fallocate() is needed for snapshotting. If it isn’t whitelisted

    $ qemu-img create -f qcow2 x.qcow 1G
    Formatting 'x.qcow', fmt=qcow2 size=1073741824 encryption=off cluster_size=65536 lazy_refcounts=off
    $ qemu-kvm -display none -monitor stdio -sandbox on x.qcow
    QEMU 2.1.50 monitor - type 'help' for more information
    (qemu) savevm foo
    (qemu) loadvm foo

will fail, as will subsequent savevm commands on the same image.

fadvise64(), inotify_init1(), inotify_add_watch() are needed by
the SDL display. Without the whitelist entries,

    qemu-kvm -sandbox on

fails immediately.

In my tests fadvise64() is called 50--51 times per VM run. That
number seems independent of the duration of the run. fallocate(),
inotify_init1(), inotify_add_watch() are called once each.
Accordingly, they are added to the whitelist at a very low
priority.
Signed-off-by: NPhilipp Gesang <philipp.gesang@intra2net.com>
Signed-off-by: NEduardo Otubo <eduardo.otubo@profitbricks.com>

Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Patch queue for s390 - 2014-11-05

Two simple bug fixes to enable slightly newer guest kernels
and preliminary -M s390-ccw support for TCG (virtio doesn't work yet!)

# gpg: Signature made Wed 05 Nov 2014 11:01:55 GMT using RSA key ID 03FEDC60
# gpg: Good signature from "Alexander Graf <agraf@suse.de>"
# gpg:                 aka "Alexander Graf <alex@csgraf.de>"

* remotes/agraf/tags/signed-s390-for-upstream:
  s390x: Implement SAM{24,31,64}
  s390x: Fix sclp console input
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

After commit 89b516d8, some logics is turbid and
breaks 'make check' as below errors:
tests/vhost-user-test.c: In function '_cond_wait_until':
tests/vhost-user-test.c:154: error: 'G_TIME_SPAN_SECOND' undeclared (first use in this function)
tests/vhost-user-test.c:154: error: (Each undeclared identifier is reported only once
tests/vhost-user-test.c:154: error: for each function it appears in.)
tests/vhost-user-test.c: In function 'read_guest_mem':
tests/vhost-user-test.c:192: warning: implicit declaration of function 'g_get_monotonic_time'
tests/vhost-user-test.c:192: warning: nested extern declaration of 'g_get_monotonic_time'
tests/vhost-user-test.c:192: error: 'G_TIME_SPAN_SECOND' undeclared (first use in this function)
make: *** [tests/vhost-user-test.o] Error 1

First, vhost-usr-test.c rely on glib-compat.h because
of using G_TIME_SPAN_SECOND [glib < 2.26] and g_get_monotonic_time(),
but vhost-usr-test.c defined QEMU_GLIB_COMPAT_H, which make
glib-compat.h will not be included.
Second, if we remove QEMU_GLIB_COMPAT_H definability in
vhost-usr-test.c, then we will get below warnings:

tests/vhost-user-test.c: In function 'read_guest_mem':
tests/vhost-user-test.c:190: warning: passing argument 1 of 'g_mutex_lock' from incompatible pointer type
tests/vhost-user-test.c:234: warning: passing argument 1 of 'g_mutex_unlock' from incompatible pointer type

That's because glib-compat.h redefine the g_mutex_lock/unlock
function. Those functions' arguments is CompatGMutex/CompatGCond,
but vhost-user-test.c is using GMutex/GCond, which cause the type
is not consistent.

We can rerealize those functions of vhost-user-test.c,
which need a lots of patches. Let's simply address it, and
leave this file alone.
Signed-off-by: NGonglei <arei.gonglei@huawei.com>
Message-id: 1415149259-6188-1-git-send-email-arei.gonglei@huawei.com
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

The SAM instructions simply change 2 bits in PSW.MASK to advertise
the current memory mode. While we can't fully guarantee that 31 bit
mode (or even remotely 24 bit mode) actually work correctly, we don't
check whether lpswe modifies these bits, so we shouldn't keep the
guest from executing SAM instructions either.

This patch implements all SAM instrutions with their actual PSW changing
semantics, making more recent Linux kernels boot properly which do issue
a SAM31 call during early boot.
Signed-off-by: NAlexander Graf <agraf@suse.de>
Reviewed-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

When injecting an sclp console interrupt into the guest, we increase
the PC by 4 for some reason. I have no idea why I put that code there,
but it's clearly wrong. Remove the increment.

This patch fixes sclp serial input for the ccw machine.
Signed-off-by: NAlexander Graf <agraf@suse.de>
Reviewed-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de>

Patch queue for ppc - 2014-11-04

Fun things for 2.2:

  - e500 virt machine: power off support (needs 3.19 guests)
  - e500 virt machine: -device eTSEC support
  - new framework to allow dynamic spawning of sysbus devices
  - spapr: enable migration of nvram
  - new 440x5wDFPU cpu type
  - Altivec and other random fixes

# gpg: Signature made Tue 04 Nov 2014 22:26:39 GMT using RSA key ID 03FEDC60
# gpg: Good signature from "Alexander Graf <agraf@suse.de>"
# gpg:                 aka "Alexander Graf <alex@csgraf.de>"

* remotes/agraf/tags/signed-ppc-for-upstream: (34 commits)
  spapr: Allow dynamic creation of PHB
  target-ppc: Fix Altivec Round Opcodes
  target-ppc: Fix vcmpbfp. Unordered Case
  target-ppc: Fix Altivec Shifts
  target-ppc: simplify AES emulation
  e500: Add support for eTSEC in device tree
  PPC: e500: Support dynamically spawned sysbus devices
  sysbus: Add new platform bus helper device
  sysbus: Expose MMIO enumeration helper
  sysbus: Expose IRQ enumeration helpers
  sysbus: Make devices spawnable via -device
  sysbus: Add dynamic sysbus device search
  hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*)
  ppc: do not look at the MMU index to detect PR/HV mode
  target-ppc: kvm: Fix memory overflow issue about strncat()
  spapr_nvram: Enable migration
  PPC: E500: Hook up power off GPIO to GPIO controller
  PPC: E500: Instantiate MPC8XXX gpio controller on virt machine
  PPC: Add MPC8XXX gpio controller
  target-ppc: Fix an invalid free in opcode table handling code.
  ...
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Now that we finally check for presence of dangling sysbus devices, make check
started complaining that the sPAPR PHB is one such device.

However, it really isn't. The spapr PHB is not really a traditional sysbus
device, but much more a special spapr pv device which is already able to get
created dynamically.

Move spapr to its own dynamic sysbus check handling and allow PHB devices to
get allocated dynamically.
Signed-off-by: NAlexander Graf <agraf@suse.de>

Correct the opcodes for the vrfim, vrfin and vrfiz instructions.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Reviewed-by: NThomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Fix the implementation of Vector Compare Bounds Single Precision.
Specifically, fix the case where the operands are unordered -- since
the result is non-zero, the CR[6] field should be set to zero.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Fix the implementation of the Altivec shift left and shift right
instructions (vsl, vsr) which erroneously inverts shift direction
on big endian hosts.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch simplifies the AES code, by directly accessing the newly added
S-Box, InvS-Box tables instead of recreating them by using the AES_Te and
AES_Td tables.

Cc: Alexander Graf <agraf@suse.de>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com>
Tested-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch adds support to expose eTSEC devices in the dynamically created
guest facing device tree. This allows us to expose eTSEC devices into guests
without changes in the machine file.

Because we can now tell the guest about eTSEC devices this patch allows the
user to specify eTSEC devices via -device at all.
Signed-off-by: NAlexander Graf <agraf@suse.de>

For e500 our approach to supporting dynamically spawned sysbus devices is to
create a simple bus from the guest's point of view within which we map those
devices dynamically.

We allocate memory regions always within the "platform" hole in address
space and map IRQs to predetermined IRQ lines that are reserved for platform
device usage.

This maps really nicely into device tree logic, so we can just tell the
guest about our virtual simple bus in device tree as well.
Signed-off-by: NAlexander Graf <agraf@suse.de>

We need to support spawning of sysbus devices dynamically via the command line.
The easiest way to represent these dynamically spawned devices in the guest's
memory and IRQ layout is by preallocating some space for dynamic sysbus devices.

This is what the "platform bus" device does. It is a sysbus device that exports
a configurably sized MMIO region and a configurable number of IRQ lines. When
this device encounters sysbus devices that have been dynamically created and not
manually wired up, it dynamically connects them to its own pool of resources.

The machine model can then loop through all of these devices and create a guest
configuration (device tree) to make them visible to the guest.
Signed-off-by: NAlexander Graf <agraf@suse.de>

Sysbus devices have a range of MMIO regions they expose. The exact number
of regions is device specific and internal information to the device model.

Expose whether a region exists via a public interface. That way our platform
bus enumeration code can dynamically determine how many regions exist.
Signed-off-by: NAlexander Graf <agraf@suse.de>

Sysbus devices can get their IRQ lines connected to other devices. It is
possible to figure out which IRQ line a connection is on and whether a sysbus
device even provides an IRQ connector at a specific offset.

This patch exposes helpers to make this information publicly accessible. We
will need it for the platform bus dynamic sysbus enumeration.
Signed-off-by: NAlexander Graf <agraf@suse.de>

Now that we can properly map sysbus devices that haven't been connected to
something forcefully by C code, we can allow the -device command line option
to spawn them.

For machines that don't implement dynamic sysbus assignment in their board
files we add a new bool "has_dynamic_sysbus" to the machine class.
When that property is false (default), we bail out when we see dynamically
spawned sysbus devices, like we did before.
Signed-off-by: NAlexander Graf <agraf@suse.de>

Sysbus devices can be spawned by C code or dynamically via the command line.
In the latter case, we need to be able to find the dynamically created devices
to do things with them.

This patch adds a search helper that makes it easy to look for dynamically
spawned sysbus devices.
Signed-off-by: NAlexander Graf <agraf@suse.de>

The g_hash_table_iter_* functions for iterating through a hash table
are not present in glib 2.12, which is our current minimum requirement.
Rewrite the code to use g_hash_table_foreach() instead.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The MMU index is an internal detail that should not be needed by the
translator (except to generate loads and stores).  Look at the MSR
directly.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

strncat() will append additional '\0' to destination buffer, so need
additional 1 byte for it, or may cause memory overflow, just like other
area within QEMU have done.

And can use g_strdup_printf() instead of strncat(), which may be more
easier understanding.
Signed-off-by: NChen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The only case when sPAPR NVRAM migrates now is if is backed by a file and
copy-storage migration is performed. In other cases NVRAM does not
migrate regardless whether it is backed by a file or not.

This enables shadow copy of NVRAM in RAM which is read from a file
(if used) and used for reads. Writes to NVRAM are mirrored to the file.

This defines a VMSTATE descriptor for NVRAM device so the memory copy
of NVRAM can migrate and be flushed to a backing file on the destination
if one is specified.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Now that we have a working GPIO controller on the virt machine, we can use
one pin to notify QEMU that the guests wants to power off the system.
Signed-off-by: NAlexander Graf <agraf@suse.de>

With the e500 virt machine, we don't have to adhere to the exact hardware
layout of an mpc8544ds board. So there we can just add a qoriq compatible
GPIO controller into the system that we can add a power off hook to.
Signed-off-by: NAlexander Graf <agraf@suse.de>

On e500 systems most SoCs implement a common GPIO controller that Linux
calls the "mpc8xxx" gpio controller. This patch adds an emulation model
for this device.
Signed-off-by: NAlexander Graf <agraf@suse.de>

Opcode table has direct, indirect and double indirect handlers, but
ppc_cpu_unrealizefn() frees direct handlers which are never allocated
and never frees double indirect handlers.
Signed-off-by: NBharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Define and use macros instead of direct numbers wherever
possible in ppc opcodes table handling code.

This doesn't change any code functionality.
Signed-off-by: NBharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The MemoryRegionOps struct pci4xx_cfgaddr_ops and the read and
write functions it references are all unused; remove them.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch add a new processor type 440x5wDFPU for Virtex 5 PPC440
with an external APU FPU in double precision mode
Signed-off-by: NPierre Mallard <mallard.pierre@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch remove limitation for fc[tf]id[*] on 32 bits targets and
add a new insn flag for signed integer 64 conversion PPC2_FP_CVT_S64
Signed-off-by: NPierre Mallard <mallard.pierre@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The in-kernel OpenPIC emulation only supports a single map. However, we
map the OpenPIC at 2 locations: The CPU visible one and the PCI visible
one. For KVM acceleration, we only care about the first one.

To make sure that we only map that first mapping and not the PCI map that
happens dynamically later during bootup, ignore maps that happen when
we are already considering ourselves mapped.

Credits due are to Bogdan and Mihai for debugging this.
Reported-by: NBogdan Purcareata <bogdan.purcareata@freescale.com>
Reported-by: NMihai Caraman <mihai.caraman@freescale.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

As of qemu-2.1, spapr/pseries, has a set of versioned machine classes to
represent the machine type as it appeared to the guest in different qemu
versions.  This allows for safe migration of guests between current and
future qemu versions.

However, these are organized a bit differently from those for PC: on PC,
the default plain "pc" machine type is just an alias for the most recent
versioned machine type.  In sPAPR, it names the base machine class from
which the versioned types are derived.

The PC approach is preferable; it makes it clearer which explicit version
is the current one.  Additionally updating the "current" machine as the
base class makes it even more likely than otherwise to incorrectly alter
the versioned machines' behaviour when updating the current machine.

Therefore this patch changes sPAPR to the PC approach - the base class
becomes abstract, and plain "pseries" becomes an alias for the most
recent versioned machine class.  Since qemu-2.1 is now released, we also
create a new pseries-2.2 machine type, to incorporate changes during this
development cycle (for now it is identical to pseries-2.1).
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The virtex-ml507 is a Xilinx CPU based system, and requires several sub
devices which are only included with CONFIG_XILINX.  Therefore, it should
only be compiled if CONFIG_XILINX is set.
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Reviewed-by: NPeter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Adjust the IVOR mask for generic Book E implementation to support bit 59.
This is consistent with the Power ISA.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Reported-by: NPierre Mallard <mallard.pierre@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

By mistake, QEMU uses the maximum compatibility level from the command
line instead of the value negotiated in client-architecture-support call.

This replaces @max_compat with @cpu_version. This only affects guests
which do not support the host CPU.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This will match the code we use in fpu_helper.c when we flip
CRF_* bit-endianness.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Reviewed-by: NTom Musta <tommusta@gmail.com>
Tested-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

It sets CR1, not CR6 (and the spec agrees).
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Reviewed-by: NTom Musta <tommusta@gmail.com>
Tested-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

It must return 8 and place 8 in XER, but the current code uses
i directly which is 9 at this point of the code.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Reviewed-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Reviewed-by: NTom Musta <tommusta@gmail.com>
Tested-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>