- 27 7月, 2020 5 次提交
-
-
由 Hogan Wang 提交于
The pci host config register is used to save PCI address for read/write config data. If guest writes a value to config register, and then QEMU pauses the vcpu to migrate, after the migration, the guest will continue to write pci config data, and the write data will be ignored because of new qemu process losing the config register state. To trigger the bug: 1. guest is booting in seabios. 2. guest enables the SMRAM in seabios:piix4_apmc_smm_setup, and then expects to disable the SMRAM by pci_config_writeb. 3. after guest writes the pci host config register, QEMU pauses vcpu to finish migration. 4. guest write of config data(0x0A) fails to disable the SMRAM because the config register state is lost. 5. guest continues to boot and crashes in ipxe option ROM due to SMRAM in enabled state. Example Reproducer: step 1. Make modifications to seabios and qemu for increase reproduction efficiency, write 0xf0 to 0x402 port notify qemu to stop vcpu after 0x0cf8 port wrote i440 configure register. qemu stop vcpu when catch 0x402 port wrote 0xf0. seabios:/src/hw/pci.c @@ -52,6 +52,11 @@ void pci_config_writeb(u16 bdf, u32 addr, u8 val) writeb(mmconfig_addr(bdf, addr), val); } else { outl(ioconfig_cmd(bdf, addr), PORT_PCI_CMD); + if (bdf == 0 && addr == 0x72 && val == 0xa) { + dprintf(1, "stop vcpu\n"); + outb(0xf0, 0x402); // notify qemu to stop vcpu + dprintf(1, "resume vcpu\n"); + } outb(val, PORT_PCI_DATA + (addr & 3)); } } qemu:hw/char/debugcon.c @@ -60,6 +61,9 @@ static void debugcon_ioport_write(void *opaque, hwaddr addr, uint64_t val, printf(" [debugcon: write addr=0x%04" HWADDR_PRIx " val=0x%02" PRIx64 "]\n", addr, val); #endif + if (ch == 0xf0) { + vm_stop(RUN_STATE_PAUSED); + } /* XXX this blocks entire thread. Rewrite to use * qemu_chr_fe_write and background I/O callbacks */ qemu_chr_fe_write_all(&s->chr, &ch, 1); step 2. start vm1 by the following command line, and then vm stopped. $ qemu-system-x86_64 -machine pc-i440fx-5.0,accel=kvm\ -netdev tap,ifname=tap-test,id=hostnet0,vhost=on,downscript=no,script=no\ -device virtio-net-pci,netdev=hostnet0,id=net0,bus=pci.0,addr=0x13,bootindex=3\ -device cirrus-vga,id=video0,vgamem_mb=16,bus=pci.0,addr=0x2\ -chardev file,id=seabios,path=/var/log/test.seabios,append=on\ -device isa-debugcon,iobase=0x402,chardev=seabios\ -monitor stdio step 3. start vm2 to accept vm1 state. $ qemu-system-x86_64 -machine pc-i440fx-5.0,accel=kvm\ -netdev tap,ifname=tap-test1,id=hostnet0,vhost=on,downscript=no,script=no\ -device virtio-net-pci,netdev=hostnet0,id=net0,bus=pci.0,addr=0x13,bootindex=3\ -device cirrus-vga,id=video0,vgamem_mb=16,bus=pci.0,addr=0x2\ -chardev file,id=seabios,path=/var/log/test.seabios,append=on\ -device isa-debugcon,iobase=0x402,chardev=seabios\ -monitor stdio \ -incoming tcp:127.0.0.1:8000 step 4. execute the following qmp command in vm1 to migrate. (qemu) migrate tcp:127.0.0.1:8000 step 5. execute the following qmp command in vm2 to resume vcpu. (qemu) cont Before this patch, we get KVM "emulation failure" error on vm2. This patch fixes it. Cc: qemu-stable@nongnu.org Signed-off-by: NHogan Wang <hogan.wang@huawei.com> Message-Id: <20200727084621.3279-1-hogan.wang@huawei.com> Reported-by: N"Dr. David Alan Gilbert" <dgilbert@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 David Hildenbrand 提交于
Trying to run simple virtio-mem-pci examples currently fails with qemu-system-x86_64: -device virtio-mem-pci,id=vm0,memdev=mem0,node=0, requested-size=300M: device is modern-only, use disable-legacy=on due to the added safety checks in 9b3a35ec ("virtio: verify that legacy support is not accidentally on"). As noted by Conny, we have to force virtio version 1. While at it, use qdev_realize() to set the parent bus and realize - like most other virtio-*-pci implementations. Fixes: 0b9a2443 ("virtio-pci: Proxy for virtio-mem") Reviewed-by: NCornelia Huck <cohuck@redhat.com> Cc: Cornelia Huck <cohuck@redhat.com> Cc: "Michael S. Tsirkin" <mst@redhat.com> Signed-off-by: NDavid Hildenbrand <david@redhat.com> Message-Id: <20200727115905.129397-1-david@redhat.com> Cc: qemu-stable@nongnu.org Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Peter Maydell 提交于
ppc patch queue 2020-07-27 Only one patch in this batch, but it fixes a fairly important regression, so we want it in qemu-5.1 # gpg: Signature made Mon 27 Jul 2020 06:51:57 BST # gpg: using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392 # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full] # gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full] # gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full] # gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown] # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-for-5.1-20200727: pseries: fix kvmppc_set_fwnmi() Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Laurent Vivier 提交于
QEMU issues the ioctl(KVM_CAP_PPC_FWNMI) on the first vCPU. If the first vCPU is currently running, the vCPU mutex is held and the ioctl() cannot be done and waits until the mutex is released. This never happens and the VM is stuck. To avoid this deadlock, issue the ioctl on the same vCPU doing the RTAS call. The problem can be reproduced by booting a guest with several vCPUs (the probability to have the problem is (n - 1) / n, n = # of CPUs), and then by triggering a kernel crash with "echo c >/proc/sysrq-trigger". On the reboot, the kernel hangs after: ... [ 0.000000] ----------------------------------------------------- [ 0.000000] ppc64_pft_size = 0x0 [ 0.000000] phys_mem_size = 0x48000000 [ 0.000000] dcache_bsize = 0x80 [ 0.000000] icache_bsize = 0x80 [ 0.000000] cpu_features = 0x0001c06f8f4f91a7 [ 0.000000] possible = 0x0003fbffcf5fb1a7 [ 0.000000] always = 0x00000003800081a1 [ 0.000000] cpu_user_features = 0xdc0065c2 0xaee00000 [ 0.000000] mmu_features = 0x3c006041 [ 0.000000] firmware_features = 0x00000085455a445f [ 0.000000] physical_start = 0x8000000 [ 0.000000] ----------------------------------------------------- [ 0.000000] numa: NODE_DATA [mem 0x47f33c80-0x47f3ffff] Fixes: ec010c00 ("ppc/spapr: KVM FWNMI should not be enabled until guest requests it") Cc: npiggin@gmail.com Signed-off-by: NLaurent Vivier <lvivier@redhat.com> Message-Id: <20200724083533.281700-1-lvivier@redhat.com> Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
-
由 Peter Maydell 提交于
Fix some cputlb commentary Fix an hppa temporary leak Fix an i386 translation issue with loop insns # gpg: Signature made Sat 25 Jul 2020 17:03:59 BST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * remotes/rth/tags/pull-tcg-20200725: target/i386: Save cc_op before loop insns target/hppa: Free some temps in do_sub tcg: update comments for save_iotlb_data in cputlb Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 26 7月, 2020 3 次提交
-
-
由 Peter Maydell 提交于
Merge tpm 2020/07/24 v1 # gpg: Signature made Sat 25 Jul 2020 01:13:22 BST # gpg: using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211 # gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: B818 B9CA DF90 89C2 D5CE C66B 75AD 6580 2A0B 4211 * remotes/stefanberger/tags/pull-tpm-2020-07-24-1: tpm_emulator: Report an error if chardev is missing tpm: Improve help on TPM types when none are available Revert "tpm: Clean up error reporting in tpm_init_tpmdev()" Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
bugfixes: virtio-input, usb-dwc2, pixman. # gpg: Signature made Fri 24 Jul 2020 17:42:43 BST # gpg: using RSA key 4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/fixes-20200724-pull-request: configure: Allow to build tools without pixman hw/input/virtio-input-hid.c: Don't undef CONFIG_CURSES hw: Only compile the usb-dwc2 controller if it is really needed Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 John Snow 提交于
3 seconds is too short for some tests running inside busy VMs. Build it out to a rather generous 30 seconds to find out conclusively if there are more severe problems in the merge/CI tests. Signed-off-by: NJohn Snow <jsnow@redhat.com> Reviewed-by: NEduardo Habkost <ehabkost@redhat.com> Message-id: 20200720160252.104139-2-jsnow@redhat.com Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 25 7月, 2020 6 次提交
-
-
由 Richard Henderson 提交于
We forgot to update cc_op before these branch insns, which lead to losing track of the current eflags. Buglink: https://bugs.launchpad.net/qemu/+bug/1888165Reviewed-by: NAlex Bennée <alex.bennee@linaro.org> Signed-off-by: NRichard Henderson <richard.henderson@linaro.org> Message-Id: <20200720154028.477457-1-richard.henderson@linaro.org>
-
由 Richard Henderson 提交于
Two temps allocated but not freed. Do enough subtractions within a single TB and one can run out of temps entirely. Fixes: b2167459 ("target-hppa: Implement basic arithmetic") Buglink: https://bugs.launchpad.net/qemu/+bug/1880287Tested-by: NSven Schnelle <svens@stackframe.org> Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: NRichard Henderson <richard.henderson@linaro.org> Message-Id: <20200720174039.517902-1-richard.henderson@linaro.org>
-
由 Alex Bennée 提交于
I missed Emilio's review comments: Message-ID: <20200718205107.GA994221@sff> and the patch got merged. Correcting the comments now. Reviewed-by: NEmilio G. Cota <cota@braap.org> Signed-off-by: NAlex Bennée <alex.bennee@linaro.org> Message-Id: <20200720122358.26881-1-alex.bennee@linaro.org> Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
-
由 Stefan Berger 提交于
This patch fixes the odd error reporting when trying to send a file descriptor to the TPM emulator if one has not passed a valid chardev. $ x86_64-softmmu/qemu-system-x86_64 -tpmdev emulator,id=tpm0 qemu-system-x86_64: -tpmdev emulator,id=tpm0: tpm-emulator: Failed to send CMD_SET_DATAFD: Success qemu-system-x86_64: -tpmdev emulator,id=tpm0: tpm-emulator: Could not cleanly shutdown the TPM: Success This is the new error report: $ x86_64-softmmu/qemu-system-x86_64 -tpmdev emulator,id=tpm0 qemu-system-x86_64: -tpmdev emulator,id=tpm0: tpm-emulator: parameter 'chardev' is missing This change does not hide the display of supported TPM types if a non-existent type is passed: $ x86_64-softmmu/qemu-system-x86_64 -tpmdev nonexistent,id=tpm0 qemu-system-x86_64: -tpmdev nonexistent,id=tpm0: Parameter 'type' expects a TPM backend type Supported TPM types (choose only one): passthrough Passthrough TPM backend driver emulator TPM emulator backend driver Signed-off-by: NStefan Berger <stefanb@linux.ibm.com> Reviewed-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMarkus Armbruster <armbru@redhat.com>
-
由 Markus Armbruster 提交于
Help is a bit awkward when no TPM types are built into QEMU: $ qemu-system-x86_64 -tpmdev nonexistent,id=tpm0 qemu-system-x86_64: -tpmdev nonexistent,id=tpm0: Parameter 'type' expects a TPM backend type Supported TPM types (choose only one): Improve to qemu-system-x86_64: -tpmdev nonexistent,id=tpm0: Parameter 'type' expects a TPM backend type No TPM backend types are available Signed-off-by: NMarkus Armbruster <armbru@redhat.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: NStefan Berger <stefanb@linux.ibm.com> Signed-off-by: NStefan Berger <stefanb@linux.ibm.com>
-
由 Markus Armbruster 提交于
This reverts commit d10e05f1. We report some -tpmdev failures, but then continue as if all was fine. Reproducer: $ qemu-system-x86_64 -nodefaults -S -display none -monitor stdio -chardev null,id=tpm0 -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0 qemu-system-x86_64: -tpmdev emulator,id=tpm0,chardev=chrtpm: tpm-emulator: tpm chardev 'chrtpm' not found. qemu-system-x86_64: -tpmdev emulator,id=tpm0,chardev=chrtpm: tpm-emulator: Could not cleanly shutdown the TPM: No such file or directory QEMU 5.0.90 monitor - type 'help' for more information (qemu) qemu-system-x86_64: -device tpm-tis,tpmdev=tpm0: Property 'tpm-tis.tpmdev' can't find value 'tpm0' $ echo $? 1 This is a regression caused by commit d10e05f1 "tpm: Clean up error reporting in tpm_init_tpmdev()". It's incomplete: be->create(opts) continues to use error_report(), and we don't set an error when it fails. I figure converting the create() methods to Error would make some sense, but I'm not sure it's worth the effort right now. Revert the broken commit instead, and add a comment to tpm_init_tpmdev(). Straightforward conflict in tpm.c resolved. Signed-off-by: NMarkus Armbruster <armbru@redhat.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: NStefan Berger <stefanb@linux.ibm.com> Signed-off-by: NStefan Berger <stefanb@linux.ibm.com>
-
- 24 7月, 2020 11 次提交
-
-
由 Thomas Huth 提交于
If pixman is not installed, it is currently not possible to run: .../configure --disable-system --enable-tools Seems like there was a dependency from one of the required source files to pixman in the past, but since commit 1ac0206b ("qemu-timer.c: Trim list of included headers"), this dependency should be gone. Thus allow to compile the tools without pixman now. Signed-off-by: NThomas Huth <thuth@redhat.com> Message-id: 20200723141123.14765-1-thuth@redhat.com Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Peter Maydell 提交于
Error reporting patches patches for 2020-07-24 # gpg: Signature made Fri 24 Jul 2020 14:03:44 BST # gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653 # gpg: issuer "armbru@redhat.com" # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full] # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full] # Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653 * remotes/armbru/tags/pull-error-2020-07-24: qapi/error: Check format string argument in error_*prepend() sd/milkymist-memcard: Fix format string error: Strip trailing '\n' from error string arguments (again) coccinelle/err-bad-newline: Fix for Python 3, and add patterns Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
virtio-input-hid.c undefines CONFIG_CURSES before including ui/console.h. However since commits e2f82e92 and b0766612 that header does not have behaviour dependent on CONFIG_CURSES. Remove the now-unneeded undef. Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NThomas Huth <thuth@redhat.com> Acked-by: NMichael S. Tsirkin <mst@redhat.com> Message-id: 20200723192457.28136-1-peter.maydell@linaro.org Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Thomas Huth 提交于
The USB_DWC2 switch is currently "default y", so it is included in all qemu-system-* builds, even if it is not needed. Even worse, it does a "select USB", so USB devices are now showing up as available on targets that do not support USB at all. This sysbus device should only be included by the boards that need it, i.e. by the Raspi machines. Fixes: 153ef166 ("dwc-hsotg (dwc2) USB host controller emulation") Signed-off-by: NThomas Huth <thuth@redhat.com> Reviewed-by: NPaul Zimmerman <pauldzim@gmail.com> Message-id: 20200722154719.10130-1-thuth@redhat.com Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
由 Philippe Mathieu-Daudé 提交于
error_propagate_prepend() "behaves like error_prepend()", and error_prepend() uses "formatting @fmt, ... like printf()". error_prepend() checks its format string argument, but error_propagate_prepend() does not. Fix by addint the format attribute to error_propagate_prepend() and error_vprepend(). This would have caught the bug fixed in the previous commit. Missed in commit 4b576648 "error: Fix use of error_prepend() with &error_fatal, &error_abort". Inspired-by: NStefan Weil <sw@weilnetz.de> Suggested-by: NEric Blake <eblake@redhat.com> Reviewed-by: NStefan Weil <sw@weilnetz.de> Reviewed-by: NMarkus Armbruster <armbru@redhat.com> Signed-off-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200723171205.14949-1-philmd@redhat.com> Reviewed-by: NMarkus Armbruster <armbru@redhat.com> [Commit message tweaked] Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
-
由 Stefan Weil 提交于
Fixes: b98e8d12Signed-off-by: NStefan Weil <sw@weilnetz.de> Message-Id: <20200722204054.1400555-1-sw@weilnetz.de> Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NMarkus Armbruster <armbru@redhat.com> Reviewed-by: NLi Qiang <liq3ea@gmail.com> [Commit message tweaked] Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
-
由 Markus Armbruster 提交于
Tracked down with scripts/coccinelle/err-bad-newline.cocci. Cc: Peter Xu <peterx@redhat.com> Cc: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: NMarkus Armbruster <armbru@redhat.com> Message-Id: <20200722084048.1726105-3-armbru@redhat.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Acked-by: NDavid Gibson <david@gibson.dropbear.id.au> Reviewed-by: NPeter Xu <peterx@redhat.com>
-
由 Markus Armbruster 提交于
Signed-off-by: NMarkus Armbruster <armbru@redhat.com> Message-Id: <20200722084048.1726105-2-armbru@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com>
-
由 Peter Maydell 提交于
x86 bug fix for -rc2 A fix from Vitaly Kuznetsov for a CPU reset bug reported by Jan Kiszka. # gpg: Signature made Thu 23 Jul 2020 20:10:40 BST # gpg: using RSA key 5A322FD5ABC4D3DBACCFD1AA2807936F984DC5A6 # gpg: issuer "ehabkost@redhat.com" # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full] # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-next-for-5.1-pull-request: KVM: fix CPU reset wrt HF2_GIF_MASK Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Vitaly Kuznetsov 提交于
HF2_GIF_MASK is set in env->hflags2 unconditionally on CPU reset (see x86_cpu_reset()) but when calling KVM_SET_NESTED_STATE, KVM_STATE_NESTED_GIF_SET is only valid for nSVM as e.g. nVMX code looks like if (kvm_state->hdr.vmx.vmxon_pa == -1ull) { if (kvm_state->flags & ~KVM_STATE_NESTED_EVMCS) return -EINVAL; } Also, when adjusting the environment after KVM_GET_NESTED_STATE we need not reset HF2_GIF_MASK on VMX as e.g. x86_cpu_pending_interrupt() expects it to be set. Alternatively, we could've made env->hflags2 SVM-only. Reported-by: NJan Kiszka <jan.kiszka@siemens.com> Fixes: b16c0e20 ("KVM: add support for AMD nested live migration") Signed-off-by: NVitaly Kuznetsov <vkuznets@redhat.com> Message-Id: <20200723142701.2521161-1-vkuznets@redhat.com> Tested-by: NJan Kiszka <jan.kiszka@siemens.com> Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
-
由 Peter Maydell 提交于
This PR contains a few RISC-V fixes. The main fix is the correction of the goldfish RTC time. On top of that some small fixes to the recently added vector extensions have been added (including an assert that fixed a coverity report). There is a change in the SiFive E debug memory size to match hardware. Finally there is a fix for PMP accesses. # gpg: Signature made Wed 22 Jul 2020 17:43:59 BST # gpg: using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054 # gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full] # Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054 * remotes/alistair/tags/pull-riscv-to-apply-20200722-1: target/riscv: Fix the range of pmpcfg of CSR funcion table hw/riscv: sifive_e: Correct debug block size target/riscv: fix vector index load/store constraints target/riscv: Quiet Coverity complains about vamo* goldfish_rtc: Fix non-atomic read behaviour of TIME_LOW/TIME_HIGH Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 23 7月, 2020 7 次提交
-
-
由 Peter Maydell 提交于
acpi,virtio,pc: bugfixes Fix bug in ACPI which were tripping up guests. Fix a use-after-free with hotplug of virtio devices. Block ability to create legacy devices which shouldn't have been there in the first place. Fix migration error handling with balloon. Drop some dead code in virtio. vtd emulation fixup. Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> # gpg: Signature made Wed 22 Jul 2020 13:07:26 BST # gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469 # gpg: issuer "mst@redhat.com" # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full] # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full] # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: virtio-pci: Changed vdev to proxy for VirtIO PCI BAR callbacks. intel_iommu: Use correct shift for 256 bits qi descriptor virtio: verify that legacy support is not accidentally on virtio: list legacy-capable devices virtio-balloon: Replace free page hinting references to 'report' with 'hint' virtio-balloon: Add locking to prevent possible race when starting hinting virtio-balloon: Prevent guest from starting a report when we didn't request one virtio: Drop broken and superfluous object_property_set_link() acpi: accept byte and word access to core ACPI registers Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
AVR patches Fixes a memory leak reported by Coverity (CID 1430449). CI jobs result: . https://gitlab.com/philmd/qemu/-/pipelines/168722631 # gpg: Signature made Tue 21 Jul 2020 19:00:03 BST # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd-gitlab/tags/avr-20200721: hw/avr/boot: Fix memory leak in avr_load_firmware() qemu-common: Document qemu_find_file() qemu/osdep: Reword qemu_get_exec_dir() documentation qemu/osdep: Document os_find_datadir() return value Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Zong Li 提交于
The range of Physical Memory Protection should be from CSR_PMPCFG0 to CSR_PMPCFG3, not to CSR_PMPADDR9. Signed-off-by: NZong Li <zong.li@sifive.com> Reviewed-by: NAlistair Francis <alistair.francis@wdc.com> Reviewed-by: NBin Meng <bin.meng@windriver.com> Message-Id: <eae49e9252c9596e4f3bdb471772f79235141a87.1595335112.git.zong.li@sifive.com> Signed-off-by: NAlistair Francis <alistair.francis@wdc.com>
-
由 Bin Meng 提交于
Currently the debug region size is set to 0x100, but according to FE310-G000 and FE310-G002 manuals: FE310-G000: 0x100 - 0xFFF FE310-G002: 0x0 - 0xFFF Change the size to 0x1000 that applies to both. Signed-off-by: NBin Meng <bmeng.cn@gmail.com> Reviewed-by: NAlistair Francis <alistair.francis@wdc.com> Message-Id: <1594891856-15474-1-git-send-email-bmeng.cn@gmail.com> Signed-off-by: NAlistair Francis <alistair.francis@wdc.com>
-
由 LIU Zhiwei 提交于
Although not explicitly specified that the the destination vector register groups cannot overlap the source vector register group, it is still necessary. And this constraint has been added to the v0.8 spec. Signed-off-by: NLIU Zhiwei <zhiwei_liu@c-sky.com> Reviewed-by: NAlistair Francis <alistair.francis@wdc.com> Message-Id: <20200721133742.2298-2-zhiwei_liu@c-sky.com> Signed-off-by: NAlistair Francis <alistair.francis@wdc.com>
-
由 LIU Zhiwei 提交于
Signed-off-by: NLIU Zhiwei <zhiwei_liu@c-sky.com> Reviewed-by: NAlistair Francis <alistair.francis@wdc.com> Message-Id: <20200721133742.2298-1-zhiwei_liu@c-sky.com> Signed-off-by: NAlistair Francis <alistair.francis@wdc.com>
-
由 Jessica Clarke 提交于
The specification says: 0x00 TIME_LOW R: Get current time, then return low-order 32-bits. 0x04 TIME_HIGH R: Return high 32-bits from previous TIME_LOW read. ... To read the value, the kernel must perform an IO_READ(TIME_LOW), which returns an unsigned 32-bit value, before an IO_READ(TIME_HIGH), which returns a signed 32-bit value, corresponding to the higher half of the full value. However, we were just returning the current time for both. If the guest is unlucky enough to read TIME_LOW and TIME_HIGH either side of an overflow of the lower half, it will see time be in the future, before jumping backwards on the next read, and Linux currently relies on the atomicity guaranteed by the spec so is affected by this. Fix this violation of the spec by caching the correct value for TIME_HIGH whenever TIME_LOW is read, and returning that value for any TIME_HIGH read. Signed-off-by: NJessica Clarke <jrtc27@jrtc27.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NRichard Henderson <richard.henderson@linaro.org> Message-Id: <20200718004934.83174-1-jrtc27@jrtc27.com> Signed-off-by: NAlistair Francis <alistair.francis@wdc.com>
-
- 22 7月, 2020 8 次提交
-
-
由 Andrew Melnychenko 提交于
There is an issue when callback may be called with invalid vdev. It happens on unplug when vdev already deleted and VirtIOPciProxy is not. So now, callbacks accept proxy device, and vdev retrieved from it. Technically memio callbacks should be removed during the flatview update, but memoryregions remain til PCI device(and it's address space) completely deleted. Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1716352Signed-off-by: NAndrew Melnychenko <andrew@daynix.com> Message-Id: <20200706112123.971087-1-andrew@daynix.com> Cc: qemu-stable@nongnu.org Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Liu Yi L 提交于
In chapter 10.4.23 of VT-d spec 3.0, Descriptor Width bit was introduced in VTD_IQA_REG. Software could set this bit to tell VT-d the QI descriptor from software would be 256 bits. Accordingly, the VTD_IQH_QH_SHIFT should be 5 when descriptor size is 256 bits. This patch adds the DW bit check when deciding the shift used to update VTD_IQH_REG. Signed-off-by: NLiu Yi L <yi.l.liu@intel.com> Message-Id: <1593850035-35483-1-git-send-email-yi.l.liu@intel.com> Reviewed-by: NPeter Xu <peterx@redhat.com> Acked-by: NJason Wang <jasowang@redhat.com> Cc: qemu-stable@nongnu.org Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Cornelia Huck 提交于
If a virtio device does not have legacy support, make sure that it is actually off, and bail out if not. For virtio-pci, this means that any device without legacy support that has been specified to modern-only (or that has been forced to it) will work. For virtio-ccw, this duplicates the check that is currently done prior to realization for any device that explicitly specified no support for legacy. This catches devices that have not been fenced properly. Signed-off-by: NCornelia Huck <cohuck@redhat.com> Message-Id: <20200707105446.677966-3-cohuck@redhat.com> Cc: qemu-stable@nongnu.org Acked-by: NHalil Pasic <pasic@linux.ibm.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Cornelia Huck 提交于
Several types of virtio devices had already been around before the virtio standard was specified. These devices support virtio in legacy (and transitional) mode. Devices that have been added in the virtio standard are considered non-transitional (i.e. with no support for legacy virtio). Provide a helper function so virtio transports can figure that out easily. Signed-off-by: NCornelia Huck <cohuck@redhat.com> Message-Id: <20200707105446.677966-2-cohuck@redhat.com> Cc: qemu-stable@nongnu.org Acked-by: NHalil Pasic <pasic@linux.ibm.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Alexander Duyck 提交于
Recently a feature named Free Page Reporting was added to the virtio balloon. In order to avoid any confusion we should drop the use of the word 'report' when referring to Free Page Hinting. So what this patch does is go through and replace all instances of 'report' with 'hint" when we are referring to free page hinting. Acked-by: NDavid Hildenbrand <david@redhat.com> Signed-off-by: NAlexander Duyck <alexander.h.duyck@linux.intel.com> Message-Id: <20200720175128.21935.93927.stgit@localhost.localdomain> Cc: qemu-stable@nongnu.org Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Alexander Duyck 提交于
There is already locking in place when we are stopping free page hinting but there is not similar protections in place when we start. I can only assume this was overlooked as in most cases the page hinting should not be occurring when we are starting the hinting, however there is still a chance we could be processing hints by the time we get back around to restarting the hinting so we are better off making sure to protect the state with the mutex lock rather than just updating the value with no protections. Based on feedback from Peter Maydell this issue had also been spotted by Coverity: CID 1430269 Acked-by: NDavid Hildenbrand <david@redhat.com> Signed-off-by: NAlexander Duyck <alexander.h.duyck@linux.intel.com> Message-Id: <20200720175122.21935.78013.stgit@localhost.localdomain> Cc: qemu-stable@nongnu.org Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Alexander Duyck 提交于
Based on code review it appears possible for the driver to force the device out of a stopped state when hinting by repeating the last ID it was provided. Prevent this by only allowing a transition to the start state when we are in the requested state. This way the driver is only allowed to send one descriptor that will transition the device into the start state. All others will leave it in the stop state once it has finished. Fixes: c13c4153 ("virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_HINT") Acked-by: NDavid Hildenbrand <david@redhat.com> Signed-off-by: NAlexander Duyck <alexander.h.duyck@linux.intel.com> Message-Id: <20200720175115.21935.99563.stgit@localhost.localdomain> Cc: qemu-stable@nongnu.org Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Markus Armbruster 提交于
virtio_crypto_pci_realize() and copies the value of vcrypto->vdev's property "cryptodev" to vcrypto's property: object_property_set_link(OBJECT(vrng), "rng", OBJECT(vrng->vdev.conf.rng), NULL); Since it does so only after realize, this always fails, but the error is ignored. It's actually superfluous: vcrypto's property is an alias of vcrypto->vdev's property, created by virtio_instance_init_common(). Drop the call. Same for virtio_ccw_crypto_realize(), virtio_rng_pci_realize(), virtio_ccw_rng_realize(). Signed-off-by: NMarkus Armbruster <armbru@redhat.com> Message-Id: <20200721121153.1128844-1-armbru@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-