Signed-off-by: NEduardo Otubo <otubo@linux.vnet.ibm.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
---
v1:
 - Full seccomp calls and data included in vl.c

v1 -> v2:
 - Full seccomp calls and data removed from vl.c and put into separate
   qemu-seccomp.[ch] file.

Signed-off-by: NEduardo Otubo <otubo@linux.vnet.ibm.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
---
v1:
 - I added a syscall struct using priority levels as described in the
   libseccomp man page. The priority numbers are based to the frequency
   they appear in a sample strace from a regular qemu guest run under
   libvirt.

   Libseccomp generates linear BPF code to filter system calls, those rules
   are read one after another. The priority system places the most common
   rules first in order to reduce the overhead when processing them.

v1 -> v2:
 - Fixed some style issues
 - Removed code from vl.c and created qemu-seccomp.[ch]
 - Now using ARRAY_SIZE macro
 - Added more syscalls without priority/frequency set yet

v2 -> v3:
 - Adding copyright and license information
 - Replacing seccomp_whitelist_count just by ARRAY_SIZE
 - Adding header protection to qemu-seccomp.h
 - Moving QemuSeccompSyscall definition to qemu-seccomp.c
 - Negative return from seccomp_start is fatal now.
 - Adding open() and execve() to the whitelis

v3 -> v4:
 - Tests revealed a bigger set of syscalls.
 - seccomp_start() now has an argument to set the mode according to the
   configure option trap or kill.

v4 -> v5:
 - Tests on x86_64 required a new specific set of system calls.
 - libseccomp release 1.0.0: part of the API have changed in this last
   release, had to adapt to the new function signatures.

Adding basic options to the configure script to use libseccomp or not.
The default is set to 'no'. If the flag --enable-libseccomp is used, the
script will check for its existence using pkg-config.
Signed-off-by: NEduardo Otubo <otubo@linux.vnet.ibm.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2:
 - As I removed all the code related to seccomp from vl.c, I created
   qemu-seccomp.[ch].
 - Also making the configure script to add the specific line to
   Makefile.obj in order to compile with appropriate support to seccomp.

v2 -> v3:
 - Removing the line from Makefile.obj and adding it to Makefile.objs.
 - Marking libseccomp default option to 'yes' in the configure script.

v3 -> v8:
 - fix configure probe if libseccomp isn't available (aliguori)

Hi hard a brain fart when coding that function, it will
fail to "set" the memory beyond the first 512 bytes. This
is in turn causing guest crashes in ibmveth (spapr_llan.c
on the qemu side) due to the receive queue not being
properly initialized.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Add a new '[,dump-guest-core=on|off]' option to the '-machine' option. When
'dump-guest-core=off' is specified, guest memory is omitted from the core dump.
The default behavior continues to be to include guest memory when a core dump is
triggered. In my testing, this brought the core dump size down from 384MB to 6MB
on a 2GB guest.

Is anything additional required to preserve this setting for migration or
savevm? I don't believe so.

Changelog:
v3:
    Eliminate globals as per Anthony's suggestion
    set no dump from qemu_ram_remap() as well
v2:
    move the option from -m to -machine, rename option dump -> dump-guest-core
Signed-off-by: NJason Baron <jbaron@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

MacOSX 10.8 ("Mountain Lion") requires us to compile our one
Objective-C source file with clang even if the rest of QEMU
requires a real gcc, because the system headers we use make
use of Apple's "Blocks" extension to C/ObjC, and mainline
gcc doesn't support that. Since we only need to use a true
gcc for the parts of QEMU that use the fixed-register
env variable, we can simply use clang to build the ObjC
file: it will link to the gcc-built objects with no problems.

Add the necessary support for an OBJCC variable in the
makefile and configure machinery; we default to clang
if we have it, otherwise whatever CC is (since gcc
might be the Apple gcc which does support Blocks).
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

MacOSX 10.8 ("Mountain Lion") defaults to trying to use automated
reference counting on certain objects.  This means that the system
header files will use some Objective C syntax constructs even when
compiling pure C, which confuses mainline gcc. Suppress this by
setting OS_OBJECT_USE_OBJC=0. This avoids a compile error like this:

In file included from
/System/Library/Frameworks/Foundation.framework/Headers/NSObject.h:5:0,
                 from /usr/include/os/object.h:74,
                 from /usr/include/dispatch/dispatch.h:48,
                 from /System/Library/Frameworks/IOKit.framework/Headers/IOKitLib.h:56,
                 from block/raw-posix.c:35:
/System/Library/Frameworks/Foundation.framework/Headers/NSObjCRuntime.h:409:1: error: stray ‘@’ in program
[with a large number of further run-on errors]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Both MacOS and Solaris have special case handling for the CPU
type, because the check_define probes will return i386 even if
the hardware is 64 bit and x86_64 would be preferable. Move
these checks earlier in the configure probing so that we can
do them only if the user didn't specify a CPU with --cpu. This
fixes a bug where the user's command line argument was being
ignored.
Reviewed-by: NAndreas F=E4rber <afaerber@suse.de>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Currently, when parsing a stream of tokens we make a copy of the token
list at the beginning of each level of recursion so that we do not
modify the original list in cases where we need to fall back to an
earlier state.

In the worst case, we will only read 1 or 2 tokens off the list before
recursing again, which means an upper bound of roughly N^2 token allocations.

For a "reasonably" sized QMP request (in this a QMP representation of
cirrus_vga's device state, generated via QIDL, being passed in via
qom-set), this caused my 16GB's of memory to be exhausted before any
noticeable progress was made by the parser.

This patch works around the issue by using single copy of the token list
in the form of an indexable array so that we can save/restore state by
manipulating indices.

A subsequent commit adds a "large_dict" test case which exhibits the
same behavior as above. With this patch applied the test case successfully
completes in under a second.

Tested with valgrind, make check, and QMP.
Reviewed-by: NEric Blake <eblake@redhat.com>
Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: NEric Blake <eblake@redhat.com>
Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "KOI8-R" character set.  ]
    [ Some special characters may be displayed incorrectly. ]

Since we moved pcspk into hwlib, CONFIG_PCSPK is no longer defined per
target. Therefore, statically built soundhw array in arch_init.c stopped
including this card.

Work around this by re-adding this define to config-target.mak.
Long-term, a dynamic creation of this soundhw list will be necessary.
Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Nmalc <av1474@comtv.ru>

* agraf/s390-for-upstream:
  s390: provide interface for service interrupt/introduce interrupt.c
  s390: Fix error handling and condition code of service call

* agraf/ppc-for-upstream: (24 commits)
  openpic: Added BRR1 register
  pseries: Update SLOF firmware image
  pseries dma: DMA window params added to PHB and DT population changed
  pseries: Add PCI MSI/MSI-X support
  pseries: Add trace event for PCI irqs
  pseries: Export find_phb() utility function for PCI code
  pseries: added allocator for a block of IRQs
  pseries: Separate PCI RTAS setup from common from emulation specific PCI setup
  pseries: Rework irq assignment to avoid carrying qemu_irqs around
  pseries: Remove extraneous prints
  pseries: Update SLOF
  PPC: spapr: Remove global variable
  PPC: spapr: Rework VGA select logic
  xbzrle: fix compilation on ppc32
  spapr: Add support for -vga option
  Add one new file vga-pci.h and cleanup on all platforms
  Revert "PPC: e500: Use new MPIC dt format"
  ppc: Fix bug in handling of PAPR hypercall exits
  PPC: e500: add generic e500 platform
  PPC: e500: split mpc8544ds machine from generic e500 code
  ...

mingw32 seems to want the declaration to also carry the weak attribute.
Strangely, gcc on Linux absolutely does not want the declaration to be marked
as weak.  This may not be the right fix, but it seems to do the trick.
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

* stefanha/trivial-patches:
  ivshmem, qdev-monitor: fix order of qerror parameters
  iov_send_recv(): Handle zero bytes case even if OS does not
  framebuffer: Fix spelling in comment (leight -> height)
  Spelling fix in comment (peripherans -> peripherals)
  docs: Fix spelling (propery -> property)
  trace: Fix "Qemu" -> "QEMU"
  cputlb.c: Fix out of date comment
  ehci: fix assertion typo
  Makefile: Avoid explicit list of directories in clean target

* kwolf/for-anthony:
  qemu-iotests: Fix 030 after switch to GenericError
  block: Flush parent to OS with cache=unsafe
  iscsi: Fix NULL dereferences / races between task completion and abort
  monitor: Clean up fd sets on monitor disconnect
  block: Enable qemu_open/close to work with fd sets
  block: Convert close calls to qemu_close
  block: Convert open calls to qemu_open
  block: Prevent detection of /dev/fdset/ as floppy
  qapi: Introduce add-fd, remove-fd, query-fdsets
  qemu-char: Add MSG_CMSG_CLOEXEC flag to recvmsg

Linux mpic driver uses (changes may be in pipeline to get upstreamed soon)
BRR1. This patch adds the support to emulate readonly FSL BRR1 register.

Currently QEMU does not fully emulate any version on MPIC, so the MPIC
Major number and Minor number are set to 0.
Signed-off-by: NBharat Bhushan <bharat.bhushan@freescale.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This updates SLOF to handle the necessary device tree properties for MSI
and MSI-X.
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Previously the only PCI bus supported was the emulated PCI bus with
fixed DMA window with start at 0 and size 1GB. As we are going to support
PCI pass through which DMA window properties are set by the host
kernel, we have to support DMA windows with parameters other than default.

This patch adds:

1. DMA window properties to sPAPRPHBState: LIOBN (bus id), start,
size of the window.

2. An additional function spapr_dma_dt() to populate DMA window
properties in the device tree which simply accepts all the parameters
and does not try to guess what kind of IOMMU is given to it.
The original spapr_dma_dt() is renamed to spapr_tcet_dma_dt().
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch implements MSI and MSI-X support for the pseries PCI host
bridge.  To do this it adds:

 * A "config_space_address to msi_table" map, since the MSI RTAS calls
take a PCI config space address as an identifier.

 * A MSIX memory region to catch msi_notify()/msix_notiry() from
virtio-pci and pass them to the guest via qemu_irq_pulse().

 * RTAS call "ibm,change-msi" which sets up MSI vectors for a
device. Note that this call may configure and return lesser number of
vectors than requested.

 * RTAS call "ibm,query-interrupt-source-number" which translates MSI
vector to interrupt controller (XICS) IRQ number.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
[agraf: fix error case ndev < 0]
Signed-off-by: NAlexander Graf <agraf@suse.de>

This adds a trace event in the pseries PCI specific set_irq() function to
assist in debugging.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
[agraf: add trace.h include]
Signed-off-by: NAlexander Graf <agraf@suse.de>

The pseries PCI code makes use of an internal find_dev() function which
locates a PCIDevice * given a (platform specific) bus ID and device
address.  Internally this needs to first locate the host bridge on which
the device resides based on the bus ID.  This patch exposes that host
bridge lookup as a separate function, which we will need later in the MSI
and VFIO code.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
[agraf: drop trace.h inclusion]
Signed-off-by: NAlexander Graf <agraf@suse.de>

The patch adds a simple helper which allocates a consecutive sequence
of IRQs calling spapr_allocate_irq for each and checks that allocated
IRQs go consequently.

The patch is required for upcoming support of MSI/MSIX on POWER.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Currently the RTAS functions for handling PCI are registered from the
class init code for the PCI host bridge.  That sort of makes sense
now, but will break in the future when vfio gives us multiple types of
host bridge for pseries (emulated and pass-through, at least).  The
RTAS functions will be common across all host bridge types (and will
call out to different places internally depending on the type).

So, this patch moves the RTAS registration into its own function
called direct from the machine setup code.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Currently, the interfaces in the pseries machine code for assignment
and setup of interrupts pass around qemu_irq objects.  That was done
in an attempt not to be too closely linked to the specific XICS
interrupt controller.  However interactions with the device tree setup
made that attempt rather futile, and XICS is part of the PAPR spec
anyway, so this really just meant we had to carry both the qemu_irq
pointers and the XICS irq numbers around.

This mess will just get worse when we add upcoming PCI MSI support,
since that will require tracking a bunch more interrupt.  Therefore,
this patch reworks the spapr code to just use XICS irq numbers
(roughly equivalent to GSIs on x86) and only retrieve the qemu_irq
pointers from the XICS code when we need them (a trivial lookup).

This is a reworked and generalized version of an earlier spapr_pci
specific patch from Alexey Kardashevskiy.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
[agraf: fix checkpath warning]
Signed-off-by: NAlexander Graf <agraf@suse.de>

The pseries machine prints several messages to stderr whenever it starts up
and another whenever the vm is reset.  It's not normal for qemu machines to
do this though, so this patch removes them.  We can put them back
conditional on a DEBUG symbol if we really need them in future.
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch updates the SLOF version, introducing a number of fixes:
 * add proper graphics support
 * fix bugs with graphical terminal under grub2
 * fix bugs in handling of 64-bit unit addresses
 * fix VSCSI representation to be closer to PowerVM
 * fix bugs which caused grub2 to crash
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Global variables are bad. Let's move spapr_has_graphics into the
machine state struct.
Signed-off-by: NAlexander Graf <agraf@suse.de>

When selecting our VGA adapter, we want to:

  * fail completely when we can't satisfy the user's request
  * support -nographic where no VGA adapter should be spawned

This patch reworks the logic so we fulfill the two conditions above.
Signed-off-by: NAlexander Graf <agraf@suse.de>

When compiling the xbzrle code on my ppc32 user space, I hit the following
gcc compiler warning (treated as an error):

  cc1: warnings being treated as errors
  savevm.c: In function ‘xbzrle_encode_buffer’:
  savevm.c:2476: error: overflow in implicit constant conversion

Fix this by making the cast explicit, rather than implicit.
Signed-off-by: NAlexander Graf <agraf@suse.de>

Also instanciate the USB keyboard and mouse when that option is used
(you can still use -device to create individual devices without all
the defaults)
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
[agraf: remove USB bits]
Signed-off-by: NAlexander Graf <agraf@suse.de>

Functions pci_vga_init() and pci_cirrus_vga_init() are declared
in pc.h. That prevents other platforms (e.g. sPAPR) to use them.

This patch is to create one new file vga-pci.h and move the
declarations to vga-pci.h, so that they can be shared by
all platforms. This patch also cleans up on all platforms.
Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This reverts commit 518c7fb4. It breaks
new Linux guests with SMP, because IPIs get mapped to large vectors which
our MPIC emulation does not implement.

Conflicts:

	hw/ppc/e500.c

Currently for powerpc, kvm_arch_handle_exit() always returns 1, meaning
that its caller - kvm_cpu_exec() - will always exit immediately afterwards
to the loop in qemu_kvm_cpu_thread_fn().

There's no need to do this.  Once we've handled the hypercall there's no
reason we can't go straight around and KVM_RUN again, which is what ret = 0
will signal.  The only exception might be for hypercalls which affect the
state of cpu_can_run(), however the only one that might do this is H_CEDE
and for kvm that is always handled in the kernel, not qemu.

Furtherm setting ret = 0 means that when exit_requested is set from a
hypercall, we will enter KVM_RUN once more with a signal which lets the
the kernel do its internal logic to complete the hypercall with out
actually executing any more guest code.  This is important if our hypercall
also triggered a reset, which previously would re-initialize everything
without completing the hypercall.  This caused the kernel to get confused
because it thought the guest was still in the middle of a hypercall when
it has actually been reset.

This patch therefore changes to ret = 0, which is both a bugfix and a small
optimization.
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This gives the kernel a paravirtualized machine to target, without
requiring both sides to pretend to be targeting a specific board
that likely has little to do with the host in KVM scenarios.  This
avoids the need to add new boards to QEMU, just to be able to
run KVM on new CPUs.
Signed-off-by: NScott Wood <scottwood@freescale.com>
[agraf: conditionalize on CONFIG_FDT]
Signed-off-by: NAlexander Graf <agraf@suse.de>

Currently the only mpc8544ds-ism that is factored out is
toplevel compatible and model.  In the future the generic e500
code is expected to become more generic.
Signed-off-by: NScott Wood <scottwood@freescale.com>
[agraf: conditionalize on CONFIG_FDT]
Signed-off-by: NAlexander Graf <agraf@suse.de>

No functional changes -- machine is still outwardly mpc8544ds.

The references that are not changed contain mpc8544 hardware details that
need to be parameterized if/when a different e500 platform wants to
change them.
Signed-off-by: NScott Wood <scottwood@freescale.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Rename the file (with no changes other than fixing up the header paths)
in preparation for refactoring into a generic e500 platform.  Also move
it into the newly created ppc/ directory.
Signed-off-by: NScott Wood <scottwood@freescale.com>
Reviewed-by: NAndreas Färber <afaerber@suse.de>
[agraf: conditionalize on CONFIG_FDT]
Signed-off-by: NAlexander Graf <agraf@suse.de>

spapr_populate_pci_devices() populates the device tree only with bus
properties and has nothing to do with the devices on it as PCI BAR
allocation is done by the system firmware (SLOF).

New name - spapr_populate_pci_dt() - describes the functionality better.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NAlexander Graf <agraf@suse.de>