1. 06 11月, 2018 40 次提交
    • E
      tests: Fix Python 3 detection on older GNU make versions · 0ca70f19
      Eduardo Habkost 提交于
      The $(SHELLSTATUS) variable requires GNU make >= 4.2, but Travis
      seems to provide an older version.  Change the existing rules to
      use command output instead of exit code, to make it compatible
      with older GNU make versions.
      Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
      Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Tested-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      0ca70f19
    • P
      Merge remote-tracking branch 'remotes/kraxel/tags/seabios-20181106-pull-request' into staging · 31eac32a
      Peter Maydell 提交于
      seabios update for 3.1
      
      # gpg: Signature made Tue 06 Nov 2018 11:27:53 GMT
      # gpg:                using RSA key 4CB6D8EED3E87138
      # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
      # gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
      # gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
      # Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138
      
      * remotes/kraxel/tags/seabios-20181106-pull-request:
        update seabios to master snapshot
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      31eac32a
    • P
      Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20181106' into staging · 9aca8666
      Peter Maydell 提交于
      target-arm queue:
       * Remove can't-happen if() from handle_vec_simd_shli()
       * hw/arm/exynos4210: Zero memory allocated for Exynos4210State
       * Set S and PTW in 64-bit PAR format
       * Fix ATS1Hx instructions
       * milkymist: Check for failure trying to load BIOS image
      
      # gpg: Signature made Tue 06 Nov 2018 11:37:30 GMT
      # gpg:                using RSA key 3C2525ED14360CDE
      # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
      # gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
      # gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
      # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE
      
      * remotes/pmaydell/tags/pull-target-arm-20181106:
        target/arm: Fix ATS1Hx instructions
        target/arm: Set S and PTW in 64-bit PAR format
        hw/arm/exynos4210: Zero memory allocated for Exynos4210State
        milkymist: Check for failure trying to load BIOS image
        target/arm: Remove can't-happen if() from handle_vec_simd_shli()
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      9aca8666
    • P
      Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging · b66db50f
      Peter Maydell 提交于
      pci, pc, virtio: fixes, features
      
      AMD IOMMU VAPIC support + fixes all over the place.
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      
      # gpg: Signature made Mon 05 Nov 2018 18:24:10 GMT
      # gpg:                using RSA key 281F0DB8D28D5469
      # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
      # gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
      # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
      #      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469
      
      * remotes/mst/tags/for_upstream: (33 commits)
        vhost-scsi: prevent using uninitialized vqs
        piix_pci: fix i440fx data sheet link
        piix: use TYPE_FOO constants than string constats
        i440fx: use ARRAY_SIZE for pam_regions
        pci_bridge: fix typo in comment
        hw/pci: Add missing include
        hw/pci-bridge/ioh3420: Remove unuseful header
        hw/pci-bridge/xio3130: Remove unused functions
        tests/bios-tables-test: add 64-bit PCI MMIO aperture round-up test on Q35
        bios-tables-test: prepare expected files for mmio64
        hw/pci-host/x86: extend the 64-bit PCI hole relative to the fw-assigned base
        hw/pci-host/x86: extract get_pci_hole64_start_value() helpers
        pci-testdev: add optional memory bar
        MAINTAINERS: list "tests/acpi-test-data" files in ACPI/SMBIOS section
        x86_iommu/amd: Enable Guest virtual APIC support
        x86_iommu/amd: Add interrupt remap support when VAPIC is enabled
        i386: acpi: add IVHD device entry for IOAPIC
        x86_iommu/amd: Add interrupt remap support when VAPIC is not enabled
        x86_iommu/amd: Prepare for interrupt remap support
        x86_iommu/amd: make the address space naming consistent with intel-iommu
        ...
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      b66db50f
    • P
      target/arm: Fix ATS1Hx instructions · 23463e0e
      Peter Maydell 提交于
      ATS1HR and ATS1HW (which allow AArch32 EL2 to do address translations
      on the EL2 translation regime) were implemented in commit 14db7fe0.
      However, we got them wrong: these should do stage 1 address translations
      as defined for NS-EL2, which is ARMMMUIdx_S1E2. We were incorrectly
      making them perform stage 2 translations.
      
      A few years later in commit 1313e2d7 we forgot entirely that
      we'd implemented ATS1Hx, and added a comment that ATS1Hx were
      "not supported yet". Remove the comment; there is no extra code
      needed to handle these operations in do_ats_write(), because
      arm_s1_regime_using_lpae_format() returns true for ARMMMUIdx_S1E2,
      which forces 64-bit PAR format.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
      Message-id: 20181016093703.10637-3-peter.maydell@linaro.org
      Reviewed-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>
      23463e0e
    • P
      target/arm: Set S and PTW in 64-bit PAR format · 0f7b791b
      Peter Maydell 提交于
      In do_ats_write() we construct a PAR value based on the result
      of the translation.  A comment says "S2WLK and FSTAGE are always
      zero, because we don't implement virtualization".
      Since we do in fact now implement virtualization, add the missing
      code that sets these bits based on the reported ARMMMUFaultInfo.
      
      (These bits are named PTW and S in ARMv8, so we follow that
      convention in the new comments in this patch.)
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Reviewed-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>
      Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
      Message-id: 20181016093703.10637-2-peter.maydell@linaro.org
      0f7b791b
    • P
      hw/arm/exynos4210: Zero memory allocated for Exynos4210State · 76a82ced
      Peter Maydell 提交于
      In exynos4210_init() we allocate memory for an Exynos4210State
      struct. Generally devices can assume that the memory allocated
      for their state struct is zero-initialized; we broke that
      assumption here by using g_new(). Use g_new0() instead.
      (In particular, some code assumes that the various irq arrays
      in the Exynos4210Irq sub-struct are zero-initialized.)
      
      In the longer term, this code should be QOMified, and then
      the struct memory will be allocated elsewhere and by functions
      which always zero-initalize it; but for 3.1 this is a
      simple fix.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Tested-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Message-id: 20181105151132.13884-1-peter.maydell@linaro.org
      76a82ced
    • P
      milkymist: Check for failure trying to load BIOS image · 40af11eb
      Peter Maydell 提交于
      Check the return value from load_image_targphys(), which tells us
      whether our attempt to load the BIOS image into RAM failed.
      (Spotted by Coverity, CID 1190305.)
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Acked-by: NMichael Walle <michael@walle.cc>
      Message-id: 20181030170032.1844-1-peter.maydell@linaro.org
      40af11eb
    • P
      target/arm: Remove can't-happen if() from handle_vec_simd_shli() · f6c98f91
      Peter Maydell 提交于
      In handle_vec_simd_shli() we have a check:
           if (size > 3 && !is_q) {
               unallocated_encoding(s);
               return;
           }
      However this can never be true, because we calculate
          int size = 32 - clz32(immh) - 1;
      where immh is a 4 bit field which we know cannot be all-zeroes.
      So the clz32() return must be in {28,29,30,31} and the resulting
      size is in {0,1,2,3}, and "size > 3" is never true.
      
      This unnecessary code confuses Coverity's analysis:
      in CID 1396476 it thinks we might later index off the
      end of an array because the condition implies that we
      might have a size > 3.
      
      Remove the code, and instead assert that the size is in [0..3],
      since the decode that enforces that is somewhat distant from
      this function.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
      Tested-by: NAlex Bennée <alex.bennee@linaro.org>
      Message-id: 20181030162517.21816-1-peter.maydell@linaro.org
      f6c98f91
    • G
      update seabios to master snapshot · 0b8f7448
      Gerd Hoffmann 提交于
      seabios 1.12 release is planned for november.
      
      update seabios to a master branch snapshot so it gets more testing
      and to make the delta smaller when updating to -final during freeze.
      
      git shortlog rel-1.11.2..14221cd86e
      ===================================
      
      Gerd Hoffmann (12):
            optionrom: enable non-vga display devices
            cbvga: factor out cbvga_setup_modes()
            qemu: add bochs-display support
            cbvga_setup_modes: use real mode number instead of 0x140
            cbvga_list_modes: don't list current mode twice
            cbvga_set_mode: disable clearmem in windows x86 emulator.
            bochs_display_setup: return error on failure
            pmm: use tmp zone on oom
            vgasrc: add allocate_pmm()
            qemu: add qemu ramfb support
            cbvga_set_mode: refine clear display logic
            pretty boot menu entry for cdrom drives
      
      Jing Liu (3):
            pci: fix the return value for truncated capability
            pci: clean up the debug message for pci capability found
            pci: recognize RH PCI legacy bridge resource reservation capability
      
      Kevin O'Connor (8):
            docs: Add sercon-port to Runtime_config.md documentation
            paravirt: Only enable sercon in NOGRAPHIC mode if no other console specified
            shadow: Don't invoke a shutdown on reboot unless in a reboot loop
            build: Use git describe --always
            docs: Update Download.md to use git clone via https
            ssdt: Fix building of legacy acpi tables on current iasl compiler
            docs: Update download file link
            sdcard: Increase SDHCI_POWER_ON_TIME to 5ms
      
      Marc-André Lureau (4):
            x86: add readq()
            tpm: generalize init_timeout()
            tpm: use get_tpm_version() callback
            tpm: add TPM CRB device support
      
      Marcel Apfelbaum (1):
            pci: fix 'io hints' capability for RedHat PCI bridges
      
      Matt DeVillier (2):
            nvme: fix I/O queue length calculation overflow
            SeaVGABios/cbvga: Fix bpp for coreboot framebuffer
      
      Nikolay Nikolov (11):
            floppy: Introduce the floppy_dor_read() function
            floppy: Introduce floppy_dor_mask()
            floppy: Introduce FLOPPY_DOR_XXX constants
            floppy: Preserve motor and drive sel bits when resetting the floppy controller
            floppy: Reset the floppy motor count in floppy_drive_pio()
            floppy: Use timer_check() in floppy_wait_irq()
            floppy: hold the DOR reset bit low for 4 microseconds, when resetting
            floppy: Execute a SPECIFY command after sensing the media type
            floppy: Support up to 4 floppy drives when turning on the floppy motor
            floppy: Wait for the floppy motor to reach a stable speed, after starting
            floppy: Send 4 sense interrupt commands during controller initialization
      
      Paul Menzel (1):
            docs/Download: Use more secure HTTPS URLs where possible
      
      Stefan Berger (5):
            tpm: Add support for TPM2 ACPI table
            tpm: Wait for tpmRegValidSts flag on CRB interface before probing
            tpm: revert return values for successful/failed CRB probing
            tpm: when CRB is active, select, lock it, and check addresses
            tpm: Request access to locality 0
      
      Stephen Douthit (3):
            tpm: Refactor duplicated wait code in tis_wait_sts() & crb_wait_reg()
            tpm: Wait for interface startup when probing
            tpm: Handle unimplemented TIS_REG_IFACE_ID in tis_get_tpm_version()
      Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
      0b8f7448
    • B
      oslib-posix: Use MAP_STACK in qemu_alloc_stack() on OpenBSD · fc3d1bad
      Brad Smith 提交于
      Use MAP_STACK in qemu_alloc_stack() on OpenBSD.
      
      Added to our 6.4 release.
      
      MAP_STACK      Indicate that the mapping is used as a stack.  This
                     flag must be used in combination with MAP_ANON and
                     MAP_PRIVATE.
      
      Implement MAP_STACK option for mmap().  Synchronous faults (pagefault and
      syscall) confirm the stack register points at MAP_STACK memory, otherwise
      SIGSEGV is delivered. sigaltstack() and pthread_attr_setstack() are modified
      to create a MAP_STACK sub-region which satisfies alignment requirements.
      Observe that MAP_STACK can only be set/cleared by mmap(), which zeroes the
      contents of the region -- there is no mprotect() equivalent operation, so
      there is no MAP_STACK-adding gadget.
      Signed-off-by: NBrad Smith <brad@comstyle.com>
      Reviewed-by: NKamil Rytarowski <n54@gmx.com>
      Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 20181019125239.GA13884@humpty.home.comstyle.com
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      fc3d1bad
    • P
      Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20181105' into staging · 03c1ca1c
      Peter Maydell 提交于
      - some changes in s390x maintainership
      - bugfix in vfio-ap
      
      # gpg: Signature made Mon 05 Nov 2018 16:34:03 GMT
      # gpg:                using RSA key DECF6B93C6F02FAF
      # gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
      # gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
      # gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
      # gpg:                 aka "Cornelia Huck <cohuck@kernel.org>"
      # gpg:                 aka "Cornelia Huck <cohuck@redhat.com>"
      # Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF
      
      * remotes/cohuck/tags/s390x-20181105:
        MAINTAINERS: s390/boot: the ipl code and the bios belong together
        MAINTAINERS: s390: Remove myself
        MAINTAINERS: s390/pci: add Collin Walling as maintainer for zpci
        MAINTAINERS: s390/virtio-ccw: drop Christian, add Halil
        MAINTAINERS: s390: more maintainers for vfio-ccw
        s390x/vfio-ap: report correct error
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      03c1ca1c
    • Y
      vhost-scsi: prevent using uninitialized vqs · e6cc11d6
      yuchenlin 提交于
      There are 3 virtqueues (ctrl, event and cmd) for virtio scsi device,
      but seabios will only set the physical address for the 3rd one (cmd).
      Then in vhost_virtqueue_start(), virtio_queue_get_desc_addr()
      will be 0 for ctrl and event vq.
      
      In this case, ctrl and event vq are not initialized.
      vhost_verify_ring_mappings may use uninitialized vhost_virtqueue
      such that vhost_verify_ring_part_mapping returns ENOMEM.
      
      When encountered this problem, we got the following logs:
      
          qemu-system-x86_64: Unable to map available ring for ring 0
          qemu-system-x86_64: Verify ring failure on region 0
      Signed-off-by: NForrest Liu <forrestl@synology.com>
      Signed-off-by: Nyuchenlin <yuchenlin@synology.com>
      Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      e6cc11d6
    • L
      piix_pci: fix i440fx data sheet link · 9b178f0e
      Li Qiang 提交于
      It seems that the intel link is unavailable, change it to point to the
      qemu site.
      Signed-off-by: NLi Qiang <liq3ea@163.com>
      Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Reviewed-by: NMarcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Acked-by: NMichael S. Tsirkin <mst@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      9b178f0e
    • L
      piix: use TYPE_FOO constants than string constats · ee31e901
      Li Qiang 提交于
      Make them more QOMConventional.
      Cc:qemu-trivial@nongnu.org
      Signed-off-by: NLi Qiang <liq3ea@gmail.com>
      Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      ee31e901
    • L
      i440fx: use ARRAY_SIZE for pam_regions · 0118c01c
      Li Qiang 提交于
      Cc: qemu-trivial@nongnu.org
      Signed-off-by: NLi Qiang <liq3ea@gmail.com>
      Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      0118c01c
    • M
    • P
      hw/pci: Add missing include · 2728a57a
      Philippe Mathieu-Daudé 提交于
      Noted while refactoring:
      
            CC      mips-softmmu/hw/mips/gt64xxx_pci.o
          In file included from include/hw/pci-host/gt64xxx.h:2,
                           from hw/mips/gt64xxx_pci.c:30:
          include/hw/pci/pci_bus.h:23:5: error: unknown type name ‘PCIIOMMUFunc’
               PCIIOMMUFunc iommu_fn;
               ^~~~~~~~~~~~
          include/hw/pci/pci_bus.h:27:5: error: unknown type name ‘pci_set_irq_fn’
               pci_set_irq_fn set_irq;
               ^~~~~~~~~~~~~~
          include/hw/pci/pci_bus.h:28:5: error: unknown type name ‘pci_map_irq_fn’
               pci_map_irq_fn map_irq;
               ^~~~~~~~~~~~~~
          include/hw/pci/pci_bus.h:29:5: error: unknown type name ‘pci_route_irq_fn’
               pci_route_irq_fn route_intx_to_irq;
               ^~~~~~~~~~~~~~~~
          include/hw/pci/pci_bus.h:31:24: error: ‘PCI_SLOT_MAX’ undeclared here (not in a function)
               PCIDevice *devices[PCI_SLOT_MAX * PCI_FUNC_MAX];
                                  ^~~~~~~~~~~~
          include/hw/pci/pci_bus.h:31:39: error: ‘PCI_FUNC_MAX’ undeclared here (not in a function)
               PCIDevice *devices[PCI_SLOT_MAX * PCI_FUNC_MAX];
                                                 ^~~~~~~~~~~~
          make[1]: *** [rules.mak:69: hw/mips/gt64xxx_pci.o] Error 1
          make: *** [Makefile:482: subdir-mips-softmmu] Error 2
      Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      2728a57a
    • P
    • P
      hw/pci-bridge/xio3130: Remove unused functions · c6329a2d
      Philippe Mathieu-Daudé 提交于
      Introduced in 48ebf2f9 and faf1e708, these functions
      were never used. Remove them.
      Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      c6329a2d
    • L
      tests/bios-tables-test: add 64-bit PCI MMIO aperture round-up test on Q35 · 0259e966
      Laszlo Ersek 提交于
      In commit 9fa99d25 ("hw/pci-host: Fix x86 Host Bridges 64bit PCI
      hole", 2017-11-16), we meant to expose such a 64-bit PCI MMIO aperture in
      the ACPI DSDT that would be at least as large as the new "pci-hole64-size"
      property (2GB on i440fx, 32GB on q35). The goal was to offer "enough"
      64-bit MMIO aperture to the guest OS for hotplug purposes.
      
      Previous patch fixed the issue that the aperture is extended relative to
      a possibly incorrect base.  This may result in an aperture size that is
      smaller than the intent of commit 9fa99d25.
      
      This patch adds a test to make sure it won't happen again.
      
      In the test case being added:
      - use 128 MB initial RAM size,
      - ask for one DIMM hotplug slot,
      - ask for 2 GB maximum RAM size,
      - use a pci-testdev with a 64-bit BAR of 2 GB size.
      
      Consequences:
      
      (1) In pc_memory_init() [hw/i386/pc.c], the DIMM hotplug area size is
          initially set to 2048-128 = 1920 MB. (Maximum RAM size minus initial
          RAM size.)
      
      (2) The DIMM area base is set to 4096 MB (because the initial RAM is only
          128 MB -- there is no initial "high RAM").
      
      (3) Due to commit 085f8e88 ("pc: count in 1Gb hugepage alignment when
          sizing hotplug-memory container", 2014-11-24), we add 1 GB for the one
          DIMM hotplug slot that was specified. This sets the DIMM area size to
          1920+1024 = 2944 MB.
      
      (4) The reserved-memory-end address (exclusive) is set to 4096 + 2944 =
          7040 MB (DIMM area base plus DIMM area size).
      
      (5) The reserved-memory-end address is rounded up to GB alignment,
          yielding 7 GB (7168 MB).
      
      (6) Given the 2 GB BAR size of pci-testdev, SeaBIOS allocates said 64-bit
          BAR in 64-bit address space.
      
      (7) Because reserved-memory-end is at 7 GB, it is unaligned for the 2 GB
          BAR. Therefore SeaBIOS allocates the BAR at 8 GB. QEMU then
          (correctly) assigns the root bridge aperture base this BAR address, to
          be exposed in \_SB.PCI0._CRS.
      
      (8) The intent of commit 9fa99d25 dictates that QEMU extend the
          aperture size to 32 GB, implying a 40 GB end address. However, QEMU
          performs the extension relative to reserved-memory-end (7 GB), not
          relative to the bridge aperture base that was correctly deduced from
          SeaBIOS's BAR programming (8 GB). Therefore we see 39 GB as the
          aperture end address in \_SB.PCI0._CRS:
      
      > QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
      >     0x0000000000000000, // Granularity
      >     0x0000000200000000, // Range Minimum
      >     0x00000009BFFFFFFF, // Range Maximum
      >     0x0000000000000000, // Translation Offset
      >     0x00000007C0000000, // Length
      >     ,, , AddressRangeMemory, TypeStatic)
      
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Alex Williamson <alex.williamson@redhat.com>
      Cc: Gerd Hoffmann <kraxel@redhat.com>
      Cc: Igor Mammedov <imammedo@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Signed-off-by: NLaszlo Ersek <lersek@redhat.com>
      Reviewed-by: NMarcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      0259e966
    • M
      bios-tables-test: prepare expected files for mmio64 · f5f4002d
      Michael S. Tsirkin 提交于
      test will be added by follow-up patch.
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      f5f4002d
    • L
      hw/pci-host/x86: extend the 64-bit PCI hole relative to the fw-assigned base · ed6bb4b5
      Laszlo Ersek 提交于
      In commit 9fa99d25 ("hw/pci-host: Fix x86 Host Bridges 64bit PCI
      hole", 2017-11-16), we meant to expose such a 64-bit PCI MMIO aperture in
      the ACPI DSDT that would be at least as large as the new "pci-hole64-size"
      property (2GB on i440fx, 32GB on q35). The goal was to offer "enough"
      64-bit MMIO aperture to the guest OS for hotplug purposes.
      
      In that commit, we added or modified five functions:
      
      - pc_pci_hole64_start(): shared between i440fx and q35. Provides a default
        64-bit base, which starts beyond the cold-plugged 64-bit RAM, and skips
        the DIMM hotplug area too (if any).
      
      - i440fx_pcihost_get_pci_hole64_start(), q35_host_get_pci_hole64_start():
        board-specific 64-bit base property getters called abstractly by the
        ACPI generator. Both of these fall back to pc_pci_hole64_start() if the
        firmware didn't program any 64-bit hole (i.e. if the firmware didn't
        assign a 64-bit GPA to any MMIO BAR on any device). Otherwise, they
        honor the firmware's BAR assignments (i.e., they treat the lowest 64-bit
        GPA programmed by the firmware as the base address for the aperture).
      
      - i440fx_pcihost_get_pci_hole64_end(), q35_host_get_pci_hole64_end():
        these intended to extend the aperture to our size recommendation,
        calculated relative to the base of the aperture.
      
      Despite the original intent, i440fx_pcihost_get_pci_hole64_end() and
      q35_host_get_pci_hole64_end() currently only extend the aperture relative
      to the default base (pc_pci_hole64_start()), ignoring any programming done
      by the firmware. This means that our size recommendation may not be met.
      Fix it by honoring the firmware's address assignments.
      
      The strange extension sizes were spotted by Alex, in the log of a guest
      kernel running on top of OVMF (which prefers to assign 64-bit GPAs to
      64-bit BARs).
      
      This change only affects DSDT generation, therefore no new compat property
      is being introduced.
      
      Using an i440fx OVMF guest with 5GB RAM, an example _CRS change is:
      
      > @@ -881,9 +881,9 @@
      >              QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
      >                  0x0000000000000000, // Granularity
      >                  0x0000000800000000, // Range Minimum
      > -                0x000000080001C0FF, // Range Maximum
      > +                0x000000087FFFFFFF, // Range Maximum
      >                  0x0000000000000000, // Translation Offset
      > -                0x000000000001C100, // Length
      > +                0x0000000080000000, // Length
      >                  ,, , AddressRangeMemory, TypeStatic)
      >          })
      >          Device (GPE0)
      
      (On i440fx, the low RAM split is at 3GB, in this case. Therefore, with 5GB
      guest RAM and no DIMM hotplug range, pc_pci_hole64_start() returns 4 +
      (5-3) = 6 GB. Adding the 2GB extension to that yields 8GB, which is below
      the firmware-programmed base of 32GB, before the patch. Therefore, before
      the patch, the extension is ineffective. After the patch, we add the 2GB
      extension to the firmware-programmed base, namely 32GB.)
      
      Using a q35 OVMF guest with 5GB RAM, an example _CRS change is:
      
      > @@ -3162,9 +3162,9 @@
      >              QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
      >                  0x0000000000000000, // Granularity
      >                  0x0000000800000000, // Range Minimum
      > -                0x00000009BFFFFFFF, // Range Maximum
      > +                0x0000000FFFFFFFFF, // Range Maximum
      >                  0x0000000000000000, // Translation Offset
      > -                0x00000001C0000000, // Length
      > +                0x0000000800000000, // Length
      >                  ,, , AddressRangeMemory, TypeStatic)
      >          })
      >          Device (GPE0)
      
      (On Q35, the low RAM split is at 2GB. Therefore, with 5GB guest RAM and no
      DIMM hotplug range, pc_pci_hole64_start() returns 4 + (5-2) = 7 GB. Adding
      the 32GB extension to that yields 39GB (0x0000_0009_BFFF_FFFF + 1), before
      the patch. After the patch, we add the 32GB extension to the
      firmware-programmed base, namely 32GB.)
      
      The ACPI test data for the bios-tables-test case that we added earlier in
      this series are corrected too, as follows:
      
      > @@ -3339,9 +3339,9 @@
      >              QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
      >                  0x0000000000000000, // Granularity
      >                  0x0000000200000000, // Range Minimum
      > -                0x00000009BFFFFFFF, // Range Maximum
      > +                0x00000009FFFFFFFF, // Range Maximum
      >                  0x0000000000000000, // Translation Offset
      > -                0x00000007C0000000, // Length
      > +                0x0000000800000000, // Length
      >                  ,, , AddressRangeMemory, TypeStatic)
      >          })
      >          Device (GPE0)
      
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Alex Williamson <alex.williamson@redhat.com>
      Cc: Gerd Hoffmann <kraxel@redhat.com>
      Cc: Igor Mammedov <imammedo@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Fixes: 9fa99d25Signed-off-by: NLaszlo Ersek <lersek@redhat.com>
      Reviewed-by: NMarcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      ed6bb4b5
    • L
      hw/pci-host/x86: extract get_pci_hole64_start_value() helpers · ccef5b1f
      Laszlo Ersek 提交于
      Expose the calculated "hole64 start" GPAs as plain uint64_t values,
      extracting the internals of the current property getters.
      
      This patch doesn't change behavior.
      
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Alex Williamson <alex.williamson@redhat.com>
      Cc: Gerd Hoffmann <kraxel@redhat.com>
      Cc: Igor Mammedov <imammedo@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Signed-off-by: NLaszlo Ersek <lersek@redhat.com>
      Reviewed-by: NMarcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      ccef5b1f
    • G
      pci-testdev: add optional memory bar · 41746334
      Gerd Hoffmann 提交于
      Add memory bar to pci-testdev.  Size is configurable using the membar
      property.  Setting the size to zero (default) turns it off.  Can be used
      to check whether guests handle large pci bars correctly.
      Reviewed-by: NMarc-André Lureau <marcandre.lureau@redhat.com>
      Reviewed-by: NLaszlo Ersek <lersek@redhat.com>
      Tested-by: NLaszlo Ersek <lersek@redhat.com>
      Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      41746334
    • L
      MAINTAINERS: list "tests/acpi-test-data" files in ACPI/SMBIOS section · 7115dcf4
      Laszlo Ersek 提交于
      The "tests/acpi-test-data" files are currently not covered by any section
      in MAINTAINERS, and "scripts/checkpatch.pl" complains when new data files
      are added.
      
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Alex Williamson <alex.williamson@redhat.com>
      Cc: Gerd Hoffmann <kraxel@redhat.com>
      Cc: Igor Mammedov <imammedo@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Signed-off-by: NLaszlo Ersek <lersek@redhat.com>
      Reviewed-by: NMarcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      7115dcf4
    • S
      x86_iommu/amd: Enable Guest virtual APIC support · 12499b23
      Singh, Brijesh 提交于
      Now that amd-iommu support interrupt remapping, enable the GASup in IVRS
      table and GASup in extended feature register to indicate that IOMMU
      support guest virtual APIC mode. GASup provides option to guest OS to
      make use of 128-bit IRTE.
      
      Note that the GAMSup is set to zero to indicate that amd-iommu does not
      support guest virtual APIC mode (aka AVIC) which would be used for the
      nested VMs.
      
      See Table 21 from IOMMU spec for interrupt virtualization controls
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Reviewed-by: NPeter Xu <peterx@redhat.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      12499b23
    • S
      x86_iommu/amd: Add interrupt remap support when VAPIC is enabled · 135f866e
      Singh, Brijesh 提交于
      Emulate the interrupt remapping support when guest virtual APIC is
      enabled.
      
      For more information refer: IOMMU spec rev 3.0 (section 2.2.5.2)
      
      When VAPIC is enabled, it uses interrupt remapping as defined in
      Table 22 and Figure 17 from IOMMU spec.
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Reviewed-by: NPeter Xu <peterx@redhat.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      135f866e
    • S
      i386: acpi: add IVHD device entry for IOAPIC · c028818d
      Singh, Brijesh 提交于
      When interrupt remapping is enabled, add a special IVHD device
      (type IOAPIC).
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Acked-by: NPeter Xu <peterx@redhat.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      c028818d
    • S
      x86_iommu/amd: Add interrupt remap support when VAPIC is not enabled · b44159fe
      Singh, Brijesh 提交于
      Emulate the interrupt remapping support when guest virtual APIC is
      not enabled.
      
      For more info Refer: AMD IOMMU spec Rev 3.0 - section 2.2.5.1
      
      When VAPIC is not enabled, it uses interrupt remapping as defined in
      Table 20 and Figure 15 from IOMMU spec.
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NPeter Xu <peterx@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      b44159fe
    • S
      x86_iommu/amd: Prepare for interrupt remap support · 577c470f
      Singh, Brijesh 提交于
      Register the interrupt remapping callback and read/write ops for the
      amd-iommu-ir memory region.
      
      amd-iommu-ir is set to higher priority to ensure that this region won't
      be masked out by other memory regions.
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NPeter Xu <peterx@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      577c470f
    • S
      x86_iommu/amd: make the address space naming consistent with intel-iommu · 53244386
      Singh, Brijesh 提交于
      To be consistent with intel-iommu:
      
      - rename the address space to use '_' instead of '-'
      - update the memory region relationships
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Reviewed-by: NPeter Xu <peterx@redhat.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      53244386
    • S
      x86_iommu/amd: remove V=1 check from amdvi_validate_dte() · 470506b5
      Singh, Brijesh 提交于
      Currently, the amdvi_validate_dte() assumes that a valid DTE will
      always have V=1. This is not true. The V=1 means that bit[127:1] are
      valid. A valid DTE can have IV=1 and V=0 (i.e address translation
      disabled and interrupt remapping enabled)
      
      Remove the V=1 check from amdvi_validate_dte(), make the caller
      responsible to check for V or IV bits.
      
      This also fixes a bug in existing code that when error is
      detected during the translation we'll fail the translation
      instead of assuming a passthrough mode.
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Reviewed-by: NPeter Xu <peterx@redhat.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      470506b5
    • S
      x86_iommu: move vtd_generate_msi_message in common file · 35c24501
      Singh, Brijesh 提交于
      The vtd_generate_msi_message() in intel-iommu is used to construct a MSI
      Message from IRQ. A similar function will be needed when we add interrupt
      remapping support in amd-iommu. Moving the function in common file to
      avoid the code duplication. Rename it to x86_iommu_irq_to_msi_message().
      There is no logic changes in the code flow.
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Suggested-by: NPeter Xu <peterx@redhat.com>
      Reviewed-by: NEduardo Habkost <ehabkost@redhat.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      35c24501
    • S
      x86_iommu: move the kernel-irqchip check in common code · 50662ce1
      Singh, Brijesh 提交于
      Interrupt remapping needs kernel-irqchip={off|split} on both Intel and AMD
      platforms. Move the check in common place.
      Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
      Reviewed-by: NPeter Xu <peterx@redhat.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Eduardo Habkost <ehabkost@redhat.com>
      Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
      Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      50662ce1
    • Y
      vhost-user-blk: start vhost when guest kicks · 110b9463
      Yongji Xie 提交于
      Some old guests (before commit 7a11370e5: "virtio_blk: enable VQs early")
      kick virtqueue before setting VIRTIO_CONFIG_S_DRIVER_OK. This violates
      the virtio spec. But virtio 1.0 transitional devices support this behaviour.
      So we should start vhost when guest kicks in this case.
      Signed-off-by: NYongji Xie <xieyongji@baidu.com>
      Signed-off-by: NChai Wen <chaiwen@baidu.com>
      Signed-off-by: NNi Xun <nixun@baidu.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      110b9463
    • P
      intel_iommu: handle invalid ce for shadow sync · c28b535d
      Peter Xu 提交于
      We should handle VTD_FR_CONTEXT_ENTRY_P properly when synchronizing
      shadow page tables.  Having invalid context entry there is perfectly
      valid when we move a device out of an existing domain.  When that
      happens, instead of posting an error we invalidate the whole region.
      
      Without this patch, QEMU will crash if we do these steps:
      
      (1) start QEMU with VT-d IOMMU and two 10G NICs (ixgbe)
      (2) bind the NICs with vfio-pci in the guest
      (3) start testpmd with the NICs applied
      (4) stop testpmd
      (5) rebind the NIC back to ixgbe kernel driver
      
      The patch should fix it.
      Reported-by: NPei Zhang <pezhang@redhat.com>
      Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1627272Signed-off-by: NPeter Xu <peterx@redhat.com>
      Reviewed-by: NEric Auger <eric.auger@redhat.com>
      Reviewed-by: NMaxime Coquelin <maxime.coquelin@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      c28b535d
    • P
      intel_iommu: move ce fetching out when sync shadow · 95ecd3df
      Peter Xu 提交于
      There are two callers for vtd_sync_shadow_page_table_range(): one
      provided a valid context entry and one not.  Move that fetching
      operation into the caller vtd_sync_shadow_page_table() where we need to
      fetch the context entry.
      
      Meanwhile, remove the error_report_once() directly since we're already
      tracing all the error cases in the previous call.  Instead, return error
      number back to caller.  This will not change anything functional since
      callers are dropping it after all.
      
      We do this move majorly because we want to do something more later in
      vtd_sync_shadow_page_table().
      Signed-off-by: NPeter Xu <peterx@redhat.com>
      Reviewed-by: NEric Auger <eric.auger@redhat.com>
      Reviewed-by: NMaxime Coquelin <maxime.coquelin@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      95ecd3df
    • P
      intel_iommu: better handling of dmar state switch · 2cc9ddcc
      Peter Xu 提交于
      QEMU is not handling the global DMAR switch well, especially when from
      "on" to "off".
      
      Let's first take the example of system reset.
      
      Assuming that a guest has IOMMU enabled.  When it reboots, we will drop
      all the existing DMAR mappings to handle the system reset, however we'll
      still keep the existing memory layouts which has the IOMMU memory region
      enabled.  So after the reboot and before the kernel reloads again, there
      will be no mapping at all for the host device.  That's problematic since
      any software (for example, SeaBIOS) that runs earlier than the kernel
      after the reboot will assume the IOMMU is disabled, so any DMA from the
      software will fail.
      
      For example, a guest that boots on an assigned NVMe device might fail to
      find the boot device after a system reboot/reset and we'll be able to
      observe SeaBIOS errors if we capture the debugging log:
      
        WARNING - Timeout at nvme_wait:144!
      
      Meanwhile, we should see DMAR errors on the host of that NVMe device.
      It's the DMA fault that caused a NVMe driver timeout.
      
      The correct fix should be that we do proper switching of device DMA
      address spaces when system resets, which will setup correct memory
      regions and notify the backend of the devices.  This might not affect
      much on non-assigned devices since QEMU VT-d emulation will assume a
      default passthrough mapping if DMAR is not enabled in the GCMD
      register (please refer to vtd_iommu_translate).  However that's required
      for an assigned devices, since that'll rebuild the correct GPA to HPA
      mapping that is needed for any DMA operation during guest bootstrap.
      
      Besides the system reset, we have some other places that might change
      the global DMAR status and we'd better do the same thing there.  For
      example, when we change the state of GCMD register, or the DMAR root
      pointer.  Do the same refresh for all these places.  For these two
      places we'll also need to explicitly invalidate the context entry cache
      and iotlb cache.
      
      Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1625173
      CC: QEMU Stable <qemu-stable@nongnu.org>
      Reported-by: NCong Li <coli@redhat.com>
      Signed-off-by: NPeter Xu <peterx@redhat.com>
      --
      v2:
      - do the same for GCMD write, or root pointer update [Alex]
      - test is carried out by me this time, by observing the
        vtd_switch_address_space tracepoint after system reboot
      v3:
      - rewrite commit message as suggested by Alex
      Signed-off-by: NPeter Xu <peterx@redhat.com>
      Reviewed-by: NEric Auger <eric.auger@redhat.com>
      Reviewed-by: NJason Wang <jasowang@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      2cc9ddcc
    • P
      intel_iommu: introduce vtd_reset_caches() · 06aba4ca
      Peter Xu 提交于
      Provide the function and use it in vtd_init().  Used to reset both
      context entry cache and iotlb cache for the whole IOMMU unit.
      Signed-off-by: NPeter Xu <peterx@redhat.com>
      Reviewed-by: NEric Auger <eric.auger@redhat.com>
      Reviewed-by: NJason Wang <jasowang@redhat.com>
      Reviewed-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      06aba4ca