summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * configure: accept --enable-slirpPaolo Bonzini2021-01-021-0/+2
| | | | | | | | | | | | | | | | | | Meson understands -Dslirp=enabled, so there is no reason not to accept the configure option as well. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * configure: remove variable bogus_osPaolo Bonzini2021-01-021-3/+1Star
| | | | | | | | | | | | | | | | The condition can be tested also from $targetos, clean up. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * configure: remove useless code to check for Xen PCI passthroughPaolo Bonzini2021-01-021-12/+0Star
| | | | | | | | | | | | | | | | meson.build is already doing the same check, so remove it from configure. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * meson: cleanup Kconfig.host handlingPaolo Bonzini2021-01-023-36/+35Star
| | | | | | | | | | | | | | | | | | | | Build the array of command line arguments coming from config_host once for all targets. Add all accelerators to accel/Kconfig so that the command line arguments for accelerators can be computed easily in the existing "foreach sym: accelerators" loop. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * meson: use dependency to gate block modulesPaolo Bonzini2021-01-021-10/+10
| | | | | | | | | | | | | | This allows converting the dependencies to meson options one by one. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * meson: use pkg-config method for libudevPaolo Bonzini2021-01-021-0/+1
| | | | | | | | | | Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * meson: fix detection of curses with pkgconfigPaolo Bonzini2021-01-021-3/+3
| | | | | | | | | | Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * Makefile: add dummy target for build.ninja dependenciesPaolo Bonzini2021-01-021-0/+1
| | | | | | | | | | | | | | The dummy targets ensure that incremental build can be done after deleting a meson.build file. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * trace: do not include TCG helper tracepoints in no-TCG buildsPaolo Bonzini2021-01-021-1/+1
| | | | | | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * util: Extract flush_icache_range to cacheflush.cRichard Henderson2021-01-0216-70/+100
| | | | | | | | | | | | | | | | | | | | | | | | This has been a tcg-specific function, but is also in use by hardware accelerators via physmem.c. This can cause link errors when tcg is disabled. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Joelle van Dyne <j@getutm.app> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20201214140314.18544-3-richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * remove TCG includes from common codePaolo Bonzini2021-01-029-9/+5Star
| | | | | | | | | | | | | | | | Enable removing tcg/$tcg_arch from the include path when TCG is disabled. Move translate-all.h to include/exec, since stubs exist for the functions defined therein. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * build-sys: fix -static linking of libvhost-userMarc-André Lureau2021-01-021-1/+5
| | | | | | | | | | | | | | | | | | | | | | Fix linking vhost-user binaries with with ./configure -static, by overriding glib-2.0 dependency with configure results. Fixes: 0df750e9d3a5fea5e1 ("libvhost-user: make it a meson subproject") Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20201215080319.136228-1-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * docs: Add CFI DocumentationDaniele Buono2021-01-022-2/+140
| | | | | | | | | | | | | | | | | | Document how to compile with CFI and how to maintain CFI-safe code Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com> Message-Id: <20201204230615.2392-6-dbuono@linux.vnet.ibm.com> [Make build system section in index.rst and add the new file. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * configure,meson: support Control-Flow IntegrityDaniele Buono2021-01-023-2/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds a flag to enable/disable control flow integrity checks on indirect function calls. This feature only allows indirect function calls at runtime to functions with compatible signatures. This feature is only provided by LLVM/Clang, and depends on link-time optimization which is currently supported only with LLVM/Clang >= 6.0 We also add an option to enable a debugging version of cfi, with verbose output in case of a CFI violation. CFI on indirect function calls does not support calls to functions in shared libraries (since they were not known at compile time), and such calls are forbidden. QEMU relies on dlopen/dlsym when using modules, so we make modules incompatible with CFI. All the checks are performed in meson.build. configure is only used to forward the flags to meson Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com> Message-Id: <20201204230615.2392-5-dbuono@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * check-block: enable iotests with cfi-icallDaniele Buono2021-01-021-7/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cfi-icall is a form of Control-Flow Integrity for indirect function calls implemented by llvm. It is enabled with a -fsanitize flag. iotests are currently disabled when -fsanitize options is used, with the exception of SafeStack. This patch implements a generic filtering mechanism to allow iotests with a set of known-to-be-safe -fsanitize option. Then marks SafeStack and the new options used for cfi-icall safe for iotests Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com> Message-Id: <20201204230615.2392-4-dbuono@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * cfi: Initial support for cfi-icall in QEMUDaniele Buono2021-01-027-0/+95
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LLVM/Clang, supports runtime checks for forward-edge Control-Flow Integrity (CFI). CFI on indirect function calls (cfi-icall) ensures that, in indirect function calls, the function called is of the right signature for the pointer type defined at compile time. For this check to work, the code must always respect the function signature when using function pointer, the function must be defined at compile time, and be compiled with link-time optimization. This rules out, for example, shared libraries that are dynamically loaded (given that functions are not known at compile time), and code that is dynamically generated at run-time. This patch: 1) Introduces the CONFIG_CFI flag to support cfi in QEMU 2) Introduces a decorator to allow the definition of "sensitive" functions, where a non-instrumented function may be called at runtime through a pointer. The decorator will take care of disabling cfi-icall checks on such functions, when cfi is enabled. 3) Marks functions currently in QEMU that exhibit such behavior, in particular: - The function in TCG that calls pre-compiled TBs - The function in TCI that interprets instructions - Functions in the plugin infrastructures that jump to callbacks - Functions in util that directly call a signal handler Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com> Acked-by: Alex Bennée <alex.bennee@linaro.org Message-Id: <20201204230615.2392-3-dbuono@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * configure,meson: add option to enable LTODaniele Buono2021-01-022-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | This patch allows to compile QEMU with link-time optimization (LTO). Compilation with LTO is handled directly by meson. This patch only adds the option in configure and forwards the request to meson Tested with all major versions of clang from 6 to 12 Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com> Message-Id: <20201204230615.2392-2-dbuono@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * target/i386: Check privilege level for protected mode 'int N' task gatePeter Maydell2021-01-021-14/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the 'int N' instruction is executed in protected mode, the pseudocode in the architecture manual specifies that we need to check: * vector number within IDT limits * selected IDT descriptor is a valid type (interrupt, trap or task gate) * if this was a software interrupt then gate DPL < CPL The way we had structured the code meant that the privilege check for software interrupts ended up not in the code path taken for task gate handling, because all of the task gate handling code was in the 'case 5' of the switch which was checking "is this descriptor a valid type". Move the task gate handling code out of that switch (so that it is now purely doing the "valid type?" check) and below the software interrupt privilege check. The effect of this missing check was that in a guest userspace binary executing 'int 8' would cause a guest kernel panic rather than the userspace binary being handed a SEGV. This is essentially the same bug fixed in VirtualBox in 2012: https://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/ Note that for QEMU this is not a security issue because it is only present when using TCG. Fixes: https://bugs.launchpad.net/qemu/+bug/1813201 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <20201121224445.16236-1-peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
| * qom: Assert that objects being destroyed have no parentEduardo Habkost2021-01-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | QOM reference counting bugs are often hard to detect, but there's one kind of bug that's easier: if we are freeing an object but is still attached to a parent, it means the reference count is wrong (because the parent always hold a reference to their children). Add an assertion to make sure we detect those cases. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20201215224133.3545901-3-ehabkost@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * test-char: Destroy chardev correctly at char_file_test_internal()Eduardo Habkost2021-01-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit 1e419ee68fa5 ("chardev: generate an internal id when none given") changed the reference ownership semantics of qemu_chardev_new(NULL, ...): now all chardevs created using qemu_chardev_new() are added to the /chardevs QOM container, and the caller does not own a reference to the newly created object. However, the code at char_file_test_internal() had not been updated and was calling object_unref() on a chardev object it didn't own. This makes the chardev be destroyed, but leaves a dangling pointer in the /chardev container children list, and seems to be the cause of the following char_serial_test() crash: Unexpected error in object_property_try_add() at ../qom/object.c:1220: \ attempt to add duplicate property 'serial-id' to object (type 'container') ERROR test-char - too few tests run (expected 38, got 9) Update the code to use object_unparent() at the end of char_file_test_internal(), to make sure the chardev will be correctly removed from the QOM tree. Fixes: 1e419ee68fa5 ("chardev: generate an internal id when none given") Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20201215224133.3545901-2-ehabkost@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * vl: initialize displays _after_ exiting preconfigurationPaolo Bonzini2021-01-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Due to the renumbering of text consoles when graphical consoles are created, init_displaystate must be called after all QemuConsoles are created, i.e. after devices are created. vl.c calls it from qemu_init_displays, while qmp_x_exit_preconfig is where devices are created. If qemu_init_displays is called before it, the VGA graphical console does not come up. Reported-by: Howard Spoelstra <hsp.cat7@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * configure: document --without-default-{features,devices}Paolo Bonzini2021-01-021-0/+4
| | | | | | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * tests: update for rename of CentOS8 PowerTools repoDaniel P. Berrangé2021-01-021-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | This was intentionally renamed recently to be all lowercase: https://bugs.centos.org/view.php?id=17920 https://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.2011#Yum_repo_file_and_repoid_changes Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Willian Rampazzo <willianr@redhat.com> Message-Id: <20201216141653.213980-1-berrange@redhat.com> [AJB: bump up FROM to trigger re-build, add diffutils] Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
| * tests/docker: Remove the remainders of debian9 containers from the MakefileThomas Huth2021-01-021-5/+1Star
| | | | | | | | | | | | | | | | | | | | | | The Debian 9 containers have been removed a while ago, so we can delete the corresponding entries in the Makefile, too. Fixes: e3755276d1 ("tests/docker: Remove old Debian 9 containers") Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Message-Id: <20201215083318.92205-1-thuth@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
| * gitlab-CI: Test 32-bit builds with the fedora-i386-cross containerThomas Huth2021-01-022-5/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After adding some missing packages, it's possible to check 32-bit builds and tests with the fedora-i386-cross container in the gitlab-CI, too. Unfortunately, the code in subprojects/ ignores the --extra-cflags (on purpose), so the vhost-user part has to be disabled for this. While we're at it, update the container to Fedora 31. Unfortunately the gcc from the later versions emits some very dubious format-truncation warnings, so Fedora 32 and 33 are currently unsuitable for this job. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Message-Id: <20201215083451.92322-1-thuth@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
| * tests/tcg: build tests with -WerrorAlex Bennée2021-01-021-1/+1
| | | | | | | | | | | | | | | | | | | | Hopefully this will guard against sloppy code getting into our tests. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20201210190417.31673-9-alex.bennee@linaro.org>
| * gitlab: add --without-default-features buildAlex Bennée2021-01-021-0/+7
| | | | | | | | | | | | Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20201210190417.31673-8-alex.bennee@linaro.org>
| * gitlab: move --without-default-devices build from TravisAlex Bennée2021-01-022-8/+7Star
| | | | | | | | | | | | | | Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Message-Id: <20201210190417.31673-7-alex.bennee@linaro.org>
| * python: add __repr__ to ConsoleSocket to aid debuggingAlex Bennée2021-01-021-0/+7
| | | | | | | | | | | | | | | | | | | | While attempting to debug some console weirdness I thought it would be worth making it easier to see what it had inside. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Willian Rampazzo <willianr@redhat.com> Message-Id: <20201210190417.31673-6-alex.bennee@linaro.org>
| * configure: add --without-default-featuresAlex Bennée2021-01-021-70/+85
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default QEMU enables a lot of features if it can probe and find the support libraries. It also enables a bunch of features by default. This patch adds the ability to build --without-default-features which can be paired with a --without-default-devices for a barely functional build. The main use case for this is testing our build assumptions and for minimising the amount of stuff you build if you just want to test a particular feature on your relatively slow emulated test system. On it's own I go from: $ ls -lh qemu-system-aarch64 -rwxr-xr-x 1 alex alex 120M Dec 10 12:45 qemu-system-aarch64* $ ldd qemu-system-aarch64 | wc -l 170 to: $ ls -lh qemu-aarch64 -rwxr-xr-x 1 alex alex 43M Dec 10 12:41 qemu-aarch64* $ ldd qemu-system-aarch64 | wc -l 57 which is still able to run my default Debian ARM64 machine with a lot less fat involved. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Acked-by: Thomas Huth <thuth@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20201210190417.31673-5-alex.bennee@linaro.org>
| * configure: move gettext detection to meson.buildAlex Bennée2021-01-023-18/+5Star
| | | | | | | | | | | | | | | | | | This will allow meson to honour -Dauto_features=disabled later. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20201210190417.31673-4-alex.bennee@linaro.org>
| * gitlab: include aarch64-softmmu and ppc64-softmmu cross-system-buildAlex Bennée2021-01-021-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | Otherwise we miss coverage of KVM support in the cross build. To balance it out add arm-softmmu (no kvm, subset of aarch64), cris-softmmu and ppc-softmmu to the exclude list which do get coverage elsewhere. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Message-Id: <20201210190417.31673-3-alex.bennee@linaro.org>
* | Merge remote-tracking branch 'remotes/mcayland/tags/qemu-sparc-20210106' ↵Peter Maydell2021-01-066-22/+37
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | into staging qemu-sparc queue # gpg: Signature made Wed 06 Jan 2021 11:43:02 GMT # gpg: using RSA key CC621AB98E82200D915CC9C45BC2C56FAE0F321F # gpg: issuer "mark.cave-ayland@ilande.co.uk" # gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>" [full] # Primary key fingerprint: CC62 1AB9 8E82 200D 915C C9C4 5BC2 C56F AE0F 321F * remotes/mcayland/tags/qemu-sparc-20210106: sun4m: don't connect two qemu_irqs directly to the same input include/hw/sparc/grlib.h: Remove unused set_pil_in_fn typedef hw/sparc: Make grlib-irqmp device handle its own inbound IRQ lines hw/timer/slavio_timer: Allow 64-bit accesses Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * | sun4m: don't connect two qemu_irqs directly to the same inputMark Cave-Ayland2021-01-062-5/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The sun4m board code connects both of the IRQ outputs of each ESCC to the same slavio input qemu_irq. Connecting two qemu_irqs outputs directly to the same input is not valid as it produces subtly wrong behaviour (for instance if both the IRQ lines are high, and then one goes low, the PIC input will see this as a high-to-low transition even though the second IRQ line should still be holding it high). This kind of wiring needs an explicitly created OR gate; add one. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Message-Id: <20201219111934.5540-1-mark.cave-ayland@ilande.co.uk> Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
| * | include/hw/sparc/grlib.h: Remove unused set_pil_in_fn typedefPeter Maydell2021-01-061-2/+0Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The grlib.h header defines a set_pil_in_fn typedef which is never used; remove it. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <20201212144134.29594-3-peter.maydell@linaro.org> Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
| * | hw/sparc: Make grlib-irqmp device handle its own inbound IRQ linesPeter Maydell2021-01-063-15/+13Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the GRLIB_IRQMP device is used in one place (the leon3 board), but instead of the device providing inbound gpio lines for the board to wire up, the board code itself calls qemu_allocate_irqs() with the handler function being a set_irq function defined in the code for the device. Refactor this into the standard setup of a device having input gpio lines. This fixes a trivial Coverity memory leak report (the leon3 board code leaks the IRQ array returned from qemu_allocate_irqs()). Fixes: Coverity CID 1421922 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <20201212144134.29594-2-peter.maydell@linaro.org> Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
| * | hw/timer/slavio_timer: Allow 64-bit accessesPhilippe Mathieu-Daudé2021-01-061-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Per the "NCR89C105 Chip Specification" referenced in the header: Chip-level Address Map ------------------------------------------------------------------ | 1D0 0000 -> | Counter/Timers | W,D | | 1DF FFFF | | | ... The address map indicated the allowed accesses at each address. [...] W indicates a word access, and D indicates a double-word access. The SLAVIO timer controller is implemented expecting 32-bit accesses. Commit a3d12d073e1 restricted the memory accesses to 32-bit, while the device allows 64-bit accesses. This was not an issue until commit 5d971f9e67 which reverted ("memory: accept mismatching sizes in memory_region_access_valid"). Fix by renaming .valid MemoryRegionOps as .impl, and add the valid access range (W -> 4, D -> 8). Since commit 21786c7e598 ("memory: Log invalid memory accesses") this class of bug can be quickly debugged displaying 'guest_errors' accesses, as: $ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -serial stdio -d guest_errors Power-ON Reset Invalid access at addr 0x0, size 8, region 'timer-1', reason: invalid size (min:4 max:4) $ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -monitor stdio -S (qemu) info mtree address-space: memory 0000000000000000-ffffffffffffffff (prio 0, i/o): system ... 0000000ff1300000-0000000ff130000f (prio 0, i/o): timer-1 ^^^^^^^^^ ^^^^^^^ \ memory region base address and name / (qemu) info qtree bus: main-system-bus dev: slavio_timer, id "" <-- device type name gpio-out "sysbus-irq" 17 num_cpus = 1 (0x1) mmio 0000000ff1310000/0000000000000014 mmio 0000000ff1300000/0000000000000010 <--- base address mmio 0000000ff1301000/0000000000000010 mmio 0000000ff1302000/0000000000000010 ... Reported-by: Yap KV <yapkv@yahoo.com> Buglink: https://bugs.launchpad.net/bugs/1906905 Fixes: a3d12d073e1 ("slavio_timer: convert to memory API") CC: qemu-stable@nongnu.org Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20201205150903.3062711-1-f4bug@amsat.org> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
* | | Merge remote-tracking branch 'remotes/dg-gitlab/tags/ppc-for-6.0-20210106' ↵Peter Maydell2021-01-0622-383/+616
|\ \ \ | |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | into staging ppc patch queue 2021-01-06 First pull request for 2021, which has a bunch of things accumulated over the holidays. Includes: * A number of cleanups to sam460ex and ppc440 code from BALATON Zoltan * Several fixes for builds with --without-default-devices from Greg Kurz * Fixes for some DRC reset problems from Greg Kurz * QOM conversion of the PPC 4xx UIC devices from Peter Maydell * Some other assorted fixes and cleanups # gpg: Signature made Wed 06 Jan 2021 03:33:19 GMT # gpg: using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392 # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full] # gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full] # gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full] # gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown] # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dg-gitlab/tags/ppc-for-6.0-20210106: (22 commits) ppc440_pcix: Fix up pci config access ppc440_pcix: Fix register write trace event ppc440_pcix: Improve comment for IRQ mapping sam460ex: Remove FDT_PPC dependency from KConfig ppc4xx: Move common dependency on serial to common option pnv: Fix reverse dependency on PCI express root ports ppc: Simplify reverse dependencies of POWERNV and PSERIES on XICS and XIVE ppc: Fix build with --without-default-devices spapr: Add drc_ prefix to the DRC realize and unrealize functions spapr: Use spapr_drc_reset_all() at machine reset spapr: Introduce spapr_drc_reset_all() spapr: Fix reset of transient DR connectors spapr: Call spapr_drc_reset() for all DRCs at CAS spapr: Fix buffer overflow in spapr_numa_associativity_init() spapr: Allow memory unplug to always succeed spapr: Fix DR properties of the root node spapr/xive: Make spapr_xive_pic_print_info() static spapr: DRC lookup cannot fail hw/ppc/ppc440_bamboo: Drop use of ppcuic_init() hw/ppc/virtex_ml507: Drop use of ppcuic_init() ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * | ppc440_pcix: Fix up pci config accessBALATON Zoltan via2021-01-061-15/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a long standing issue with MorphOS booting on sam460ex which turns out to be because of suspicious values written to PCI config address that apparently works on real machine but caused wrong access on this device model. This replaces a previous work around for this with a better fix that makes it work. Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Message-Id: <6fd215ab2bc5f8d4455cd20ed1a2f059e4415fe5.1609636173.git.balaton@eik.bme.hu> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | ppc440_pcix: Fix register write trace eventBALATON Zoltan via2021-01-062-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The trace event for pci_host_config_write() was also using the trace event for read. Add corresponding trace and correct this. Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Message-Id: <a6c7dcf7153cc537123ed8ceac060f2f64a883cb.1609636173.git.balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | ppc440_pcix: Improve comment for IRQ mappingBALATON Zoltan via2021-01-061-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code mapping all PCI interrupts to a single CPU IRQ works but is not trivial so document it in a comment. Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Message-Id: <c25c0310510672b58466e795fd701e65e8f1ff97.1609636173.git.balaton@eik.bme.hu> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | sam460ex: Remove FDT_PPC dependency from KConfigBALATON Zoltan via2021-01-061-1/+0Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dependency on FDT_PPC was added in commit b0048f76095 ("hw/ppc/Kconfig: Only select FDT helper for machines using it") but it does not seem to be really necessary so remove it again. Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <7461a20b129a912aeacdb9ad115a55f0b84c8726.1609636173.git.balaton@eik.bme.hu> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | ppc4xx: Move common dependency on serial to common optionBALATON Zoltan via2021-01-061-4/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | All machines that select SERIAL also select PPC4XX so we can just add this common dependency there once. Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Message-Id: <94f1eb7cfb7f315bd883d825f3ce7e0cfc2f2b69.1609636173.git.balaton@eik.bme.hu> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | pnv: Fix reverse dependency on PCI express root portsGreg Kurz2021-01-063-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu-system-ppc64 built with --without-default-devices crashes: Type 'pnv-phb4-root-port' is missing its parent 'pcie-root-port-base' Aborted (core dumped) Have POWERNV to select PCIE_PORT. This is done through a new PCI_POWERNV config in hw/pci-host/Kconfig since POWERNV doesn't have a direct dependency on PCI. For this reason, PCI_EXPRESS and MSI_NONBROKEN are also moved under PCI_POWERNV. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Cédric Le Goater <clg@kaod.org> Message-Id: <160883058299.253005.342913177952681375.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | ppc: Simplify reverse dependencies of POWERNV and PSERIES on XICS and XIVEGreg Kurz2021-01-063-17/+4Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Have PSERIES to select XICS and XIVE, and directly check PSERIES in hw/intc/meson.build to enable build of the XICS and XIVE sPAPR backends, like POWERNV already does. This allows to get rid of the intermediate XICS_SPAPR and XIVE_SPAPR. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <160883057560.253005.4206568349917633920.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | ppc: Fix build with --without-default-devicesGreg Kurz2021-01-063-18/+6Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Linking of the qemu-system-ppc64 fails on a POWER9 host when --without-default-devices is passed to configure: $ ./configure --without-default-devices \ --target-list=ppc64-softmmu && make ... libqemu-ppc64-softmmu.fa.p/hw_ppc_e500.c.o: In function `ppce500_init_mpic_kvm': /home/greg/Work/qemu/qemu-ppc/build/../hw/ppc/e500.c:777: undefined reference to `kvm_openpic_connect_vcpu' libqemu-ppc64-softmmu.fa.p/hw_ppc_spapr_irq.c.o: In function `spapr_irq_check': /home/greg/Work/qemu/qemu-ppc/build/../hw/ppc/spapr_irq.c:189: undefined reference to `xics_kvm_has_broken_disconnect' libqemu-ppc64-softmmu.fa.p/hw_intc_spapr_xive.c.o: In function `spapr_xive_post_load': /home/greg/Work/qemu/qemu-ppc/build/../hw/intc/spapr_xive.c:530: undefined reference to `kvmppc_xive_post_load' ... and tons of other symbols belonging to the KVM backend of the openpic, XICS and XIVE interrupt controllers. It turns out that OPENPIC_KVM, XICS_KVM and XIVE_KVM are marked to depend on KVM but this has no effect when minikconf runs in allnoconfig mode. Such reverse dependencies should rather be handled with a 'select' statement, eg. config OPENPIC select OPENPIC_KVM if KVM or even better by getting rid of the intermediate _KVM config and directly checking CONFIG_KVM in the meson.build file: specific_ss.add(when: ['CONFIG_KVM', 'CONFIG_OPENPIC'], if_true: files('openpic_kvm.c')) Go for the latter with OPENPIC, XICS and XIVE. This went unnoticed so far because CI doesn't test the build with --without-default-devices and KVM enabled on a POWER host. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <160883056791.253005.14924294027763955653.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | spapr: Add drc_ prefix to the DRC realize and unrealize functionsGreg Kurz2021-01-061-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use a less generic name for an easier experience with tools such as cscope or grep. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <20201218103400.689660-6-groug@kaod.org> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Tested-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | spapr: Use spapr_drc_reset_all() at machine resetGreg Kurz2021-01-061-14/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Documentation of object_child_foreach_recursive() clearly stipulates that "it is forbidden to add or remove children from @obj from the @fn callback". But this is exactly what we do during machine reset. The call to spapr_drc_reset() can finalize the hot-unplug sequence of a PHB or a PCI bridge, both of which will then in turn destroy their PCI DRCs. This could potentially invalidate the iterator used by do_object_child_foreach(). It is pure luck that this haven't caused any issues so far. Use spapr_drc_reset_all() since it can cope with DRC removal. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <20201218103400.689660-5-groug@kaod.org> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Tested-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | spapr: Introduce spapr_drc_reset_all()Greg Kurz2021-01-063-34/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | No need to expose the way DRCs are traversed outside of spapr_drc.c. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <20201218103400.689660-4-groug@kaod.org> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Tested-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * | spapr: Fix reset of transient DR connectorsGreg Kurz2021-01-063-3/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Documentation of object_property_iter_init() clearly stipulates that "it is forbidden to modify the property list while iterating". But this is exactly what we do when resetting transient DR connectors during CAS. The call to spapr_drc_reset() can finalize the hot-unplug sequence of a PHB or a PCI bridge, both of which will then in turn destroy their PCI DRCs. This could potentially invalidate the iterator. It is pure luck that this haven't caused any issues so far. Change spapr_drc_reset() to return true if it caused a device to be removed. Restart from scratch in this case. This can potentially increase the overall DRC reset time, especially with a high maxmem which generates a lot of LMB DRCs. But this kind of setup is rare, and so is the use case of rebooting a guest while doing hot-unplug. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <20201218103400.689660-3-groug@kaod.org> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Tested-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>