())
 config_host_data.set('CONFIG_VDE', vde.found())
+config_host_data.set('CONFIG_VMNET', vmnet.found())
 config_host_data.set('CONFIG_VHOST_USER_BLK_SERVER', 
have_vhost_user_blk_server)
 config_host_data.set('CONFIG_VNC', vnc.found())
 config_host_data.set('CONFIG_VNC_JPEG', jpeg.found())
@@ -3441,6 +3444,7 @@ endif
 summary_info += {'JACK support':  jack}
 summary_info += {'brlapi support':brlapi}
 summary_info += {'vde support':   vde}
+summary_info += {'vmnet.framework support': vmnet}
 summary_info += {'netmap support':have_netmap}
 summary_info += {'l2tpv3 support':have_l2tpv3}
 summary_info += {'Linux AIO support': libaio}
diff --git a/meson_options.txt b/meson_options.txt
index 921967e..701e138 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -151,6 +151,8 @@ option('netmap', type : 'feature', value : 'auto',
description: 'netmap network backend support')
 option('vde', type : 'feature', value : 'auto',
description: 'vde network backend support')
+option('vmnet', type : 'feature', value : 'auto',
+   description: 'vmnet.framework network backend support')
 option('virglrenderer', type : 'feature', value : 'auto',
description: 'virgl rendering support')
 option('vnc', type : 'feature', value : 'auto',
diff --git a/scripts/meson-buildoptions.sh b/scripts/meson-buildoptions.sh
index 50bd7be..cdcece4 100644
--- a/scripts/meson-buildoptions.sh
+++ b/scripts/meson-buildoptions.sh
@@ -84,6 +84,7 @@ meson_options_help() {
   printf "%s\n" '  u2f U2F emulation support'
   printf "%s\n" '  usb-redir   libusbredir support'
   printf "%s\n" '  vde vde network backend support'
+  printf "%s\n" '  vmnet   vmnet.framework network backend support'
   printf "%s\n" '  vhost-user-blk-server'
   printf "%s\n" '  build vhost-user-blk server'
   printf "%s\n" '  virglrenderer   virgl rendering support'
@@ -248,6 +249,8 @@ _meson_option_parse() {
 --disable-usb-redir) printf "%s" -Dusb_redir=disabled ;;
 --enable-vde) printf "%s" -Dvde=enabled ;;
 --disable-vde) printf "%s" -Dvde=disabled ;;
+--enable-vmnet) printf "%s" -Dvmnet=enabled ;;
+--disable-vmnet) printf "%s" -Dvmnet=disabled ;;
 --enable-vhost-user-blk-server) printf "%s" 
-Dvhost_user_blk_server=enabled ;;
 --disable-vhost-user-blk-server) printf "%s" 
-Dvhost_user_blk_server=disabled ;;
 --enable-virglrenderer) printf "%s" -Dvirglrenderer=enabled ;;
-- 
2.7.4

[PULL 11/13] net/vmnet: implement bridged mode (vmnet-bridged)

[Jason Wang]

From: Vladislav Yaroshchuk 

Signed-off-by: Vladislav Yaroshchuk 
Signed-off-by: Jason Wang 
---
 net/vmnet-bridged.m | 98 +
 1 file changed, 92 insertions(+), 6 deletions(-)

diff --git a/net/vmnet-bridged.m b/net/vmnet-bridged.m
index 4e42a90..3c9da9d 100644
--- a/net/vmnet-bridged.m
+++ b/net/vmnet-bridged.m
@@ -10,16 +10,102 @@
 
 #include "qemu/osdep.h"
 #include "qapi/qapi-types-net.h"
-#include "vmnet_int.h"
-#include "clients.h"
-#include "qemu/error-report.h"
 #include "qapi/error.h"
+#include "clients.h"
+#include "vmnet_int.h"
 
 #include 
 
+typedef struct VmnetBridgedState {
+  VmnetCommonState cs;
+} VmnetBridgedState;
+
+static bool validate_ifname(const char *ifname)
+{
+xpc_object_t shared_if_list = vmnet_copy_shared_interface_list();
+__block bool match = false;
+
+xpc_array_apply(
+shared_if_list,
+^bool(size_t index, xpc_object_t value) {
+  if (strcmp(xpc_string_get_string_ptr(value), ifname) == 0) {
+  match = true;
+  return false;
+  }
+  return true;
+});
+
+return match;
+}
+
+static const char *get_valid_ifnames(void)
+{
+xpc_object_t shared_if_list = vmnet_copy_shared_interface_list();
+__block char *if_list = NULL;
+
+xpc_array_apply(
+shared_if_list,
+^bool(size_t index, xpc_object_t value) {
+  if_list = g_strconcat(xpc_string_get_string_ptr(value),
+" ",
+if_list,
+NULL);
+  return true;
+});
+
+if (if_list) {
+return if_list;
+}
+return "[no interfaces]";
+}
+
+static xpc_object_t create_if_desc(const Netdev *netdev, Error **errp)
+{
+const NetdevVmnetBridgedOptions *options = &(netdev->u.vmnet_bridged);
+xpc_object_t if_desc = xpc_dictionary_create(NULL, NULL, 0);
+
+xpc_dictionary_set_uint64(
+if_desc,
+vmnet_operation_mode_key,
+VMNET_BRIDGED_MODE
+);
+
+xpc_dictionary_set_bool(
+if_desc,
+vmnet_enable_isolation_key,
+options->isolated
+);
+
+if (validate_ifname(options->ifname)) {
+xpc_dictionary_set_string(if_desc,
+  vmnet_shared_interface_name_key,
+  options->ifname);
+} else {
+return NULL;
+}
+return if_desc;
+}
+
+static NetClientInfo net_vmnet_bridged_info = {
+.type = NET_CLIENT_DRIVER_VMNET_BRIDGED,
+.size = sizeof(VmnetBridgedState),
+.receive = vmnet_receive_common,
+.cleanup = vmnet_cleanup_common,
+};
+
 int net_init_vmnet_bridged(const Netdev *netdev, const char *name,
NetClientState *peer, Error **errp)
 {
-  error_setg(errp, "vmnet-bridged is not implemented yet");
-  return -1;
-}
+NetClientState *nc = qemu_new_net_client(_vmnet_bridged_info,
+ peer, "vmnet-bridged", name);
+xpc_object_t if_desc = create_if_desc(netdev, errp);;
+
+if (!if_desc) {
+error_setg(errp,
+   "unsupported ifname, should be one of: %s",
+   get_valid_ifnames());
+return -1;
+}
+
+return vmnet_if_create(nc, if_desc, errp, NULL);
+}
\ No newline at end of file
-- 
2.7.4

[PULL 13/13] net/vmnet: update MAINTAINERS list

[Jason Wang]

From: Vladislav Yaroshchuk 

Signed-off-by: Vladislav Yaroshchuk 
Signed-off-by: Jason Wang 
---
 MAINTAINERS | 5 +
 1 file changed, 5 insertions(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index c98a61c..638d129 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2641,6 +2641,11 @@ W: http://info.iet.unipi.it/~luigi/netmap/
 S: Maintained
 F: net/netmap.c
 
+Apple vmnet network backends
+M: Vladislav Yaroshchuk 
+S: Maintained
+F: net/vmnet*
+
 Host Memory Backends
 M: David Hildenbrand 
 M: Igor Mammedov 
-- 
2.7.4

[PULL 09/13] net/vmnet: implement shared mode (vmnet-shared)

[Jason Wang]

From: Vladislav Yaroshchuk 

Interaction with vmnet.framework in different modes
differs only on configuration stage, so we can create
common `send`, `receive`, etc. procedures and reuse them.

vmnet.framework supports iov, but writing more than
one iov into vmnet interface fails with
'VMNET_INVALID_ARGUMENT'. Collecting provided iovs into
one and passing it to vmnet works fine. That's the
reason why receive_iov() left unimplemented. But it still
works with good enough performance having .receive()
implemented only.

Also, there is no way to unsubscribe from vmnet packages
receiving except registering and unregistering event
callback or simply drop packages just ignoring and
not processing them when related flag is set. Here we do
using the second way.

Signed-off-by: Phillip Tennen 
Signed-off-by: Vladislav Yaroshchuk 
Signed-off-by: Jason Wang 
---
 net/vmnet-common.m | 311 +
 net/vmnet-shared.c |  74 -
 net/vmnet_int.h|  23 
 3 files changed, 404 insertions(+), 4 deletions(-)

diff --git a/net/vmnet-common.m b/net/vmnet-common.m
index f949eb6..6d474af 100644
--- a/net/vmnet-common.m
+++ b/net/vmnet-common.m
@@ -10,6 +10,8 @@
  */
 
 #include "qemu/osdep.h"
+#include "qemu/main-loop.h"
+#include "qemu/log.h"
 #include "qapi/qapi-types-net.h"
 #include "vmnet_int.h"
 #include "clients.h"
@@ -17,3 +19,312 @@
 #include "qapi/error.h"
 
 #include 
+#include 
+
+#ifdef DEBUG
+#define D(x) x
+#define D_LOG(...) qemu_log(__VA_ARGS__)
+#else
+#define D(x) do { } while (0)
+#define D_LOG(...) do { } while (0)
+#endif
+
+typedef struct vmpktdesc vmpktdesc_t;
+typedef struct iovec iovec_t;
+
+static void vmnet_set_send_enabled(VmnetCommonState *s, bool enable)
+{
+s->send_enabled = enable;
+}
+
+
+static void vmnet_send_completed(NetClientState *nc, ssize_t len)
+{
+VmnetCommonState *s = DO_UPCAST(VmnetCommonState, nc, nc);
+vmnet_set_send_enabled(s, true);
+}
+
+
+static void vmnet_send(NetClientState *nc,
+   interface_event_t event_id,
+   xpc_object_t event)
+{
+assert(event_id == VMNET_INTERFACE_PACKETS_AVAILABLE);
+
+VmnetCommonState *s;
+uint64_t packets_available;
+
+struct iovec *iov;
+struct vmpktdesc *packets;
+int pkt_cnt;
+int i;
+
+vmnet_return_t if_status;
+ssize_t size;
+
+s = DO_UPCAST(VmnetCommonState, nc, nc);
+
+packets_available = xpc_dictionary_get_uint64(
+event,
+vmnet_estimated_packets_available_key
+);
+
+pkt_cnt = (packets_available < VMNET_PACKETS_LIMIT) ?
+  packets_available :
+  VMNET_PACKETS_LIMIT;
+
+
+iov = s->iov_buf;
+packets = s->packets_buf;
+
+for (i = 0; i < pkt_cnt; ++i) {
+packets[i].vm_pkt_size = s->max_packet_size;
+packets[i].vm_pkt_iovcnt = 1;
+packets[i].vm_flags = 0;
+}
+
+if_status = vmnet_read(s->vmnet_if, packets, _cnt);
+if (if_status != VMNET_SUCCESS) {
+error_printf("vmnet: read failed: %s\n",
+ vmnet_status_map_str(if_status));
+}
+qemu_mutex_lock_iothread();
+for (i = 0; i < pkt_cnt; ++i) {
+size = qemu_send_packet_async(nc,
+  iov[i].iov_base,
+  packets[i].vm_pkt_size,
+  vmnet_send_completed);
+if (size == 0) {
+vmnet_set_send_enabled(s, false);
+} else if (size < 0) {
+break;
+}
+}
+qemu_mutex_unlock_iothread();
+
+}
+
+
+static void vmnet_register_event_callback(VmnetCommonState *s)
+{
+dispatch_queue_t avail_pkt_q = dispatch_queue_create(
+"org.qemu.vmnet.if_queue",
+DISPATCH_QUEUE_SERIAL
+);
+
+vmnet_interface_set_event_callback(
+s->vmnet_if,
+VMNET_INTERFACE_PACKETS_AVAILABLE,
+avail_pkt_q,
+^(interface_event_t event_id, xpc_object_t event) {
+  if (s->send_enabled) {
+  vmnet_send(>nc, event_id, event);
+  }
+});
+}
+
+
+static void vmnet_bufs_init(VmnetCommonState *s)
+{
+int i;
+struct vmpktdesc *packets;
+struct iovec *iov;
+
+packets = s->packets_buf;
+iov = s->iov_buf;
+
+for (i = 0; i < VMNET_PACKETS_LIMIT; ++i) {
+iov[i].iov_len = s->max_packet_size;
+iov[i].iov_base = g_malloc0(iov[i].iov_len);
+packets[i].vm_pkt_iov = iov + i;
+}
+}
+
+
+const char *vmnet_status_map_str(vmnet_return_t status)
+{
+switch (status) {
+case VMNET_SUCCESS:
+return "success";
+case VMNET_FAILURE:
+return "general failure";
+case VMNET_MEM_FAILURE:
+return "memory allocation failure";
+case VMNET_INVALID_ARGUMENT:
+return "invalid argument specified";
+case VMNET_SETUP_INCOMPLETE:
+return "interface setup is not complete";
+case VMNET_INVALID_ACCESS:
+return "invalid access, 

Re: [PATCH qemu] spapr: Force 32bit when resetting a core

[David Gibson]

On Mon, Jan 10, 2022 at 01:52:06PM +1100, Alexey Kardashevskiy wrote:
> 
> 
> On 08/01/2022 00:39, Greg Kurz wrote:
> > On Fri, 7 Jan 2022 23:19:03 +1100
> > David Gibson  wrote:
> > 
> > > On Fri, Jan 07, 2022 at 12:57:47PM +0100, Greg Kurz wrote:
> > > > On Fri, 7 Jan 2022 18:24:23 +1100
> > > > Alexey Kardashevskiy  wrote:
> > > > 
> > > > > "PowerPC Processor binding to IEEE 1275" says in
> > > > > "8.2.1. Initial Register Values" that the initial state is defined as
> > > > > 32bit so do it for both SLOF and VOF.
> > > > > 
> > > > > This should not cause behavioral change as SLOF switches to 64bit very
> > > > > early anyway.
> > > > 
> > > > Only one CPU goes through SLOF. What about the other ones, including
> > > > hot plugged CPUs ?
> > > 
> > > Those will be started by the start-cpu RTAS call which has its own
> > > semantics.
> > > 
> > 
> > Ah indeed, there's code in linux/arch/powerpc/kernel/head_64.S to switch
> > secondaries to 64bit... but then, as noted by Cedric, ppc_cpu_reset(),
> > which is called earlier sets MSR_SF but the changelog of commit 8b9f2118ca40
> > doesn't provide much details on the motivation. Any idea ?
> 
> https://patchwork.kernel.org/project/qemu-devel/patch/1458121432-2855-1-git-send-email-lviv...@redhat.com/
> 
> this is probably it:
> 
> ===
> Reset is properly defined as an exception (0x100). For exceptions, the
> 970MP user manual for example says:
> 
> 4.5 Exception Definitions
> When an exception/interrupt is taken, all bits in the MSR are set to
> ‘0’, with the following exceptions:
> • Exceptions always set MSR[SF] to ‘1’.
> ===
> 
> but it looks like the above is about emulation bare metal 970 rather than
> pseries VCPU so that quote does not apply to spapr.

PAPR is rather confusing on the topic (looking at PAPR+ 2.10).
Initially it says:

"When a processor thread exits the RTAS stopped state, it must begin
execution in real mode, with the MSR in the same state as from a
system reset interrupt (except for the MSRHV bit which is on if not
running under a hypervisor and off if running under a hypervisor)"

But further down it has a table of how all the MSR bits are supposed
to be set by start-cpu, and it looks like that might not match the
0x100 conditions in some cases.

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

[PULL 06/13] net/filter: Optimize filter_send to coroutine

[Jason Wang]

From: Rao Lei 

This patch is to improve the logic of QEMU main thread sleep code in
qemu_chr_write_buffer() where it can be blocked and can't run other
coroutines during COLO IO stress test.

Our approach is to put filter_send() in a coroutine. In this way,
filter_send() will call qemu_coroutine_yield() in qemu_co_sleep_ns(),
so that it can be scheduled out and QEMU main thread has opportunity to
run other tasks.

Signed-off-by: Lei Rao 
Signed-off-by: Zhang Chen 
Reviewed-by: Li Zhijian 
Reviewed-by: Zhang Chen 
Signed-off-by: Jason Wang 
---
 net/filter-mirror.c | 66 ++---
 1 file changed, 53 insertions(+), 13 deletions(-)

diff --git a/net/filter-mirror.c b/net/filter-mirror.c
index f20240c..34a63b5 100644
--- a/net/filter-mirror.c
+++ b/net/filter-mirror.c
@@ -20,6 +20,7 @@
 #include "chardev/char-fe.h"
 #include "qemu/iov.h"
 #include "qemu/sockets.h"
+#include "block/aio-wait.h"
 
 #define TYPE_FILTER_MIRROR "filter-mirror"
 typedef struct MirrorState MirrorState;
@@ -42,20 +43,21 @@ struct MirrorState {
 bool vnet_hdr;
 };
 
-static int filter_send(MirrorState *s,
-   const struct iovec *iov,
-   int iovcnt)
+typedef struct FilterSendCo {
+MirrorState *s;
+char *buf;
+ssize_t size;
+bool done;
+int ret;
+} FilterSendCo;
+
+static int _filter_send(MirrorState *s,
+   char *buf,
+   ssize_t size)
 {
 NetFilterState *nf = NETFILTER(s);
 int ret = 0;
-ssize_t size = 0;
 uint32_t len = 0;
-char *buf;
-
-size = iov_size(iov, iovcnt);
-if (!size) {
-return 0;
-}
 
 len = htonl(size);
 ret = qemu_chr_fe_write_all(>chr_out, (uint8_t *), sizeof(len));
@@ -80,10 +82,7 @@ static int filter_send(MirrorState *s,
 }
 }
 
-buf = g_malloc(size);
-iov_to_buf(iov, iovcnt, 0, buf, size);
 ret = qemu_chr_fe_write_all(>chr_out, (uint8_t *)buf, size);
-g_free(buf);
 if (ret != size) {
 goto err;
 }
@@ -94,6 +93,47 @@ err:
 return ret < 0 ? ret : -EIO;
 }
 
+static void coroutine_fn filter_send_co(void *opaque)
+{
+FilterSendCo *data = opaque;
+
+data->ret = _filter_send(data->s, data->buf, data->size);
+data->done = true;
+g_free(data->buf);
+aio_wait_kick();
+}
+
+static int filter_send(MirrorState *s,
+   const struct iovec *iov,
+   int iovcnt)
+{
+ssize_t size = iov_size(iov, iovcnt);
+char *buf = NULL;
+
+if (!size) {
+return 0;
+}
+
+buf = g_malloc(size);
+iov_to_buf(iov, iovcnt, 0, buf, size);
+
+FilterSendCo data = {
+.s = s,
+.size = size,
+.buf = buf,
+.ret = 0,
+};
+
+Coroutine *co = qemu_coroutine_create(filter_send_co, );
+qemu_coroutine_enter(co);
+
+while (!data.done) {
+aio_poll(qemu_get_aio_context(), true);
+}
+
+return data.ret;
+}
+
 static void redirector_to_filter(NetFilterState *nf,
  const uint8_t *buf,
  int len)
-- 
2.7.4

[PULL 10/13] net/vmnet: implement host mode (vmnet-host)

[Jason Wang]

From: Vladislav Yaroshchuk 

Signed-off-by: Vladislav Yaroshchuk 
Signed-off-by: Jason Wang 
---
 net/vmnet-host.c | 93 
 1 file changed, 87 insertions(+), 6 deletions(-)

diff --git a/net/vmnet-host.c b/net/vmnet-host.c
index 4a5ef99..9c2e760 100644
--- a/net/vmnet-host.c
+++ b/net/vmnet-host.c
@@ -9,16 +9,97 @@
  */
 
 #include "qemu/osdep.h"
+#include "qemu/uuid.h"
 #include "qapi/qapi-types-net.h"
-#include "vmnet_int.h"
-#include "clients.h"
-#include "qemu/error-report.h"
 #include "qapi/error.h"
+#include "clients.h"
+#include "vmnet_int.h"
 
 #include 
 
+typedef struct VmnetHostState {
+  VmnetCommonState cs;
+  QemuUUID network_uuid;
+} VmnetHostState;
+
+static xpc_object_t create_if_desc(const Netdev *netdev,
+   NetClientState *nc,
+   Error **errp)
+{
+const NetdevVmnetHostOptions *options = &(netdev->u.vmnet_host);
+VmnetCommonState *cs = DO_UPCAST(VmnetCommonState, nc, nc);
+VmnetHostState *hs = DO_UPCAST(VmnetHostState, cs, cs);
+
+xpc_object_t if_desc = xpc_dictionary_create(NULL, NULL, 0);
+
+xpc_dictionary_set_uint64(
+if_desc,
+vmnet_operation_mode_key,
+VMNET_HOST_MODE
+);
+
+xpc_dictionary_set_bool(
+if_desc,
+vmnet_enable_isolation_key,
+options->isolated
+);
+
+if (options->has_net_uuid) {
+if (qemu_uuid_parse(options->net_uuid, >network_uuid) < 0) {
+error_setg(errp, "Invalid UUID provided in 'net-uuid'");
+}
+
+xpc_dictionary_set_uuid(
+if_desc,
+vmnet_network_identifier_key,
+hs->network_uuid.data
+);
+}
+
+if (options->has_start_address ||
+options->has_end_address ||
+options->has_subnet_mask) {
+
+if (options->has_start_address &&
+options->has_end_address &&
+options->has_subnet_mask) {
+
+xpc_dictionary_set_string(if_desc,
+  vmnet_start_address_key,
+  options->start_address);
+xpc_dictionary_set_string(if_desc,
+  vmnet_end_address_key,
+  options->end_address);
+xpc_dictionary_set_string(if_desc,
+  vmnet_subnet_mask_key,
+  options->subnet_mask);
+} else {
+error_setg(
+errp,
+"'start-address', 'end-address', 'subnet_mask' "
+"should be provided together"
+);
+}
+}
+
+return if_desc;
+}
+
+static NetClientInfo net_vmnet_host_info = {
+.type = NET_CLIENT_DRIVER_VMNET_HOST,
+.size = sizeof(VmnetHostState),
+.receive = vmnet_receive_common,
+.cleanup = vmnet_cleanup_common,
+};
+
 int net_init_vmnet_host(const Netdev *netdev, const char *name,
-NetClientState *peer, Error **errp) {
-  error_setg(errp, "vmnet-host is not implemented yet");
-  return -1;
+NetClientState *peer, Error **errp)
+{
+NetClientState *nc;
+xpc_object_t if_desc;
+
+nc = qemu_new_net_client(_vmnet_host_info,
+ peer, "vmnet-host", name);
+if_desc = create_if_desc(netdev, nc, errp);
+return vmnet_if_create(nc, if_desc, errp, NULL);
 }
-- 
2.7.4

[PULL 04/13] net/colo-compare.c: Optimize compare order for performance

[Jason Wang]

From: Zhang Chen 

COLO-compare use the glib function g_queue_find_custom to dump
another VM's networking packet to compare. But this function always
start find from the queue->head(here is the newest packet), It will
reduce the success rate of comparison. So this patch reversed
the order of the queues for performance.

Signed-off-by: Zhang Chen 
Reported-by: leirao 
Signed-off-by: Jason Wang 
---
 net/colo-compare.c | 26 +-
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index b966e7e..216de5a 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -197,7 +197,7 @@ static void colo_compare_inconsistency_notify(CompareState 
*s)
 /* Use restricted to colo_insert_packet() */
 static gint seq_sorter(Packet *a, Packet *b, gpointer data)
 {
-return a->tcp_seq - b->tcp_seq;
+return b->tcp_seq - a->tcp_seq;
 }
 
 static void fill_pkt_tcp_info(void *data, uint32_t *max_ack)
@@ -421,13 +421,13 @@ pri:
 if (g_queue_is_empty(>primary_list)) {
 return;
 }
-ppkt = g_queue_pop_head(>primary_list);
+ppkt = g_queue_pop_tail(>primary_list);
 sec:
 if (g_queue_is_empty(>secondary_list)) {
-g_queue_push_head(>primary_list, ppkt);
+g_queue_push_tail(>primary_list, ppkt);
 return;
 }
-spkt = g_queue_pop_head(>secondary_list);
+spkt = g_queue_pop_tail(>secondary_list);
 
 if (ppkt->tcp_seq == ppkt->seq_end) {
 colo_release_primary_pkt(s, ppkt);
@@ -458,7 +458,7 @@ sec:
 }
 }
 if (!ppkt) {
-g_queue_push_head(>secondary_list, spkt);
+g_queue_push_tail(>secondary_list, spkt);
 goto pri;
 }
 }
@@ -477,7 +477,7 @@ sec:
 if (mark == COLO_COMPARE_FREE_PRIMARY) {
 conn->compare_seq = ppkt->seq_end;
 colo_release_primary_pkt(s, ppkt);
-g_queue_push_head(>secondary_list, spkt);
+g_queue_push_tail(>secondary_list, spkt);
 goto pri;
 } else if (mark == COLO_COMPARE_FREE_SECONDARY) {
 conn->compare_seq = spkt->seq_end;
@@ -490,8 +490,8 @@ sec:
 goto pri;
 }
 } else {
-g_queue_push_head(>primary_list, ppkt);
-g_queue_push_head(>secondary_list, spkt);
+g_queue_push_tail(>primary_list, ppkt);
+g_queue_push_tail(>secondary_list, spkt);
 
 #ifdef DEBUG_COLO_PACKETS
 qemu_hexdump(stderr, "colo-compare ppkt", ppkt->data, ppkt->size);
@@ -673,7 +673,7 @@ static void colo_compare_packet(CompareState *s, Connection 
*conn,
 
 while (!g_queue_is_empty(>primary_list) &&
!g_queue_is_empty(>secondary_list)) {
-pkt = g_queue_pop_head(>primary_list);
+pkt = g_queue_pop_tail(>primary_list);
 result = g_queue_find_custom(>secondary_list,
  pkt, (GCompareFunc)HandlePacket);
 
@@ -689,7 +689,7 @@ static void colo_compare_packet(CompareState *s, Connection 
*conn,
  * timeout, it will trigger a checkpoint request.
  */
 trace_colo_compare_main("packet different");
-g_queue_push_head(>primary_list, pkt);
+g_queue_push_tail(>primary_list, pkt);
 
 colo_compare_inconsistency_notify(s);
 break;
@@ -819,7 +819,7 @@ static int compare_chr_send(CompareState *s,
 entry->buf = g_malloc(size);
 memcpy(entry->buf, buf, size);
 }
-g_queue_push_head(>send_list, entry);
+g_queue_push_tail(>send_list, entry);
 
 if (sendco->done) {
 sendco->co = qemu_coroutine_create(_compare_chr_send, sendco);
@@ -1347,7 +1347,7 @@ static void colo_flush_packets(void *opaque, void 
*user_data)
 Packet *pkt = NULL;
 
 while (!g_queue_is_empty(>primary_list)) {
-pkt = g_queue_pop_head(>primary_list);
+pkt = g_queue_pop_tail(>primary_list);
 compare_chr_send(s,
  pkt->data,
  pkt->size,
@@ -1357,7 +1357,7 @@ static void colo_flush_packets(void *opaque, void 
*user_data)
 packet_destroy_partial(pkt, NULL);
 }
 while (!g_queue_is_empty(>secondary_list)) {
-pkt = g_queue_pop_head(>secondary_list);
+pkt = g_queue_pop_tail(>secondary_list);
 packet_destroy(pkt, NULL);
 }
 }
-- 
2.7.4

[PULL 03/13] net: Fix uninitialized data usage

[Jason Wang]

From: Peter Foley 

e.g.
1109 15:16:20.151506 Uninitialized bytes in ioctl_common_pre at offset 0 inside 
[0x7ffc516af9b8, 4)
 1109 15:16:20.151659 ==588974==WARNING: MemorySanitizer: 
use-of-uninitialized-value
 1109 15:16:20.312923 #0 0x5639b88acb21 in tap_probe_vnet_hdr_len 
third_party/qemu/net/tap-linux.c:183:9
 1109 15:16:20.312952 #1 0x5639b88afd66 in net_tap_fd_init 
third_party/qemu/net/tap.c:409:9
 1109 15:16:20.312954 #2 0x5639b88b2d1b in net_init_tap_one 
third_party/qemu/net/tap.c:681:19
 1109 15:16:20.312956 #3 0x5639b88b16a8 in net_init_tap 
third_party/qemu/net/tap.c:912:13
 1109 15:16:20.312957 #4 0x5639b8890175 in net_client_init1 
third_party/qemu/net/net.c:1110:9
 1109 15:16:20.312958 #5 0x5639b888f912 in net_client_init 
third_party/qemu/net/net.c:1208:15
 1109 15:16:20.312960 #6 0x5639b8894aa5 in net_param_nic 
third_party/qemu/net/net.c:1588:11
 1109 15:16:20.312961 #7 0x5639b900cd18 in qemu_opts_foreach 
third_party/qemu/util/qemu-option.c:1135:14
 1109 15:16:20.312962 #8 0x5639b889393c in net_init_clients 
third_party/qemu/net/net.c:1612:9
 1109 15:16:20.312964 #9 0x5639b717aaf3 in qemu_create_late_backends 
third_party/qemu/softmmu/vl.c:1962:5
 1109 15:16:20.312965 #10 0x5639b717aaf3 in qemu_init 
third_party/qemu/softmmu/vl.c:3694:5
 1109 15:16:20.312967 #11 0x5639b71083b8 in main 
third_party/qemu/softmmu/main.c:49:5
 1109 15:16:20.312968 #12 0x7f464de1d8d2 in __libc_start_main 
(/usr/grte/v5/lib64/libc.so.6+0x628d2)
 1109 15:16:20.312969 #13 0x5639b6bbd389 in _start 
/usr/grte/v5/debug-src/src/csu/../sysdeps/x86_64/start.S:120
 1109 15:16:20.312970
 1109 15:16:20.312975   Uninitialized value was stored to memory at
 1109 15:16:20.313393 #0 0x5639b88acbee in tap_probe_vnet_hdr_len 
third_party/qemu/net/tap-linux.c
 1109 15:16:20.313396 #1 0x5639b88afd66 in net_tap_fd_init 
third_party/qemu/net/tap.c:409:9
 1109 15:16:20.313398 #2 0x5639b88b2d1b in net_init_tap_one 
third_party/qemu/net/tap.c:681:19
 1109 15:16:20.313399 #3 0x5639b88b16a8 in net_init_tap 
third_party/qemu/net/tap.c:912:13
 1109 15:16:20.313400 #4 0x5639b8890175 in net_client_init1 
third_party/qemu/net/net.c:1110:9
 1109 15:16:20.313401 #5 0x5639b888f912 in net_client_init 
third_party/qemu/net/net.c:1208:15
 1109 15:16:20.313403 #6 0x5639b8894aa5 in net_param_nic 
third_party/qemu/net/net.c:1588:11
 1109 15:16:20.313404 #7 0x5639b900cd18 in qemu_opts_foreach 
third_party/qemu/util/qemu-option.c:1135:14
 1109 15:16:20.313405 #8 0x5639b889393c in net_init_clients 
third_party/qemu/net/net.c:1612:9
 1109 15:16:20.313407 #9 0x5639b717aaf3 in qemu_create_late_backends 
third_party/qemu/softmmu/vl.c:1962:5
 1109 15:16:20.313408 #10 0x5639b717aaf3 in qemu_init 
third_party/qemu/softmmu/vl.c:3694:5
 1109 15:16:20.313409 #11 0x5639b71083b8 in main 
third_party/qemu/softmmu/main.c:49:5
 1109 15:16:20.313410 #12 0x7f464de1d8d2 in __libc_start_main 
(/usr/grte/v5/lib64/libc.so.6+0x628d2)
 1109 15:16:20.313412 #13 0x5639b6bbd389 in _start 
/usr/grte/v5/debug-src/src/csu/../sysdeps/x86_64/start.S:120
 1109 15:16:20.313413
 1109 15:16:20.313417   Uninitialized value was stored to memory at
 1109 15:16:20.313791 #0 0x5639b88affbd in net_tap_fd_init 
third_party/qemu/net/tap.c:400:26
 1109 15:16:20.313826 #1 0x5639b88b2d1b in net_init_tap_one 
third_party/qemu/net/tap.c:681:19
 1109 15:16:20.313829 #2 0x5639b88b16a8 in net_init_tap 
third_party/qemu/net/tap.c:912:13
 1109 15:16:20.313831 #3 0x5639b8890175 in net_client_init1 
third_party/qemu/net/net.c:1110:9
 1109 15:16:20.313836 #4 0x5639b888f912 in net_client_init 
third_party/qemu/net/net.c:1208:15
 1109 15:16:20.313838 #5 0x5639b8894aa5 in net_param_nic 
third_party/qemu/net/net.c:1588:11
 1109 15:16:20.313839 #6 0x5639b900cd18 in qemu_opts_foreach 
third_party/qemu/util/qemu-option.c:1135:14
 1109 15:16:20.313841 #7 0x5639b889393c in net_init_clients 
third_party/qemu/net/net.c:1612:9
 1109 15:16:20.313843 #8 0x5639b717aaf3 in qemu_create_late_backends 
third_party/qemu/softmmu/vl.c:1962:5
 1109 15:16:20.313844 #9 0x5639b717aaf3 in qemu_init 
third_party/qemu/softmmu/vl.c:3694:5
 1109 15:16:20.313845 #10 0x5639b71083b8 in main 
third_party/qemu/softmmu/main.c:49:5
 1109 15:16:20.313846 #11 0x7f464de1d8d2 in __libc_start_main 
(/usr/grte/v5/lib64/libc.so.6+0x628d2)
 1109 15:16:20.313847 #12 0x5639b6bbd389 in _start 
/usr/grte/v5/debug-src/src/csu/../sysdeps/x86_64/start.S:120
 1109 15:16:20.313849
 1109 15:16:20.313851   Uninitialized value was created by an allocation of 
'ifr' in the stack frame of function 'tap_probe_vnet_hdr'
 1109 15:16:20.313855 #0 0x5639b88ac680 in tap_probe_vnet_hdr 
third_party/qemu/net/tap-linux.c:151
 1109 15:16:20.313856
 1109 15:16:20.313878 SUMMARY: MemorySanitizer: use-of-uninitialized-value 
third_party/qemu/net/tap-linux.c:183:9 in tap_probe_vnet_hdr_len

Fixes: dc69004c7d8 

[PULL 12/13] net/vmnet: update qemu-options.hx

[Jason Wang]

From: Vladislav Yaroshchuk 

Signed-off-by: Vladislav Yaroshchuk 
Signed-off-by: Jason Wang 
---
 qemu-options.hx | 25 +
 1 file changed, 25 insertions(+)

diff --git a/qemu-options.hx b/qemu-options.hx
index ec90505..81dd34f 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -2733,6 +2733,25 @@ DEF("netdev", HAS_ARG, QEMU_OPTION_netdev,
 "-netdev vhost-vdpa,id=str,vhostdev=/path/to/dev\n"
 "configure a vhost-vdpa network,Establish a vhost-vdpa 
netdev\n"
 #endif
+#ifdef CONFIG_VMNET
+"-netdev vmnet-host,id=str[,isolated=on|off][,net-uuid=uuid]\n"
+" [,start-address=addr,end-address=addr,subnet-mask=mask]\n"
+"configure a vmnet network backend in host mode with ID 
'str',\n"
+"isolate this interface from others with 'isolated',\n"
+"configure the address range and choose a subnet mask,\n"
+"specify network UUID 'uuid' to disable DHCP and interact 
with\n"
+"vmnet-host interfaces within this isolated network\n"
+"-netdev vmnet-shared,id=str[,isolated=on|off][,nat66-prefix=addr]\n"
+" [,start-address=addr,end-address=addr,subnet-mask=mask]\n"
+"configure a vmnet network backend in shared mode with ID 
'str',\n"
+"configure the address range and choose a subnet mask,\n"
+"set IPv6 ULA prefix (of length 64) to use for internal 
network,\n"
+"isolate this interface from others with 'isolated'\n"
+"-netdev vmnet-bridged,id=str,ifname=name[,isolated=on|off]\n"
+"configure a vmnet network backend in bridged mode with ID 
'str',\n"
+"use 'ifname=name' to select a physical network interface 
to be bridged,\n"
+"isolate this interface from others with 'isolated'\n"
+#endif
 "-netdev hubport,id=str,hubid=n[,netdev=nd]\n"
 "configure a hub port on the hub with ID 'n'\n", 
QEMU_ARCH_ALL)
 DEF("nic", HAS_ARG, QEMU_OPTION_nic,
@@ -2752,6 +2771,9 @@ DEF("nic", HAS_ARG, QEMU_OPTION_nic,
 #ifdef CONFIG_POSIX
 "vhost-user|"
 #endif
+#ifdef CONFIG_VMNET
+"vmnet-host|vmnet-shared|vmnet-bridged|"
+#endif
 "socket][,option][,...][mac=macaddr]\n"
 "initialize an on-board / default host NIC (using MAC 
address\n"
 "macaddr) and connect it to the given host network 
backend\n"
@@ -2774,6 +2796,9 @@ DEF("net", HAS_ARG, QEMU_OPTION_net,
 #ifdef CONFIG_NETMAP
 "netmap|"
 #endif
+#ifdef CONFIG_VMNET
+"vmnet-host|vmnet-shared|vmnet-bridged|"
+#endif
 "socket][,option][,option][,...]\n"
 "old way to initialize a host network interface\n"
 "(use the -netdev option if possible instead)\n", 
QEMU_ARCH_ALL)
-- 
2.7.4

[PULL 05/13] net/colo-compare.c: Update the default value comments

[Jason Wang]

From: Zhang Chen 

Make the comments consistent with the REGULAR_PACKET_CHECK_MS.

Signed-off-by: Zhang Chen 
Signed-off-by: Jason Wang 
---
 net/colo-compare.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index 216de5a..62554b5 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -1267,7 +1267,7 @@ static void colo_compare_complete(UserCreatable *uc, 
Error **errp)
 }
 
 if (!s->expired_scan_cycle) {
-/* Set default value to 3000 MS */
+/* Set default value to 1000 MS */
 s->expired_scan_cycle = REGULAR_PACKET_CHECK_MS;
 }
 
-- 
2.7.4

[PULL 01/13] hw/net/vmxnet3: Log guest-triggerable errors using LOG_GUEST_ERROR

[Jason Wang]

From: Philippe Mathieu-Daudé 

The "Interrupt Cause" register (VMXNET3_REG_ICR) is read-only.
Write accesses are ignored. Log them with as LOG_GUEST_ERROR
instead of aborting:

  [R +0.239743] writeq 0xe0002031 0x46291a5a55460800
  ERROR:hw/net/vmxnet3.c:1819:vmxnet3_io_bar1_write: code should not be reached
  Thread 1 "qemu-system-i38" received signal SIGABRT, Aborted.
  (gdb) bt
  #3  0x74c397d3 in __GI_abort () at abort.c:79
  #4  0x76d3cd4c in g_assertion_message (domain=, 
file=, line=, func=, 
message=) at ../glib/gtestutils.c:3223
  #5  0x76d9d45f in g_assertion_message_expr
  (domain=0x0, file=0x59fc2e53 "hw/net/vmxnet3.c", line=1819, 
func=0x59fc11e0 <__func__.vmxnet3_io_bar1_write> "vmxnet3_io_bar1_write", 
expr=)
  at ../glib/gtestutils.c:3249
  #6  0x57e80a3a in vmxnet3_io_bar1_write (opaque=0x62814100, addr=56, val=70, 
size=4) at hw/net/vmxnet3.c:1819
  #7  0x58c2d894 in memory_region_write_accessor (mr=0x62816b90, addr=56, 
value=0x7fff9450, size=4, shift=0, mask=4294967295, attrs=...) at 
softmmu/memory.c:492
  #8  0x58c2d1d2 in access_with_adjusted_size (addr=56, value=0x7fff9450, 
size=1, access_size_min=4, access_size_max=4, access_fn=
  0x58c2d290 , mr=0x62816b90, attrs=...) at 
softmmu/memory.c:554
  #9  0x58c2bae7 in memory_region_dispatch_write (mr=0x62816b90, addr=56, 
data=70, op=MO_8, attrs=...) at softmmu/memory.c:1504
  #10 0x58bfd034 in flatview_write_continue (fv=0x606000181700, 
addr=0xe0002038, attrs=..., ptr=0x7fffb9e0, len=1, addr1=56, l=1, mr=0x62816b90)
  at softmmu/physmem.c:2782
  #11 0x58beba00 in flatview_write (fv=0x606000181700, addr=0xe0002031, 
attrs=..., buf=0x7fffb9e0, len=8) at softmmu/physmem.c:2822
  #12 0x58beb589 in address_space_write (as=0x60815f20, addr=0xe0002031, 
attrs=..., buf=0x7fffb9e0, len=8) at softmmu/physmem.c:2914

Reported-by: Dike 
Reported-by: Duhao <504224...@qq.com>
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=2032932
Signed-off-by: Philippe Mathieu-Daudé 
Signed-off-by: Jason Wang 
---
 hw/net/vmxnet3.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index f65af4e..0b7acf7 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -1816,7 +1816,9 @@ vmxnet3_io_bar1_write(void *opaque,
 case VMXNET3_REG_ICR:
 VMW_CBPRN("Write BAR1 [VMXNET3_REG_ICR] = %" PRIx64 ", size %d",
   val, size);
-g_assert_not_reached();
+qemu_log_mask(LOG_GUEST_ERROR,
+  "%s: write to read-only register VMXNET3_REG_ICR\n",
+  TYPE_VMXNET3);
 break;
 
 /* Event Cause Register */
-- 
2.7.4

[PULL 02/13] net/tap: Set return code on failure

[Jason Wang]

From: Peter Foley 

Match the other error handling in this function.

Fixes: e7b347d0bf6 ("net: detect errors from probing vnet hdr flag for TAP 
devices")

Reviewed-by: Patrick Venture 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Peter Foley 
Signed-off-by: Jason Wang 
---
 net/tap.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/tap.c b/net/tap.c
index f716be3..c5cbeaa 100644
--- a/net/tap.c
+++ b/net/tap.c
@@ -900,6 +900,7 @@ int net_init_tap(const Netdev *netdev, const char *name,
 if (i == 0) {
 vnet_hdr = tap_probe_vnet_hdr(fd, errp);
 if (vnet_hdr < 0) {
+ret = -1;
 goto free_fail;
 }
 } else if (vnet_hdr != tap_probe_vnet_hdr(fd, NULL)) {
-- 
2.7.4

[PULL 00/13] Net patches

[Jason Wang]

The following changes since commit df722e33d5da26ea8604500ca8f509245a0ea524:

  Merge tag 'bsd-user-arm-pull-request' of gitlab.com:bsdimp/qemu into staging 
(2022-01-08 09:37:59 -0800)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to 5136cc6d3b8b74f4fa572f0874656947a401330e:

  net/vmnet: update MAINTAINERS list (2022-01-10 11:30:55 +0800)




Peter Foley (2):
  net/tap: Set return code on failure
  net: Fix uninitialized data usage

Philippe Mathieu-Daudé (1):
  hw/net/vmxnet3: Log guest-triggerable errors using LOG_GUEST_ERROR

Rao Lei (1):
  net/filter: Optimize filter_send to coroutine

Vladislav Yaroshchuk (7):
  net/vmnet: add vmnet dependency and customizable option
  net/vmnet: add vmnet backends to qapi/net
  net/vmnet: implement shared mode (vmnet-shared)
  net/vmnet: implement host mode (vmnet-host)
  net/vmnet: implement bridged mode (vmnet-bridged)
  net/vmnet: update qemu-options.hx
  net/vmnet: update MAINTAINERS list

Zhang Chen (2):
  net/colo-compare.c: Optimize compare order for performance
  net/colo-compare.c: Update the default value comments

 MAINTAINERS   |   5 +
 hw/net/vmxnet3.c  |   4 +-
 meson.build   |   4 +
 meson_options.txt |   2 +
 net/clients.h |  11 ++
 net/colo-compare.c|  28 ++--
 net/filter-mirror.c   |  66 +++--
 net/meson.build   |   7 +
 net/net.c |  10 ++
 net/tap-linux.c   |   1 +
 net/tap.c |   1 +
 net/vmnet-bridged.m   | 111 ++
 net/vmnet-common.m| 330 ++
 net/vmnet-host.c  | 105 ++
 net/vmnet-shared.c|  91 
 net/vmnet_int.h   |  48 ++
 qapi/net.json | 132 -
 qemu-options.hx   |  25 
 scripts/meson-buildoptions.sh |   3 +
 19 files changed, 954 insertions(+), 30 deletions(-)
 create mode 100644 net/vmnet-bridged.m
 create mode 100644 net/vmnet-common.m
 create mode 100644 net/vmnet-host.c
 create mode 100644 net/vmnet-shared.c
 create mode 100644 net/vmnet_int.h

RE: [RFC 01/10] virtio: get class_id and pci device id by the virtio id

[longpeng2--- via]

> -Original Message-
> From: Jason Wang [mailto:jasow...@redhat.com]
> Sent: Wednesday, January 5, 2022 2:15 PM
> To: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> 
> Cc: Stefan Hajnoczi ; mst ; Stefano
> Garzarella ; Cornelia Huck ; pbonzini
> ; Gonglei (Arei) ; Yechuan
> ; Huangzhichao ; qemu-devel
> 
> Subject: Re: [RFC 01/10] virtio: get class_id and pci device id by the virtio
> id
> 
> On Wed, Jan 5, 2022 at 1:48 PM Longpeng (Mike, Cloud Infrastructure
> Service Product Dept.)  wrote:
> >
> >
> >
> > > -Original Message-
> > > From: Jason Wang [mailto:jasow...@redhat.com]
> > > Sent: Wednesday, January 5, 2022 12:38 PM
> > > To: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> > > 
> > > Cc: Stefan Hajnoczi ; mst ; Stefano
> > > Garzarella ; Cornelia Huck ;
> pbonzini
> > > ; Gonglei (Arei) ; Yechuan
> > > ; Huangzhichao ; qemu-devel
> > > 
> > > Subject: Re: [RFC 01/10] virtio: get class_id and pci device id by the 
> > > virtio
> > > id
> > >
> > > On Wed, Jan 5, 2022 at 8:59 AM Longpeng(Mike)  
> > > wrote:
> > > >
> > > > From: Longpeng 
> > > >
> > > > Add helpers to get the "Transitional PCI Device ID" and "class_id" of 
> > > > the
> > > > deivce which is specificed by the "Virtio Device ID".
> > > >
> > > > These helpers will be used to build the generic vDPA device later.
> > > >
> > > > Signed-off-by: Longpeng 
> > > > ---
> > > >  hw/virtio/virtio-pci.c | 93 ++
> > > >  hw/virtio/virtio-pci.h |  4 ++
> > > >  2 files changed, 97 insertions(+)
> > > >
> > > > diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> > > > index 750aa47ec1..843085c4ea 100644
> > > > --- a/hw/virtio/virtio-pci.c
> > > > +++ b/hw/virtio/virtio-pci.c
> > > > @@ -19,6 +19,7 @@
> > > >
> > > >  #include "exec/memop.h"
> > > >  #include "standard-headers/linux/virtio_pci.h"
> > > > +#include "standard-headers/linux/virtio_ids.h"
> > > >  #include "hw/boards.h"
> > > >  #include "hw/virtio/virtio.h"
> > > >  #include "migration/qemu-file-types.h"
> > > > @@ -213,6 +214,95 @@ static int virtio_pci_load_queue(DeviceState *d, 
> > > > int
> n,
> > > QEMUFile *f)
> > > >  return 0;
> > > >  }
> > > >
> > > > +typedef struct VirtIOPCIIDInfo {
> > > > +uint16_t vdev_id; /* virtio id */
> > > > +uint16_t pdev_id; /* pci device id */
> > > > +uint16_t class_id;
> > > > +} VirtIOPCIIDInfo;
> > > > +
> > > > +static const VirtIOPCIIDInfo virtio_pci_id_info[] = {
> > > > +{
> > >
> > > Any way to get rid of this array? E.g using the algorithm that is used
> > > by the kernel virtio driver.
> > >
> >
> > For device id, we can use the algorithm if we no need to support
> > Transitional id. But how to get the class id ?
> 
> Right, I miss this. So the current code should be fine.
> 

Maybe the following way would be better? It can save about 40 lines.

#define VIRTIO_PCI_ID_INFO(name, class)   \
{VIRTIO_ID_##name, PCI_DEVICE_ID_VIRTIO_##name, class}

static const VirtIOPCIIDInfo virtio_pci_id_info[] = {
VIRTIO_PCI_ID_INFO(NET, PCI_CLASS_NETWORK_ETHERNET),
VIRTIO_PCI_ID_INFO(BLOCK,   PCI_CLASS_STORAGE_SCSI),
VIRTIO_PCI_ID_INFO(SCSI,PCI_CLASS_STORAGE_SCSI),
VIRTIO_PCI_ID_INFO(CONSOLE, PCI_CLASS_COMMUNICATION_OTHER),
VIRTIO_PCI_ID_INFO(VSOCK,   PCI_CLASS_COMMUNICATION_OTHER),
VIRTIO_PCI_ID_INFO(IOMMU,   PCI_CLASS_OTHERS),
VIRTIO_PCI_ID_INFO(MEM, PCI_CLASS_OTHERS),
VIRTIO_PCI_ID_INFO(PMEM,PCI_CLASS_OTHERS),
VIRTIO_PCI_ID_INFO(RNG, PCI_CLASS_OTHERS),
VIRTIO_PCI_ID_INFO(BALLOON, PCI_CLASS_OTHERS),
VIRTIO_PCI_ID_INFO(9P,  PCI_BASE_CLASS_NETWORK),
};


> Thanks
> 
> >
> > > Thanks
> > >
> > > > +.vdev_id = VIRTIO_ID_NET,
> > > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_NET,
> > > > +.class_id = PCI_CLASS_NETWORK_ETHERNET,
> > > > +},
> > > > +{
> > > > +.vdev_id = VIRTIO_ID_BLOCK,
> > > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_BLOCK,
> > > > +.class_id = PCI_CLASS_STORAGE_SCSI,
> > > > +},
> > > > +{
> > > > +.vdev_id = VIRTIO_ID_CONSOLE,
> > > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_CONSOLE,
> > > > +.class_id = PCI_CLASS_COMMUNICATION_OTHER,
> > > > +},
> > > > +{
> > > > +.vdev_id = VIRTIO_ID_SCSI,
> > > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_SCSI,
> > > > +.class_id = PCI_CLASS_STORAGE_SCSI,
> > > > +},
> > > > +{
> > > > +.vdev_id = VIRTIO_ID_9P,
> > > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_9P,
> > > > +.class_id = PCI_BASE_CLASS_NETWORK,
> > > > +},
> > > > +{
> > > > +.vdev_id = VIRTIO_ID_VSOCK,
> > > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_VSOCK,
> > > > +.class_id = PCI_CLASS_COMMUNICATION_OTHER,
> > > > +},
> > > > +{
> > > > +.vdev_id = VIRTIO_ID_IOMMU,
> > > > +.pdev_id = PCI_DEVICE_ID_VIRTIO_IOMMU,
> > > > +.class_id = PCI_CLASS_OTHERS,
> > > > +},
> > > > + 

Re: [PATCH qemu] spapr: Force 32bit when resetting a core

[Alexey Kardashevskiy]

On 08/01/2022 00:39, Greg Kurz wrote:

On Fri, 7 Jan 2022 23:19:03 +1100
David Gibson  wrote:


On Fri, Jan 07, 2022 at 12:57:47PM +0100, Greg Kurz wrote:

On Fri, 7 Jan 2022 18:24:23 +1100
Alexey Kardashevskiy  wrote:


"PowerPC Processor binding to IEEE 1275" says in
"8.2.1. Initial Register Values" that the initial state is defined as
32bit so do it for both SLOF and VOF.

This should not cause behavioral change as SLOF switches to 64bit very
early anyway.


Only one CPU goes through SLOF. What about the other ones, including
hot plugged CPUs ?


Those will be started by the start-cpu RTAS call which has its own
semantics.



Ah indeed, there's code in linux/arch/powerpc/kernel/head_64.S to switch
secondaries to 64bit... but then, as noted by Cedric, ppc_cpu_reset(),
which is called earlier sets MSR_SF but the changelog of commit 8b9f2118ca40
doesn't provide much details on the motivation. Any idea ?


https://patchwork.kernel.org/project/qemu-devel/patch/1458121432-2855-1-git-send-email-lviv...@redhat.com/

this is probably it:

===
Reset is properly defined as an exception (0x100). For exceptions, the
970MP user manual for example says:

4.5 Exception Definitions
When an exception/interrupt is taken, all bits in the MSR are set to
‘0’, with the following exceptions:
• Exceptions always set MSR[SF] to ‘1’.
===

but it looks like the above is about emulation bare metal 970 rather 
than pseries VCPU so that quote does not apply to spapr.

Re: [RFC PATCH v4 00/30] Add LoongArch softmmu support.

[yangxiaojuan]

Hi, Xuerui

Thank you for all you advice, I will modify the target part carefully.

Xiaojuan


On 01/09/2022 05:26 PM, WANG Xuerui wrote:
> Hi Xiaojuan,
> 
> I've just finished reviewing the first part (target modifications) as I'm not 
> familiar with QEMU device emulation. You may have to revise the target part 
> carefully, and re-organize at the series level to accelerate upstreaming 
> though, as Richard pointed out in the other patch series (Song Gao's 
> LoongArch linux-user support series) that the series as a whole is blocked.
> 
> 
> On 1/8/22 17:13, Xiaojuan Yang wrote:
>> This series patch add softmmu support for LoongArch.
>> Base on the linux-user emulation support V14 patch.
>>*https://patchew.org/QEMU/20220106094200.1801206-1-gaos...@loongson.cn/
> 
> There's a recognized syntax for marking patch series dependency [1], so that 
> your series could be auto-applied by Patchew for ease of consumption. You can 
> look at Song Gao's v14 LoongArch linux-user series for example usage.
> 
> [1]: 
> https://www.qemu.org/docs/master/devel/submitting-a-patch.html#base-patches-against-current-git-master
> 
>> The latest kernel:
>>*https://github.com/loongson/linux/tree/loongarch-next
>> The latest uefi:
>>*https://github.com/loongson/edk2
>>*https://github.com/loongson/edk2-platforms
>> The manual:
>>
>> *https://github.com/loongson/LoongArch-Documentation/releases/tag/2021.10.11
>>
>>
>> Changes for v4:
>> 1. Uefi code is open and add some fdt interface to pass info between qemu 
>> and uefi.
>> 2. Use a per cpu address space for iocsr.
>> 3. Modify the tlb emulation.
>> 4. Machine and board code mainly follow Mark's advice.
>> 5. Adjust pci host space map.
>> 6. Use more memregion to simplify the interrupt controller's emulate.
>>
>>
>> Changes for v3:
>> 1.Target code mainly follow Richard's code review comments.
>> 2.Put the csr and iocsr read/write instruction emulate into 2 different 
>> patch.
>> 3.Simply the tlb emulation.
>> 4.Delete some unused csr registers defintion.
>> 5.Machine and board code mainly follow Mark's advice, discard the obsolete 
>> interface.
>> 6.NUMA function is removed for it is not completed.
>> 7.Adjust some format problem and the Naming problem
>>
>>
>> Changes for v2:
>> 1.Combine patch 2 and 3 into one.
>> 2.Adjust the order of the patch.
>> 3.Put all the binaries on the github.
>> 4.Modify some emulate errors when use the kernel from the github.
>> 5.Adjust some format problem and the Naming problem
>> 6.Others mainly follow Richard's code review comments.
>>
>> Please help review!
>>
>> Thanks
>>
>> Xiaojuan Yang (30):
>>target/loongarch: Update README
>>target/loongarch: Add CSR registers definition
>>target/loongarch: Add basic vmstate description of CPU.
> 
> There are serious issues with your commit message...
> 
> First of all, some of your commit message titles end with a period, while 
> some don't; the QEMU convention is to NOT use one. So please fix all commits 
> like this to remove the trailing period.
> 
>>target/loongarch: Implement qmp_query_cpu_definitions()
>>target/loongarch: Add constant timer support
> "Implement the constant timer" would be more concise and idiomatic English.
>>target/loongarch: Add MMU support for LoongArch CPU.
>>target/loongarch: Add LoongArch CSR instruction
>>target/loongarch: Add LoongArch IOCSR instruction
> You don't need to emphasize "LoongArch" because the component prefix 
> "target/loongarch" says it all. Also all of these commits add support for 
> multiple instructions at once, so you would say "instructions". You may need 
> to check all places for simple plural form mistakes like these.
>>target/loongarch: Add TLB instruction support
>>target/loongarch: Add other core instructions support
>>target/loongarch: Add LoongArch interrupt and exception handle
> "handlers"?
>>target/loongarch: Add timer related instructions support.
>>target/loongarch: Add gdb support.
>>hw/pci-host: Add ls7a1000 PCIe Host bridge support for Loongson3
>>  Platform
> "Add the LS7A1000 PCIe host bridge" would be enough; although currently the 
> LS7A chip is only paired with Loongson 3 CPUs, there's no intrinsic reasons 
> to only support this combination ever.
>>hw/loongarch: Add support loongson3-ls7a machine type.
> "Support the loongson3-ls7a machine type"
>>hw/loongarch: Add LoongArch cpu interrupt support(CPUINTC)
> You may just say "Implement the LoongArch CPUINTC"; people naturally look in 
> the diff to get what CPUINTC means. Same for other following commits with 
> similar commit messages.
>>hw/loongarch: Add LoongArch ipi interrupt support(IPI)
>>hw/intc: Add LoongArch ls7a interrupt controller support(PCH-PIC)
>>hw/intc: Add LoongArch ls7a msi interrupt controller support(PCH-MSI)
>>hw/intc: Add LoongArch extioi interrupt controller(EIOINTC)
>>hw/loongarch: Add irq hierarchy for the system
>>Enable common virtio 

Re: [PATCH v10 00/10]vhost-vdpa: add support for configure interrupt

[Cindy Lu]

On Mon, Jan 10, 2022 at 10:37 AM Jason Wang  wrote:

> On Mon, Jan 10, 2022 at 9:37 AM Cindy Lu  wrote:
> >
> >
> >
> >
> > On Mon, Jan 10, 2022 at 1:56 AM Michael S. Tsirkin 
> wrote:
> >>
> >> On Fri, Nov 05, 2021 at 12:48:17AM +0800, Cindy Lu wrote:
> >> > these patches add the support for configure interrupt
> >> >
> >> > These codes are all tested in vp-vdpa (support configure interrupt)
> >> > vdpa_sim (not support configure interrupt), virtio tap device
> >> >
> >> > test in virtio-pci bus and virtio-mmio bus
> >> >
> >> > Change in v2:
> >> > Add support for virtio-mmio bus
> >> > active the notifier while the backend support configure interrupt
> >> > misc fixes from v1
> >> >
> >> > Change in v3
> >> > fix the coding style problems
> >> >
> >> > Change in v4
> >> > misc fixes from v3
> >> > merge the set_config_notifier to set_guest_notifier
> >> > when vdpa start, check the feature by VIRTIO_NET_F_STATUS
> >> >
> >> > Change in v5
> >> > misc fixes from v4
> >> > split the code to introduce configure interrupt type and the callback
> function
> >> > will init the configure interrupt in all virtio-pci and virtio-mmio
> bus, but will
> >> > only active while using vhost-vdpa driver
> >> >
> >> > Change in v6
> >> > misc fixes from v5
> >> > decouple vq from interrupt setting and misc process
> >> > fix the bug in virtio_net_handle_rx
> >> > use -1 as the queue number to identify if the interrupt is configure
> interrupt
> >> >
> >> > Change in v7
> >> > misc fixes from v6
> >> > decouple vq from interrupt setting and misc process
> >> > decouple vq from vector use/release process
> >> > decouple vq from set notifier fd handler process
> >> > move config_notifier and masked_config_notifier to VirtIODevice
> >> > fix the bug in virtio_net_handle_rx, add more information
> >> > add VIRTIO_CONFIG_IRQ_IDX as the queue number to identify if the
> interrupt is configure interrupt
> >> >
> >> > Change in v8
> >> > misc fixes from v7
> >> > decouple vq from interrupt setting and misc process
> >> > decouple vq from vector use/release process
> >> > decouple vq from set notifier fd handler process
> >> > move the vhost configure interrupt to vhost_net
> >> >
> >> > Change in v9
> >> > misc fixes from v8
> >> > address the comments from v8
> >> >
> >> > Change in v10
> >> > fix the hang issue in qtest
> >> > address the comments from v9
> >> >
> >> > Cindy Lu (10):
> >> >   virtio: introduce macro IRTIO_CONFIG_IRQ_IDX
> >> >   virtio-pci: decouple notifier from interrupt process
> >> >   virtio-pci: decouple the single vector from the interrupt process
> >> >   vhost: introduce new VhostOps vhost_set_config_call
> >> >   vhost-vdpa: add support for config interrupt
> >> >   virtio: add support for configure interrupt
> >> >   vhost: add support for configure interrupt
> >> >   virtio-net: add support for configure interrupt
> >> >   virtio-mmio: add support for configure interrupt
> >> >   virtio-pci: add support for configure interrupt
> >> >
> >> >  hw/display/vhost-user-gpu.c   |   6 +
> >> >  hw/net/vhost_net.c|   9 +
> >> >  hw/net/virtio-net.c   |  10 +-
> >> >  hw/virtio/trace-events|   1 +
> >> >  hw/virtio/vhost-user-fs.c |   6 +
> >> >  hw/virtio/vhost-vdpa.c|   7 +
> >> >  hw/virtio/vhost-vsock-common.c|   6 +
> >> >  hw/virtio/vhost.c |  76 +
> >> >  hw/virtio/virtio-crypto.c |   6 +
> >> >  hw/virtio/virtio-mmio.c   |  27 +++
> >> >  hw/virtio/virtio-pci.c| 269
> +-
> >> >  hw/virtio/virtio-pci.h|   4 +-
> >> >  hw/virtio/virtio.c|  29 
> >> >  include/hw/virtio/vhost-backend.h |   3 +
> >> >  include/hw/virtio/vhost.h |   4 +
> >> >  include/hw/virtio/virtio.h|   7 +
> >> >  include/net/vhost_net.h   |   2 +
> >> >  17 files changed, 389 insertions(+), 83 deletions(-)
> >>
> >> So I just realized something. The spec says:
> >>
> >> The device MUST set the Device Configuration Interrupt bit
> >> in \field{ISR status} before sending a device configuration
> >> change notification to the driver.
> >>
> >> and I don't see how these patches achieve this: it requires
> >> that config interrupts go through userspace.
> >>
> >> Revert, and think more about it? Or did I miss something?
> >>
> >  Thanks, Micheal, I'm ok to revert these patchs and there are also
> several bugs  I need to fix.
> > I will post a new version soon
>
> Please test with vectors=0 for the new version to make it work as expected.
>
> Thanks
>
> Sure, I will, Thanka Jason

> >>
> >>
> >> > --
> >> > 2.21.3
> >>
>
>

Re: [PATCH v10 00/10]vhost-vdpa: add support for configure interrupt

[Jason Wang]

On Mon, Jan 10, 2022 at 9:37 AM Cindy Lu  wrote:
>
>
>
>
> On Mon, Jan 10, 2022 at 1:56 AM Michael S. Tsirkin  wrote:
>>
>> On Fri, Nov 05, 2021 at 12:48:17AM +0800, Cindy Lu wrote:
>> > these patches add the support for configure interrupt
>> >
>> > These codes are all tested in vp-vdpa (support configure interrupt)
>> > vdpa_sim (not support configure interrupt), virtio tap device
>> >
>> > test in virtio-pci bus and virtio-mmio bus
>> >
>> > Change in v2:
>> > Add support for virtio-mmio bus
>> > active the notifier while the backend support configure interrupt
>> > misc fixes from v1
>> >
>> > Change in v3
>> > fix the coding style problems
>> >
>> > Change in v4
>> > misc fixes from v3
>> > merge the set_config_notifier to set_guest_notifier
>> > when vdpa start, check the feature by VIRTIO_NET_F_STATUS
>> >
>> > Change in v5
>> > misc fixes from v4
>> > split the code to introduce configure interrupt type and the callback 
>> > function
>> > will init the configure interrupt in all virtio-pci and virtio-mmio bus, 
>> > but will
>> > only active while using vhost-vdpa driver
>> >
>> > Change in v6
>> > misc fixes from v5
>> > decouple vq from interrupt setting and misc process
>> > fix the bug in virtio_net_handle_rx
>> > use -1 as the queue number to identify if the interrupt is configure 
>> > interrupt
>> >
>> > Change in v7
>> > misc fixes from v6
>> > decouple vq from interrupt setting and misc process
>> > decouple vq from vector use/release process
>> > decouple vq from set notifier fd handler process
>> > move config_notifier and masked_config_notifier to VirtIODevice
>> > fix the bug in virtio_net_handle_rx, add more information
>> > add VIRTIO_CONFIG_IRQ_IDX as the queue number to identify if the interrupt 
>> > is configure interrupt
>> >
>> > Change in v8
>> > misc fixes from v7
>> > decouple vq from interrupt setting and misc process
>> > decouple vq from vector use/release process
>> > decouple vq from set notifier fd handler process
>> > move the vhost configure interrupt to vhost_net
>> >
>> > Change in v9
>> > misc fixes from v8
>> > address the comments from v8
>> >
>> > Change in v10
>> > fix the hang issue in qtest
>> > address the comments from v9
>> >
>> > Cindy Lu (10):
>> >   virtio: introduce macro IRTIO_CONFIG_IRQ_IDX
>> >   virtio-pci: decouple notifier from interrupt process
>> >   virtio-pci: decouple the single vector from the interrupt process
>> >   vhost: introduce new VhostOps vhost_set_config_call
>> >   vhost-vdpa: add support for config interrupt
>> >   virtio: add support for configure interrupt
>> >   vhost: add support for configure interrupt
>> >   virtio-net: add support for configure interrupt
>> >   virtio-mmio: add support for configure interrupt
>> >   virtio-pci: add support for configure interrupt
>> >
>> >  hw/display/vhost-user-gpu.c   |   6 +
>> >  hw/net/vhost_net.c|   9 +
>> >  hw/net/virtio-net.c   |  10 +-
>> >  hw/virtio/trace-events|   1 +
>> >  hw/virtio/vhost-user-fs.c |   6 +
>> >  hw/virtio/vhost-vdpa.c|   7 +
>> >  hw/virtio/vhost-vsock-common.c|   6 +
>> >  hw/virtio/vhost.c |  76 +
>> >  hw/virtio/virtio-crypto.c |   6 +
>> >  hw/virtio/virtio-mmio.c   |  27 +++
>> >  hw/virtio/virtio-pci.c| 269 +-
>> >  hw/virtio/virtio-pci.h|   4 +-
>> >  hw/virtio/virtio.c|  29 
>> >  include/hw/virtio/vhost-backend.h |   3 +
>> >  include/hw/virtio/vhost.h |   4 +
>> >  include/hw/virtio/virtio.h|   7 +
>> >  include/net/vhost_net.h   |   2 +
>> >  17 files changed, 389 insertions(+), 83 deletions(-)
>>
>> So I just realized something. The spec says:
>>
>> The device MUST set the Device Configuration Interrupt bit
>> in \field{ISR status} before sending a device configuration
>> change notification to the driver.
>>
>> and I don't see how these patches achieve this: it requires
>> that config interrupts go through userspace.
>>
>> Revert, and think more about it? Or did I miss something?
>>
>  Thanks, Micheal, I'm ok to revert these patchs and there are also several 
> bugs  I need to fix.
> I will post a new version soon

Please test with vectors=0 for the new version to make it work as expected.

Thanks

>>
>>
>> > --
>> > 2.21.3
>>

Re: [RFC PATCH v3 22/27] hw/loongarch: Add some devices support for 3A5000.

[yangxiaojuan]

Hi, Mark

On 12/23/2021 06:52 PM, Mark Cave-Ayland wrote:
> On 22/12/2021 08:26, yangxiaojuan wrote:
> 
>> Hi, Mark
>>
>> On 12/18/2021 06:02 PM, Mark Cave-Ayland wrote:
>>> On 04/12/2021 12:07, Xiaojuan Yang wrote:
>>>
 1.Add uart,virtio-net,vga and usb for 3A5000.
 2.Add irq set and map for the pci host. Non pci device
 use irq 0-16, pci device use 16-64.
 3.Add some unimplented device to emulate guest unused
 memory space.

 Signed-off-by: Xiaojuan Yang 
 Signed-off-by: Song Gao 
 ---
hw/loongarch/Kconfig|  8 +
hw/loongarch/loongson3.c| 63 +++--
hw/pci-host/ls7a.c  | 42 +-
include/hw/intc/loongarch_ipi.h |  2 ++
include/hw/pci-host/ls7a.h  |  4 +++
softmmu/qdev-monitor.c  |  3 +-
6 files changed, 117 insertions(+), 5 deletions(-)

 diff --git a/hw/loongarch/Kconfig b/hw/loongarch/Kconfig
 index 468e3acc74..9ea3b92708 100644
 --- a/hw/loongarch/Kconfig
 +++ b/hw/loongarch/Kconfig
 @@ -1,5 +1,13 @@
config LOONGSON3_LS7A
bool
 +imply VGA_PCI
 +imply VIRTIO_VGA
 +imply PARALLEL
 +imply PCI_DEVICES
 +select ISA_BUS
 +select SERIAL
 +select SERIAL_ISA
 +select VIRTIO_PCI
select PCI_EXPRESS_7A
select LOONGARCH_IPI
select LOONGARCH_PCH_PIC
 diff --git a/hw/loongarch/loongson3.c b/hw/loongarch/loongson3.c
 index c42f830208..e4a02e7c18 100644
 --- a/hw/loongarch/loongson3.c
 +++ b/hw/loongarch/loongson3.c
 @@ -10,8 +10,11 @@
#include "qemu/datadir.h"
#include "qapi/error.h"
#include "hw/boards.h"
 +#include "hw/char/serial.h"
#include "sysemu/sysemu.h"
#include "sysemu/qtest.h"
 +#include "hw/irq.h"
 +#include "net/net.h"
#include "sysemu/runstate.h"
#include "sysemu/reset.h"
#include "hw/loongarch/loongarch.h"
 @@ -20,6 +23,7 @@
#include "hw/intc/loongarch_pch_pic.h"
#include "hw/intc/loongarch_pch_msi.h"
#include "hw/pci-host/ls7a.h"
 +#include "hw/misc/unimp.h"
static void loongarch_cpu_reset(void *opaque)
 @@ -91,11 +95,12 @@ static void sysbus_mmio_map_loongarch(SysBusDevice 
 *dev, int n,
memory_region_add_subregion(iocsr, addr, dev->mmio[n].memory);
}
-static void loongson3_irq_init(MachineState *machine)
 +static PCIBus *loongson3_irq_init(MachineState *machine)
{
LoongArchMachineState *lams = LOONGARCH_MACHINE(machine);
 -DeviceState *ipi, *extioi, *pch_pic, *pch_msi, *cpudev;
 +DeviceState *ipi, *extioi, *pch_pic, *pch_msi, *cpudev, *pciehost;
SysBusDevice *d;
 +PCIBus *pci_bus;
int cpu, pin, i;
unsigned long ipi_addr;
@@ -135,6 +140,10 @@ static void loongson3_irq_init(MachineState 
 *machine)
sysbus_realize_and_unref(d, _fatal);
sysbus_mmio_map(d, 0, LS7A_IOAPIC_REG_BASE);
+serial_mm_init(get_system_memory(), LS7A_UART_BASE, 0,
 +   qdev_get_gpio_in(pch_pic, LS7A_UART_IRQ - 
 PCH_PIC_IRQ_OFFSET),
 +   115200, serial_hd(0), DEVICE_LITTLE_ENDIAN);
 +
/* Connect 64 pch_pic irqs to extioi */
for (int i = 0; i < PCH_PIC_IRQ_NUM; i++) {
sysbus_connect_irq(d, i, qdev_get_gpio_in(extioi, i));
 @@ -149,6 +158,35 @@ static void loongson3_irq_init(MachineState *machine)
sysbus_connect_irq(d, i,
   qdev_get_gpio_in(extioi, i + 
 PCH_MSI_IRQ_START));
}
 +
 +pciehost = qdev_new(TYPE_LS7A_HOST_DEVICE);
 +d = SYS_BUS_DEVICE(pciehost);
 +sysbus_realize_and_unref(d, _fatal);
 +pci_bus = PCI_HOST_BRIDGE(pciehost)->bus;
 +
 +/* Connect 48 pci irq to pch_pic */
 +for (i = 0; i < LS7A_PCI_IRQS; i++) {
 +qdev_connect_gpio_out(pciehost, i,
 +  qdev_get_gpio_in(pch_pic, i + 
 LS7A_DEVICE_IRQS));
 +}
 +
 +return pci_bus;
 +}
 +
 +/* Network support */
 +static void network_init(PCIBus *pci_bus)
 +{
 +int i;
 +
 +for (i = 0; i < nb_nics; i++) {
 +NICInfo *nd = _table[i];
 +
 +if (!nd->model) {
 +nd->model = g_strdup("virtio");
 +}
 +
 +pci_nic_init_nofail(nd, pci_bus, nd->model, NULL);
 +}
}
  static void loongson3_init(MachineState *machine)
 @@ -161,6 +199,7 @@ static void loongson3_init(MachineState *machine)
MemoryRegion *address_space_mem = get_system_memory();
LoongArchMachineState *lams = LOONGARCH_MACHINE(machine);
int i;
 +PCIBus 

Re: [PATCH v3 8/8] target/ppc: Set the correct endianness for powernv memory dumps

[David Gibson]

On Fri, Jan 07, 2022 at 07:26:01PM -0300, Fabiano Rosas wrote:
> We use the endianness of interrupts to determine which endianness to
> use for the guest kernel memory dump. For machines that support HILE
> (powernv8 and up) we have been always generating big endian dump
> files.
> 
> This patch uses the HILE support recently added to
> ppc_interrupts_little_endian to fix the endianness of the dumps for
> powernv machines.
> 
> Here are two dumps created at different moments:
> 
> $ file skiboot.dump
> skiboot.dump: ELF 64-bit MSB core file, 64-bit PowerPC ...
> 
> $ file kernel.dump
> kernel.dump: ELF 64-bit LSB core file, 64-bit PowerPC ...
> 
> Suggested-by: David Gibson 
> Signed-off-by: Fabiano Rosas 

Reviewed-by: David Gibson 

> ---
>  target/ppc/arch_dump.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/target/ppc/arch_dump.c b/target/ppc/arch_dump.c
> index 12cde198a3..993740897d 100644
> --- a/target/ppc/arch_dump.c
> +++ b/target/ppc/arch_dump.c
> @@ -237,7 +237,7 @@ int cpu_get_dump_info(ArchDumpInfo *info,
>  info->d_machine = PPC_ELF_MACHINE;
>  info->d_class = ELFCLASS;
>  
> -if (ppc_interrupts_little_endian(cpu, false)) {
> +if (ppc_interrupts_little_endian(cpu, cpu->env.has_hv_mode)) {
>  info->d_endian = ELFDATA2LSB;
>  } else {
>  info->d_endian = ELFDATA2MSB;

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

Re: [PATCH] hw/sensor: Add SB-TSI Temperature Sensor Interface

[Patrick Venture]

On Fri, Jan 7, 2022 at 7:04 PM Patrick Venture  wrote:

> From: Hao Wu 
>
> SB Temperature Sensor Interface (SB-TSI) is an SMBus compatible
> interface that reports AMD SoC's Ttcl (normalized temperature),
> and resembles a typical 8-pin remote temperature sensor's I2C interface
> to BMC.
>
> This patch implements a basic AMD SB-TSI sensor that is
> compatible with the open-source data sheet from AMD and Linux
> kernel driver.
>
> Reference:
> Linux kernel driver:
> https://lkml.org/lkml/2020/12/11/968
> Register Map:
> https://developer.amd.com/wp-content/resources/56255_3_03.PDF
> (Chapter 6)
>
> Signed-off-by: Hao Wu 
> Reviewed-by: Doug Evans 
> ---
>  hw/sensor/Kconfig|   4 +
>  hw/sensor/meson.build|   1 +
>  hw/sensor/tmp_sbtsi.c| 393 +++
>  hw/sensor/trace-events   |   5 +
>  hw/sensor/trace.h|   1 +
>  meson.build  |   1 +
>  tests/qtest/meson.build  |   1 +
>  tests/qtest/tmp_sbtsi-test.c | 180 
>  8 files changed, 586 insertions(+)
>  create mode 100644 hw/sensor/tmp_sbtsi.c
>  create mode 100644 hw/sensor/trace-events
>  create mode 100644 hw/sensor/trace.h
>  create mode 100644 tests/qtest/tmp_sbtsi-test.c
>
> diff --git a/hw/sensor/Kconfig b/hw/sensor/Kconfig
> index 9c8a049b06..27f6f79c84 100644
> --- a/hw/sensor/Kconfig
> +++ b/hw/sensor/Kconfig
> @@ -21,3 +21,7 @@ config ADM1272
>  config MAX34451
>  bool
>  depends on I2C
> +
> +config AMDSBTSI
> +bool
> +depends on I2C
> diff --git a/hw/sensor/meson.build b/hw/sensor/meson.build
> index 059c4ca935..f7b0e645eb 100644
> --- a/hw/sensor/meson.build
> +++ b/hw/sensor/meson.build
> @@ -4,3 +4,4 @@ softmmu_ss.add(when: 'CONFIG_DPS310', if_true:
> files('dps310.c'))
>  softmmu_ss.add(when: 'CONFIG_EMC141X', if_true: files('emc141x.c'))
>  softmmu_ss.add(when: 'CONFIG_ADM1272', if_true: files('adm1272.c'))
>  softmmu_ss.add(when: 'CONFIG_MAX34451', if_true: files('max34451.c'))
> +softmmu_ss.add(when: 'CONFIG_AMDSBTSI', if_true: files('tmp_sbtsi.c'))
> diff --git a/hw/sensor/tmp_sbtsi.c b/hw/sensor/tmp_sbtsi.c
> new file mode 100644
> index 00..b68c7ebf61
> --- /dev/null
> +++ b/hw/sensor/tmp_sbtsi.c
> @@ -0,0 +1,393 @@
> +/*
> + * AMD SBI Temperature Sensor Interface (SB-TSI)
> + *
> + * Copyright 2021 Google LLC
> + *
> + * This program is free software; you can redistribute it and/or modify it
> + * under the terms of the GNU General Public License as published by the
> + * Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful, but
> WITHOUT
> + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
> + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
> + * for more details.
> + */
> +
> +#include "qemu/osdep.h"
> +#include "hw/i2c/smbus_slave.h"
> +#include "hw/irq.h"
> +#include "migration/vmstate.h"
> +#include "qapi/error.h"
> +#include "qapi/visitor.h"
> +#include "qemu/log.h"
> +#include "qemu/module.h"
> +#include "trace.h"
> +
> +#define TYPE_SBTSI "sbtsi"
> +#define SBTSI(obj) OBJECT_CHECK(SBTSIState, (obj), TYPE_SBTSI)
> +
> +/**
> + * SBTSIState:
> + * temperatures are in units of 0.125 degrees
> + * @temperature: Temperature
> + * @limit_low: Lowest temperature
> + * @limit_high: Highest temperature
> + * @status: The status register
> + * @config: The config register
> + * @alert_config: The config for alarm_l output.
> + * @addr: The address to read/write for the next cmd.
> + * @alarm: The alarm_l output pin (GPIO)
> + */
> +typedef struct SBTSIState {
> +SMBusDevice parent;
> +
> +uint32_t temperature;
> +uint32_t limit_low;
> +uint32_t limit_high;
> +uint8_t status;
> +uint8_t config;
> +uint8_t alert_config;
> +uint8_t addr;
> +qemu_irq alarm;
> +} SBTSIState;
> +
> +/*
> + * SB-TSI registers only support SMBus byte data access. "_INT" registers
> are
> + * the integer part of a temperature value or limit, and "_DEC" registers
> are
> + * corresponding decimal parts.
> + */
> +#define SBTSI_REG_TEMP_INT  0x01 /* RO */
> +#define SBTSI_REG_STATUS0x02 /* RO */
> +#define SBTSI_REG_CONFIG0x03 /* RO */
> +#define SBTSI_REG_TEMP_HIGH_INT 0x07 /* RW */
> +#define SBTSI_REG_TEMP_LOW_INT  0x08 /* RW */
> +#define SBTSI_REG_CONFIG_WR 0x09 /* RW */
> +#define SBTSI_REG_TEMP_DEC  0x10 /* RO */
> +#define SBTSI_REG_TEMP_HIGH_DEC 0x13 /* RW */
> +#define SBTSI_REG_TEMP_LOW_DEC  0x14 /* RW */
> +#define SBTSI_REG_ALERT_CONFIG  0xBF /* RW */
> +#define SBTSI_REG_MAN   0xFE /* RO */
> +#define SBTSI_REG_REV   0xFF /* RO */
> +
> +#define SBTSI_STATUS_HIGH_ALERT BIT(4)
> +#define SBTSI_STATUS_LOW_ALERT  BIT(3)
> +#define SBTSI_CONFIG_ALERT_MASK BIT(7)
> +#define SBTSI_ALARM_EN  BIT(0)
> +
> +#define SBTSI_LIMIT_LOW_DEFAULT (0)
> +#define 

Re: [PATCH] softmmu/device_tree: Silence compiler warning with --enable-sanitizers

[wangyanan (Y)]

On 2022/1/8 4:18, Richard Henderson wrote:

On 1/7/22 5:38 AM, Thomas Huth wrote:

diff --git a/softmmu/device_tree.c b/softmmu/device_tree.c
index 3965c834ca..9e96f5ecd5 100644
--- a/softmmu/device_tree.c
+++ b/softmmu/device_tree.c
@@ -564,7 +564,7 @@ int qemu_fdt_add_path(void *fdt, const char *path)
  return -1;
  }
  -    while (p) {
+    do {
  name = p + 1;
  p = strchr(name, '/');
  namelen = p != NULL ? p - name : strlen(name);
@@ -584,7 +584,7 @@ int qemu_fdt_add_path(void *fdt, const char *path)
  }
    parent = retval;
-    }
+    } while (p);


Reviewed-by: Richard Henderson 

In addition, the copy between 'path' and 'p' is unnecessary -- one of 
the variables should be removed.  Either rename the parameter to 'p', 
or rename all uses to 'path'.



Yes. We can simply remove "const char *p = path;" and directly
using the parameter "path" passed in would be fine enough.
Thanks for catching this.

Thanks,
Yanan


r~
.

Re: [PATCH] softmmu/device_tree: Silence compiler warning with --enable-sanitizers

[wangyanan (Y)]

On 2022/1/7 21:38, Thomas Huth wrote:

If I configure my build with --enable-sanitizers, my GCC (v8.5.0)
complains:

.../softmmu/device_tree.c: In function ‘qemu_fdt_add_path’:
.../softmmu/device_tree.c:560:18: error: ‘retval’ may be used uninitialized
  in this function [-Werror=maybe-uninitialized]
  int namelen, retval;
   ^~

It's a false warning since the while loop is always executed at least
once (p has to be non-NULL, otherwise the derefence in the if-statement
earlier will crash). Thus let's switch to a do-while loop here instead
to make the compiler happy in all cases.

Signed-off-by: Thomas Huth 
---
  softmmu/device_tree.c | 4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)

Reviewed-by: Yanan Wang 

diff --git a/softmmu/device_tree.c b/softmmu/device_tree.c
index 3965c834ca..9e96f5ecd5 100644
--- a/softmmu/device_tree.c
+++ b/softmmu/device_tree.c
@@ -564,7 +564,7 @@ int qemu_fdt_add_path(void *fdt, const char *path)
  return -1;
  }
  
-while (p) {

+do {
  name = p + 1;
  p = strchr(name, '/');
  namelen = p != NULL ? p - name : strlen(name);
@@ -584,7 +584,7 @@ int qemu_fdt_add_path(void *fdt, const char *path)
  }
  
  parent = retval;

-}
+} while (p);
  
  return retval;

  }

[PATCH v4 05/12] target/riscv: Implement kvm_arch_put_registers

[Yifei Jiang via]

Put GPR CSR and FP registers to kvm by KVM_SET_ONE_REG ioctl

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Alistair Francis 
Reviewed-by: Anup Patel 
---
 target/riscv/kvm.c | 104 -
 1 file changed, 103 insertions(+), 1 deletion(-)

diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
index 6d4df0ef6d..e695b91dc7 100644
--- a/target/riscv/kvm.c
+++ b/target/riscv/kvm.c
@@ -73,6 +73,14 @@ static uint64_t kvm_riscv_reg_id(CPURISCVState *env, 
uint64_t type, uint64_t idx
 } \
 } while(0)
 
+#define KVM_RISCV_SET_CSR(cs, env, csr, reg) \
+do { \
+int ret = kvm_set_one_reg(cs, RISCV_CSR_REG(env, csr), ); \
+if (ret) { \
+return ret; \
+} \
+} while(0)
+
 static int kvm_riscv_get_regs_core(CPUState *cs)
 {
 int ret = 0;
@@ -98,6 +106,31 @@ static int kvm_riscv_get_regs_core(CPUState *cs)
 return ret;
 }
 
+static int kvm_riscv_put_regs_core(CPUState *cs)
+{
+int ret = 0;
+int i;
+target_ulong reg;
+CPURISCVState *env = _CPU(cs)->env;
+
+reg = env->pc;
+ret = kvm_set_one_reg(cs, RISCV_CORE_REG(env, regs.pc), );
+if (ret) {
+return ret;
+}
+
+for (i = 1; i < 32; i++) {
+uint64_t id = kvm_riscv_reg_id(env, KVM_REG_RISCV_CORE, i);
+reg = env->gpr[i];
+ret = kvm_set_one_reg(cs, id, );
+if (ret) {
+return ret;
+}
+}
+
+return ret;
+}
+
 static int kvm_riscv_get_regs_csr(CPUState *cs)
 {
 int ret = 0;
@@ -115,6 +148,24 @@ static int kvm_riscv_get_regs_csr(CPUState *cs)
 return ret;
 }
 
+static int kvm_riscv_put_regs_csr(CPUState *cs)
+{
+int ret = 0;
+CPURISCVState *env = _CPU(cs)->env;
+
+KVM_RISCV_SET_CSR(cs, env, sstatus, env->mstatus);
+KVM_RISCV_SET_CSR(cs, env, sie, env->mie);
+KVM_RISCV_SET_CSR(cs, env, stvec, env->stvec);
+KVM_RISCV_SET_CSR(cs, env, sscratch, env->sscratch);
+KVM_RISCV_SET_CSR(cs, env, sepc, env->sepc);
+KVM_RISCV_SET_CSR(cs, env, scause, env->scause);
+KVM_RISCV_SET_CSR(cs, env, stval, env->stval);
+KVM_RISCV_SET_CSR(cs, env, sip, env->mip);
+KVM_RISCV_SET_CSR(cs, env, satp, env->satp);
+
+return ret;
+}
+
 static int kvm_riscv_get_regs_fp(CPUState *cs)
 {
 int ret = 0;
@@ -148,6 +199,40 @@ static int kvm_riscv_get_regs_fp(CPUState *cs)
 return ret;
 }
 
+static int kvm_riscv_put_regs_fp(CPUState *cs)
+{
+int ret = 0;
+int i;
+CPURISCVState *env = _CPU(cs)->env;
+
+if (riscv_has_ext(env, RVD)) {
+uint64_t reg;
+for (i = 0; i < 32; i++) {
+reg = env->fpr[i];
+ret = kvm_set_one_reg(cs, RISCV_FP_D_REG(env, i), );
+if (ret) {
+return ret;
+}
+}
+return ret;
+}
+
+if (riscv_has_ext(env, RVF)) {
+uint32_t reg;
+for (i = 0; i < 32; i++) {
+reg = env->fpr[i];
+ret = kvm_set_one_reg(cs, RISCV_FP_F_REG(env, i), );
+if (ret) {
+return ret;
+}
+}
+return ret;
+}
+
+return ret;
+}
+
+
 const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
 KVM_CAP_LAST_INFO
 };
@@ -176,7 +261,24 @@ int kvm_arch_get_registers(CPUState *cs)
 
 int kvm_arch_put_registers(CPUState *cs, int level)
 {
-return 0;
+int ret = 0;
+
+ret = kvm_riscv_put_regs_core(cs);
+if (ret) {
+return ret;
+}
+
+ret = kvm_riscv_put_regs_csr(cs);
+if (ret) {
+return ret;
+}
+
+ret = kvm_riscv_put_regs_fp(cs);
+if (ret) {
+return ret;
+}
+
+return ret;
 }
 
 int kvm_arch_release_virq_post(int virq)
-- 
2.19.1

[PATCH v4 11/12] target/riscv: Implement virtual time adjusting with vm state changing

[Yifei Jiang via]

We hope that virtual time adjusts with vm state changing. When a vm
is stopped, guest virtual time should stop counting and kvm_timer
should be stopped. When the vm is resumed, guest virtual time should
continue to count and kvm_timer should be restored.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Anup Patel 
Reviewed-by: Alistair Francis 
---
 target/riscv/kvm.c | 14 ++
 1 file changed, 14 insertions(+)

diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
index b1f1d55f29..8d94b1c6a9 100644
--- a/target/riscv/kvm.c
+++ b/target/riscv/kvm.c
@@ -41,6 +41,7 @@
 #include "sbi_ecall_interface.h"
 #include "chardev/char-fe.h"
 #include "migration/migration.h"
+#include "sysemu/runstate.h"
 
 static uint64_t kvm_riscv_reg_id(CPURISCVState *env, uint64_t type, uint64_t 
idx)
 {
@@ -377,6 +378,17 @@ unsigned long kvm_arch_vcpu_id(CPUState *cpu)
 return cpu->cpu_index;
 }
 
+static void kvm_riscv_vm_state_change(void *opaque, bool running, RunState 
state)
+{
+CPUState *cs = opaque;
+
+if (running) {
+kvm_riscv_put_regs_timer(cs);
+} else {
+kvm_riscv_get_regs_timer(cs);
+}
+}
+
 void kvm_arch_init_irq_routing(KVMState *s)
 {
 }
@@ -389,6 +401,8 @@ int kvm_arch_init_vcpu(CPUState *cs)
 CPURISCVState *env = >env;
 uint64_t id;
 
+qemu_add_vm_change_state_handler(kvm_riscv_vm_state_change, cs);
+
 id = kvm_riscv_reg_id(env, KVM_REG_RISCV_CONFIG, 
KVM_REG_RISCV_CONFIG_REG(isa));
 ret = kvm_get_one_reg(cs, id, );
 if (ret) {
-- 
2.19.1

[PATCH v4 06/12] target/riscv: Support start kernel directly by KVM

[Yifei Jiang via]

Get kernel and fdt start address in virt.c, and pass them to KVM
when cpu reset. Add kvm_riscv.h to place riscv specific interface.

In addition, PLIC is created without M-mode PLIC contexts when KVM
is enabled.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Alistair Francis 
---
 hw/intc/sifive_plic.c| 21 +++---
 hw/riscv/boot.c  | 16 +++-
 hw/riscv/virt.c  | 83 
 include/hw/riscv/boot.h  |  1 +
 target/riscv/cpu.c   |  8 
 target/riscv/cpu.h   |  3 ++
 target/riscv/kvm-stub.c  | 25 
 target/riscv/kvm.c   | 14 +++
 target/riscv/kvm_riscv.h | 24 
 target/riscv/meson.build |  2 +-
 10 files changed, 164 insertions(+), 33 deletions(-)
 create mode 100644 target/riscv/kvm-stub.c
 create mode 100644 target/riscv/kvm_riscv.h

diff --git a/hw/intc/sifive_plic.c b/hw/intc/sifive_plic.c
index 877e76877c..58c16881cb 100644
--- a/hw/intc/sifive_plic.c
+++ b/hw/intc/sifive_plic.c
@@ -30,6 +30,7 @@
 #include "target/riscv/cpu.h"
 #include "migration/vmstate.h"
 #include "hw/irq.h"
+#include "sysemu/kvm.h"
 
 #define RISCV_DEBUG_PLIC 0
 
@@ -533,6 +534,8 @@ DeviceState *sifive_plic_create(hwaddr addr, char 
*hart_config,
 {
 DeviceState *dev = qdev_new(TYPE_SIFIVE_PLIC);
 int i;
+SiFivePLICState *plic;
+int s_count = 0, m_count = 0;
 
 assert(enable_stride == (enable_stride & -enable_stride));
 assert(context_stride == (context_stride & -context_stride));
@@ -550,13 +553,19 @@ DeviceState *sifive_plic_create(hwaddr addr, char 
*hart_config,
 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), _fatal);
 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, addr);
 
-for (i = 0; i < num_harts; i++) {
-CPUState *cpu = qemu_get_cpu(hartid_base + i);
+plic = SIFIVE_PLIC(dev);
+for (i = 0; i < plic->num_addrs; i++) {
+CPUState *cpu = qemu_get_cpu(plic->addr_config[i].hartid);
 
-qdev_connect_gpio_out(dev, i,
-  qdev_get_gpio_in(DEVICE(cpu), IRQ_S_EXT));
-qdev_connect_gpio_out(dev, num_harts + i,
-  qdev_get_gpio_in(DEVICE(cpu), IRQ_M_EXT));
+if (plic->addr_config[i].mode == PLICMode_S) {
+qdev_connect_gpio_out(dev, s_count++,
+  qdev_get_gpio_in(DEVICE(cpu), IRQ_S_EXT));
+}
+
+if (plic->addr_config[i].mode == PLICMode_M) {
+qdev_connect_gpio_out(dev, num_harts + m_count++,
+  qdev_get_gpio_in(DEVICE(cpu), IRQ_M_EXT));
+}
 }
 
 return dev;
diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c
index f67264374e..cae74fcbcd 100644
--- a/hw/riscv/boot.c
+++ b/hw/riscv/boot.c
@@ -30,6 +30,7 @@
 #include "elf.h"
 #include "sysemu/device_tree.h"
 #include "sysemu/qtest.h"
+#include "sysemu/kvm.h"
 
 #include 
 
@@ -51,7 +52,9 @@ char *riscv_plic_hart_config_string(int hart_count)
 CPUState *cs = qemu_get_cpu(i);
 CPURISCVState *env = _CPU(cs)->env;
 
-if (riscv_has_ext(env, RVS)) {
+if (kvm_enabled()) {
+vals[i] = "S";
+} else if (riscv_has_ext(env, RVS)) {
 vals[i] = "MS";
 } else {
 vals[i] = "M";
@@ -324,3 +327,14 @@ void riscv_setup_rom_reset_vec(MachineState *machine, 
RISCVHartArrayState *harts
 
 return;
 }
+
+void riscv_setup_direct_kernel(hwaddr kernel_addr, hwaddr fdt_addr)
+{
+CPUState *cs;
+
+for (cs = first_cpu; cs; cs = CPU_NEXT(cs)) {
+RISCVCPU *riscv_cpu = RISCV_CPU(cs);
+riscv_cpu->env.kernel_addr = kernel_addr;
+riscv_cpu->env.fdt_addr = fdt_addr;
+}
+}
diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
index 3af074148e..2643c8bc37 100644
--- a/hw/riscv/virt.c
+++ b/hw/riscv/virt.c
@@ -38,6 +38,7 @@
 #include "chardev/char.h"
 #include "sysemu/device_tree.h"
 #include "sysemu/sysemu.h"
+#include "sysemu/kvm.h"
 #include "hw/pci/pci.h"
 #include "hw/pci-host/gpex.h"
 #include "hw/display/ramfb.h"
@@ -372,13 +373,22 @@ static void create_fdt_socket_plic(RISCVVirtState *s,
 "sifive,plic-1.0.0", "riscv,plic0"
 };
 
-plic_cells = g_new0(uint32_t, s->soc[socket].num_harts * 4);
+if (kvm_enabled()) {
+plic_cells = g_new0(uint32_t, s->soc[socket].num_harts * 2);
+} else {
+plic_cells = g_new0(uint32_t, s->soc[socket].num_harts * 4);
+}
 
 for (cpu = 0; cpu < s->soc[socket].num_harts; cpu++) {
-plic_cells[cpu * 4 + 0] = cpu_to_be32(intc_phandles[cpu]);
-plic_cells[cpu * 4 + 1] = cpu_to_be32(IRQ_M_EXT);
-plic_cells[cpu * 4 + 2] = cpu_to_be32(intc_phandles[cpu]);
-plic_cells[cpu * 4 + 3] = cpu_to_be32(IRQ_S_EXT);
+if (kvm_enabled()) {
+plic_cells[cpu * 2 + 0] = cpu_to_be32(intc_phandles[cpu]);
+plic_cells[cpu * 2 + 1] = cpu_to_be32(IRQ_S_EXT);
+} else {
+plic_cells[cpu * 4 + 0] = cpu_to_be32(intc_phandles[cpu]);
+

[PATCH v4 10/12] target/riscv: Add kvm_riscv_get/put_regs_timer

[Yifei Jiang via]

Add kvm_riscv_get/put_regs_timer to synchronize virtual time context
from KVM.

To set register of RISCV_TIMER_REG(state) will occur a error from KVM
on kvm_timer_state == 0. It's better to adapt in KVM, but it doesn't matter
that adaping in QEMU.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Anup Patel 
---
 target/riscv/cpu.h |  7 +
 target/riscv/kvm.c | 72 ++
 2 files changed, 79 insertions(+)

diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index 5f54fae7cc..9eceded96c 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv/cpu.h
@@ -261,6 +261,13 @@ struct CPURISCVState {
 
 hwaddr kernel_addr;
 hwaddr fdt_addr;
+
+/* kvm timer */
+bool kvm_timer_dirty;
+uint64_t kvm_timer_time;
+uint64_t kvm_timer_compare;
+uint64_t kvm_timer_state;
+uint64_t kvm_timer_frequency;
 };
 
 OBJECT_DECLARE_TYPE(RISCVCPU, RISCVCPUClass,
diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
index ded2a8c29d..b1f1d55f29 100644
--- a/target/riscv/kvm.c
+++ b/target/riscv/kvm.c
@@ -40,6 +40,7 @@
 #include "kvm_riscv.h"
 #include "sbi_ecall_interface.h"
 #include "chardev/char-fe.h"
+#include "migration/migration.h"
 
 static uint64_t kvm_riscv_reg_id(CPURISCVState *env, uint64_t type, uint64_t 
idx)
 {
@@ -64,6 +65,9 @@ static uint64_t kvm_riscv_reg_id(CPURISCVState *env, uint64_t 
type, uint64_t idx
 #define RISCV_CSR_REG(env, name)  kvm_riscv_reg_id(env, KVM_REG_RISCV_CSR, \
  KVM_REG_RISCV_CSR_REG(name))
 
+#define RISCV_TIMER_REG(env, name)  kvm_riscv_reg_id(env, KVM_REG_RISCV_TIMER, 
\
+ KVM_REG_RISCV_TIMER_REG(name))
+
 #define RISCV_FP_F_REG(env, idx)  kvm_riscv_reg_id(env, KVM_REG_RISCV_FP_F, 
idx)
 
 #define RISCV_FP_D_REG(env, idx)  kvm_riscv_reg_id(env, KVM_REG_RISCV_FP_D, 
idx)
@@ -84,6 +88,22 @@ static uint64_t kvm_riscv_reg_id(CPURISCVState *env, 
uint64_t type, uint64_t idx
 } \
 } while(0)
 
+#define KVM_RISCV_GET_TIMER(cs, env, name, reg) \
+do { \
+int ret = kvm_get_one_reg(cs, RISCV_TIMER_REG(env, name), ); \
+if (ret) { \
+abort(); \
+} \
+} while(0)
+
+#define KVM_RISCV_SET_TIMER(cs, env, name, reg) \
+do { \
+int ret = kvm_set_one_reg(cs, RISCV_TIMER_REG(env, time), ); \
+if (ret) { \
+abort(); \
+} \
+} while (0)
+
 static int kvm_riscv_get_regs_core(CPUState *cs)
 {
 int ret = 0;
@@ -235,6 +255,58 @@ static int kvm_riscv_put_regs_fp(CPUState *cs)
 return ret;
 }
 
+static void kvm_riscv_get_regs_timer(CPUState *cs)
+{
+CPURISCVState *env = _CPU(cs)->env;
+
+if (env->kvm_timer_dirty) {
+return;
+}
+
+KVM_RISCV_GET_TIMER(cs, env, time, env->kvm_timer_time);
+KVM_RISCV_GET_TIMER(cs, env, compare, env->kvm_timer_compare);
+KVM_RISCV_GET_TIMER(cs, env, state, env->kvm_timer_state);
+KVM_RISCV_GET_TIMER(cs, env, frequency, env->kvm_timer_frequency);
+
+env->kvm_timer_dirty = true;
+}
+
+static void kvm_riscv_put_regs_timer(CPUState *cs)
+{
+uint64_t reg;
+CPURISCVState *env = _CPU(cs)->env;
+
+if (!env->kvm_timer_dirty) {
+return;
+}
+
+KVM_RISCV_SET_TIMER(cs, env, time, env->kvm_timer_time);
+KVM_RISCV_SET_TIMER(cs, env, compare, env->kvm_timer_compare);
+
+/*
+ * To set register of RISCV_TIMER_REG(state) will occur a error from KVM
+ * on env->kvm_timer_state == 0, It's better to adapt in KVM, but it
+ * doesn't matter that adaping in QEMU now.
+ * TODO If KVM changes, adapt here.
+ */
+if (env->kvm_timer_state) {
+KVM_RISCV_SET_TIMER(cs, env, state, env->kvm_timer_state);
+}
+
+/*
+ * For now, migration will not work between Hosts with different timer
+ * frequency. Therefore, we should check whether they are the same here
+ * during the migration.
+ */
+if (migration_is_running(migrate_get_current()->state)) {
+KVM_RISCV_GET_TIMER(cs, env, frequency, reg);
+if (reg != env->kvm_timer_frequency) {
+error_report("Dst Hosts timer frequency != Src Hosts");
+}
+}
+
+env->kvm_timer_dirty = false;
+}
 
 const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
 KVM_CAP_LAST_INFO
-- 
2.19.1

[PATCH v4 09/12] target/riscv: Add host cpu type

[Yifei Jiang via]

'host' type cpu is set isa to RV32 or RV64 simply, more isa info
will obtain from KVM in kvm_arch_init_vcpu()

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Alistair Francis 
Reviewed-by: Anup Patel 
---
 target/riscv/cpu.c | 15 +++
 target/riscv/cpu.h |  1 +
 2 files changed, 16 insertions(+)

diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 39382b1d62..f17cf8083d 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -213,6 +213,18 @@ static void rv32_imafcu_nommu_cpu_init(Object *obj)
 }
 #endif
 
+#if defined(CONFIG_KVM)
+static void riscv_host_cpu_init(Object *obj)
+{
+CPURISCVState *env = _CPU(obj)->env;
+#if defined(TARGET_RISCV32)
+set_misa(env, MXL_RV32, 0);
+#elif defined(TARGET_RISCV64)
+set_misa(env, MXL_RV64, 0);
+#endif
+}
+#endif
+
 static ObjectClass *riscv_cpu_class_by_name(const char *cpu_model)
 {
 ObjectClass *oc;
@@ -818,6 +830,9 @@ static const TypeInfo riscv_cpu_type_infos[] = {
 .class_init = riscv_cpu_class_init,
 },
 DEFINE_CPU(TYPE_RISCV_CPU_ANY,  riscv_any_cpu_init),
+#if defined(CONFIG_KVM)
+DEFINE_CPU(TYPE_RISCV_CPU_HOST, riscv_host_cpu_init),
+#endif
 #if defined(TARGET_RISCV32)
 DEFINE_CPU(TYPE_RISCV_CPU_BASE32,   rv32_base_cpu_init),
 DEFINE_CPU(TYPE_RISCV_CPU_IBEX, rv32_ibex_cpu_init),
diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index 491a38de01..5f54fae7cc 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv/cpu.h
@@ -45,6 +45,7 @@
 #define TYPE_RISCV_CPU_SIFIVE_E51   RISCV_CPU_TYPE_NAME("sifive-e51")
 #define TYPE_RISCV_CPU_SIFIVE_U34   RISCV_CPU_TYPE_NAME("sifive-u34")
 #define TYPE_RISCV_CPU_SIFIVE_U54   RISCV_CPU_TYPE_NAME("sifive-u54")
+#define TYPE_RISCV_CPU_HOST RISCV_CPU_TYPE_NAME("host")
 
 #if defined(TARGET_RISCV32)
 # define TYPE_RISCV_CPU_BASETYPE_RISCV_CPU_BASE32
-- 
2.19.1

[PATCH v4 12/12] target/riscv: Support virtual time context synchronization

[Yifei Jiang via]

Add virtual time context description to vmstate_kvmtimer. After cpu being
loaded, virtual time context is updated to KVM.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Anup Patel 
Reviewed-by: Alistair Francis 
---
 target/riscv/machine.c | 30 ++
 1 file changed, 30 insertions(+)

diff --git a/target/riscv/machine.c b/target/riscv/machine.c
index ad8248ebfd..95eb82792a 100644
--- a/target/riscv/machine.c
+++ b/target/riscv/machine.c
@@ -164,6 +164,35 @@ static const VMStateDescription vmstate_pointermasking = {
 }
 };
 
+static bool kvmtimer_needed(void *opaque)
+{
+return kvm_enabled();
+}
+
+static int cpu_post_load(void *opaque, int version_id)
+{
+RISCVCPU *cpu = opaque;
+CPURISCVState *env = >env;
+
+env->kvm_timer_dirty = true;
+return 0;
+}
+
+static const VMStateDescription vmstate_kvmtimer = {
+.name = "cpu/kvmtimer",
+.version_id = 1,
+.minimum_version_id = 1,
+.needed = kvmtimer_needed,
+.post_load = cpu_post_load,
+.fields = (VMStateField[]) {
+VMSTATE_UINT64(env.kvm_timer_time, RISCVCPU),
+VMSTATE_UINT64(env.kvm_timer_compare, RISCVCPU),
+VMSTATE_UINT64(env.kvm_timer_state, RISCVCPU),
+
+VMSTATE_END_OF_LIST()
+}
+};
+
 const VMStateDescription vmstate_riscv_cpu = {
 .name = "cpu",
 .version_id = 3,
@@ -218,6 +247,7 @@ const VMStateDescription vmstate_riscv_cpu = {
 _hyper,
 _vector,
 _pointermasking,
+_kvmtimer,
 NULL
 }
 };
-- 
2.19.1

[PATCH v4 08/12] target/riscv: Handle KVM_EXIT_RISCV_SBI exit

[Yifei Jiang via]

Use char-fe to handle console sbi call, which implement early
console io while apply 'earlycon=sbi' into kernel parameters.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Anup Patel 
---
 target/riscv/kvm.c | 42 -
 target/riscv/sbi_ecall_interface.h | 72 ++
 2 files changed, 113 insertions(+), 1 deletion(-)
 create mode 100644 target/riscv/sbi_ecall_interface.h

diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
index 0027f11f45..ded2a8c29d 100644
--- a/target/riscv/kvm.c
+++ b/target/riscv/kvm.c
@@ -38,6 +38,8 @@
 #include "qemu/log.h"
 #include "hw/loader.h"
 #include "kvm_riscv.h"
+#include "sbi_ecall_interface.h"
+#include "chardev/char-fe.h"
 
 static uint64_t kvm_riscv_reg_id(CPURISCVState *env, uint64_t type, uint64_t 
idx)
 {
@@ -365,9 +367,47 @@ bool kvm_arch_stop_on_emulation_error(CPUState *cs)
 return true;
 }
 
+static int kvm_riscv_handle_sbi(CPUState *cs, struct kvm_run *run)
+{
+int ret = 0;
+unsigned char ch;
+switch (run->riscv_sbi.extension_id) {
+case SBI_EXT_0_1_CONSOLE_PUTCHAR:
+ch = run->riscv_sbi.args[0];
+qemu_chr_fe_write(serial_hd(0)->be, , sizeof(ch));
+break;
+case SBI_EXT_0_1_CONSOLE_GETCHAR:
+ret = qemu_chr_fe_read_all(serial_hd(0)->be, , sizeof(ch));
+if (ret == sizeof(ch)) {
+run->riscv_sbi.args[0] = ch;
+} else {
+run->riscv_sbi.args[0] = -1;
+}
+break;
+default:
+qemu_log_mask(LOG_UNIMP,
+  "%s: un-handled SBI EXIT, specific reasons is %lu\n",
+  __func__, run->riscv_sbi.extension_id);
+ret = -1;
+break;
+}
+return ret;
+}
+
 int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
 {
-return 0;
+int ret = 0;
+switch (run->exit_reason) {
+case KVM_EXIT_RISCV_SBI:
+ret = kvm_riscv_handle_sbi(cs, run);
+break;
+default:
+qemu_log_mask(LOG_UNIMP, "%s: un-handled exit reason %d\n",
+  __func__, run->exit_reason);
+ret = -1;
+break;
+}
+return ret;
 }
 
 void kvm_riscv_reset_vcpu(RISCVCPU *cpu)
diff --git a/target/riscv/sbi_ecall_interface.h 
b/target/riscv/sbi_ecall_interface.h
new file mode 100644
index 00..fb1a3fa8f2
--- /dev/null
+++ b/target/riscv/sbi_ecall_interface.h
@@ -0,0 +1,72 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2019 Western Digital Corporation or its affiliates.
+ *
+ * Authors:
+ *   Anup Patel 
+ */
+
+#ifndef __SBI_ECALL_INTERFACE_H__
+#define __SBI_ECALL_INTERFACE_H__
+
+/* clang-format off */
+
+/* SBI Extension IDs */
+#define SBI_EXT_0_1_SET_TIMER   0x0
+#define SBI_EXT_0_1_CONSOLE_PUTCHAR 0x1
+#define SBI_EXT_0_1_CONSOLE_GETCHAR 0x2
+#define SBI_EXT_0_1_CLEAR_IPI   0x3
+#define SBI_EXT_0_1_SEND_IPI0x4
+#define SBI_EXT_0_1_REMOTE_FENCE_I  0x5
+#define SBI_EXT_0_1_REMOTE_SFENCE_VMA   0x6
+#define SBI_EXT_0_1_REMOTE_SFENCE_VMA_ASID 0x7
+#define SBI_EXT_0_1_SHUTDOWN0x8
+#define SBI_EXT_BASE0x10
+#define SBI_EXT_TIME0x54494D45
+#define SBI_EXT_IPI 0x735049
+#define SBI_EXT_RFENCE  0x52464E43
+#define SBI_EXT_HSM 0x48534D
+
+/* SBI function IDs for BASE extension*/
+#define SBI_EXT_BASE_GET_SPEC_VERSION   0x0
+#define SBI_EXT_BASE_GET_IMP_ID 0x1
+#define SBI_EXT_BASE_GET_IMP_VERSION0x2
+#define SBI_EXT_BASE_PROBE_EXT  0x3
+#define SBI_EXT_BASE_GET_MVENDORID  0x4
+#define SBI_EXT_BASE_GET_MARCHID0x5
+#define SBI_EXT_BASE_GET_MIMPID 0x6
+
+/* SBI function IDs for TIME extension*/
+#define SBI_EXT_TIME_SET_TIMER  0x0
+
+/* SBI function IDs for IPI extension*/
+#define SBI_EXT_IPI_SEND_IPI0x0
+
+/* SBI function IDs for RFENCE extension*/
+#define SBI_EXT_RFENCE_REMOTE_FENCE_I   0x0
+#define SBI_EXT_RFENCE_REMOTE_SFENCE_VMA0x1
+#define SBI_EXT_RFENCE_REMOTE_SFENCE_VMA_ASID  0x2
+#define SBI_EXT_RFENCE_REMOTE_HFENCE_GVMA   0x3
+#define SBI_EXT_RFENCE_REMOTE_HFENCE_GVMA_VMID 0x4
+#define SBI_EXT_RFENCE_REMOTE_HFENCE_VVMA   0x5
+#define SBI_EXT_RFENCE_REMOTE_HFENCE_VVMA_ASID 0x6
+
+/* SBI function IDs for HSM extension */
+#define SBI_EXT_HSM_HART_START  0x0
+#define SBI_EXT_HSM_HART_STOP   0x1
+#define SBI_EXT_HSM_HART_GET_STATUS 0x2
+
+#define SBI_HSM_HART_STATUS_STARTED 0x0
+#define SBI_HSM_HART_STATUS_STOPPED 0x1
+#define SBI_HSM_HART_STATUS_START_PENDING   0x2
+#define SBI_HSM_HART_STATUS_STOP_PENDING0x3
+
+#define SBI_SPEC_VERSION_MAJOR_OFFSET   24
+#define SBI_SPEC_VERSION_MAJOR_MASK 0x7f
+#define SBI_SPEC_VERSION_MINOR_MASK 0xff
+#define SBI_EXT_VENDOR_START0x0900
+#define SBI_EXT_VENDOR_END  0x09FF
+/* clang-format on */
+
+#endif
-- 
2.19.1

[PATCH v4 07/12] target/riscv: Support setting external interrupt by KVM

[Yifei Jiang via]

When KVM is enabled, set the S-mode external interrupt through
kvm_riscv_set_irq function.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Alistair Francis 
Reviewed-by: Anup Patel 
---
 target/riscv/cpu.c   |  6 +-
 target/riscv/kvm-stub.c  |  5 +
 target/riscv/kvm.c   | 17 +
 target/riscv/kvm_riscv.h |  1 +
 4 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 8a979a3762..39382b1d62 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -603,7 +603,11 @@ static void riscv_cpu_set_irq(void *opaque, int irq, int 
level)
 case IRQ_S_EXT:
 case IRQ_VS_EXT:
 case IRQ_M_EXT:
-riscv_cpu_update_mip(cpu, 1 << irq, BOOL_TO_MASK(level));
+if (kvm_enabled()) {
+kvm_riscv_set_irq(cpu, irq, level);
+} else {
+riscv_cpu_update_mip(cpu, 1 << irq, BOOL_TO_MASK(level));
+}
 break;
 default:
 g_assert_not_reached();
diff --git a/target/riscv/kvm-stub.c b/target/riscv/kvm-stub.c
index 39b96fe3f4..4e8fc31a21 100644
--- a/target/riscv/kvm-stub.c
+++ b/target/riscv/kvm-stub.c
@@ -23,3 +23,8 @@ void kvm_riscv_reset_vcpu(RISCVCPU *cpu)
 {
 abort();
 }
+
+void kvm_riscv_set_irq(RISCVCPU *cpu, int irq, int level)
+{
+abort();
+}
diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
index db6d8a5b6e..0027f11f45 100644
--- a/target/riscv/kvm.c
+++ b/target/riscv/kvm.c
@@ -383,6 +383,23 @@ void kvm_riscv_reset_vcpu(RISCVCPU *cpu)
 env->satp = 0;
 }
 
+void kvm_riscv_set_irq(RISCVCPU *cpu, int irq, int level)
+{
+int ret;
+unsigned virq = level ? KVM_INTERRUPT_SET : KVM_INTERRUPT_UNSET;
+
+if (irq != IRQ_S_EXT) {
+perror("kvm riscv set irq != IRQ_S_EXT\n");
+abort();
+}
+
+ret = kvm_vcpu_ioctl(CPU(cpu), KVM_INTERRUPT, );
+if (ret < 0) {
+perror("Set irq failed");
+abort();
+}
+}
+
 bool kvm_arch_cpu_check_are_resettable(void)
 {
 return true;
diff --git a/target/riscv/kvm_riscv.h b/target/riscv/kvm_riscv.h
index f38c82bf59..ed281bdce0 100644
--- a/target/riscv/kvm_riscv.h
+++ b/target/riscv/kvm_riscv.h
@@ -20,5 +20,6 @@
 #define QEMU_KVM_RISCV_H
 
 void kvm_riscv_reset_vcpu(RISCVCPU *cpu);
+void kvm_riscv_set_irq(RISCVCPU *cpu, int irq, int level);
 
 #endif
-- 
2.19.1

Re: [PATCH v10 00/10]vhost-vdpa: add support for configure interrupt

[Cindy Lu]

On Mon, Jan 10, 2022 at 1:56 AM Michael S. Tsirkin  wrote:

> On Fri, Nov 05, 2021 at 12:48:17AM +0800, Cindy Lu wrote:
> > these patches add the support for configure interrupt
> >
> > These codes are all tested in vp-vdpa (support configure interrupt)
> > vdpa_sim (not support configure interrupt), virtio tap device
> >
> > test in virtio-pci bus and virtio-mmio bus
> >
> > Change in v2:
> > Add support for virtio-mmio bus
> > active the notifier while the backend support configure interrupt
> > misc fixes from v1
> >
> > Change in v3
> > fix the coding style problems
> >
> > Change in v4
> > misc fixes from v3
> > merge the set_config_notifier to set_guest_notifier
> > when vdpa start, check the feature by VIRTIO_NET_F_STATUS
> >
> > Change in v5
> > misc fixes from v4
> > split the code to introduce configure interrupt type and the callback
> function
> > will init the configure interrupt in all virtio-pci and virtio-mmio bus,
> but will
> > only active while using vhost-vdpa driver
> >
> > Change in v6
> > misc fixes from v5
> > decouple vq from interrupt setting and misc process
> > fix the bug in virtio_net_handle_rx
> > use -1 as the queue number to identify if the interrupt is configure
> interrupt
> >
> > Change in v7
> > misc fixes from v6
> > decouple vq from interrupt setting and misc process
> > decouple vq from vector use/release process
> > decouple vq from set notifier fd handler process
> > move config_notifier and masked_config_notifier to VirtIODevice
> > fix the bug in virtio_net_handle_rx, add more information
> > add VIRTIO_CONFIG_IRQ_IDX as the queue number to identify if the
> interrupt is configure interrupt
> >
> > Change in v8
> > misc fixes from v7
> > decouple vq from interrupt setting and misc process
> > decouple vq from vector use/release process
> > decouple vq from set notifier fd handler process
> > move the vhost configure interrupt to vhost_net
> >
> > Change in v9
> > misc fixes from v8
> > address the comments from v8
> >
> > Change in v10
> > fix the hang issue in qtest
> > address the comments from v9
> >
> > Cindy Lu (10):
> >   virtio: introduce macro IRTIO_CONFIG_IRQ_IDX
> >   virtio-pci: decouple notifier from interrupt process
> >   virtio-pci: decouple the single vector from the interrupt process
> >   vhost: introduce new VhostOps vhost_set_config_call
> >   vhost-vdpa: add support for config interrupt
> >   virtio: add support for configure interrupt
> >   vhost: add support for configure interrupt
> >   virtio-net: add support for configure interrupt
> >   virtio-mmio: add support for configure interrupt
> >   virtio-pci: add support for configure interrupt
> >
> >  hw/display/vhost-user-gpu.c   |   6 +
> >  hw/net/vhost_net.c|   9 +
> >  hw/net/virtio-net.c   |  10 +-
> >  hw/virtio/trace-events|   1 +
> >  hw/virtio/vhost-user-fs.c |   6 +
> >  hw/virtio/vhost-vdpa.c|   7 +
> >  hw/virtio/vhost-vsock-common.c|   6 +
> >  hw/virtio/vhost.c |  76 +
> >  hw/virtio/virtio-crypto.c |   6 +
> >  hw/virtio/virtio-mmio.c   |  27 +++
> >  hw/virtio/virtio-pci.c| 269 +-
> >  hw/virtio/virtio-pci.h|   4 +-
> >  hw/virtio/virtio.c|  29 
> >  include/hw/virtio/vhost-backend.h |   3 +
> >  include/hw/virtio/vhost.h |   4 +
> >  include/hw/virtio/virtio.h|   7 +
> >  include/net/vhost_net.h   |   2 +
> >  17 files changed, 389 insertions(+), 83 deletions(-)
>
> So I just realized something. The spec says:
>
> The device MUST set the Device Configuration Interrupt bit
> in \field{ISR status} before sending a device configuration
> change notification to the driver.
>
> and I don't see how these patches achieve this: it requires
> that config interrupts go through userspace.
>
> Revert, and think more about it? Or did I miss something?
>
>  Thanks, Micheal, I'm ok to revert these patchs and there are also several
bugs  I need to fix.
I will post a new version soon

>
> > --
> > 2.21.3
>
>

[PATCH v4 02/12] target/riscv: Add target/riscv/kvm.c to place the public kvm interface

[Yifei Jiang via]

Add target/riscv/kvm.c to place kvm_arch_* function needed by
kvm/kvm-all.c. Meanwhile, add kvm support in meson.build file.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Alistair Francis 
Reviewed-by: Anup Patel 
---
 meson.build  |   2 +
 target/riscv/kvm.c   | 133 +++
 target/riscv/meson.build |   1 +
 3 files changed, 136 insertions(+)
 create mode 100644 target/riscv/kvm.c

diff --git a/meson.build b/meson.build
index 53065e96ec..7eaec31a3a 100644
--- a/meson.build
+++ b/meson.build
@@ -90,6 +90,8 @@ elif cpu in ['ppc', 'ppc64']
   kvm_targets = ['ppc-softmmu', 'ppc64-softmmu']
 elif cpu in ['mips', 'mips64']
   kvm_targets = ['mips-softmmu', 'mipsel-softmmu', 'mips64-softmmu', 
'mips64el-softmmu']
+elif cpu in ['riscv']
+  kvm_targets = ['riscv32-softmmu', 'riscv64-softmmu']
 else
   kvm_targets = []
 endif
diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
new file mode 100644
index 00..687dd4b621
--- /dev/null
+++ b/target/riscv/kvm.c
@@ -0,0 +1,133 @@
+/*
+ * RISC-V implementation of KVM hooks
+ *
+ * Copyright (c) 2020 Huawei Technologies Co., Ltd
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include 
+
+#include 
+
+#include "qemu-common.h"
+#include "qemu/timer.h"
+#include "qemu/error-report.h"
+#include "qemu/main-loop.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/kvm.h"
+#include "sysemu/kvm_int.h"
+#include "cpu.h"
+#include "trace.h"
+#include "hw/pci/pci.h"
+#include "exec/memattrs.h"
+#include "exec/address-spaces.h"
+#include "hw/boards.h"
+#include "hw/irq.h"
+#include "qemu/log.h"
+#include "hw/loader.h"
+
+const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
+KVM_CAP_LAST_INFO
+};
+
+int kvm_arch_get_registers(CPUState *cs)
+{
+return 0;
+}
+
+int kvm_arch_put_registers(CPUState *cs, int level)
+{
+return 0;
+}
+
+int kvm_arch_release_virq_post(int virq)
+{
+return 0;
+}
+
+int kvm_arch_fixup_msi_route(struct kvm_irq_routing_entry *route,
+ uint64_t address, uint32_t data, PCIDevice *dev)
+{
+return 0;
+}
+
+int kvm_arch_destroy_vcpu(CPUState *cs)
+{
+return 0;
+}
+
+unsigned long kvm_arch_vcpu_id(CPUState *cpu)
+{
+return cpu->cpu_index;
+}
+
+void kvm_arch_init_irq_routing(KVMState *s)
+{
+}
+
+int kvm_arch_init_vcpu(CPUState *cs)
+{
+return 0;
+}
+
+int kvm_arch_msi_data_to_gsi(uint32_t data)
+{
+abort();
+}
+
+int kvm_arch_add_msi_route_post(struct kvm_irq_routing_entry *route,
+int vector, PCIDevice *dev)
+{
+return 0;
+}
+
+int kvm_arch_init(MachineState *ms, KVMState *s)
+{
+return 0;
+}
+
+int kvm_arch_irqchip_create(KVMState *s)
+{
+return 0;
+}
+
+int kvm_arch_process_async_events(CPUState *cs)
+{
+return 0;
+}
+
+void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
+{
+}
+
+MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
+{
+return MEMTXATTRS_UNSPECIFIED;
+}
+
+bool kvm_arch_stop_on_emulation_error(CPUState *cs)
+{
+return true;
+}
+
+int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
+{
+return 0;
+}
+
+bool kvm_arch_cpu_check_are_resettable(void)
+{
+return true;
+}
diff --git a/target/riscv/meson.build b/target/riscv/meson.build
index d5e0bc93ea..2faf08a941 100644
--- a/target/riscv/meson.build
+++ b/target/riscv/meson.build
@@ -19,6 +19,7 @@ riscv_ss.add(files(
   'bitmanip_helper.c',
   'translate.c',
 ))
+riscv_ss.add(when: 'CONFIG_KVM', if_true: files('kvm.c'))
 
 riscv_softmmu_ss = ss.source_set()
 riscv_softmmu_ss.add(files(
-- 
2.19.1

[PATCH v4 01/12] update-linux-headers: Add asm-riscv/kvm.h

[Yifei Jiang via]

Add asm-riscv/kvm.h for RISC-V KVM.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Acked-by: Alistair Francis 
Reviewed-by: Anup Patel 
---
 linux-headers/asm-riscv/kvm.h | 128 ++
 1 file changed, 128 insertions(+)
 create mode 100644 linux-headers/asm-riscv/kvm.h

diff --git a/linux-headers/asm-riscv/kvm.h b/linux-headers/asm-riscv/kvm.h
new file mode 100644
index 00..f808ad1ce5
--- /dev/null
+++ b/linux-headers/asm-riscv/kvm.h
@@ -0,0 +1,128 @@
+/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
+/*
+ * Copyright (C) 2019 Western Digital Corporation or its affiliates.
+ *
+ * Authors:
+ * Anup Patel 
+ */
+
+#ifndef __LINUX_KVM_RISCV_H
+#define __LINUX_KVM_RISCV_H
+
+#ifndef __ASSEMBLY__
+
+#include 
+#include 
+
+#define __KVM_HAVE_READONLY_MEM
+
+#define KVM_COALESCED_MMIO_PAGE_OFFSET 1
+
+#define KVM_INTERRUPT_SET  -1U
+#define KVM_INTERRUPT_UNSET-2U
+
+/* for KVM_GET_REGS and KVM_SET_REGS */
+struct kvm_regs {
+};
+
+/* for KVM_GET_FPU and KVM_SET_FPU */
+struct kvm_fpu {
+};
+
+/* KVM Debug exit structure */
+struct kvm_debug_exit_arch {
+};
+
+/* for KVM_SET_GUEST_DEBUG */
+struct kvm_guest_debug_arch {
+};
+
+/* definition of registers in kvm_run */
+struct kvm_sync_regs {
+};
+
+/* for KVM_GET_SREGS and KVM_SET_SREGS */
+struct kvm_sregs {
+};
+
+/* CONFIG registers for KVM_GET_ONE_REG and KVM_SET_ONE_REG */
+struct kvm_riscv_config {
+   unsigned long isa;
+};
+
+/* CORE registers for KVM_GET_ONE_REG and KVM_SET_ONE_REG */
+struct kvm_riscv_core {
+   struct user_regs_struct regs;
+   unsigned long mode;
+};
+
+/* Possible privilege modes for kvm_riscv_core */
+#define KVM_RISCV_MODE_S   1
+#define KVM_RISCV_MODE_U   0
+
+/* CSR registers for KVM_GET_ONE_REG and KVM_SET_ONE_REG */
+struct kvm_riscv_csr {
+   unsigned long sstatus;
+   unsigned long sie;
+   unsigned long stvec;
+   unsigned long sscratch;
+   unsigned long sepc;
+   unsigned long scause;
+   unsigned long stval;
+   unsigned long sip;
+   unsigned long satp;
+   unsigned long scounteren;
+};
+
+/* TIMER registers for KVM_GET_ONE_REG and KVM_SET_ONE_REG */
+struct kvm_riscv_timer {
+   __u64 frequency;
+   __u64 time;
+   __u64 compare;
+   __u64 state;
+};
+
+/* Possible states for kvm_riscv_timer */
+#define KVM_RISCV_TIMER_STATE_OFF  0
+#define KVM_RISCV_TIMER_STATE_ON   1
+
+#define KVM_REG_SIZE(id)   \
+   (1U << (((id) & KVM_REG_SIZE_MASK) >> KVM_REG_SIZE_SHIFT))
+
+/* If you need to interpret the index values, here is the key: */
+#define KVM_REG_RISCV_TYPE_MASK0xFF00
+#define KVM_REG_RISCV_TYPE_SHIFT   24
+
+/* Config registers are mapped as type 1 */
+#define KVM_REG_RISCV_CONFIG   (0x01 << KVM_REG_RISCV_TYPE_SHIFT)
+#define KVM_REG_RISCV_CONFIG_REG(name) \
+   (offsetof(struct kvm_riscv_config, name) / sizeof(unsigned long))
+
+/* Core registers are mapped as type 2 */
+#define KVM_REG_RISCV_CORE (0x02 << KVM_REG_RISCV_TYPE_SHIFT)
+#define KVM_REG_RISCV_CORE_REG(name)   \
+   (offsetof(struct kvm_riscv_core, name) / sizeof(unsigned long))
+
+/* Control and status registers are mapped as type 3 */
+#define KVM_REG_RISCV_CSR  (0x03 << KVM_REG_RISCV_TYPE_SHIFT)
+#define KVM_REG_RISCV_CSR_REG(name)\
+   (offsetof(struct kvm_riscv_csr, name) / sizeof(unsigned long))
+
+/* Timer registers are mapped as type 4 */
+#define KVM_REG_RISCV_TIMER(0x04 << KVM_REG_RISCV_TYPE_SHIFT)
+#define KVM_REG_RISCV_TIMER_REG(name)  \
+   (offsetof(struct kvm_riscv_timer, name) / sizeof(__u64))
+
+/* F extension registers are mapped as type 5 */
+#define KVM_REG_RISCV_FP_F (0x05 << KVM_REG_RISCV_TYPE_SHIFT)
+#define KVM_REG_RISCV_FP_F_REG(name)   \
+   (offsetof(struct __riscv_f_ext_state, name) / sizeof(__u32))
+
+/* D extension registers are mapped as type 6 */
+#define KVM_REG_RISCV_FP_D (0x06 << KVM_REG_RISCV_TYPE_SHIFT)
+#define KVM_REG_RISCV_FP_D_REG(name)   \
+   (offsetof(struct __riscv_d_ext_state, name) / sizeof(__u64))
+
+#endif
+
+#endif /* __LINUX_KVM_RISCV_H */
-- 
2.19.1

[PATCH v4 03/12] target/riscv: Implement function kvm_arch_init_vcpu

[Yifei Jiang via]

Get isa info from kvm while kvm init.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Alistair Francis 
Reviewed-by: Anup Patel 
---
 target/riscv/kvm.c | 32 +++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
index 687dd4b621..ccf3753048 100644
--- a/target/riscv/kvm.c
+++ b/target/riscv/kvm.c
@@ -38,6 +38,23 @@
 #include "qemu/log.h"
 #include "hw/loader.h"
 
+static uint64_t kvm_riscv_reg_id(CPURISCVState *env, uint64_t type, uint64_t 
idx)
+{
+uint64_t id = KVM_REG_RISCV | type | idx;
+
+switch (riscv_cpu_mxl(env)) {
+case MXL_RV32:
+id |= KVM_REG_SIZE_U32;
+break;
+case MXL_RV64:
+id |= KVM_REG_SIZE_U64;
+break;
+default:
+g_assert_not_reached();
+}
+return id;
+}
+
 const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
 KVM_CAP_LAST_INFO
 };
@@ -79,7 +96,20 @@ void kvm_arch_init_irq_routing(KVMState *s)
 
 int kvm_arch_init_vcpu(CPUState *cs)
 {
-return 0;
+int ret = 0;
+target_ulong isa;
+RISCVCPU *cpu = RISCV_CPU(cs);
+CPURISCVState *env = >env;
+uint64_t id;
+
+id = kvm_riscv_reg_id(env, KVM_REG_RISCV_CONFIG, 
KVM_REG_RISCV_CONFIG_REG(isa));
+ret = kvm_get_one_reg(cs, id, );
+if (ret) {
+return ret;
+}
+env->misa_ext = isa;
+
+return ret;
 }
 
 int kvm_arch_msi_data_to_gsi(uint32_t data)
-- 
2.19.1

[PATCH v4 00/12] Add riscv kvm accel support

[Yifei Jiang via]

This series adds both riscv32 and riscv64 kvm support, and implements
migration based on riscv.

Because of RISC-V KVM has been merged into the Linux master, so this
series are changed from RFC to patch.

Several steps to use this:
1. Build emulation
$ ./configure --target-list=riscv64-softmmu
$ make -j$(nproc)

2. Build kernel

3. Build QEMU VM
Cross built in riscv toolchain.
$ PKG_CONFIG_LIBDIR=
$ export PKG_CONFIG_SYSROOT_DIR=
$ ./configure --target-list=riscv64-softmmu --enable-kvm \
--cross-prefix=riscv64-linux-gnu- --disable-libiscsi --disable-glusterfs \
--disable-libusb --disable-usb-redir --audio-drv-list= --disable-opengl \
--disable-libxml2
$ make -j$(nproc)

4. Start emulation
$ ./qemu-system-riscv64 -M virt -m 4096M -cpu rv64,x-h=true -nographic \
-name guest=riscv-hyp,debug-threads=on \
-smp 4 \
-bios ./fw_jump.bin \
-kernel ./Image \
-drive file=./hyp.img,format=raw,id=hd0 \
-device virtio-blk-device,drive=hd0 \
-append "root=/dev/vda rw console=ttyS0 earlycon=sbi"

5. Start kvm-acceled QEMU VM in emulation
$ ./qemu-system-riscv64 -M virt,accel=kvm -m 1024M -cpu host -nographic \
-name guest=riscv-guset \
-smp 2 \
-bios none \
-kernel ./Image \
-drive file=./guest.img,format=raw,id=hd0 \
-device virtio-blk-device,drive=hd0 \
-append "root=/dev/vda rw console=ttyS0 earlycon=sbi"

Changes since patch v3
- Re-write the for-loop in sifive_plic_create().
- Drop unnecessary change in hw/riscv/virt.c.
- Use serial to handle console sbi call.

Changes since patch v2
- Create a macro for get and put timer csr.
- Remove M-mode PLIC contexts when kvm is enabled.
- Add get timer frequency.
- Move cpu_host_load to vmstate_kvmtimer.

Changes since patch v1
- Rebase on recent commit a216e7cf119c91ffdf5931834a1a030ebea40d70
- Sync-up headers with Linux-5.16-rc4.
- Fixbug in kvm_arch_init_vcpu.
- Create a macro for get and put regs csr.
- Start kernel directly when kvm_enabled.
- Use riscv_cpu_set_irq to inject KVM interrupts.
- Use the Semihosting Console API for RISC-V kvm handle sbi.
- Update vmstate_riscv_cpu version id.
  Placing kvm_timer into a subsection.

Changes since RFC v6
- Rebase on recent commit 8627edfb3f1fca24a96a0954148885c3241c10f8
- Sync-up headers with Linux-5.16-rc1

Changes since RFC v5
- Rebase on QEMU v6.1.0-rc1 and kvm-riscv linux v19.
- Move kvm interrupt setting to riscv_cpu_update_mip().
- Replace __u64 with uint64_t.

Changes since RFC v4
- Rebase on QEMU v6.0.0-rc2 and kvm-riscv linux v17.
- Remove time scaling support as software solution is incomplete.
  Because it will cause unacceptable performance degradation. and
  We will post a better solution.
- Revise according to Alistair's review comments.
  - Remove compile time XLEN checks in kvm_riscv_reg_id
  - Surround TYPE_RISCV_CPU_HOST definition by CONFIG_KVM and share
it between RV32 and RV64.
  - Add kvm-stub.c for reduce unnecessary compilation checks.
  - Add riscv_setup_direct_kernel() to direct boot kernel for KVM.

Changes since RFC v3
- Rebase on QEMU v5.2.0-rc2 and kvm-riscv linux v15.
- Add time scaling support(New patches 13, 14 and 15).
- Fix the bug that guest vm can't reboot.

Changes since RFC v2
- Fix checkpatch error at target/riscv/sbi_ecall_interface.h.
- Add riscv migration support.

Changes since RFC v1
- Add separate SBI ecall interface header.
- Add riscv32 kvm accel support.

Yifei Jiang (12):
  update-linux-headers: Add asm-riscv/kvm.h
  target/riscv: Add target/riscv/kvm.c to place the public kvm interface
  target/riscv: Implement function kvm_arch_init_vcpu
  target/riscv: Implement kvm_arch_get_registers
  target/riscv: Implement kvm_arch_put_registers
  target/riscv: Support start kernel directly by KVM
  target/riscv: Support setting external interrupt by KVM
  target/riscv: Handle KVM_EXIT_RISCV_SBI exit
  target/riscv: Add host cpu type
  target/riscv: Add kvm_riscv_get/put_regs_timer
  target/riscv: Implement virtual time adjusting with vm state changing
  target/riscv: Support virtual time context synchronization

 hw/intc/sifive_plic.c  |  21 +-
 hw/riscv/boot.c|  16 +-
 hw/riscv/virt.c|  83 +++--
 include/hw/riscv/boot.h|   1 +
 linux-headers/asm-riscv/kvm.h  | 128 +++
 meson.build|   2 +
 target/riscv/cpu.c |  29 +-
 target/riscv/cpu.h |  11 +
 target/riscv/kvm-stub.c|  30 ++
 target/riscv/kvm.c | 532 +
 target/riscv/kvm_riscv.h   |  25 ++
 target/riscv/machine.c |  30 ++
 target/riscv/meson.build   |   1 +
 target/riscv/sbi_ecall_interface.h |  72 
 14 files changed, 948 insertions(+), 33 deletions(-)
 create mode 100644 linux-headers/asm-riscv/kvm.h
 create mode 100644 target/riscv/kvm-stub.c
 create mode 100644 target/riscv/kvm.c
 create mode 100644 

[PATCH v4 04/12] target/riscv: Implement kvm_arch_get_registers

[Yifei Jiang via]

Get GPR CSR and FP registers from kvm by KVM_GET_ONE_REG ioctl.

Signed-off-by: Yifei Jiang 
Signed-off-by: Mingwang Li 
Reviewed-by: Alistair Francis 
Reviewed-by: Anup Patel 
---
 target/riscv/kvm.c | 112 -
 1 file changed, 111 insertions(+), 1 deletion(-)

diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c
index ccf3753048..6d4df0ef6d 100644
--- a/target/riscv/kvm.c
+++ b/target/riscv/kvm.c
@@ -55,13 +55,123 @@ static uint64_t kvm_riscv_reg_id(CPURISCVState *env, 
uint64_t type, uint64_t idx
 return id;
 }
 
+#define RISCV_CORE_REG(env, name)  kvm_riscv_reg_id(env, KVM_REG_RISCV_CORE, \
+ KVM_REG_RISCV_CORE_REG(name))
+
+#define RISCV_CSR_REG(env, name)  kvm_riscv_reg_id(env, KVM_REG_RISCV_CSR, \
+ KVM_REG_RISCV_CSR_REG(name))
+
+#define RISCV_FP_F_REG(env, idx)  kvm_riscv_reg_id(env, KVM_REG_RISCV_FP_F, 
idx)
+
+#define RISCV_FP_D_REG(env, idx)  kvm_riscv_reg_id(env, KVM_REG_RISCV_FP_D, 
idx)
+
+#define KVM_RISCV_GET_CSR(cs, env, csr, reg) \
+do { \
+int ret = kvm_get_one_reg(cs, RISCV_CSR_REG(env, csr), ); \
+if (ret) { \
+return ret; \
+} \
+} while(0)
+
+static int kvm_riscv_get_regs_core(CPUState *cs)
+{
+int ret = 0;
+int i;
+target_ulong reg;
+CPURISCVState *env = _CPU(cs)->env;
+
+ret = kvm_get_one_reg(cs, RISCV_CORE_REG(env, regs.pc), );
+if (ret) {
+return ret;
+}
+env->pc = reg;
+
+for (i = 1; i < 32; i++) {
+uint64_t id = kvm_riscv_reg_id(env, KVM_REG_RISCV_CORE, i);
+ret = kvm_get_one_reg(cs, id, );
+if (ret) {
+return ret;
+}
+env->gpr[i] = reg;
+}
+
+return ret;
+}
+
+static int kvm_riscv_get_regs_csr(CPUState *cs)
+{
+int ret = 0;
+CPURISCVState *env = _CPU(cs)->env;
+
+KVM_RISCV_GET_CSR(cs, env, sstatus, env->mstatus);
+KVM_RISCV_GET_CSR(cs, env, sie, env->mie);
+KVM_RISCV_GET_CSR(cs, env, stvec, env->stvec);
+KVM_RISCV_GET_CSR(cs, env, sscratch, env->sscratch);
+KVM_RISCV_GET_CSR(cs, env, sepc, env->sepc);
+KVM_RISCV_GET_CSR(cs, env, scause, env->scause);
+KVM_RISCV_GET_CSR(cs, env, stval, env->stval);
+KVM_RISCV_GET_CSR(cs, env, sip, env->mip);
+KVM_RISCV_GET_CSR(cs, env, satp, env->satp);
+return ret;
+}
+
+static int kvm_riscv_get_regs_fp(CPUState *cs)
+{
+int ret = 0;
+int i;
+CPURISCVState *env = _CPU(cs)->env;
+
+if (riscv_has_ext(env, RVD)) {
+uint64_t reg;
+for (i = 0; i < 32; i++) {
+ret = kvm_get_one_reg(cs, RISCV_FP_D_REG(env, i), );
+if (ret) {
+return ret;
+}
+env->fpr[i] = reg;
+}
+return ret;
+}
+
+if (riscv_has_ext(env, RVF)) {
+uint32_t reg;
+for (i = 0; i < 32; i++) {
+ret = kvm_get_one_reg(cs, RISCV_FP_F_REG(env, i), );
+if (ret) {
+return ret;
+}
+env->fpr[i] = reg;
+}
+return ret;
+}
+
+return ret;
+}
+
 const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
 KVM_CAP_LAST_INFO
 };
 
 int kvm_arch_get_registers(CPUState *cs)
 {
-return 0;
+int ret = 0;
+
+ret = kvm_riscv_get_regs_core(cs);
+if (ret) {
+return ret;
+}
+
+ret = kvm_riscv_get_regs_csr(cs);
+if (ret) {
+return ret;
+}
+
+ret = kvm_riscv_get_regs_fp(cs);
+if (ret) {
+return ret;
+}
+
+return ret;
 }
 
 int kvm_arch_put_registers(CPUState *cs, int level)
-- 
2.19.1

RE: [PATCH v3 08/12] target/riscv: Handle KVM_EXIT_RISCV_SBI exit

[Jiangyifei via]

> -Original Message-
> From: Alistair Francis [mailto:alistai...@gmail.com]
> Sent: Thursday, January 6, 2022 6:04 AM
> To: Jiangyifei 
> Cc: qemu-devel@nongnu.org Developers ; open
> list:RISC-V ; kvm-ri...@lists.infradead.org; open
> list:Overall ; libvir-l...@redhat.com; Anup Patel
> ; Palmer Dabbelt ; Alistair
> Francis ; Bin Meng ;
> Fanliang (EulerOS) ; Wubin (H)
> ; Wanghaibin (D) ;
> wanbo (G) ; limingwang (A)
> 
> Subject: Re: [PATCH v3 08/12] target/riscv: Handle KVM_EXIT_RISCV_SBI exit
> 
> On Tue, Dec 21, 2021 at 3:41 AM Yifei Jiang via 
> wrote:
> >
> > Use char-fe to handle console sbi call, which implement early console
> > io while apply 'earlycon=sbi' into kernel parameters.
> >
> > Signed-off-by: Yifei Jiang 
> > Signed-off-by: Mingwang Li 
> > Reviewed-by: Anup Patel 
> > ---
> >  target/riscv/kvm.c | 43 +-
> >  target/riscv/sbi_ecall_interface.h | 72
> > ++
> >  2 files changed, 114 insertions(+), 1 deletion(-)  create mode 100644
> > target/riscv/sbi_ecall_interface.h
> >
> > diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c index
> > 0027f11f45..4d08669c81 100644
> > --- a/target/riscv/kvm.c
> > +++ b/target/riscv/kvm.c
> > @@ -38,6 +38,9 @@
> >  #include "qemu/log.h"
> >  #include "hw/loader.h"
> >  #include "kvm_riscv.h"
> > +#include "sbi_ecall_interface.h"
> > +#include "chardev/char-fe.h"
> > +#include "semihosting/console.h"
> >
> >  static uint64_t kvm_riscv_reg_id(CPURISCVState *env, uint64_t type,
> > uint64_t idx)  { @@ -365,9 +368,47 @@ bool
> > kvm_arch_stop_on_emulation_error(CPUState *cs)
> >  return true;
> >  }
> >
> > +static int kvm_riscv_handle_sbi(CPUState *cs, struct kvm_run *run) {
> > +int ret = 0;
> > +unsigned char ch;
> > +switch (run->riscv_sbi.extension_id) {
> > +case SBI_EXT_0_1_CONSOLE_PUTCHAR:
> > +ch = run->riscv_sbi.args[0];
> > +qemu_semihosting_log_out((const char *), sizeof(ch));
> 
> Hmmm... We print to the semihosting
> 
> > +break;
> > +case SBI_EXT_0_1_CONSOLE_GETCHAR:
> > +ret = qemu_chr_fe_read_all(serial_hd(0)->be, ,
> > + sizeof(ch));
> 
> but then read from the first serial device.
> 
> That seems a little strange. Would it be better to just print to serial as 
> well?
> 
> Alistair
> 

Hm...I also think so. It will be modified in the next series.

Yifei

> > +if (ret == sizeof(ch)) {
> > +run->riscv_sbi.args[0] = ch;
> > +} else {
> > +run->riscv_sbi.args[0] = -1;
> > +}
> > +break;
> > +default:
> > +qemu_log_mask(LOG_UNIMP,
> > +  "%s: un-handled SBI EXIT, specific reasons
> is %lu\n",
> > +  __func__, run->riscv_sbi.extension_id);
> > +ret = -1;
> > +break;
> > +}
> > +return ret;
> > +}
> > +
> >  int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)  {
> > -return 0;
> > +int ret = 0;
> > +switch (run->exit_reason) {
> > +case KVM_EXIT_RISCV_SBI:
> > +ret = kvm_riscv_handle_sbi(cs, run);
> > +break;
> > +default:
> > +qemu_log_mask(LOG_UNIMP, "%s: un-handled exit reason %d\n",
> > +  __func__, run->exit_reason);
> > +ret = -1;
> > +break;
> > +}
> > +return ret;
> >  }
> >
> >  void kvm_riscv_reset_vcpu(RISCVCPU *cpu) diff --git
> > a/target/riscv/sbi_ecall_interface.h
> > b/target/riscv/sbi_ecall_interface.h
> > new file mode 100644
> > index 00..fb1a3fa8f2
> > --- /dev/null
> > +++ b/target/riscv/sbi_ecall_interface.h
> > @@ -0,0 +1,72 @@
> > +/*
> > + * SPDX-License-Identifier: BSD-2-Clause
> > + *
> > + * Copyright (c) 2019 Western Digital Corporation or its affiliates.
> > + *
> > + * Authors:
> > + *   Anup Patel 
> > + */
> > +
> > +#ifndef __SBI_ECALL_INTERFACE_H__
> > +#define __SBI_ECALL_INTERFACE_H__
> > +
> > +/* clang-format off */
> > +
> > +/* SBI Extension IDs */
> > +#define SBI_EXT_0_1_SET_TIMER   0x0
> > +#define SBI_EXT_0_1_CONSOLE_PUTCHAR 0x1
> > +#define SBI_EXT_0_1_CONSOLE_GETCHAR 0x2
> > +#define SBI_EXT_0_1_CLEAR_IPI   0x3
> > +#define SBI_EXT_0_1_SEND_IPI0x4
> > +#define SBI_EXT_0_1_REMOTE_FENCE_I  0x5
> > +#define SBI_EXT_0_1_REMOTE_SFENCE_VMA   0x6
> > +#define SBI_EXT_0_1_REMOTE_SFENCE_VMA_ASID 0x7
> > +#define SBI_EXT_0_1_SHUTDOWN0x8
> > +#define SBI_EXT_BASE0x10
> > +#define SBI_EXT_TIME0x54494D45
> > +#define SBI_EXT_IPI 0x735049
> > +#define SBI_EXT_RFENCE  0x52464E43
> > +#define SBI_EXT_HSM 0x48534D
> > +
> > +/* SBI function IDs for BASE extension*/
> > +#define SBI_EXT_BASE_GET_SPEC_VERSION   0x0
> > +#define SBI_EXT_BASE_GET_IMP_ID 0x1
> > +#define SBI_EXT_BASE_GET_IMP_VERSION0x2
> > +#define SBI_EXT_BASE_PROBE_EXT  0x3
> > +#define SBI_EXT_BASE_GET_MVENDORID  0x4
> > 

RE: [PATCH v3 06/12] target/riscv: Support start kernel directly by KVM

[Jiangyifei via]

> -Original Message-
> From: Anup Patel [mailto:a...@brainfault.org]
> Sent: Thursday, December 23, 2021 2:04 PM
> To: Jiangyifei 
> Cc: QEMU Developers ; open list:RISC-V
> ; kvm-ri...@lists.infradead.org; KVM General
> ; libvir-l...@redhat.com; Anup Patel
> ; Palmer Dabbelt ; Alistair
> Francis ; Bin Meng ;
> Fanliang (EulerOS) ; Wubin (H)
> ; Wanghaibin (D) ;
> wanbo (G) ; limingwang (A)
> 
> Subject: Re: [PATCH v3 06/12] target/riscv: Support start kernel directly by 
> KVM
> 
> On Thu, Dec 23, 2021 at 11:33 AM Anup Patel  wrote:
> >
> > On Mon, Dec 20, 2021 at 6:39 PM Yifei Jiang 
> wrote:
> > >
> > > Get kernel and fdt start address in virt.c, and pass them to KVM
> > > when cpu reset. Add kvm_riscv.h to place riscv specific interface.
> > >
> > > In addition, PLIC is created without M-mode PLIC contexts when KVM
> > > is enabled.
> > >
> > > Signed-off-by: Yifei Jiang 
> > > Signed-off-by: Mingwang Li 
> > > Reviewed-by: Alistair Francis 
> > > ---
> > >  hw/intc/sifive_plic.c|  8 +++-
> > >  hw/riscv/boot.c  | 16 +++-
> > >  hw/riscv/virt.c  | 87
> 
> > >  include/hw/riscv/boot.h  |  1 +
> > >  target/riscv/cpu.c   |  8 
> > >  target/riscv/cpu.h   |  3 ++
> > >  target/riscv/kvm-stub.c  | 25 
> > >  target/riscv/kvm.c   | 14 +++
> > >  target/riscv/kvm_riscv.h | 24 +++  target/riscv/meson.build
> > > |  2 +-
> > >  10 files changed, 159 insertions(+), 29 deletions(-)  create mode
> > > 100644 target/riscv/kvm-stub.c  create mode 100644
> > > target/riscv/kvm_riscv.h
> > >
> > > diff --git a/hw/intc/sifive_plic.c b/hw/intc/sifive_plic.c index
> > > 877e76877c..1b2b4cc25e 100644
> > > --- a/hw/intc/sifive_plic.c
> > > +++ b/hw/intc/sifive_plic.c
> > > @@ -30,6 +30,7 @@
> > >  #include "target/riscv/cpu.h"
> > >  #include "migration/vmstate.h"
> > >  #include "hw/irq.h"
> > > +#include "sysemu/kvm.h"
> > >
> > >  #define RISCV_DEBUG_PLIC 0
> > >
> > > @@ -555,8 +556,11 @@ DeviceState *sifive_plic_create(hwaddr addr,
> > > char *hart_config,
> > >
> > >  qdev_connect_gpio_out(dev, i,
> > >qdev_get_gpio_in(DEVICE(cpu),
> IRQ_S_EXT));
> > > -qdev_connect_gpio_out(dev, num_harts + i,
> > > -  qdev_get_gpio_in(DEVICE(cpu),
> IRQ_M_EXT));
> > > +
> > > +if (!kvm_enabled()) {
> > > +qdev_connect_gpio_out(dev, num_harts + i,
> > > +  qdev_get_gpio_in(DEVICE(cpu),
> IRQ_M_EXT));
> > > +}
> >
> > We should have any KVM enabled check in interrupt controller emulators
> > instead I suggest to re-write the for-loop in sifive_plic_create() as 
> > follows:
> 
> Typo correction:
> *"We should not have any KVM enabled check in "
> 
> Regards,
> Anup
> 
> >
> > SiFivePLICState *plic;
> >
> > ()
> >
> > plic = SIFIVE_PLIC(dev);
> > for (i = 0; i < plic->num_addrs; i++) {
> > CPUState *cpu = qemu_get_cpu(plic->addr_config[i].hartid);
> >
> >if (plic->addr_mode[i] == PLICMode_S) {
> >qdev_connect_gpio_out(dev, i,
> > qdev_get_gpio_in(DEVICE(cpu), IRQ_S_EXT));
> >}
> >if (plic->addr_mode[i] == PLICMode_M) {
> > qdev_connect_gpio_out(dev, num_harts + i,
> > qdev_get_gpio_in(DEVICE(cpu), IRQ_M_EXT));
> > }
> > }
> >

Yes, this looks better. It will be re-write in the next series as suggested.

> > >  }
> > >
> > >  return dev;
> > > diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c index
> > > 519fa455a1..ccff662d89 100644
> > > --- a/hw/riscv/boot.c
> > > +++ b/hw/riscv/boot.c
> > > @@ -30,6 +30,7 @@
> > >  #include "elf.h"
> > >  #include "sysemu/device_tree.h"
> > >  #include "sysemu/qtest.h"
> > > +#include "sysemu/kvm.h"
> > >
> > >  #include 
> > >
> > > @@ -51,7 +52,9 @@ char *riscv_plic_hart_config_string(int hart_count)
> > >  CPUState *cs = qemu_get_cpu(i);
> > >  CPURISCVState *env = _CPU(cs)->env;
> > >
> > > -if (riscv_has_ext(env, RVS)) {
> > > +if (kvm_enabled()) {
> > > +vals[i] = "S";
> > > +} else if (riscv_has_ext(env, RVS)) {
> > >  vals[i] = "MS";
> > >  } else {
> > >  vals[i] = "M";
> > > @@ -317,3 +320,14 @@ void riscv_setup_rom_reset_vec(MachineState
> > > *machine, RISCVHartArrayState *harts
> > >
> > >  return;
> > >  }
> > > +
> > > +void riscv_setup_direct_kernel(hwaddr kernel_addr, hwaddr fdt_addr)
> > > +{
> > > +CPUState *cs;
> > > +
> > > +for (cs = first_cpu; cs; cs = CPU_NEXT(cs)) {
> > > +RISCVCPU *riscv_cpu = RISCV_CPU(cs);
> > > +riscv_cpu->env.kernel_addr = kernel_addr;
> > > +riscv_cpu->env.fdt_addr = fdt_addr;
> > > +}
> > > +}
> > > diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c index
> > > 3af074148e..cc1a03f284 100644
> > > --- a/hw/riscv/virt.c
> > > +++ b/hw/riscv/virt.c
> > > @@ -38,6 +38,7 @@
> > >  #include "chardev/char.h"
> > >  

Re: [PATCH v4 11/11] hw/riscv: virt: Add PMU DT node to the device tree

[Atish Patra]

On Fri, Jan 7, 2022 at 6:46 AM Philippe Mathieu-Daudé  wrote:
>
> On 7/1/22 01:48, Atish Patra wrote:
> > Qemu virt machine can support few cache events and cycle/instret counters.
> > It also supports counter overflow for these events.
> >
> > Add a DT node so that OpenSBI/Linux kernel is aware of the virt machine
> > capabilities. There are some dummy nodes added for testing as well.
> >
> > Signed-off-by: Atish Patra 
> > Signed-off-by: Atish Patra 
> > ---
> >   hw/riscv/virt.c| 38 ++
> >   target/riscv/pmu.c | 45 +
> >   target/riscv/pmu.h |  1 +
> >   3 files changed, 84 insertions(+)
>
> > +static void create_fdt_socket_pmu(RISCVVirtState *s,
> > +  int socket, uint32_t *phandle,
> > +  uint32_t *intc_phandles)
> > +{
> > +int cpu;
> > +char *pmu_name;
> > +uint32_t *pmu_cells;
> > +MachineState *mc = MACHINE(s);
> > +RISCVCPU hart = s->soc[socket].harts[0];
> > +
> > +pmu_cells = g_new0(uint32_t, s->soc[socket].num_harts * 2);
> > +
> > +for (cpu = 0; cpu < s->soc[socket].num_harts; cpu++) {
> > +pmu_cells[cpu * 2 + 0] = cpu_to_be32(intc_phandles[cpu]);
> > +pmu_cells[cpu * 2 + 1] = cpu_to_be32(IRQ_PMU_OVF);
> > +}
> > +
> > +pmu_name = g_strdup_printf("/soc/pmu");
> > +qemu_fdt_add_subnode(mc->fdt, pmu_name);
> > +qemu_fdt_setprop_string(mc->fdt, pmu_name, "compatible", "riscv,pmu");
> > +riscv_pmu_generate_fdt_node(mc->fdt, hart.cfg.pmu_num, pmu_name);
>
> pmu_cells[] is not consumed...
>

Oops. I removed the DT requirement in the kernel. Forgot to remove this snippet.
Thanks!

I will fix it in the next version.

> > +
> > +g_free(pmu_name);
> > +g_free(pmu_cells);
> > +}
>
>


-- 
Regards,
Atish

Re: [PATCH v8 00/18] Adding partial support for 128-bit riscv target

[Alistair Francis]

On Fri, Jan 7, 2022 at 7:02 AM Frédéric Pétrot
 wrote:
>
> This series of patches provides partial 128-bit support for the riscv
> target architecture, namely RVI and RVM, with minimal csr support.
>
> Thanks for the reviews and advices.
>
> v8:
> - rebase on riscv-to-apply.next
>
> v7:
> - code motion following reviews
> - correction of a bug preventing riscv{32,64}-linux-user to compile
> - sync with master
> - Note that 'make check' fails for 5 qemu-iotests cases, namely
>   040, 041, 127, 256, and 267, but they also fail with
>   qemu-system-riscv{32,64} from current master
>
> v6:
> - support for '-cpu rv128' in qemu-system-riscv64 to handle 128-bit
>   executables (no more qemu-system-riscv128)
> - remove useless (and buggy) big-endian support in lq/sq
>
> v5:
> - split the memop define renaming and addition in two patches
> - 128-bit div/rem operations using host-utils functions
> - removed useless rv128 tests at various places
> - refactoring the slt/bxx part so as to share the comparison part
> - refactoring the 128-bit csr handling to share code more largely
>   Also forwarding writes to the 64-bit version when not 128-bit version
>   exists, as a vast majority of the csrs does not use the upper 64-bits
>
> v4:
> - safer and cleaner access to the gpr upper part
> - locals for load/store/div/rem helpers
> - cleans out the 128-bit div/rem code
> - corrects numerous bugs and performs optimizations on shifts and mults
> - withdraws the change in page size and the vm schemes we introduced
>
> v3:
> - v2 refactored following Richard's xl patch changes
>
> v2:
> - load and store making use of new memop.h sizes
> - use of the existing Int128 computations in helpers, and addition of
>   a few more operations there, in particular division and remainder
> - refactoring of the calls to the code generation helpers
> - split of the patch in smaller pieces
>
> v1:
> - introducing support for rv128 for basic integer and M extension insns
>
>
> Frédéric Pétrot (18):
>   exec/memop: Adding signedness to quad definitions
>   exec/memop: Adding signed quad and octo defines
>   qemu/int128: addition of div/rem 128-bit operations
>   target/riscv: additional macros to check instruction support
>   target/riscv: separation of bitwise logic and arithmetic helpers
>   target/riscv: array for the 64 upper bits of 128-bit registers
>   target/riscv: setup everything for rv64 to support rv128 execution
>   target/riscv: moving some insns close to similar insns
>   target/riscv: accessors to registers upper part and 128-bit load/store
>   target/riscv: support for 128-bit bitwise instructions
>   target/riscv: support for 128-bit U-type instructions
>   target/riscv: support for 128-bit shift instructions
>   target/riscv: support for 128-bit arithmetic instructions
>   target/riscv: support for 128-bit M extension
>   target/riscv: adding high part of some csrs
>   target/riscv: helper functions to wrap calls to 128-bit csr insns
>   target/riscv: modification of the trans_csrxx for 128-bit support
>   target/riscv: actual functions to realize crs 128-bit insns

Thanks!

Applied to riscv-to-apply.next

Alistair

>
>  include/disas/dis-asm.h|   1 +
>  include/exec/memop.h   |  15 +-
>  include/qemu/int128.h  |  27 +
>  include/tcg/tcg-op.h   |   4 +-
>  target/arm/translate-a32.h |   4 +-
>  target/riscv/cpu.h |  22 +
>  target/riscv/cpu_bits.h|   3 +
>  target/riscv/helper.h  |   9 +
>  target/riscv/insn16.decode |  27 +-
>  target/riscv/insn32.decode |  25 +
>  accel/tcg/cputlb.c |  30 +-
>  accel/tcg/user-exec.c  |   8 +-
>  disas/riscv.c  |   5 +
>  target/alpha/translate.c   |  32 +-
>  target/arm/helper-a64.c|   8 +-
>  target/arm/translate-a64.c |   8 +-
>  target/arm/translate-neon.c|   6 +-
>  target/arm/translate-sve.c |  10 +-
>  target/arm/translate-vfp.c |   8 +-
>  target/arm/translate.c |   2 +-
>  target/cris/translate.c|   2 +-
>  target/hppa/translate.c|   4 +-
>  target/i386/tcg/mem_helper.c   |   2 +-
>  target/i386/tcg/translate.c|  36 +-
>  target/m68k/op_helper.c|   2 +-
>  target/mips/tcg/translate.c|  58 +-
>  target/mips/tcg/tx79_translate.c   |   8 +-
>  target/ppc/translate.c |  32 +-
>  target/riscv/cpu.c |  29 +
>  target/riscv/csr.c | 194 +-
>  target/riscv/gdbstub.c |   5 +
>  target/riscv/m128_helper.c | 109 +++
>  target/riscv/machine.c |  22 +
>  target/riscv/op_helper.c

[PATCH] net/dump.c: Suppress spurious compiler warning

[Philipp Tomsich]

Compiling with gcc version 11.2.0 (Ubuntu 11.2.0-13ubuntu1) results in
a (spurious) warning:

  In function ‘dump_receive_iov’,
  inlined from ‘filter_dump_receive_iov’ at ../net/dump.c:157:5:
  ../net/dump.c:89:9: error: ‘writev’ specified size 18446744073709551600 
exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=]
 89 | if (writev(s->fd, dumpiov, cnt + 1) != sizeof(hdr) + caplen) {
| ^~~
  In file included from /home/ptomsich/qemu/include/qemu/osdep.h:108,
   from ../net/dump.c:25:
  ../net/dump.c: In function ‘filter_dump_receive_iov’:
  /usr/include/x86_64-linux-gnu/sys/uio.h:52:16: note: in a call to function 
‘writev’ declared with attribute ‘read_only (2, 3)’
 52 | extern ssize_t writev (int __fd, const struct iovec *__iovec, int 
__count)
|^~
  cc1: all warnings being treated as errors

This change helps that version of GCC to understand what is going on
and suppresses this warning.

Signed-off-by: Philipp Tomsich 

---

 net/dump.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/dump.c b/net/dump.c
index a07ba62401..c32d3bf4e6 100644
--- a/net/dump.c
+++ b/net/dump.c
@@ -86,7 +86,7 @@ static ssize_t dump_receive_iov(DumpState *s, const struct 
iovec *iov, int cnt)
 dumpiov[0].iov_len = sizeof(hdr);
 cnt = iov_copy([1], cnt, iov, cnt, 0, caplen);
 
-if (writev(s->fd, dumpiov, cnt + 1) != sizeof(hdr) + caplen) {
+if (writev(s->fd, [0], cnt + 1) != sizeof(hdr) + caplen) {
 error_report("network dump write error - stopping dump");
 close(s->fd);
 s->fd = -1;
-- 
2.33.1

[PATCH v1 2/2] target/riscv: Add XVentanaCondOps custom extension

[Philipp Tomsich]

This adds support for the XVentanaCondOps custom extension
(vendor-defined by Ventana Micro Systems), which is documented at
https://github.com/ventanamicro/ventana-custom-extensions/releases/download/v1.0.0/ventana-custom-extensions-v1.0.0.pdf

Given that the CUSTOM-3 opcode space is shared between vendors, these
are implemented as overlapping patterns and use the newly introduced
predicate-function infrastructure to further qualify the decode.

Signed-off-by: Philipp Tomsich 

---

 target/riscv/cpu.c|  3 ++
 target/riscv/cpu.h|  3 ++
 target/riscv/insn32.decode|  6 +++
 .../insn_trans/trans_xventanacondops.inc  | 39 +++
 target/riscv/translate.c  |  9 +
 5 files changed, 60 insertions(+)
 create mode 100644 target/riscv/insn_trans/trans_xventanacondops.inc

diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index e322e729d2..0355ca35e6 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -645,6 +645,9 @@ static Property riscv_cpu_properties[] = {
 DEFINE_PROP_BOOL("zbc", RISCVCPU, cfg.ext_zbc, true),
 DEFINE_PROP_BOOL("zbs", RISCVCPU, cfg.ext_zbs, true),
 
+/* Vendor-specific custom extensions */
+DEFINE_PROP_BOOL("xventanacondops", RISCVCPU, cfg.ext_xventanacondops, 
false),
+
 /* These are experimental so mark with 'x-' */
 DEFINE_PROP_BOOL("x-h", RISCVCPU, cfg.ext_h, false),
 DEFINE_PROP_BOOL("x-j", RISCVCPU, cfg.ext_j, false),
diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index dc10f27093..283e45755a 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv/cpu.h
@@ -318,6 +318,9 @@ struct RISCVCPU {
 bool ext_zfh;
 bool ext_zfhmin;
 
+/* Vendor-specific custom extensions */
+bool ext_xventanacondops;
+
 char *priv_spec;
 char *user_spec;
 char *bext_spec;
diff --git a/target/riscv/insn32.decode b/target/riscv/insn32.decode
index 8617307b29..ef7372a59d 100644
--- a/target/riscv/insn32.decode
+++ b/target/riscv/insn32.decode
@@ -784,3 +784,9 @@ fcvt_l_h   1100010  00010 . ... . 1010011 @r2_rm
 fcvt_lu_h  1100010  00011 . ... . 1010011 @r2_rm
 fcvt_h_l   1101010  00010 . ... . 1010011 @r2_rm
 fcvt_h_lu  1101010  00011 . ... . 1010011 @r2_rm
+
+# *** RV64 Custom-3 Extension ***
+{
+  vt_maskc   000  . . 110 . 011 @r |has_xventanacondops_p
+  vt_maskcn  000  . . 111 . 011 @r |has_xventanacondops_p
+}
\ No newline at end of file
diff --git a/target/riscv/insn_trans/trans_xventanacondops.inc 
b/target/riscv/insn_trans/trans_xventanacondops.inc
new file mode 100644
index 00..b8a5d031b5
--- /dev/null
+++ b/target/riscv/insn_trans/trans_xventanacondops.inc
@@ -0,0 +1,39 @@
+/*
+ * RISC-V translation routines for the XVentanaCondOps extension.
+ *
+ * Copyright (c) 2021-2022 VRULL GmbH.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+static bool gen_condmask(DisasContext *ctx, arg_r *a, TCGCond cond)
+{
+TCGv dest = dest_gpr(ctx, a->rd);
+TCGv src1 = get_gpr(ctx, a->rs1, EXT_NONE);
+TCGv src2 = get_gpr(ctx, a->rs2, EXT_NONE);
+
+tcg_gen_movcond_tl(cond, dest, src2, ctx->zero, src1, ctx->zero);
+
+gen_set_gpr(ctx, a->rd, dest);
+return true;
+}
+
+static bool trans_vt_maskc(DisasContext *ctx, arg_r *a)
+{
+return gen_condmask(ctx, a, TCG_COND_NE);
+}
+
+static bool trans_vt_maskcn(DisasContext *ctx, arg_r *a)
+{
+return gen_condmask(ctx, a, TCG_COND_EQ);
+}
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index 5df6c0d800..121c5605ea 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -115,6 +115,14 @@ static inline bool has_ext(DisasContext *ctx, uint32_t ext)
 return ctx->misa_ext & ext;
 }
 
+#define MATERIALISE_EXT_PREDICATE(ext)  \
+static inline bool has_ ## ext ## _p(DisasContext *ctx) \
+{ \
+return RISCV_CPU(ctx->cs)->cfg.ext_ ## ext ; \
+}
+
+MATERIALISE_EXT_PREDICATE(xventanacondops);
+
 #ifdef TARGET_RISCV32
 #define get_xl(ctx)MXL_RV32
 #elif defined(CONFIG_USER_ONLY)
@@ -651,6 +659,7 @@ static uint32_t opcode_at(DisasContextBase *dcbase, 
target_ulong pc)
 #include "insn_trans/trans_rvb.c.inc"
 #include "insn_trans/trans_rvzfh.c.inc"
 #include "insn_trans/trans_privileged.c.inc"
+#include "insn_trans/trans_xventanacondops.inc"
 
 /* Include the 

[PATCH v1 1/2] decodetree: Add an optional predicate-function for decoding

[Philipp Tomsich]

This adds the possibility to specify a predicate-function that is
called as part of decoding in multi-patterns; it is intended for
use-cases (such as vendor-defined instructions in RISC-V) where the
same bitpattern may decode into different functions depending on the
overall configuration of the emulation target.

At this time, we only support predicates for multi-patterns.

Signed-off-by: Philipp Tomsich 

---

 docs/devel/decodetree.rst |  7 ++-
 scripts/decodetree.py | 24 +---
 2 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/docs/devel/decodetree.rst b/docs/devel/decodetree.rst
index 49ea50c2a7..241aaec8bb 100644
--- a/docs/devel/decodetree.rst
+++ b/docs/devel/decodetree.rst
@@ -144,9 +144,10 @@ Patterns
 Syntax::
 
   pat_def  := identifier ( pat_elt )+
-  pat_elt  := fixedbit_elt | field_elt | field_ref | args_ref | fmt_ref | 
const_elt
+  pat_elt  := fixedbit_elt | field_elt | field_ref | args_ref | fmt_ref | 
const_elt | predicate
   fmt_ref  := '@' identifier
   const_elt:= identifier '=' number
+  predicate:= '|' identifier
 
 The *fixedbit_elt* and *field_elt* specifiers are unchanged from formats.
 A pattern that does not specify a named format will have one inferred
@@ -156,6 +157,10 @@ A *const_elt* allows a argument to be set to a constant 
value.  This may
 come in handy when fields overlap between patterns and one has to
 include the values in the *fixedbit_elt* instead.
 
+A *predicate* allows to specify a predicate function (returing true or
+false) to determine the applicability of the pattern.  Currently, this
+will change the decode-behaviour  for overlapping multi-patterns only.
+
 The decoder will call a translator function for each pattern matched.
 
 Pattern examples::
diff --git a/scripts/decodetree.py b/scripts/decodetree.py
index a03dc6b5e3..7da2282411 100644
--- a/scripts/decodetree.py
+++ b/scripts/decodetree.py
@@ -52,6 +52,7 @@
 re_fld_ident = '%[a-zA-Z0-9_]*'
 re_fmt_ident = '@[a-zA-Z0-9_]*'
 re_pat_ident = '[a-zA-Z0-9_]*'
+re_predicate_ident = '\|[a-zA-Z_][a-zA-Z0-9_]*'
 
 def error_with_file(file, lineno, *args):
 """Print an error message from file:line and args and exit."""
@@ -119,6 +120,14 @@ def whexC(val):
 suffix = 'u'
 return whex(val) + suffix
 
+def predicate(val):
+"""Return a string for calling a predicate function
+   (if specified, accepting 'None' as an indication
+   that no predicate is to be emitted) with the ctx
+   as a parameter."""
+if (val == None):
+return ''
+return ' && ' + val + '(ctx)'
 
 def str_match_bits(bits, mask):
 """Return a string pretty-printing BITS/MASK"""
@@ -340,7 +349,7 @@ def output_def(self):
 
 class General:
 """Common code between instruction formats and instruction patterns"""
-def __init__(self, name, lineno, base, fixb, fixm, udfm, fldm, flds, w):
+def __init__(self, name, lineno, base, fixb, fixm, udfm, fldm, flds, w, p 
= None):
 self.name = name
 self.file = input_file
 self.lineno = lineno
@@ -351,6 +360,7 @@ def __init__(self, name, lineno, base, fixb, fixm, udfm, 
fldm, flds, w):
 self.fieldmask = fldm
 self.fields = flds
 self.width = w
+self.predicate = p
 
 def __str__(self):
 return self.name + ' ' + str_match_bits(self.fixedbits, self.fixedmask)
@@ -499,7 +509,7 @@ def output_code(self, i, extracted, outerbits, outermask):
 if outermask != p.fixedmask:
 innermask = p.fixedmask & ~outermask
 innerbits = p.fixedbits & ~outermask
-output(ind, f'if ((insn & {whexC(innermask)}) == 
{whexC(innerbits)}) {{\n')
+output(ind, f'if ((insn & {whexC(innermask)}) == 
{whexC(innerbits)}{predicate(p.predicate)}) {{\n')
 output(ind, f'/* {str_match_bits(p.fixedbits, 
p.fixedmask)} */\n')
 p.output_code(i + 4, extracted, p.fixedbits, p.fixedmask)
 output(ind, '}\n')
@@ -826,6 +836,7 @@ def parse_generic(lineno, parent_pat, name, toks):
 global re_fld_ident
 global re_fmt_ident
 global re_C_ident
+global re_predicate_ident
 global insnwidth
 global insnmask
 global variablewidth
@@ -839,6 +850,7 @@ def parse_generic(lineno, parent_pat, name, toks):
 flds = {}
 arg = None
 fmt = None
+predicate = None
 for t in toks:
 # '' gives a format an explicit argument set.
 if re.fullmatch(re_arg_ident, t):
@@ -881,6 +893,12 @@ def parse_generic(lineno, parent_pat, name, toks):
 flds = add_field(lineno, flds, fname, ConstField(value))
 continue
 
+# '|predicate' sets a predicate function to be called.
+if re.fullmatch(re_predicate_ident, t):
+tt = t[1:]
+predicate = tt;
+continue
+
 # Pattern of 0s, 1s, dots and dashes indicate required zeros,
 # required ones, or 

Re: New arm alignment issue with 6.2.0 - bisected to single revision

[Mark Watson]

On Thu, 6 Jan 2022 at 18:09, Peter Maydell  wrote:

> On Wed, 29 Dec 2021 at 20:15, Mark Watson  wrote:
> > I'm seeing a repeatable alignment exception running m68k system mode on
> armv7l (arm cortex a9) following this commit:
> > "fa947a667fceab02f9f85fc99f54aebcc9ae6b51 is the first bad commit
> > commit fa947a667fceab02f9f85fc99f54aebcc9ae6b51
> > Author: Richard Henderson 
> > Date: Thu Jul 29 10:45:10 2021 -1000
> >
> > hw/core: Make do_unaligned_access noreturn
>
> cc'ing Richard as this was his commit. Do you have a repro case
> (QEMU command line, any necessary files/images, etc) ?
>

I've just been trying but unfortunately do not yet have a simple enough
repro case to send. I have a custom machine which is backed by an fpga
version of the amiga hardware. It's somewhere fairly early in running the
amiga system rom. I'll keep trying to get something simple.

Thanks,

Mark

Re: [PULL v3 12/55] virtio-pci: add support for configure interrupt

[Volker Rümelin]

Am 09.01.22 um 19:54 schrieb Volker Rümelin:

Am 09.01.22 um 19:01 schrieb Michael S. Tsirkin:

On Sun, Jan 09, 2022 at 06:52:28PM +0100, Volker Rümelin wrote:

Am 09.01.22 um 17:11 schrieb Michael S. Tsirkin:

On Sun, Jan 09, 2022 at 07:17:30AM +0100, Volker Rümelin wrote:

Hi,


From: Cindy Lu 

Add support for configure interrupt, The process is used 
kvm_irqfd_assign

to set the gsi to kernel. When the configure notifier was signal by
host, qemu will inject a msix interrupt to guest

Signed-off-by: Cindy Lu 
Message-Id: <20211104164827.21911-11-l...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
    hw/virtio/virtio-pci.h |  4 +-
    hw/virtio/virtio-pci.c | 92 
--

    2 files changed, 83 insertions(+), 13 deletions(-)


Since this commit I see the following warnings.

With -drive
if=virtio,id=disk1,file=/srv/cdimg/Linux/images/opensuse.qcow2,discard=unmap 



qemu-system-x86_64: virtio-blk failed to set guest notifier (-16), 
ensure

-accel kvm is set.
qemu-system-x86_64: virtio_bus_start_ioeventfd: failed. Fallback to
userspace (slower).

With libvirt
      
    
      
      
    
      
      
    
    
      
      
    
    
    
    
    
      

2022-01-08T17:45:26.911491Z qemu-system-x86_64: virtio-scsi: 
Failed to set

guest notifiers (-16), ensure -accel kvm is set.
2022-01-08T17:45:26.911505Z qemu-system-x86_64: 
virtio_bus_start_ioeventfd:

failed. Fallback to userspace (slower).

The messages appear around the time the Linux guest initializes 
the drivers.


With best regards,
Volker

I guess it's a host that has an oldish kernel?

It's an openSUSE 5.3.18 frankenstein kernel.


Does the following help?


No.


diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 98fb5493ae..b77cd69f97 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1130,15 +1130,15 @@ static int 
virtio_pci_set_guest_notifiers(DeviceState *d, int nvqs, bool assign)

   proxy->vector_irqfd =
   g_malloc0(sizeof(*proxy->vector_irqfd) *
msix_nr_vectors_allocated(>pci_dev));
+    r = kvm_virtio_pci_vector_config_use(proxy);
+    if (r < 0) {
+    goto config_error;
+    }
   r = kvm_virtio_pci_vector_use(proxy, nvqs);
   if (r < 0) {
   goto config_assign_error;
   }
   }
-    r = kvm_virtio_pci_vector_config_use(proxy);
-    if (r < 0) {
-    goto config_error;
-    }
   r = msix_set_vector_notifiers(>pci_dev, 
virtio_pci_vector_unmask,

virtio_pci_vector_mask,
virtio_pci_vector_poll);

With and without this patch msix_set_vector_notifiers() returns -16.


EBUSY

strace? did a syscall return this?


I hope I got that right. I used

strace ./qemu-system-x86_64 ... 2>strace.txt

There is no EBUSY in strace.txt.

I will sprinkle a few fprintfs to find the first function returning -16.



This is the call sequence:

virtio_pci_set_guest_notifiers: call msix_set_vector_notifiers()
msix_set_vector_notifiers: call msix_set_notifier_for_vector(dev, 0);
msix_set_notifier_for_vector: call msix_vector_use_notifier(dev, 0, msg);
virtio_pci_vector_unmask: call virtio_pci_one_vector_unmask(proxy, 
VIRTIO_CONFIG_IRQ_IDX, 0, msg, n)

virtio_pci_one_vector_unmask: call kvm_irqchip_update_msi_route()
kvm_irqchip_update_msi_route ret 0
virtio_pci_one_vector_unmask: call kvm_virtio_pci_irqfd_use(proxy, n, 0)
kvm_irqchip_assign_irqfd: call kvm_vm_ioctl(s, KVM_IRQFD, )
kvm_vm_ioctl ret 0
kvm_virtio_pci_irqfd_use ret 0
virtio_pci_one_vector_unmask ret 0
msix_vector_use_notifier ret 0
msix_set_notifier_for_vector ret 0
msix_set_vector_notifiers: call msix_set_notifier_for_vector(dev, 1);
msix_set_notifier_for_vector: call msix_vector_use_notifier(dev, 1, msg);
virtio_pci_vector_unmask: call virtio_pci_one_vector_unmask(proxy, 0, 1, 
msg, n)

virtio_pci_one_vector_unmask: call kvm_irqchip_update_msi_route()
kvm_irqchip_update_msi_route ret 0
virtio_pci_one_vector_unmask: call kvm_virtio_pci_irqfd_use(proxy, n, 1)
kvm_irqchip_assign_irqfd: call kvm_vm_ioctl(s, KVM_IRQFD, )
kvm_vm_ioctl ret 0
kvm_virtio_pci_irqfd_use ret 0
virtio_pci_one_vector_unmask ret 0
virtio_pci_vector_unmask: call virtio_pci_one_vector_unmask(proxy, 
VIRTIO_CONFIG_IRQ_IDX, 1, msg, n)

virtio_pci_one_vector_unmask: call kvm_irqchip_update_msi_route()
kvm_irqchip_update_msi_route ret 0
virtio_pci_one_vector_unmask: call kvm_virtio_pci_irqfd_use(proxy, n, 1)
kvm_irqchip_assign_irqfd: call kvm_vm_ioctl(s, KVM_IRQFD, )
kvm_vm_ioctl ret -16
kvm_virtio_pci_irqfd_use ret -16
virtio_pci_one_vector_unmask ret -16
kvm_irqchip_assign_irqfd: call kvm_vm_ioctl(s, KVM_IRQFD, )
kvm_vm_ioctl ret 0
kvm_irqchip_assign_irqfd: call kvm_vm_ioctl(s, KVM_IRQFD, )
kvm_vm_ioctl ret 0
msix_vector_use_notifier ret -16
msix_set_notifier_for_vector ret -16
kvm_irqchip_assign_irqfd: call kvm_vm_ioctl(s, 

Re: [PULL v3 12/55] virtio-pci: add support for configure interrupt

[Volker Rümelin]

Am 09.01.22 um 19:01 schrieb Michael S. Tsirkin:

On Sun, Jan 09, 2022 at 06:52:28PM +0100, Volker Rümelin wrote:

Am 09.01.22 um 17:11 schrieb Michael S. Tsirkin:

On Sun, Jan 09, 2022 at 07:17:30AM +0100, Volker Rümelin wrote:

Hi,


From: Cindy Lu 

Add support for configure interrupt, The process is used kvm_irqfd_assign
to set the gsi to kernel. When the configure notifier was signal by
host, qemu will inject a msix interrupt to guest

Signed-off-by: Cindy Lu 
Message-Id: <20211104164827.21911-11-l...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
hw/virtio/virtio-pci.h |  4 +-
hw/virtio/virtio-pci.c | 92 --
2 files changed, 83 insertions(+), 13 deletions(-)


Since this commit I see the following warnings.

With -drive
if=virtio,id=disk1,file=/srv/cdimg/Linux/images/opensuse.qcow2,discard=unmap

qemu-system-x86_64: virtio-blk failed to set guest notifier (-16), ensure
-accel kvm is set.
qemu-system-x86_64: virtio_bus_start_ioeventfd: failed. Fallback to
userspace (slower).

With libvirt
      
    
      
      
    
      
      
    
    
      
      
    
    
    
    
    
      

2022-01-08T17:45:26.911491Z qemu-system-x86_64: virtio-scsi: Failed to set
guest notifiers (-16), ensure -accel kvm is set.
2022-01-08T17:45:26.911505Z qemu-system-x86_64: virtio_bus_start_ioeventfd:
failed. Fallback to userspace (slower).

The messages appear around the time the Linux guest initializes the drivers.

With best regards,
Volker

I guess it's a host that has an oldish kernel?

It's an openSUSE 5.3.18 frankenstein kernel.


Does the following help?


No.


diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 98fb5493ae..b77cd69f97 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1130,15 +1130,15 @@ static int virtio_pci_set_guest_notifiers(DeviceState 
*d, int nvqs, bool assign)
   proxy->vector_irqfd =
   g_malloc0(sizeof(*proxy->vector_irqfd) *
 msix_nr_vectors_allocated(>pci_dev));
+r = kvm_virtio_pci_vector_config_use(proxy);
+if (r < 0) {
+goto config_error;
+}
   r = kvm_virtio_pci_vector_use(proxy, nvqs);
   if (r < 0) {
   goto config_assign_error;
   }
   }
-r = kvm_virtio_pci_vector_config_use(proxy);
-if (r < 0) {
-goto config_error;
-}
   r = msix_set_vector_notifiers(>pci_dev, 
virtio_pci_vector_unmask,
 virtio_pci_vector_mask,
 virtio_pci_vector_poll);

With and without this patch msix_set_vector_notifiers() returns -16.


EBUSY

strace? did a syscall return this?


I hope I got that right. I used

strace ./qemu-system-x86_64 ... 2>strace.txt

There is no EBUSY in strace.txt.

I will sprinkle a few fprintfs to find the first function returning -16.




@@ -1155,7 +1155,9 @@ notifiers_error:
   kvm_virtio_pci_vector_release(proxy, nvqs);
   }
   config_error:
-kvm_virtio_pci_vector_config_release(proxy);
+if (with_irqfd) {
+kvm_virtio_pci_vector_config_release(proxy);
+}
   config_assign_error:
   virtio_pci_set_guest_notifier(d, VIRTIO_CONFIG_IRQ_IDX, !assign,
 with_irqfd);

Re: [PATCH v14 16/26] target/loongarch: Add disassembler

[Richard Henderson]

On 1/9/22 1:25 AM, WANG Xuerui wrote:

+static inline int shl_2(DisasContext *ctx, int x)
+{
+    return x * 4;
Although "<< 2" has the same effect as "* 4" here, isn't "<< 2" better in matching the 
function name?


Yes, good point.


r~

Re: [PATCH v14 02/26] target/loongarch: Add core definition

[Richard Henderson]

On 1/9/22 1:25 AM, WANG Xuerui wrote:

+#define TARGET_PAGE_BITS 14
Aren't we capable of page sizes up to 64KiB? Minimal feasible page size is indeed 16KiB 
though (due to cache aliasing, although 4KiB pages are supported in hardware, they don't 
work in practice).


You must use the minimal page size here.  64k pages would be handled solely within 
tlb_fill, as multiples of the minimal page size.



+static bool loongarch_cpu_has_work(CPUState *cs)
+{
+    return true;


Note: this is only applicable to CONFIG_USER_ONLY, and needs to be changed in the 
following commits adding system emulation. To better convey your intention it may be 
better to use an #ifdef guard, something like this:


#ifndef CONFIG_USER_ONLY
#error System emulation TODO
#else
     return true;
#endif

(I'm not sure if this is okay in QEMU coding style, so please correct me if this isn't the 
case.)


Prefer positive tests over negative tests, so

#ifdef CONFIG_USER_ONLY
return true;
#else
#error
#endif


+    data = FIELD_DP32(data, CPUCFG2, LSPW, 1);
Do you support the SPW extension in this series? If not you probably don't want to set 
this bit.


Correct, you can't expose features that you don't implement.


+    uint64_t lladdr; /* LL virtual address compared against SC */
Similarly, do we explain every field with comments *here*? I think if fields are named 
according to the manuals, people will naturally look up names there so there's no worry 
for misunderstanding.

+    uint64_t llval;


These two fields are not architectural, so they do require explanation.  Not that there 
aren't other targets that lack this documentation...



r~

Re: [PULL v3 12/55] virtio-pci: add support for configure interrupt

[Michael S. Tsirkin]

On Sun, Jan 09, 2022 at 06:52:28PM +0100, Volker Rümelin wrote:
> Am 09.01.22 um 17:11 schrieb Michael S. Tsirkin:
> > On Sun, Jan 09, 2022 at 07:17:30AM +0100, Volker Rümelin wrote:
> > > Hi,
> > > 
> > > > From: Cindy Lu 
> > > > 
> > > > Add support for configure interrupt, The process is used 
> > > > kvm_irqfd_assign
> > > > to set the gsi to kernel. When the configure notifier was signal by
> > > > host, qemu will inject a msix interrupt to guest
> > > > 
> > > > Signed-off-by: Cindy Lu 
> > > > Message-Id: <20211104164827.21911-11-l...@redhat.com>
> > > > Reviewed-by: Michael S. Tsirkin 
> > > > Signed-off-by: Michael S. Tsirkin 
> > > > ---
> > > >hw/virtio/virtio-pci.h |  4 +-
> > > >hw/virtio/virtio-pci.c | 92 
> > > > --
> > > >2 files changed, 83 insertions(+), 13 deletions(-)
> > > > 
> > > Since this commit I see the following warnings.
> > > 
> > > With -drive
> > > if=virtio,id=disk1,file=/srv/cdimg/Linux/images/opensuse.qcow2,discard=unmap
> > > 
> > > qemu-system-x86_64: virtio-blk failed to set guest notifier (-16), ensure
> > > -accel kvm is set.
> > > qemu-system-x86_64: virtio_bus_start_ioeventfd: failed. Fallback to
> > > userspace (slower).
> > > 
> > > With libvirt
> > >      
> > >     > > function='0'
> > >     multifunction='on'/>
> > >      
> > >      
> > >     > > function='1'/>
> > >      
> > >      
> > >    
> > >     > > function='0'/>
> > >      
> > >      
> > >     > > io='io_uring'/>
> > >    
> > >    
> > >    
> > >    
> > >      
> > > 
> > > 2022-01-08T17:45:26.911491Z qemu-system-x86_64: virtio-scsi: Failed to set
> > > guest notifiers (-16), ensure -accel kvm is set.
> > > 2022-01-08T17:45:26.911505Z qemu-system-x86_64: 
> > > virtio_bus_start_ioeventfd:
> > > failed. Fallback to userspace (slower).
> > > 
> > > The messages appear around the time the Linux guest initializes the 
> > > drivers.
> > > 
> > > With best regards,
> > > Volker
> > I guess it's a host that has an oldish kernel?
> 
> It's an openSUSE 5.3.18 frankenstein kernel.
> 
> > Does the following help?
> > 
> 
> No.
> 
> > diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> > index 98fb5493ae..b77cd69f97 100644
> > --- a/hw/virtio/virtio-pci.c
> > +++ b/hw/virtio/virtio-pci.c
> > @@ -1130,15 +1130,15 @@ static int 
> > virtio_pci_set_guest_notifiers(DeviceState *d, int nvqs, bool assign)
> >   proxy->vector_irqfd =
> >   g_malloc0(sizeof(*proxy->vector_irqfd) *
> > msix_nr_vectors_allocated(>pci_dev));
> > +r = kvm_virtio_pci_vector_config_use(proxy);
> > +if (r < 0) {
> > +goto config_error;
> > +}
> >   r = kvm_virtio_pci_vector_use(proxy, nvqs);
> >   if (r < 0) {
> >   goto config_assign_error;
> >   }
> >   }
> > -r = kvm_virtio_pci_vector_config_use(proxy);
> > -if (r < 0) {
> > -goto config_error;
> > -}
> >   r = msix_set_vector_notifiers(>pci_dev, 
> > virtio_pci_vector_unmask,
> > virtio_pci_vector_mask,
> > virtio_pci_vector_poll);
> 
> With and without this patch msix_set_vector_notifiers() returns -16.


EBUSY

strace? did a syscall return this?

> > @@ -1155,7 +1155,9 @@ notifiers_error:
> >   kvm_virtio_pci_vector_release(proxy, nvqs);
> >   }
> >   config_error:
> > -kvm_virtio_pci_vector_config_release(proxy);
> > +if (with_irqfd) {
> > +kvm_virtio_pci_vector_config_release(proxy);
> > +}
> >   config_assign_error:
> >   virtio_pci_set_guest_notifier(d, VIRTIO_CONFIG_IRQ_IDX, !assign,
> > with_irqfd);

Re: [PATCH v10 00/10]vhost-vdpa: add support for configure interrupt

[Michael S. Tsirkin]

On Fri, Nov 05, 2021 at 12:48:17AM +0800, Cindy Lu wrote:
> these patches add the support for configure interrupt
> 
> These codes are all tested in vp-vdpa (support configure interrupt)
> vdpa_sim (not support configure interrupt), virtio tap device
> 
> test in virtio-pci bus and virtio-mmio bus
> 
> Change in v2:
> Add support for virtio-mmio bus
> active the notifier while the backend support configure interrupt
> misc fixes from v1
> 
> Change in v3
> fix the coding style problems
> 
> Change in v4
> misc fixes from v3
> merge the set_config_notifier to set_guest_notifier
> when vdpa start, check the feature by VIRTIO_NET_F_STATUS
> 
> Change in v5
> misc fixes from v4
> split the code to introduce configure interrupt type and the callback function
> will init the configure interrupt in all virtio-pci and virtio-mmio bus, but 
> will
> only active while using vhost-vdpa driver
> 
> Change in v6
> misc fixes from v5
> decouple vq from interrupt setting and misc process
> fix the bug in virtio_net_handle_rx
> use -1 as the queue number to identify if the interrupt is configure interrupt
> 
> Change in v7
> misc fixes from v6
> decouple vq from interrupt setting and misc process
> decouple vq from vector use/release process
> decouple vq from set notifier fd handler process
> move config_notifier and masked_config_notifier to VirtIODevice
> fix the bug in virtio_net_handle_rx, add more information
> add VIRTIO_CONFIG_IRQ_IDX as the queue number to identify if the interrupt is 
> configure interrupt
> 
> Change in v8
> misc fixes from v7
> decouple vq from interrupt setting and misc process
> decouple vq from vector use/release process
> decouple vq from set notifier fd handler process
> move the vhost configure interrupt to vhost_net
> 
> Change in v9
> misc fixes from v8
> address the comments from v8
> 
> Change in v10
> fix the hang issue in qtest
> address the comments from v9
> 
> Cindy Lu (10):
>   virtio: introduce macro IRTIO_CONFIG_IRQ_IDX
>   virtio-pci: decouple notifier from interrupt process
>   virtio-pci: decouple the single vector from the interrupt process
>   vhost: introduce new VhostOps vhost_set_config_call
>   vhost-vdpa: add support for config interrupt
>   virtio: add support for configure interrupt
>   vhost: add support for configure interrupt
>   virtio-net: add support for configure interrupt
>   virtio-mmio: add support for configure interrupt
>   virtio-pci: add support for configure interrupt
> 
>  hw/display/vhost-user-gpu.c   |   6 +
>  hw/net/vhost_net.c|   9 +
>  hw/net/virtio-net.c   |  10 +-
>  hw/virtio/trace-events|   1 +
>  hw/virtio/vhost-user-fs.c |   6 +
>  hw/virtio/vhost-vdpa.c|   7 +
>  hw/virtio/vhost-vsock-common.c|   6 +
>  hw/virtio/vhost.c |  76 +
>  hw/virtio/virtio-crypto.c |   6 +
>  hw/virtio/virtio-mmio.c   |  27 +++
>  hw/virtio/virtio-pci.c| 269 +-
>  hw/virtio/virtio-pci.h|   4 +-
>  hw/virtio/virtio.c|  29 
>  include/hw/virtio/vhost-backend.h |   3 +
>  include/hw/virtio/vhost.h |   4 +
>  include/hw/virtio/virtio.h|   7 +
>  include/net/vhost_net.h   |   2 +
>  17 files changed, 389 insertions(+), 83 deletions(-)

So I just realized something. The spec says:

The device MUST set the Device Configuration Interrupt bit
in \field{ISR status} before sending a device configuration
change notification to the driver.

and I don't see how these patches achieve this: it requires
that config interrupts go through userspace.

Revert, and think more about it? Or did I miss something?


> -- 
> 2.21.3

Re: [PULL v3 12/55] virtio-pci: add support for configure interrupt

[Volker Rümelin]

Am 09.01.22 um 17:11 schrieb Michael S. Tsirkin:

On Sun, Jan 09, 2022 at 07:17:30AM +0100, Volker Rümelin wrote:

Hi,


From: Cindy Lu 

Add support for configure interrupt, The process is used kvm_irqfd_assign
to set the gsi to kernel. When the configure notifier was signal by
host, qemu will inject a msix interrupt to guest

Signed-off-by: Cindy Lu 
Message-Id: <20211104164827.21911-11-l...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
   hw/virtio/virtio-pci.h |  4 +-
   hw/virtio/virtio-pci.c | 92 --
   2 files changed, 83 insertions(+), 13 deletions(-)


Since this commit I see the following warnings.

With -drive
if=virtio,id=disk1,file=/srv/cdimg/Linux/images/opensuse.qcow2,discard=unmap

qemu-system-x86_64: virtio-blk failed to set guest notifier (-16), ensure
-accel kvm is set.
qemu-system-x86_64: virtio_bus_start_ioeventfd: failed. Fallback to
userspace (slower).

With libvirt
     
   
     
     
   
     
     
   
   
     
     
   
   
   
   
   
     

2022-01-08T17:45:26.911491Z qemu-system-x86_64: virtio-scsi: Failed to set
guest notifiers (-16), ensure -accel kvm is set.
2022-01-08T17:45:26.911505Z qemu-system-x86_64: virtio_bus_start_ioeventfd:
failed. Fallback to userspace (slower).

The messages appear around the time the Linux guest initializes the drivers.

With best regards,
Volker

I guess it's a host that has an oldish kernel?


It's an openSUSE 5.3.18 frankenstein kernel.


Does the following help?



No.


diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 98fb5493ae..b77cd69f97 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1130,15 +1130,15 @@ static int virtio_pci_set_guest_notifiers(DeviceState 
*d, int nvqs, bool assign)
  proxy->vector_irqfd =
  g_malloc0(sizeof(*proxy->vector_irqfd) *
msix_nr_vectors_allocated(>pci_dev));
+r = kvm_virtio_pci_vector_config_use(proxy);
+if (r < 0) {
+goto config_error;
+}
  r = kvm_virtio_pci_vector_use(proxy, nvqs);
  if (r < 0) {
  goto config_assign_error;
  }
  }
-r = kvm_virtio_pci_vector_config_use(proxy);
-if (r < 0) {
-goto config_error;
-}
  r = msix_set_vector_notifiers(>pci_dev, 
virtio_pci_vector_unmask,
virtio_pci_vector_mask,
virtio_pci_vector_poll);


With and without this patch msix_set_vector_notifiers() returns -16.


@@ -1155,7 +1155,9 @@ notifiers_error:
  kvm_virtio_pci_vector_release(proxy, nvqs);
  }
  config_error:
-kvm_virtio_pci_vector_config_release(proxy);
+if (with_irqfd) {
+kvm_virtio_pci_vector_config_release(proxy);
+}
  config_assign_error:
  virtio_pci_set_guest_notifier(d, VIRTIO_CONFIG_IRQ_IDX, !assign,
with_irqfd);

[PATCH] virtio-pci: fix up config interrupt handling

[Michael S. Tsirkin]

Fixes a couple of issues with irqfd use by config interrupt:
- Rearrange initialization so cleanup happens in the reverse order
- Don't use irqfd for config when not in use for data path
I am not sure this is a complete fix though: I think we
are better off limiting the effect to vdpa devices
with config interrupt support. Or even bypass irqfd
for config completely and inject into KVM using ioctl?
The advantage would be less FDs used.
This would mean mostly reverting the patchset though.

Fixes: d5d24d859c ("virtio-pci: add support for configure interrupt")
Cc: "Cindy Lu" 
Signed-off-by: Michael S. Tsirkin 
---
 hw/virtio/virtio-pci.c | 12 +++-
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 98fb5493ae..b77cd69f97 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1130,15 +1130,15 @@ static int virtio_pci_set_guest_notifiers(DeviceState 
*d, int nvqs, bool assign)
 proxy->vector_irqfd =
 g_malloc0(sizeof(*proxy->vector_irqfd) *
   msix_nr_vectors_allocated(>pci_dev));
+r = kvm_virtio_pci_vector_config_use(proxy);
+if (r < 0) {
+goto config_error;
+}
 r = kvm_virtio_pci_vector_use(proxy, nvqs);
 if (r < 0) {
 goto config_assign_error;
 }
 }
-r = kvm_virtio_pci_vector_config_use(proxy);
-if (r < 0) {
-goto config_error;
-}
 r = msix_set_vector_notifiers(>pci_dev, 
virtio_pci_vector_unmask,
   virtio_pci_vector_mask,
   virtio_pci_vector_poll);
@@ -1155,7 +1155,9 @@ notifiers_error:
 kvm_virtio_pci_vector_release(proxy, nvqs);
 }
 config_error:
-kvm_virtio_pci_vector_config_release(proxy);
+if (with_irqfd) {
+kvm_virtio_pci_vector_config_release(proxy);
+}
 config_assign_error:
 virtio_pci_set_guest_notifier(d, VIRTIO_CONFIG_IRQ_IDX, !assign,
   with_irqfd);
-- 
MST

[RFC PATCH v2 4/6] hvf: Make hvf_get_segments() / hvf_put_segments() local

[Philippe Mathieu-Daudé]

Both hvf_get_segments/hvf_put_segments() functions are only
used within x86hvf.c: do not declare them as public API.

Signed-off-by: Philippe Mathieu-Daudé 
---
 target/i386/hvf/x86hvf.h | 2 --
 target/i386/hvf/x86hvf.c | 4 ++--
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/target/i386/hvf/x86hvf.h b/target/i386/hvf/x86hvf.h
index 99ed8d608dd..db6003d6bda 100644
--- a/target/i386/hvf/x86hvf.h
+++ b/target/i386/hvf/x86hvf.h
@@ -26,11 +26,9 @@ void hvf_set_segment(struct CPUState *cpu, struct 
vmx_segment *vmx_seg,
  SegmentCache *qseg, bool is_tr);
 void hvf_get_segment(SegmentCache *qseg, struct vmx_segment *vmx_seg);
 void hvf_put_xsave(CPUState *cpu_state);
-void hvf_put_segments(CPUState *cpu_state);
 void hvf_put_msrs(CPUState *cpu_state);
 void hvf_get_xsave(CPUState *cpu_state);
 void hvf_get_msrs(CPUState *cpu_state);
 void vmx_clear_int_window_exiting(CPUState *cpu);
-void hvf_get_segments(CPUState *cpu_state);
 void vmx_update_tpr(CPUState *cpu);
 #endif
diff --git a/target/i386/hvf/x86hvf.c b/target/i386/hvf/x86hvf.c
index 05ec1bddc4e..907f09f1b43 100644
--- a/target/i386/hvf/x86hvf.c
+++ b/target/i386/hvf/x86hvf.c
@@ -83,7 +83,7 @@ void hvf_put_xsave(CPUState *cpu_state)
 }
 }
 
-void hvf_put_segments(CPUState *cpu_state)
+static void hvf_put_segments(CPUState *cpu_state)
 {
 CPUX86State *env = _CPU(cpu_state)->env;
 struct vmx_segment seg;
@@ -166,7 +166,7 @@ void hvf_get_xsave(CPUState *cpu_state)
 x86_cpu_xrstor_all_areas(X86_CPU(cpu_state), xsave, xsave_len);
 }
 
-void hvf_get_segments(CPUState *cpu_state)
+static void hvf_get_segments(CPUState *cpu_state)
 {
 CPUX86State *env = _CPU(cpu_state)->env;
 
-- 
2.33.1

[RFC PATCH v2 0/6] host: Support macOS 12

[Philippe Mathieu-Daudé]

Few patches to be able to build QEMU on macOS 12 (Monterey).

This basically consists of adapting deprecated APIs. I am not
sure about these APIs, so tagging as RFC.

I couldn't succeed to adapt the Cocoa code.

CI job added to avoid bitrotting (ignoring the Objective C
deprecation warning).

Philippe Mathieu-Daudé (6):
  configure: Allow passing extra Objective C compiler flags
  audio/coreaudio: Remove a deprecation warning on macOS 12
  block/file-posix: Remove a deprecation warning on macOS 12
  hvf: Make hvf_get_segments() / hvf_put_segments() local
  hvf: Remove deprecated hv_vcpu_flush() calls
  gitlab-ci: Support macOS 12 via cirrus-run

 configure |  8 
 meson.build   |  5 +
 target/i386/hvf/vmx.h |  2 --
 target/i386/hvf/x86hvf.h  |  2 --
 audio/coreaudio.c | 16 ++--
 block/file-posix.c| 13 +
 target/i386/hvf/x86_task.c|  1 -
 target/i386/hvf/x86hvf.c  |  6 ++
 .gitlab-ci.d/cirrus.yml   | 16 
 .gitlab-ci.d/cirrus/macos-12.vars | 16 
 10 files changed, 66 insertions(+), 19 deletions(-)
 create mode 100644 .gitlab-ci.d/cirrus/macos-12.vars

-- 
2.33.1

Re: [PATCH v10 00/10]vhost-vdpa: add support for configure interrupt

[Michael S. Tsirkin]

On Fri, Nov 05, 2021 at 12:48:17AM +0800, Cindy Lu wrote:
> these patches add the support for configure interrupt
> 
> These codes are all tested in vp-vdpa (support configure interrupt)
> vdpa_sim (not support configure interrupt), virtio tap device
> 
> test in virtio-pci bus and virtio-mmio bus

I am thinking maybe we should revert patches 9,10 for now.
E.g. I'm starting to worry this will make us run out of eventfds.
Can we limit the impact allocating these to only vdpa?

> Change in v2:
> Add support for virtio-mmio bus
> active the notifier while the backend support configure interrupt
> misc fixes from v1
> 
> Change in v3
> fix the coding style problems
> 
> Change in v4
> misc fixes from v3
> merge the set_config_notifier to set_guest_notifier
> when vdpa start, check the feature by VIRTIO_NET_F_STATUS
> 
> Change in v5
> misc fixes from v4
> split the code to introduce configure interrupt type and the callback function
> will init the configure interrupt in all virtio-pci and virtio-mmio bus, but 
> will
> only active while using vhost-vdpa driver
> 
> Change in v6
> misc fixes from v5
> decouple vq from interrupt setting and misc process
> fix the bug in virtio_net_handle_rx
> use -1 as the queue number to identify if the interrupt is configure interrupt
> 
> Change in v7
> misc fixes from v6
> decouple vq from interrupt setting and misc process
> decouple vq from vector use/release process
> decouple vq from set notifier fd handler process
> move config_notifier and masked_config_notifier to VirtIODevice
> fix the bug in virtio_net_handle_rx, add more information
> add VIRTIO_CONFIG_IRQ_IDX as the queue number to identify if the interrupt is 
> configure interrupt
> 
> Change in v8
> misc fixes from v7
> decouple vq from interrupt setting and misc process
> decouple vq from vector use/release process
> decouple vq from set notifier fd handler process
> move the vhost configure interrupt to vhost_net
> 
> Change in v9
> misc fixes from v8
> address the comments from v8
> 
> Change in v10
> fix the hang issue in qtest
> address the comments from v9
> 
> Cindy Lu (10):
>   virtio: introduce macro IRTIO_CONFIG_IRQ_IDX
>   virtio-pci: decouple notifier from interrupt process
>   virtio-pci: decouple the single vector from the interrupt process
>   vhost: introduce new VhostOps vhost_set_config_call
>   vhost-vdpa: add support for config interrupt
>   virtio: add support for configure interrupt
>   vhost: add support for configure interrupt
>   virtio-net: add support for configure interrupt
>   virtio-mmio: add support for configure interrupt
>   virtio-pci: add support for configure interrupt
> 
>  hw/display/vhost-user-gpu.c   |   6 +
>  hw/net/vhost_net.c|   9 +
>  hw/net/virtio-net.c   |  10 +-
>  hw/virtio/trace-events|   1 +
>  hw/virtio/vhost-user-fs.c |   6 +
>  hw/virtio/vhost-vdpa.c|   7 +
>  hw/virtio/vhost-vsock-common.c|   6 +
>  hw/virtio/vhost.c |  76 +
>  hw/virtio/virtio-crypto.c |   6 +
>  hw/virtio/virtio-mmio.c   |  27 +++
>  hw/virtio/virtio-pci.c| 269 +-
>  hw/virtio/virtio-pci.h|   4 +-
>  hw/virtio/virtio.c|  29 
>  include/hw/virtio/vhost-backend.h |   3 +
>  include/hw/virtio/vhost.h |   4 +
>  include/hw/virtio/virtio.h|   7 +
>  include/net/vhost_net.h   |   2 +
>  17 files changed, 389 insertions(+), 83 deletions(-)
> 
> -- 
> 2.21.3

Re: [PATCH 00/15] reduce audio playback latency

[Volker Rümelin]

On Donnerstag, 6. Januar 2022 10:21:47 CET Volker Rümelin wrote:

This patch series reduces the playback latency for audio backends,
in some cases significantly. For PulseAudio, the audio buffer is
also moved from the QEMU side to the PulseAudio server side. This
improves the drop-out safety for PulseAudio.

I actually measured the latency reduction with the PulseAudio
backend. For the test I used my Linux host configured to play
audio with PulseAudio. The guest was a Linux guest, also
configured to use PulseAudio.

I haven't reviewed all the patches yet, but from what I read so far, does that
mean the additional 3rd buffer is solely for PulseAudio, so for JACK and other
backends these changes would overall be a degradation, wouldn't they?


No, nothing changes for JACK and it's an improvement for all the other 
backends where I added a buffer_get_free function. The important changes 
are in [PATCH 10/15] audio: restore mixing-engine playback buffer size. 
That patch tries to keep the mixing-engine buffer empty at the end of 
audio_run_out().


I couldn't reduce the playback latency for JACK, because the JACK audio 
buffers are already very small and any further reduction introduces 
playback glitches on my system.


For PulseAudio there is no additional buffer. I only increased the size 
of the server side buffer from 15ms to 46,4ms and added a 
buffer_get_free function. Before this patch series a few ten ms after 
playback started the mixing-engine buffer was full which added 2 * 
46,4ms to the playback latency. With these patches the mixing-engine 
buffer is empty. This looks like the buffer in use was moved from the 
mixing-engine to the PulseAudio server side.



Measuring audio latencies is difficult. I played a sine tone in
the guest with Audacity and measured the time from releasing the
left mouse button until the tone can be heard. A few seconds
before the measurement I started playback of an audio file with
10 minutes of silence to fill the audio buffers. The over-all
latency can't be used to estimate the playback latency, but it
can be used to calculate the playback latency reduction.

The measured over-all latency with PulseAudio is around 200ms
without these patches and around 135ms with these patches. The
difference of 65ms agrees well with the expected value of
46.4ms * 2 + 15ms - 46.4ms = 61.4ms. 46.4ms * 2 is the size of
the mixing-engine buffer ("[PATCH 14/15] paaudio: fix samples vs.
frames mix-up" explains the factor 2), 15ms is the server side
PulseAudio buffer size used before these patches and 46.4ms is
the new server side PulseAudio buffer size.

Volker Rümelin (15):
audio: replace open-coded buffer arithmetic
audio: move function audio_pcm_hw_clip_out()
audio: add function audio_pcm_hw_conv_in()
audio: inline function audio_pcm_sw_get_rpos_in()
paaudio: increase default latency to 46ms
jackaudio: use more jack audio buffers
audio: copy playback stream in sequential order
audio: add pcm_ops function table for capture backend
audio: revert tests for pcm_ops table
audio: restore mixing-engine playback buffer size
paaudio: reduce effective playback buffer size
dsoundaudio: reduce effective playback buffer size
ossaudio: reduce effective playback buffer size
paaudio: fix samples vs. frames mix-up
sdlaudio: fix samples vs. frames mix-up

   audio/alsaaudio.c   |   1 +
   audio/audio.c   | 194 
   audio/audio_int.h   |   9 +-
   audio/coreaudio.c   |  13 +--
   audio/dsoundaudio.c |  30 ---
   audio/jackaudio.c   |   5 +-
   audio/noaudio.c |   1 +
   audio/ossaudio.c|  17 +++-
   audio/paaudio.c |  49 ++-
   audio/sdlaudio.c|  21 +++--
   audio/wavaudio.c|   1 +
   11 files changed, 199 insertions(+), 142 deletions(-)

[RFC PATCH v2 3/6] block/file-posix: Remove a deprecation warning on macOS 12

[Philippe Mathieu-Daudé]

When building on macOS 12 we get:

  block/file-posix.c:3335:18: warning: 'IOMasterPort' is deprecated: first 
deprecated in macOS 12.0 [-Wdeprecated-declarations]
  kernResult = IOMasterPort( MACH_PORT_NULL,  );
   ^~~~
   IOMainPort

Use IOMainPort (define it to IOMasterPort on macOS < 12),
and replace 'master' by 'main' in a variable name.

Signed-off-by: Philippe Mathieu-Daudé 
---
 block/file-posix.c | 13 +
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/block/file-posix.c b/block/file-posix.c
index b283093e5b7..0dcfce18560 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -3324,17 +3324,22 @@ BlockDriver bdrv_file = {
 #if defined(__APPLE__) && defined(__MACH__)
 static kern_return_t GetBSDPath(io_iterator_t mediaIterator, char *bsdPath,
 CFIndex maxPathSize, int flags);
+
+#if !defined(MAC_OS_VERSION_12_0)
+#define IOMainPort IOMasterPort
+#endif
+
 static char *FindEjectableOpticalMedia(io_iterator_t *mediaIterator)
 {
 kern_return_t kernResult = KERN_FAILURE;
-mach_port_t masterPort;
+mach_port_t mainPort;
 CFMutableDictionaryRef  classesToMatch;
 const char *matching_array[] = {kIODVDMediaClass, kIOCDMediaClass};
 char *mediaType = NULL;
 
-kernResult = IOMasterPort( MACH_PORT_NULL,  );
+kernResult = IOMainPort(MACH_PORT_NULL, );
 if ( KERN_SUCCESS != kernResult ) {
-printf( "IOMasterPort returned %d\n", kernResult );
+printf("IOMainPort returned %d\n", kernResult);
 }
 
 int index;
@@ -3347,7 +3352,7 @@ static char *FindEjectableOpticalMedia(io_iterator_t 
*mediaIterator)
 }
 CFDictionarySetValue(classesToMatch, CFSTR(kIOMediaEjectableKey),
  kCFBooleanTrue);
-kernResult = IOServiceGetMatchingServices(masterPort, classesToMatch,
+kernResult = IOServiceGetMatchingServices(mainPort, classesToMatch,
   mediaIterator);
 if (kernResult != KERN_SUCCESS) {
 error_report("Note: IOServiceGetMatchingServices returned %d",
-- 
2.33.1

[RFC PATCH v2 2/6] audio/coreaudio: Remove a deprecation warning on macOS 12

[Philippe Mathieu-Daudé]

When building on macOS 12 we get:

  audio/coreaudio.c:50:5: error: 'kAudioObjectPropertyElementMaster' is 
deprecated: first deprecated in macOS 12.0 [-Werror,-Wdeprecated-declarations]
  kAudioObjectPropertyElementMaster
  ^
  kAudioObjectPropertyElementMain
  
/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/System/Library/Frameworks/CoreAudio.framework/Headers/AudioHardwareBase.h:208:5:
 note: 'kAudioObjectPropertyElementMaster' has been explicitly marked 
deprecated here
  kAudioObjectPropertyElementMaster 
API_DEPRECATED_WITH_REPLACEMENT("kAudioObjectPropertyElementMain", macos(10.0, 
12.0), ios(2.0, 15.0), watchos(1.0, 8.0), tvos(9.0, 15.0)) = 
kAudioObjectPropertyElementMain
  ^

Use kAudioObjectPropertyElementMain (define it to
kAudioObjectPropertyElementMaster on macOS < 12).

Signed-off-by: Philippe Mathieu-Daudé 
---
 audio/coreaudio.c | 16 ++--
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/audio/coreaudio.c b/audio/coreaudio.c
index d8a21d3e507..c836bc9dd37 100644
--- a/audio/coreaudio.c
+++ b/audio/coreaudio.c
@@ -44,10 +44,14 @@ typedef struct coreaudioVoiceOut {
 bool enabled;
 } coreaudioVoiceOut;
 
+#if !defined(MAC_OS_VERSION_12_0)
+#define kAudioObjectPropertyElementMain kAudioObjectPropertyElementMaster
+#endif
+
 static const AudioObjectPropertyAddress voice_addr = {
 kAudioHardwarePropertyDefaultOutputDevice,
 kAudioObjectPropertyScopeGlobal,
-kAudioObjectPropertyElementMaster
+kAudioObjectPropertyElementMain
 };
 
 static OSStatus coreaudio_get_voice(AudioDeviceID *id)
@@ -69,7 +73,7 @@ static OSStatus coreaudio_get_framesizerange(AudioDeviceID id,
 AudioObjectPropertyAddress addr = {
 kAudioDevicePropertyBufferFrameSizeRange,
 kAudioDevicePropertyScopeOutput,
-kAudioObjectPropertyElementMaster
+kAudioObjectPropertyElementMain
 };
 
 return AudioObjectGetPropertyData(id,
@@ -86,7 +90,7 @@ static OSStatus coreaudio_get_framesize(AudioDeviceID id, 
UInt32 *framesize)
 AudioObjectPropertyAddress addr = {
 kAudioDevicePropertyBufferFrameSize,
 kAudioDevicePropertyScopeOutput,
-kAudioObjectPropertyElementMaster
+kAudioObjectPropertyElementMain
 };
 
 return AudioObjectGetPropertyData(id,
@@ -103,7 +107,7 @@ static OSStatus coreaudio_set_framesize(AudioDeviceID id, 
UInt32 *framesize)
 AudioObjectPropertyAddress addr = {
 kAudioDevicePropertyBufferFrameSize,
 kAudioDevicePropertyScopeOutput,
-kAudioObjectPropertyElementMaster
+kAudioObjectPropertyElementMain
 };
 
 return AudioObjectSetPropertyData(id,
@@ -121,7 +125,7 @@ static OSStatus coreaudio_set_streamformat(AudioDeviceID id,
 AudioObjectPropertyAddress addr = {
 kAudioDevicePropertyStreamFormat,
 kAudioDevicePropertyScopeOutput,
-kAudioObjectPropertyElementMaster
+kAudioObjectPropertyElementMain
 };
 
 return AudioObjectSetPropertyData(id,
@@ -138,7 +142,7 @@ static OSStatus coreaudio_get_isrunning(AudioDeviceID id, 
UInt32 *result)
 AudioObjectPropertyAddress addr = {
 kAudioDevicePropertyDeviceIsRunning,
 kAudioDevicePropertyScopeOutput,
-kAudioObjectPropertyElementMaster
+kAudioObjectPropertyElementMain
 };
 
 return AudioObjectGetPropertyData(id,
-- 
2.33.1

[PATCH v2 1/6] configure: Allow passing extra Objective C compiler flags

[Philippe Mathieu-Daudé]

We can pass C/CPP/LD flags via CFLAGS/CXXFLAGS/LDFLAGS environment
variables, or via configure --extra-cflags / --extra-cxxflags /
--extra-ldflags options. Provide similar behavior for Objective C:
use existing flags from $OBJCFLAGS, or passed via --extra-objcflags.

Signed-off-by: Philippe Mathieu-Daudé 
---
Cc: Paolo Bonzini 

 configure   | 8 
 meson.build | 5 +
 2 files changed, 13 insertions(+)

diff --git a/configure b/configure
index 030728d11e9..4cdde1eeb4b 100755
--- a/configure
+++ b/configure
@@ -288,6 +288,7 @@ done
 
 EXTRA_CFLAGS=""
 EXTRA_CXXFLAGS=""
+EXTRA_OBJCFLAGS=""
 EXTRA_LDFLAGS=""
 
 xen_ctrl_version="$default_feature"
@@ -400,9 +401,12 @@ for opt do
   --extra-cflags=*)
 EXTRA_CFLAGS="$EXTRA_CFLAGS $optarg"
 EXTRA_CXXFLAGS="$EXTRA_CXXFLAGS $optarg"
+EXTRA_OBJCFLAGS="$EXTRA_OBJCFLAGS $optarg"
 ;;
   --extra-cxxflags=*) EXTRA_CXXFLAGS="$EXTRA_CXXFLAGS $optarg"
   ;;
+  --extra-objcflags=*) EXTRA_OBJCFLAGS="$EXTRA_OBJCFLAGS $optarg"
+  ;;
   --extra-ldflags=*) EXTRA_LDFLAGS="$EXTRA_LDFLAGS $optarg"
   ;;
   --enable-debug-info) debug_info="yes"
@@ -781,6 +785,8 @@ for opt do
   ;;
   --extra-cxxflags=*)
   ;;
+  --extra-objcflags=*)
+  ;;
   --extra-ldflags=*)
   ;;
   --enable-debug-info)
@@ -1332,6 +1338,7 @@ Advanced options (experts only):
   --objcc=OBJCCuse Objective-C compiler OBJCC [$objcc]
   --extra-cflags=CFLAGSappend extra C compiler flags CFLAGS
   --extra-cxxflags=CXXFLAGS append extra C++ compiler flags CXXFLAGS
+  --extra-objcflags=OBJCFLAGS append extra Objective C compiler flags OBJCFLAGS
   --extra-ldflags=LDFLAGS  append extra linker flags LDFLAGS
   --cross-cc-ARCH=CC   use compiler when building ARCH guest test cases
   --cross-cc-flags-ARCH=   use compiler flags when building ARCH guest tests
@@ -3864,6 +3871,7 @@ if test "$skip_meson" = no; then
   echo "[built-in options]" >> $cross
   echo "c_args = [$(meson_quote $CFLAGS $EXTRA_CFLAGS)]" >> $cross
   echo "cpp_args = [$(meson_quote $CXXFLAGS $EXTRA_CXXFLAGS)]" >> $cross
+  test -n "$objcc" && echo "objc_args = [$(meson_quote $OBJCFLAGS 
$EXTRA_OBJCFLAGS)]" >> $cross
   echo "c_link_args = [$(meson_quote $CFLAGS $LDFLAGS $EXTRA_CFLAGS 
$EXTRA_LDFLAGS)]" >> $cross
   echo "cpp_link_args = [$(meson_quote $CXXFLAGS $LDFLAGS $EXTRA_CXXFLAGS 
$EXTRA_LDFLAGS)]" >> $cross
   echo "[binaries]" >> $cross
diff --git a/meson.build b/meson.build
index c1b1db1e28c..eb8b560b103 100644
--- a/meson.build
+++ b/meson.build
@@ -3285,6 +3285,11 @@
+ ['-O' + 
get_option('optimization')]
+ (get_option('debug') ? ['-g'] 
: []))}
 endif
+if targetos == 'darwin'
+  summary_info += {'OBJCFLAGS':   ' '.join(get_option('objc_args')
+   + ['-O' + 
get_option('optimization')]
+   + (get_option('debug') ? ['-g'] 
: []))}
+endif
 link_args = get_option(link_language + '_link_args')
 if link_args.length() > 0
   summary_info += {'LDFLAGS': ' '.join(link_args)}
-- 
2.33.1

[RFC PATCH v2 5/6] hvf: Remove deprecated hv_vcpu_flush() calls

[Philippe Mathieu-Daudé]

When building on macOS 12, we get:

  In file included from ../target/i386/hvf/hvf.c:59:
  ../target/i386/hvf/vmx.h:174:5: error: 'hv_vcpu_flush' is deprecated: first 
deprecated in macOS 11.0 - This API has no effect and always returns 
HV_UNSUPPORTED [-Werror,-Wdeprecated-declarations]
  hv_vcpu_flush(vcpu);
  ^
  
/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/System/Library/Frameworks/Hypervisor.framework/Headers/hv.h:364:20:
 note: 'hv_vcpu_flush' has been explicitly marked deprecated here
  extern hv_return_t hv_vcpu_flush(hv_vcpuid_t vcpu)
 ^

Since this call "has no effect", simply remove it ¯\_(ツ)_/¯

Not very useful deprecation doc:
https://developer.apple.com/documentation/hypervisor/1441386-hv_vcpu_flush

Signed-off-by: Philippe Mathieu-Daudé 
---
 target/i386/hvf/vmx.h  | 2 --
 target/i386/hvf/x86_task.c | 1 -
 target/i386/hvf/x86hvf.c   | 2 --
 3 files changed, 5 deletions(-)

diff --git a/target/i386/hvf/vmx.h b/target/i386/hvf/vmx.h
index 6df87116f62..094fb9b9dc9 100644
--- a/target/i386/hvf/vmx.h
+++ b/target/i386/hvf/vmx.h
@@ -159,7 +159,6 @@ static inline void macvm_set_cr0(hv_vcpuid_t vcpu, uint64_t 
cr0)
 wvmcs(vcpu, VMCS_GUEST_CR0, cr0 | CR0_NE | CR0_ET);
 
 hv_vcpu_invalidate_tlb(vcpu);
-hv_vcpu_flush(vcpu);
 }
 
 static inline void macvm_set_cr4(hv_vcpuid_t vcpu, uint64_t cr4)
@@ -171,7 +170,6 @@ static inline void macvm_set_cr4(hv_vcpuid_t vcpu, uint64_t 
cr4)
 wvmcs(vcpu, VMCS_CR4_MASK, CR4_VMXE);
 
 hv_vcpu_invalidate_tlb(vcpu);
-hv_vcpu_flush(vcpu);
 }
 
 static inline void macvm_set_rip(CPUState *cpu, uint64_t rip)
diff --git a/target/i386/hvf/x86_task.c b/target/i386/hvf/x86_task.c
index 422156128b7..c8dc3d48fa8 100644
--- a/target/i386/hvf/x86_task.c
+++ b/target/i386/hvf/x86_task.c
@@ -181,5 +181,4 @@ void vmx_handle_task_switch(CPUState *cpu, 
x68_segment_selector tss_sel, int rea
 store_regs(cpu);
 
 hv_vcpu_invalidate_tlb(cpu->hvf->fd);
-hv_vcpu_flush(cpu->hvf->fd);
 }
diff --git a/target/i386/hvf/x86hvf.c b/target/i386/hvf/x86hvf.c
index 907f09f1b43..bec9fc58146 100644
--- a/target/i386/hvf/x86hvf.c
+++ b/target/i386/hvf/x86hvf.c
@@ -125,8 +125,6 @@ static void hvf_put_segments(CPUState *cpu_state)
 
 hvf_set_segment(cpu_state, , >ldt, false);
 vmx_write_segment_descriptor(cpu_state, , R_LDTR);
-
-hv_vcpu_flush(cpu_state->hvf->fd);
 }
 
 void hvf_put_msrs(CPUState *cpu_state)
-- 
2.33.1